Isolated Execution on Many-core Architectures
dc.contributor.author
Masti, Ramya Jayaram
dc.contributor.author
Rai, Devendra
dc.contributor.author
Marforio, Claudio
dc.contributor.author
Capkun, Srdjan
dc.date.accessioned
2017-06-11T12:07:16Z
dc.date.available
2017-06-11T12:07:16Z
dc.date.issued
2014
dc.identifier.uri
http://hdl.handle.net/20.500.11850/88557
dc.description.abstract
We explore how many-core platforms can be used to enhance the security of future systems and to support important security properties such as runtime isolation using a small Trusted Computing Base (TCB). We focus on the Intel Single-chip Cloud Computer (SCC) to show that such properties can be implemented in current systems. We design a system called SEMA which offers strong security properties while maintaining high performance and flexibility enabled by a small centralized security kernel. We further implement and evaluate the feasibility of our design. Currently, our prototype security kernel is able to execute applications in isolation and accommodate dynamic resource requests from them. We show that, with minor modifications, many-core architectures can offer some unique security properties, not supported by existing single- and multi-core architectures, such as application context awareness. Context awareness, a new security property that we define and explore in this work, allows each application to discover, without any interaction with the security kernel, which other parts of the system are allowed to interact with it and access its resources. We also discuss how an application can use context awareness to defend itself from an unlikely, yet potentially compromised security kernel
dc.language.iso
en
dc.publisher
International Association for Cryptologic Research
dc.title
Isolated Execution on Many-core Architectures
dc.type
Report
ethz.size
14 p.
ethz.publication.place
S.l.
ethz.publication.status
published
ethz.leitzahl
ETH Zürich::00002 - ETH Zürich::00012 - Lehre und Forschung::00007 - Departemente::02150 - Dep. Informatik / Dep. of Computer Science::02660 - Institut für Informationssicherheit / Institute of Information Security::03755 - Capkun, Srdan / Capkun, Srdan
ethz.leitzahl
ETH Zürich::00002 - ETH Zürich::00012 - Lehre und Forschung::00007 - Departemente::02140 - Dep. Inf.technologie und Elektrotechnik / Dep. of Inform.Technol. Electrical Eng.::02640 - Inst. f. Technische Informatik und Komm. / Computer Eng. and Networks Lab.::03429 - Thiele, Lothar (emeritus) / Thiele, Lothar (emeritus)
ethz.leitzahl.certified
ETH Zürich::00002 - ETH Zürich::00012 - Lehre und Forschung::00007 - Departemente::02150 - Dep. Informatik / Dep. of Computer Science::02660 - Institut für Informationssicherheit / Institute of Information Security::03755 - Capkun, Srdan / Capkun, Srdan
ethz.leitzahl.certified
ETH Zürich::00002 - ETH Zürich::00012 - Lehre und Forschung::00007 - Departemente::02140 - Dep. Inf.technologie und Elektrotechnik / Dep. of Inform.Technol. Electrical Eng.::02640 - Inst. f. Technische Informatik und Komm. / Computer Eng. and Networks Lab.::03429 - Thiele, Lothar (emeritus) / Thiele, Lothar (emeritus)
ethz.identifier.url
https://eprint.iacr.org/2014/136
ethz.date.deposited
2017-06-11T12:07:24Z
ethz.source
ECIT
ethz.identifier.importid
imp5936523e0aa8884894
ethz.ecitpid
pub:139317
ethz.eth
yes
ethz.availability
Metadata only
ethz.rosetta.installDate
2017-07-26T04:45:39Z
ethz.rosetta.lastUpdated
2023-02-06T12:36:02Z
ethz.rosetta.versionExported
true
ethz.COinS
ctx_ver=Z39.88-2004&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.atitle=Isolated%20Execution%20on%20Many-core%20Architectures&rft.date=2014&rft.au=Masti,%20Ramya%20Jayaram&Rai,%20Devendra&Marforio,%20Claudio&Capkun,%20Srdjan&rft.genre=report&rft.btitle=Isolated%20Execution%20on%20Many-core%20Architectures
Files in this item
Files | Size | Format | Open in viewer |
---|---|---|---|
There are no files associated with this item. |
Publication type
-
Report [6917]