-
Univers
-
Ebooks
-
Livres audio
-
Presse
-
Podcasts
-
BD
-
Documents
-
- Cours
- Révisions
- Ressources pédagogiques
- Sciences de l’éducation
- Manuels scolaires
- Langues
- Travaux de classe
- Annales de BEP
- Etudes supérieures
- Maternelle et primaire
- Fiches de lecture
- Orientation scolaire
- Méthodologie
- Corrigés de devoir
- Annales d’examens et concours
- Annales du bac
- Annales du brevet
- Rapports de stage
La lecture à portée de main
17 pages
English
Le téléchargement nécessite un accès à la bibliothèque YouScribe
Tout savoir sur nos offres
Tout savoir sur nos offres
17 pages
English
Le téléchargement nécessite un accès à la bibliothèque YouScribe
Tout savoir sur nos offres
Tout savoir sur nos offres
Description
Implementing an Untrusted Operating System on Trusted HardwareDavid LieChandramohan A. Thekkath Mark HorowitzUniversity of Toronto, Microsoft Research, and Stanford University1Protection in Systems: Hardware Approach• Many platforms exist where trust is placed in hardware:– Trust Computing Platform Alliance (TCPA)– Microsoft’s Palladium (NGSCB)– Intel LaGrande Architecture• Advantages of hardware approach– Better tamper-resistance– Less dependent on OS correctness for security• Trust in hardware means less trust (or no) in OS– We need to rethink operating system designDavid Lie Implementing an Untrusted Operating System on Trusted Hardware SOSP 2003 2Rethinking the Role of the OS• A traditional OS performs both resource management and protection for applications– But now applications and OS are mutually suspicious– But applications don’t trust OS to access their code and data– OS must be able to interrupt applications • Use XOM (eXecute Only Memory) as an example platform– New operating system is called XOMOS• XOMOS is UNIX-like, port of IRIX 6.5– Should support most standard UNIX applicationsDavid Lie Implementing an Untrusted Operating System on Trusted Hardware SOSP 2003 3XOM Hardware Architecture• XOM is implemented as a set of ISA extensions• XOM Processor implements compartments for protection– Each compartment has a unique XOM ID– Architectural tags to control access to data on-chip– Cryptographic mechanisms protect data ...
Informations
| Publié par | Phion |
| Nombre de lectures | 12 |
| Langue | English |
Extrait
Implementing an Untrusted Operating System on Trusted Hardware
David Lie Chandramohan A. Thekkath Mark Horowitz
University of Toronto, Microsoft Research, and Stanford University
1
•
•
•
Protection in Systems: Hardware Approach
Many platforms exist where trust is placed in hardware: Trust Computing Platform Alliance (TCPA) Microsoft’s Palladium (NGSCB) Intel LaGrande Architecture
Advantages of hardware approach Better tamper-resistance Less dependent on OS correctness for security
Trust in hardware means less trust (or no) in OS We need to rethink operating system design
David Lie
Implementing an Untrusted Operating System on Trusted Hardware
SOSP 2003
2
•
•
•
Rethinking the Role of the OS
A traditional OS performs both resource management and protection for applications But now applications and OS are mutually suspicious But applications don’t trust OS to access their code and data OS must be able to interrupt applications
Use XOM (eXecute Only Memory) as an example platform New operating system is called XOMOS
XOMOS is UNIX-like, port of IRIX 6.5 Should support most standard UNIX applications
David Lie
Implementing an Untrusted Operating System on Trusted Hardware SOSP 2003 3
•
•
•
XOM Hardware Architecture
XOM is implemented as a set of ISA extensions
XOM Processor implements compartments for protection Each compartment has a unique XOM ID Architectural tags to control access to data on-chip Cryptographic mechanisms protect data off-chip
XOM Processor executes encrypted code Combination of asymmetric/symmetric ciphers Private key embedded on-chip hardware
David Lie
Implementing an Untrusted Operating System on Trusted Hardware
SOSP 2003
4
Entering Secure Execution
• Applications Enter and Exit secure execution via instructions
Unencrypted Code Encrypted Code (sym) Encrypted Symmetric Key
Main Memory
David Lie
Asymmetric Decryption Module
Private Key
X OM Pr ocessor
Symmetric Decryption Module
XOM Key Table
Implementing an Untrusted Operating System on Trusted Hardware
Executable Code
Exit XOM
SOSP 2003 5
•
Implementing Compartments
Program
Register 1
Data
Tag
!
OS
Register 3
X OM Pr ocessor
Data
Tag
Problem: How does OS save registers during a trap or interrupt?
David Lie
Implementing an Untrusted Operating System on Trusted Hardware SOSP 2003 6
•
•
•
XOMOS Overview
Implement XOM CPU in SimOS hardware simulator MIPS-based architecture with XOM ISA extensions
Ported the IRIX 6.5 Operating System to run on XOM processor
Main areas that need modification: Resource management of secure data • Saving Registers on Interrupt, Memory Management Need support for XOM Key Table • Loading/Unloading, Management Compatibility with original system • Fork , Signal Handling, Shared Libraries/System Calls
David Lie
Implementing an Untrusted Operating System on Trusted Hardware SOSP 2003 7
•
Saving Registers
OS uses save register instruction Hash Data
Data Tag
Look up program key based on Tag
David Lie
ncrypt Data
XOM Key Table
Store encrypted data and hash to memory
OS XOM ID
Enlarge the exception frame to store hash and XOM ID
Implementing an Untrusted Operating System on Trusted Hardware SOSP 2003 8
Protecting and Managing Memory
• Applications use secure store instruction Registers Caches
Data
David Lie
Tag
Secure Store: Tag is copied from register to cache
Data Tag
Data Tag
XOM Key Table
Memory Hash Data
Writeback : Look up Tag, Encrypt and Hash
Relocate data and hashes together
Implementing an Untrusted Operating System on Trusted Hardware SOSP 2003 9
Replay Attacks and Fork
• An OS Fork must be differentiated from a Replay Attack Replay Attack: OS duplicates registers and replays them Fork: OS must duplicate register set and restore them
Time 1
(Same Register)
Reg A Reg A
Time 2 Reg B
OS saves registers
Reg B
Reg A Reg A OS restores registers Replay register value
Reg A Reg A
• Revoke and regenerate register keys on every interrupt • This hardware defense breaks traditional fork code
David Lie Implementing an Untrusted Operating System on Trusted Hardware SOSP 2003 10
Naïve Fork Implementation
• Parent and Child are exactly the same, have the same XOM ID • Problem: Both threads use the same register key
Fork
Child r
Register Key
David Lie
Parent
XOM Processor
Implementing an Untrusted Operating System on Trusted Hardware SOSP 2003 11
-
Univers
-
Ebooks
-
Livres audio
-
Presse
-
Podcasts
-
BD
-
Documents
-
Jeunesse
-
Littérature
-
Ressources professionnelles
-
Santé et bien-être
-
Savoirs
-
Education
-
Loisirs et hobbies
-
Art, musique et cinéma
-
Actualité et débat de société
-
Jeunesse
-
Littérature
-
Ressources professionnelles
-
Santé et bien-être
-
Savoirs
-
Education
-
Loisirs et hobbies
-
Art, musique et cinéma
-
Actualité et débat de société
-
Actualités
-
Lifestyle
-
Presse jeunesse
-
Presse professionnelle
-
Pratique
-
Presse sportive
-
Presse internationale
-
Culture & Médias
-
Action et Aventures
-
Science-fiction et Fantasy
-
Société
-
Jeunesse
-
Littérature
-
Ressources professionnelles
-
Santé et bien-être
-
Savoirs
-
Education
-
Loisirs et hobbies
-
Art, musique et cinéma
-
Actualité et débat de société
- Cours
- Révisions
- Ressources pédagogiques
- Sciences de l’éducation
- Manuels scolaires
- Langues
- Travaux de classe
- Annales de BEP
- Etudes supérieures
- Maternelle et primaire
- Fiches de lecture
- Orientation scolaire
- Méthodologie
- Corrigés de devoir
- Annales d’examens et concours
- Annales du bac
- Annales du brevet
- Rapports de stage
Signaler un problème
YouScribe
Le catalogue
Le service
© 2010-2024 YouScribe