Inktag: Secure applications on an untrusted operating system

International Conference on Architectural Support for Programming Languages and Operating Systems - ASPLOS

Volumn , Issue , 2013, Pages 265-278

  Hofmann, Owen S ^a   Kim, Sangman ^a   Dunn, Alan M ^a   Lee, Michael Z ^a   Witchel, Emmett ^a  

^a UNIVERSITY OF TEXAS AT AUSTIN   (United States)

Author keywords

Application protection; Paraverification; Virtualization based security

Indexed keywords

ATTRIBUTE BASED ACCESS CONTROL; DECENTRALIZED ACCESS CONTROL; INVASIVE SOFTWARE; PARAVERIFICATION; SAFETY GUARANTEES; STATE OF THE ART; TRUSTED APPLICATIONS; VIRTUALIZATION-BASED SECURITIES;

METADATA; VERIFICATION; VIRTUAL REALITY;

ACCESS CONTROL;

EID: 84875683130     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2451116.2451146     Document Type: Conference Paper

References (49)

1. Microsoft security bulletin search, 2012. http://technet.microsoft.com/ security/bulletin.
2. Martín Abadi, Mihai Budiu, Úlfar Erlingsson, and Jay Ligatti. Control-flow integrity. In CCS, 2005.
3. Anurag Acharya and Mandar Raje. MAPbox: Using parameterized behavior classes to confine applications. In USENIX Security, 2000.
4. Arati Baliga, Vinod Ganapathy, and Liviu Iftode. Automatic inference and enforcement of kernel data structure invariants. In ACSAC, 2008.
5. Paul Barham, Boris Dragovic, Keir Fraser, Steven Hand, Tim Harris, Alex Ho, Rolf Neugebauer, Ian Pratt, and Andrew Warfield. Xen and the art of virtualization. In SOSP, 2003.
6. Massimo Bernaschi, Emanuele Gabrielli, and Luigi V. Mancini. REMUS: A security-enhanced operating system. TISSEC, 5(1), 2002.
7. Rakesh Bobba, Omid Fatemieh, Fariba Khan, Carl A. Gunter, and Himanshu Khurana. Using attribute-based access control to enable attribute-based messaging. In ACSAC, 2006.
8. Stephen Checkoway and Hovav Shacham. Iago attacks: Why the system call API is a bad untrusted RPC interface. In ASPLOS, March 2013.
9. Peter M. Chen and Brian D. Noble. When virtual is better than real. In HotOS, pages 133-, 2001.
10. Shuo Chen, Jun Xu, Emre C. Sezer, Prachi Gauriar, and Ravishankar K. Iyer. Non-control-data attacks are realistic threats. In USENIX Security, 2005.
11. Xioaxin Chen, Tal Garfinkel, E. Christopher Lewis, Pratap Subrahmanyam, Carl A. Waldspurger, Dan Boneh, Jeffery Dwoskin, and Dan R. K. Ports. Overshadow: A virtualization-based approach to retrofitting protection in commodity operating systems. In ASPLOS, May 2008.
12. Lorenzo Cirio, Isabel F. Cruz, and Roberto Tamassia. A role and attribute based access control system using semantic web technologies. In OTM, 2007.
13. Tim Dierks and Eric Rescorla. RFC 5246: The Transport Layer Security (TLS) Protocol: Version 1.2. http://tools.ietf.org/html/rfc5246 2008.
14. Brendan Dolan-Gavitt, Tim Leek, Michael Zhivich, Jonathon Giffin, and Wenke Lee. Virtuoso: Narrowing the semantic gap in virtual machine introspection. In Oakland, May 2011.
15. John R. Douceur, Jeremy Elson, Jon Howell, and Jacob R. Lorch. Leveraging legacy code to deploy desktop applications on the web. In OSDI, 2008.
16. Timothy Fraser, Lee Badger, and Marc Feldman. Hardening COTS software with generic software wrappers. In Oakland, 1999.
17. Timothy Fraser, Matthew R. Evenson, and William A. Arbaugh. VICI-virtual machine introspection for cognitive immunity. In ACSAC, pages 87-96, 2008.
18. Tal Garfinkel, Ben Pfaff, Jim Chow, Mendel Rosenblum, and Dan Boneh. Terra: A virtual machine-based platform for trusted computing. In SOSP, October 2003.
19. John L. Henning. SPEC CPU2006 benchmark descriptions. ACM SIGARCH Computer Architecture News, 34(4):1-17, 2006.
20. Owen S. Hofmann, Alan M. Dunn, Sangman Kim, Indrajit Roy, and Emmett Witchel. Ensuring operating system kernel integrity with OSck. In ASPLOS, March 2011.
21. Ralf Hund, Thorsten Holz, and Felix C. Freiling. Return-oriented rootkits: bypassing kernel code integrity protection mechanisms. In USENIX Security, 2009.
22. Kapil Jain and R. Sekar. User-level infrastructure for system call interposition: A platform for intrusion detection and confinement. In NDSS, 2000.
23. Xuxian Jiang, Xinyuan Wang, and Dongyan Xu. Stealthy malware detection through VMM-based "out-of-the-box" semantic view reconstruction. In CCS, pages 128-138, 2007.
24. Stephen T. Jones, Andrea C. Arpaci-Dusseau, and Remzi H. Arpaci-Dusseau. Antfarm: tracking processes in a virtual machine environment. In USENIX, 2006.
25. Taesoo Kim and Nickolai Zeldovich. Making linux protection mechanisms egalitarian with UserFS. In USENIX Security. USENIX Association, 2010.
26. David Lie, Chandramohan A. Thekkath, and Mark Horowitz. Implementing an untrusted operating system on trusted hardware. In SOSP, pages 178-192. ACM Press, 2003.
27. Peter A. Loscocco, Perry W. Wilson, J. Aaron Pendergrass, and C. Durward McDonell. Linux kernel integrity measurement using contextual inspection. In STC, 2007.
28. Jonathan M. McCune, Yanlin Li, Ning Qu, Zongwei Zhou, Anupam Datta, Virgil Gligor, and Adrian Perrig. TrustVisor: Efficient TCB reduction and attestation. In Oakland, May 2010.
29. Jonathan M. McCune, Bryan Parno, Adrian Perrig, Michael K. Reiter, and Hiroshi Isozaki. Flicker: An execution infrastructure for TCB minimization. In EuroSys, April 2008.
30. Larry McVoy and Carl Staelin. LMbench: portable tools for performance analysis. In USENIX, pages 23-23, Berkeley, CA, USA, 1996. USENIX Association.
31. NIST. National vulnerability database. http://nvd.nist.gov/2012.
32. OASIS. eXtensible access control markup language. https://www.oasis-open. org/committees/tc-home.php?wg-abbrev=xacml 2012.
33. Bryan Parno, Jacob R. Lorch, John R. Douceur, James Mickens, and Jonathan M.McCune. Memoir: Practical state continuity for protected modules. In Oakland, 2011.
34. Bryan D. Payne, Martim D. P. de A. Carbone, and Wenke Lee. Secure and flexible monitoring of virtual machines. In ACSAC, 2007.
35. Dan R. K. Ports and Tal Garfinkel. Towards application security on untrusted operating systems. In HotSec, San Jose, CA, USA, 2008. USENIX.
36. Shaya Potter and Jason Nieh. Apiary: Easy-to-use desktop application fault containment on commodity operating systems. In USENIX, 2010.
37. Neils Provos. Improving host security with system call policies. In USENIX Security, 2003.
38. Nguyen Anh Quynh and Yoshiyasu Takefuji. Towards a tamperresistant kernel rootkit detector. In SAC, 2007.
39. Junghwan Rhee, Ryan Riley, Dongyan Xu, and Xuxian Jiang. Defeating dynamic data kernel rootkit attacks via VMM-based guesttransparent monitoring. In ARES, Fukuoka, Japan, March 2009.
40. Junghwan Rhee and Dongyan Xu. LiveDM: Temporal mapping of dynamic kernel memory for dynamic kernel malware analysis and debugging. Technical report, Purdue University, West Lafayette, IN, February 2010.
41. Mike Ryan, Ted Faber, Mei-Hui Su, John Wroclawski, and Steve Schwab. A.B A.C. http://abac.deterlab.net/, 2012.
42. Arvind Seshadri, Mark Luk, Ning Qu, and Adrian Perrig. SecVisor: A tiny hypervisor to provide lifetime kernel code integrity for commodity OSes. In SOSP, pages 335-350, 2007.
43. Hovav Shacham. The geometry of innocent flesh on the bone: Returnintolibc without function calls (on the x86). In CCS, pages 552-61. ACM Press, October 2007.
44. Richard Ta-min, Lionel Litty, and David Lie. Splitting interfaces: Making trust between applications and operating systems configurable. In OSDI, pages 279-292, 2006.
45. Zhi Wang, Xuxian Jiang, Weidong Cui, and Peng Ning. Countering kernel rootkits with lightweight hook protection. In CCS, 2009.
46. Min Xu, Xuxian Jiang, Ravi Sandhu, and Xinwen Zhang. Towards a VMM-based usage control framework for OS kernel integrity protection. In SACMAT, 2007.
47. Jisoo Yang and Kang G. Shin. Using hypervisor to provide data secrecy for user applications on a per-page basis. In VEE, pages 71- 80, 2008.
48. Bennet Yee, David Sehr, Gregory Dardyk, J. Bradley Chen, Robert Muth, Tavis Ormandy, Shiki Okasaka, Neha Narula, and Nicholas Fullagar. Native client: A sandbox for portable, untrusted x86 native code. In Oakland, pages 79-93, 2009.
49. Fengzhe Zhang, Jin Chen, Haibo Chen, and Binyu Zang. CloudVisor: retrofitting protection of virtual machines in multi-tenant cloud with nested virtualization. In SOSP, 2011.