hardware, languages, and architectures for defense against hostile operating systems (dhosa) vikram...
TRANSCRIPT
Hardware, Languages, and Architectures for Defense Against
Hostile Operating Systems(DHOSA)
Vikram Adve, Krste Asanović, David Evans, Sam King, Greg
Morrisett, R. Sekar, Dawn Song, David Wagner (PI)
http://www.dhosa.org/
Vikram Adve(UIUC)
Krste Asanović(UC Berkeley)
David Evans(U Virginia)
Sam King(UIUC)
Greg Morrisett(Harvard)
R. Sekar(Stony Brook)
Dawn Song(UC Berkeley)
David Wagner(UC Berkeley)
Overview
Conventional wisdom: If the OS is malicious or subverted, you are hosed.
This project: Actually, maybe there is hope…
Project goal: Explore new approaches to defend against a malicious OS.
Problem Statement
Defend against a compromised, hostile, or malicious operating system.
Today: If the OS is malicious, all is lost.
Desired end state: We can survive a malicious OS, perhaps with degraded functionality or availability.
Exploring New Territory
• This is exploratory research.(Not an engineering project.)
• We are exploring many approaches to the problem. We do not know which will prove most effective. Some may fail.
• We hope some of our ideas will have applications to other security problems outside of the hostile OS problem.
TRANSFORMATION
HARDWARE SYSTEM ARCHITECTURES
SVA
Binary translation and
emulation
Formal methods
Hardware support for isolation
Dealing with malicious hardware
Cryptographic secure
computation
Data-centric security
Secure browser appliance
Secure servers
WEB-BASED ARCHITECTURES
e.g., Enforce properties on a malicious OS
e.g., Prevent dataexfiltration
e.g., Enable complex distributed systems, with resilience to hostile OS’s
Agenda 8:30- 9:00 Welcome + Overview 9:00- 9:30 Secure Virtual Architecture 9:30- 9:50 Binary translation 9:50-10:20 Formal methods10:20-10:35 Testing binary emulators
10:50-11:10 Hardware support11:10-11:25 Defenses against malicious hardware11:25-11:40 Cryptographic secure computation
11:40-12:20 Lunch
12:20-12:50 Data-centric security12:50- 1:20 Secure web-based architecture
1:20- 1:45 Discussion and feedback