Minibox: A two-way sandbox for x86 native code

Proceedings of the 2014 USENIX Annual Technical Conference, USENIX ATC 2014

Volumn , Issue , 2014, Pages 409-420

  Li, Yanlin ^a   McCune, Jonathan ^b   Baker, Brandon ^b   Newsome, James ^b   Drewry, Will ^b   Perrig, Adrian ^a  

^a CMU

^b GOOGLE INC   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

CLOUD PLATFORMS; CLOUD-COMPUTING; EVALUATION RESULTS; MINI-BOXES; MULTI-CORE SYSTEMS; NATIVE CODE; SERVICE CLOUDS; TWO WAYS;

EID: 85077468673     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (51)

1. ABADI, M., BUDIU, M., ERLINGSSON, U., AND LIGATTI, J. CFI: Principles, Implementations, and Applications. In Proceedings of ACM Conference and Computer and Communications Security (2005).
2. ABADI, M., BUDIU, M., ERLINGSSON, U., AND LIGATTI, J. Control-Flow Integrity Principles, Implementation, and Applications. ACM Transaction on Information and System Security (2009), 1 - 40.
3. ABADI, M., BUDIU, M., ERLINGSSON, U., AND LIGATTI, J. A theory of secure control flow. In Proceedings of Conference on Formal Engineering Methods (2005).
4. ABATU, U., GUERON, S., JOHNSON, S. P., AND SCARLATA, V. R. Innovative technology for CPU based attestation and sealing. In Proceedings of International Workshop on Hardware and Architectural Support for Security and Privacy (2013).
5. ADVANCED MICRO DEVICES. AMD64 architecture programmer's manual: Volume 2: System Programming. AMD Publication no. 24593 rev. 3.14, Sept. 2007.
6. AZAB, A. M., NING, P., AND ZHANG, X. SICE: a hardware-level strongly isolated computing environment for x86 multi-core platforms. In Proceedings of ACM Conference on Computer and Communications Security (2011).
7. BARHAM, P., DRAGOVIC, B., FRASER, K., HAND, S., HARRIS, T., HO, A., NEUGEBAUER, R., PRATT, I., AND WARFIELD, A. Xen and the art of virtualization. In Proceedings of Symposium on Operating Systems Principles (2003).
8. BAUMANN, A., PEINADO, M., HUNT, G., ZMUDZINSKI, K., ROZAS, C. V., AND HOEKSTRA, M. Secure execution of unmodified applications on an untrusted host. http://research.microsoft.com/apps/pubs/default.aspx?id=204758, 2013.
9. CHECKOWAY, S., AND SHACHAM, H. Iago attacks: Why the system call API is a bad untrusted rpc interface. In Proceedings of International Conference on Architectural Support for Programming Languages and Operating Systems (Mar. 2013).
10. CHEN, B., AND MORRIS, R. Certifying program execution with secure processors. In Proceedings of HotOS (2003).
11. CHEN, H., ZHANG, F., CHEN, C., YANG, Z., CHEN, R., ZANG, B., YEW, P., AND MAO, W. Tamper-resistant execution in an untrusted operating system using a VMM. Tech. Rep. FDUPPITR-2007-0801, Fudan University, 2007.
12. CHEN, X., GARFINKEL, T., LEWIS, E. C., SUBRAHMANYAM, P., WALDSPURGER, C. A., BONEH, D., DWOSKIN, J., AND PORTS, D. R. Overshadow: a virtualization-based approach to retrofitting protection in commodity operating systems. In Proceedings of International Conference on Architectural Support for Programming Languages and Operating Systems (2008).
13. CHENG, Y., DING, X., AND DENG, R. AppShield: Protecting applications against untrusted operating system. In Singaport Management University Technical Report, SMU-SIS-13-101 (2013).
14. DA R ROW, B. Google App Engine by the numbers. http://gigaom.com/2012/06/28/ google- app- engine- by- the- numbers/.
15. DEWAN, P., DURHAM, D., KHOSRAVI, H., LONG, M., AND NAGABHUSHAN, G. A hypervisor-based system for protecting software runtime memory and persistent storage. In Proceedings of Spring Simulation Multiconference (2008).
16. DOUCEUR, J. R., ELSON, J., HOWELL, J., AND LORCH, J. R. Leveraging legacy code to deploy desktop applications on the web. In Proceedings of USENIX Symposium on Operating Systems Design and Implementation (2008).
17. FRANK, M., ILYA, A., ALEX, B., V, R. C., HISHAM, S., VEDVYAS, S., AND R, S. U. Innovative instructions and software model for isolated execution. In Proceedings of International Workshop on Hardware and Architectural Support for Security and Privacy (2013).
18. GARFINKEL, T., PFAFF, B., CHOW, J., ROSENBLUM, M., AND BONEH, D. Terra: A virtual machine-based platform for trusted computing. In Proceedings of ACM Symposium on Operating System Principles (2003).
19. G O N G, L. Java 2 Platform Security Architecture. http://docs.oracle.com/javase/6/docs/technotes/guides/security/spec/security- spec.doc.html.
20. HOEKSTRA, M., LAL, R., PAPPACHAN, P., PHEGADE, V., AND DEL CUVILLO, J. Using innovative instructions to create trustworthy software solutions. In Proceedings of International Workshop on Hardware and Architectural Support for Security and Privacy (2013).
21. HOFMANN, O., DUNN, A., KIM, S., LEE, M., AND WITCHEL, E. InkTag: Secure applications on an untrusted operating system. In Proceedings of International Conference on Architectural Support for Programming Languages and Operating Systems (2013).
22. INTEL CORPORATION. Intel 64 and IA-32 architectures software developer's manual volume 3b: system programming guide, part 2. Order Number: 325384-048US, Sept. 2013.
23. JANA, S., PORTER, D. E., AND SHMATIKOV, V. TxBox: Building secure, efficient sandboxes with system transactions. In Proceedings of IEEE Symposium on Security and Privacy (2011)
24. JIANG, S., SMITH, S., AND MINAMI, K. Securing web servers against insider attack. In Proceedings of Computer Security Applications Conference (2001).
25. KIM, T., AND ZELDOVICH, N. Practical and effective sand-boxing for non-root users. In Proceedings of USENIX Annual Technical Conference (2013).
26. LI, Y., PERRIG, A., MCCUNE, J. M., NEWSOME, J., BAKER, B., AND DREWRY, W. MiniBox: A Two-Way Sandbox for x86 Native Code. Tech. Rep. CMU-CyLab-14-001, Carnegie Mellon University, 2014.
27. LOUP GAILLY, J., AND ADLER, M. zlib open source library. http://www.zlib.net.
28. MAHESHWARI, U., VINGRALEK, R., AND SHAPIRO, W. How to build a trusted database system on untrusted storage. In Proceedings of USENIX Symposium on Operating System Design & Implementation (2000).
29. MAI, H., PEK, E., XUE, H., KING, S. T., AND MADHUSUDAN, P. Verifying security invariants in expressOS. In Proceedings of International Conference on Architectural Support for Programming Languages and Operating Systems (2013).
30. MCCAMANT, S., AND MORRISETT, G. Evaluating SFI for a CISC architecture. In Proceedings of USENIX Security Symposium (2006).
31. MCCUNE, J. M., LI, Y., QU, N., ZHOU, Z., DATTA, A., GLIGOR, V., AND PERRIG, A. TrustVisor: Efficient TCB reduction and attestation. In Proceedings of IEEE Symposium on Security and Privacy (2010).
32. MCCUNE, J. M., PARNO, B., PERRIG, A., REITER, M. K., AND ISOZAKI, H. Flicker: An execution infrastructure for TCB minimization. In Proceedings of European Conference on Computer Systems (2008).
33. MITCHELL, M., STERLING, A., AND MILLER, A. Cbitcoin open source project. http://code.google.com/p/naclports/.
34. ONARLIOGLU, K., MULLINER, C., ROBERTSON, W., AND KIRDA, E. PrivExec: Private execution as an operating system service. In Proceedings of IEEE Symposium on Security and Privacy (2013).
35. OPENSSL PROJECT TEAM. OpenSSL. http://www.openssl.org/, May 2005.
36. PORTER, D. E., BOYD-WICKIZER, S., HOWELL, J., OLINSKY, R., AND HUNT, G. C. Rethinking the library OS from the top down. SIGPLAN Not. 46, 3 (Mar. 2011), 291-304.
37. PROVOS, N. Improving host security with system call policies. In Proceedings of USENIX Security Symposium (2003).
38. SINGARAVELU, L., PU, C., HÄRTIG, H., AND HELMUTH, C. Reducing TCB complexity for security-sensitive applications. In Proceedings of European Conference on Computer Systems (2006).
39. SMITH, S. W., AND WEINGART, S. Building a high-performance, programmable secure coprocessor. Computer Networks 31, 8 (Apr. 1999).
40. TA-MIN, R., LITTY, L., AND LIE, D. Splitting interfaces: Making trust between applications and operating systems configurable. In Proceedings of ACM Symposium on Operating Systems Principles (2006).
41. VASUDEVAN, A., CHAKI, S., JIA, L., MCCUNE, J., NEWSOME, J., AND DATTA, A. Design, implementation and verification of an extensible and modular hypervisor framework. In Proceedings of IEEE Symposium on Security and Privacy (2013).
42. WAHBE, R., LUCCO, S., ANDERSON, T. E., AND GRAHAM, S. L. Efficient software-based fault isolation. In Proceedings of ACM Symposium on Operating Systems Principles (1993).
43. WATSON, R. N. M. Exploiting concurrency vulnerabilities in system call wrappers. In Proceedings of USENIX Workshop on Offensive Technologies (2007).
44. WATSON, R. N. M., ANDERSON, J., LAURIE, B., AND KENNAWAY, K. Capsicum: Practical capabilities for unix. In Proceedings of USENIX Security Symposium (2010).
45. WEINHOLD, C., AND HÄRTIG, H. VPFS: building a virtual private file system with a small trusted computing base. In Proceedings of European Conference on Computer Systems (2008).
46. WEINHOLD, C., AND HÄRTIG, H. jVPFS: adding robustness to a secure stacked file system with untrusted local storage components. In Proceedings of USENIX Annual Technical Conference (2011).
47. YANG, J., AND SHIN, K. Using hypervisor to provide data secrecy for user applications on a per-page basis. In Proceedings of ACM Conference on Virtual Execution Environments (2008).
48. YEE, B., SEHR, D., DARDYK, G., CHEN, J. B., MUTH, R., ORMANDY T., OKASAKA, S., NARULA, N., FULLAGAR, N., AND GOOGLE INC. Native Client: A sandbox for portable, untrusted x86 native code. In Proceedings of IEEE Symposium on Security and Privacy (2009).
49. YEE, B., SEHR, D., DARDYK, G., CHEN, J. B., MUTH, R., ORMANDY, T., OKASAKA, S., NARULA, N., AND FULLAGAR, N. Native Client: A sandbox for portable, untrusted x86 native code. Communications of the ACM 53, 1 (2010), 91-99.
50. ZHANG, F., CHEN, J., CHEN, H., AND ZANG, B. CloudVisor: retrofitting protection of virtual machines in multi-tenant cloud with nested virtualization. In Proceedings of ACM Symposium on Operating Systems Principles (2011).
51. ZHANG, Y., JUELS, A., REITER, M. K., AND RISTENPART, T. Cross-VM side channels and their use to extract private keys. In Proceedings of ACM Conference on Computer and Communications Security (2012).