Eternal sunshine of the spotless machine: Protecting privacy with ephemeral channels

Proceedings of the 10th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2012

Volumn , Issue , 2012, Pages 61-75

  Dunn, Alan M ^a   Lee, Michael Z ^a   Jana, Suman ^a   Kim, Sangman ^a   Silberstein, Mark ^a   Xu, Yuanzhong ^a   Shmatikov, Vitaly ^a   Witchel, Emmett ^a  

^a UNIVERSITY OF TEXAS AT AUSTIN   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

COMPUTER OPERATING SYSTEMS;

CPU UTILIZATION; DESIGN AND IMPLEMENTS; DEVICE DRIVER; EPHEMERAL CHANNELS; INPUT DEVICES; LINUX SYSTEMS; PERCENTAGE POINTS; PERIPHERAL DEVICES;

SYSTEMS ANALYSIS;

EID: 84977840356     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (60)

1. G. Aggrawal, E. Bursztein, C. Jackson, and D. Boneh. An analysis of private browsing modes in modern browsers. In USENIX Security, 2010.
2. S. Bauer and N. Priyantha. Secure data deletion for Linux file systems. In USENIX Security, 2001.
3. M. Blaze. A cryptographic file system for UNIX. In CCS, 1994.
4. D. Boneh and R. Lipton. A revocable backup system. In USENIX Security, 1996.
5. K. Borders, E. V. Weele, B. Lau, and A. Prakash. Protecting confidential data on personal computers with storage capsules. In USENIX Security, 2009.
6. P. Broadwell, M. Harren, and N. Sastry. Scrash: A system for generating secure crash information. In USENIX Security, 2003.
7. J. Chow, B. Pfaff, T. Garfinkel, K. Christopher, and M. Rosenblum. Understanding data lifetime via whole system simulation. In USENIX Security, 2004.
8. J. Chow, B. Pfaff, T. Garfinkel, and M. Rosenblum. Shredding your garbage: Reducing data lifetime through secure deallocation. In USENIX Security, 2005.
9. P. Colp, M. Nanavati, J. Zhu, W. Aiello, G. Coker, T. Deegan, P. Loscocco, and A. Warfield. Breaking up is hard to do: Security and functionality in a commodity hypervisor. In SOSP, 2011.
10. M. Corner and B. Noble. Zero-interaction authentication. In MOBICOM, 2004.
11. R. S. Cox, J. G. Hansen, S. D. Gribble, and H. M. Levy. A safety-oriented platform for Web applications. In S&P, 2006.
12. A. Czeskis, D. J. S. Hilaire, K. Koscher, S. D. Gribble, T. Kohno, and B. Schneier. Defeating encrypted and deniable file systems: TrueCrypt v5.1a and the case of the tattling OS and applications. In HotSec, 2008.
13. G. Danezis. Traffic analysis of the HTTP protocol over TLS. http://research.microsoft.com/en-us/um/people/gdane/papers/TLSanon.pdf, 2010.
14. eCryptfs. https://launchpad.net/ecryptfs.
15. The encrypting file system. http://technet.microsoft.com/en-us/library/cc700811.aspx.
16. E. Felten. USACM policy statement on DRM. https://freedom-to-tinker.com/blog/felten/usacm-policy-statement-drm/.
17. T. Garfinkel, B. Pfaff, J. Chow, and M. Rosenblum. Data lifetime is a systems problem. In ACM SIGOPS European Workshop, 2004.
18. P. Gasti, G. Ateniese, and M. Blanton. Deniable cloud storage: Sharing files via public-key deniability. In WPES, 2010.
19. P. Gutmann. Secure deletion of data from magnetic and solid-state memory. In USENIX Security, 1996.
20. P. Gutmann. Data remanence in semiconductor devices. In USENIX Security, 2001.
21. J. A. Halderman, S. D. Schoen, N. Heninger, W. Clarkson, W. Paul, J. Calandrino, A. J. Feldman, J. Appelbaum, and E. W. Felten. Lest we remember: Cold boot attacks on encryption keys. In USENIX Security, 2008.
22. K. Harrison and S. Xu. Protecting cryptographic keys from memory disclosure attacks. In DSN, 2007.
23. N. Joukov, H. Papaxenopoulos, and E. Zadok. Secure deletion myths, issues, and solutions. In ACM Workshop on Storage Security and Survivability, 2006.
24. J. Kannan, G. Altekar, P. Maniatis, and B.-G. Chun. Making programs forget: Enforcing lifetime for sensitive data. In HotOS, 2011.
25. P. A. Karger, M. E. Zurko, D. W. Benin, A. H. Mason, and C. E. Kahn. A VMM security kernel for the VAX architecture. In S&P, 1990.
26. E. Keller, J. Szefer, J. Rexford, and R. B. Lee. NoHype: Virtualized cloud infrastructure without the virtualization. In ISCA, 2010.
27. B. Lampson. Usable security: How to get it. Communications of the ACM, 52(11), Nov. 2009.
28. B. Lee, K. Son, D. Won, and S. Kim. Secure data deletion for USB flash memory. Journal of Information Science and Engineering, 2011.
29. J. Lee, S. Yi, J. Heo, H. Park, S. Y. Shin, and Y. Cho. An efficient secure deletion scheme for flash file systems. Journal of Information Science and Engineering, 2010.
30. The libgcrypt reference manual. http://www.gnupg.org/documentation/manuals/gcrypt/.
31. P. Maniatis, D. Akhawe, K. Fall, E. Shi, S. McCamant, and D. Song. Do you know where your data are? Secure data capsules for deployable data protection. In HotOS, 2011.
32. M. Mannan, B. H. Kim, A. Ganjali, and D. Lie. Unicorn: Two-factor attestation for data security. In CCS, 2011.
33. A. McDonald and M. Kuhn. StegFS: A steganographic file system for Linux. In IH, 1999.
34. J. Oberheide and D. Rosenberg. Stackjacking your way to grsecurity/PaX bypass. http://jon.oberheide.org/files/stackjacking-hes11.pdf, 2011.
35. OpenCL - the open standard for parallel programming of heterogeneous systems. http://www.khronos.org/opencl/.
36. H. Pang, K.-L. Tan, and X. Zhou. StegFS: A steganographic file system. In ICDE, 2003.
37. Homepage of the PaX team. http://pax.grsecurity. net.
38. R. Perlman. The Ephemerizer: Making data disappear. http://www.filibeto.org/~aduritz/truetrue/smli_tr-2005-140.pdf, 2005.
39. Z. Peterson, R. Burns, J. Herring, A. Stubblefield, and A. Rubin. Secure deletion for a versioning file system. In FAST, 2005.
40. M. Piotrowski and A. D. Joseph. Virtics: A system for privilege separation of legacy desktop applications. Technical Report UCB/EECS-2010-70, University of California, Berkeley, 2010.
41. PolarSSL library - Crypto and SSL made easy. http://www.polarssl.com.
42. N. Provos. Encrypting virtual memory. In USENIX Security, 2000.
43. Qubes. http://qubes-os.org/.
44. J. Reardon, S. Capkun, and D. Basin. Data node encrypted file system: Efficient secure deletion for flash memory. In USENIX Security, 2012.
45. M. Seaborn. Plash: Tools for practical least privilege. http://plast.beasts.org, 2008.
46. P. Stahlberg, G. Miklau, and B. Levine. Threats to privacy in the forensic analysis of database systems. In SIGMOD, 2007.
47. K. Sun, J. Wang, F. Zhang, and A. Stavrou. SecureSwitch: BIOS-assisted isolation and switch between trusted and untrusted commodity OSes. In NDSS, 2012.
48. Q. Sun, D. Simon, Y.-M. Wang, W. Russell, V. Padmanabhan, and L. Qiu. Statistical identification of encrypted Web browsing traffic. In S&P, 2002.
49. S. Swanson and M. Wei. SAFE: Fast, verifiable sanitization for SSDs. Technical Report cs2011-0963, UCSD, 2010.
50. J. Szefer, E. Keller, R. B. Lee, and J. Rexford. Eliminating the hypervisor attack surface for a more secure cloud. In CCS, 2011.
51. S. Tang, H. Mai, and S. T. King. Trust and protection in the Illinois browser operating system. In OSDI, 2010.
52. Y. Tang, P. Ames, S. Bhamidipati, A. Bijlani, R. Geambasu, and N. Sarda. CleanOS: Limiting mobile data exposure with idle eviction. In OSDI, 2012.
53. Tor. http://www.torproject.org.
54. SwapFaq. https://help.ubuntu.com/community/ SwapFaq. Retrieved on 5/3/12.
55. A. Vasudevan, B. Parno, N. Qu, and A. Perrig. Lockdown: A safe and practical environment for security applications. Technical Report CMU-CyLab-09-011, CMU, 2009.
56. J. Viega. Protecting sensitive data in memory. http://www.ibm.com/developerworks/library/ s-data.html?n-s-311, 2001.
57. M. Wei, L. Grupp, F. Spada, and S. Swanson. Reliably erasing data from flash-based solid state drives. In FAST, 2011.
58. D. A. Wheeler. SLOCCount. http://www.dwheeler.com/sloccount/, 2001.
59. A. R. Yumerefendi, B. Mickle, and L. P. Cox. TightLip: Keeping applications from spilling the beans. In NSDI, 2007.
60. E. Zadok, I. Badulescu, and A. Shender. Cryptfs: A stackable vnode level encryption file system. Technical Report CUCS-021-98, Columbia University, 1998.