发布求助
文献互助 智能选刊 最新文献

Proceedings of the 1st Workshop on System Software for Trusted Execution最新文献

筛选
英文 中文
Analysis of Trusted Execution Environment usage in Samsung KNOX 三星KNOX可信执行环境使用分析
Proceedings of the 1st Workshop on System Software for Trusted Execution Pub Date : 2016-12-12 DOI: 10.1145/3007788.3007795
Ahmad Atamli-Reineh, Ravishankar Borgaonkar, Ranjbar A. Balisane, Giuseppe Petracca, Andrew P. Martin
{"title":"Analysis of Trusted Execution Environment usage in Samsung KNOX","authors":"Ahmad Atamli-Reineh, Ravishankar Borgaonkar, Ranjbar A. Balisane, Giuseppe Petracca, Andrew P. Martin","doi":"10.1145/3007788.3007795","DOIUrl":"https://doi.org/10.1145/3007788.3007795","url":null,"abstract":"Mobile systems have become widely adopted by users to perform sensitive operations ranging from on-line payments for personal use to remote access to enterprise assets. Thus, attacks on mobile devices can cause significant loss to user's personal data as well as to valuable enterprise assets. In order to mitigate risks arising from attacks, various approaches have been proposed including the use of Trusted Execution Environment (TEE) to isolate and protect the execution of sensitive code from the rest of the system, e.g. applications and other software.However, users remain at risk of exploits via several types of software vulnerabilities - indicating that enterprises have failed to deliver the required protection, despite the use of existing isolation technologies. In this paper, we investigate Samsung KNOX and its usage of TEE as being the current technology providing secure containers. First, we study how KNOX uses TEE and perform analysis on its design consideration from a system vulnerabilities perspective. Second, we analyse and discuss recent attacks on KNOX and how those attacks exploit system vulnerabilities. Finally, we present new shortcomings emerging from our analysis of KNOX architecture. Our research exhibits that system vulnerabilities are the underlying cause of many attacks on systems and it reveals how they affect fundamental design security principles when the full potential of TEE is not exploited.","PeriodicalId":365574,"journal":{"name":"Proceedings of the 1st Workshop on System Software for Trusted Execution","volume":"57 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126674364","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 15
Avoiding Leakage and Synchronization Attacks through Enclave-Side Preemption Control 通过包端抢占控制避免泄漏和同步攻击
Proceedings of the 1st Workshop on System Software for Trusted Execution Pub Date : 2016-12-12 DOI: 10.1145/3007788.3007794
M. Völp, A. Lackorzynski, Jérémie Decouchant, Vincent Rahli, F. Rocha, P. Veríssimo
{"title":"Avoiding Leakage and Synchronization Attacks through Enclave-Side Preemption Control","authors":"M. Völp, A. Lackorzynski, Jérémie Decouchant, Vincent Rahli, F. Rocha, P. Veríssimo","doi":"10.1145/3007788.3007794","DOIUrl":"https://doi.org/10.1145/3007788.3007794","url":null,"abstract":"Intel SGX is the latest processor architecture promising secure code execution despite large, complex and hence potentially vulnerable legacy operating systems (OSs). However, two recent works identified vulnerabilities that allow an untrusted management OS to extract secret information from Intel SGX's enclaves, and to violate their integrity by exploiting concurrency bugs. In this work, we re-investigate delayed preemption (DP) in the context of Intel SGX. DP is a mechanism originally proposed for L4-family microkernels as disable-interrupt replacement. Recapitulating earlier results on language-based information-flow security, we illustrate the construction of leakage-free code for enclaves. However, as long as adversaries have fine-grained control over preemption timing, these solutions are impractical from a performance/complexity perspective. To overcome this, we resort to delayed preemption, and sketch a software implementation for hypervisors providing enclaves as well as a hardware extension for systems like SGX. Finally, we illustrate how static analyses for SGX may be extended to check confidentiality of preemption-delaying programs.","PeriodicalId":365574,"journal":{"name":"Proceedings of the 1st Workshop on System Software for Trusted Execution","volume":"43 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123374003","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Mitigating Password Database Breaches with Intel SGX 使用英特尔SGX减轻密码数据库泄露
Proceedings of the 1st Workshop on System Software for Trusted Execution Pub Date : 2016-12-12 DOI: 10.1145/3007788.3007789
Helena Brekalo, Raoul Strackx, F. Piessens
{"title":"Mitigating Password Database Breaches with Intel SGX","authors":"Helena Brekalo, Raoul Strackx, F. Piessens","doi":"10.1145/3007788.3007789","DOIUrl":"https://doi.org/10.1145/3007788.3007789","url":null,"abstract":"In order to prevent rainbow attacks against a stolen password database, most passwords are appended with a unique salt before hashing them as to make the password random and more secure. However, the decreasing cost of hardware has made it feasible to perform brute force attacks by guessing the passwords (even when extended with their salt). Recently Intel has made processors with Intel SGX commercially available. This security technology enables developers to (1) completely isolate code and data running in an SGX enclave from untrusted code running at any privilege layer and (2) prevent data sealed to an enclave from being accessed on any other machine. We propose to add a key to the password (and salt) before they are hashed. By calculating the hash within an enclave, the key never leaves the enclave. This provides much stronger protection; offline attacks are infeasible without knowledge of the key. Online attacks on the other hand are much easier to defend against.","PeriodicalId":365574,"journal":{"name":"Proceedings of the 1st Workshop on System Software for Trusted Execution","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129890219","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 16
A Case for Protecting Computer Games With SGX 新加坡证券交易所保护电脑游戏的案例
Proceedings of the 1st Workshop on System Software for Trusted Execution Pub Date : 2016-12-12 DOI: 10.1145/3007788.3007792
Erick Bauman, Zhiqiang Lin
{"title":"A Case for Protecting Computer Games With SGX","authors":"Erick Bauman, Zhiqiang Lin","doi":"10.1145/3007788.3007792","DOIUrl":"https://doi.org/10.1145/3007788.3007792","url":null,"abstract":"The integrity and confidentiality of computer games has long been a concern of game developers, both in preventing players from cheating and from obtaining unlicensed copies of the software. Recently, Intel released SGX, which can provide new security guarantees for software developers to achieve an unprecedented level of software integrity and confidentiality. To explore how SGX can protect a computer game in practice, in this paper we make a first step of exploring new ways to protect the integrity and confidentiality of game code and data, and in doing so we have developed a framework and design principles for integrating games with SGX. We have applied our framework to demonstrate how it can be used to protect a real world computer game.","PeriodicalId":365574,"journal":{"name":"Proceedings of the 1st Workshop on System Software for Trusted Execution","volume":"44 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122749938","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 31
Exploring the use of Intel SGX for Secure Many-Party Applications 探索使用英特尔SGX安全多方应用程序
Proceedings of the 1st Workshop on System Software for Trusted Execution Pub Date : 2016-12-12 DOI: 10.1145/3007788.3007793
Kubilay Ahmet Küçük, Andrew J. Paverd, Andrew C. Martin, N. Asokan, A. Simpson, Robin Ankele
{"title":"Exploring the use of Intel SGX for Secure Many-Party Applications","authors":"Kubilay Ahmet Küçük, Andrew J. Paverd, Andrew C. Martin, N. Asokan, A. Simpson, Robin Ankele","doi":"10.1145/3007788.3007793","DOIUrl":"https://doi.org/10.1145/3007788.3007793","url":null,"abstract":"The theoretical construct of a Trusted Third Party (TTP) has the potential to solve many security and privacy challenges. In particular, a TTP is an ideal way to achieve secure multiparty computation---a privacy-enhancing technique in which mutually distrusting participants jointly compute a function over their private inputs without revealing these inputs. Although there exist cryptographic protocols to achieve this, their performance often limits them to the two-party case, or to a small number of participants. However, many real-world applications involve thousands or tens of thousands of participants. Examples of this type of many-party application include privacy-preserving energy metering, location-based services, and mobile network roaming. Challenging the notion that a trustworthy TTP does not exist, recent research has shown how trusted hardware and remote attestation can be used to establish a sufficient level of assurance in a real system such that it can serve as a trustworthy remote entity (TRE). We explore the use of Intel SGX, the most recent and arguably most promising trusted hardware technology, as the basis for a TRE for many-party applications. Using privacy-preserving energy metering as a case study, we design and implement a prototype TRE using SGX, and compare its performance to a previous system based on the Trusted Platform Module (TPM). Our results show that even without specialized optimizations, SGX provides comparable performance to the optimized TPM system, and therefore has significant potential for large-scale many-party applications.","PeriodicalId":365574,"journal":{"name":"Proceedings of the 1st Workshop on System Software for Trusted Execution","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127617172","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 44
Protecting Password Databases using Trusted Hardware 使用可信硬件保护密码数据库
Proceedings of the 1st Workshop on System Software for Trusted Execution Pub Date : 2016-12-12 DOI: 10.1145/3007788.3007798
Klaudia Krawiecka, Andrew J. Paverd, N. Asokan
{"title":"Protecting Password Databases using Trusted Hardware","authors":"Klaudia Krawiecka, Andrew J. Paverd, N. Asokan","doi":"10.1145/3007788.3007798","DOIUrl":"https://doi.org/10.1145/3007788.3007798","url":null,"abstract":"Powered by TCPDF (www.tcpdf.org) This material is protected by copyright and other intellectual property rights, and duplication or sale of all or part of any of the repository collections is not permitted, except that material may be duplicated by you for your research use or educational purposes in electronic or print form. You must obtain permission for any other use. Electronic or print copies may not be offered, whether for sale or otherwise to anyone who is not an authorised user. Krawiecka, Klaudia; Paverd, Andrew; Asokan, N.","PeriodicalId":365574,"journal":{"name":"Proceedings of the 1st Workshop on System Software for Trusted Execution","volume":"61 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116562444","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Proof of Luck: an Efficient Blockchain Consensus Protocol 运气证明:一个高效的区块链共识协议
Proceedings of the 1st Workshop on System Software for Trusted Execution Pub Date : 2016-12-12 DOI: 10.1145/3007788.3007790
Mitar Milutinovic, Warren He, Howard Wu, Maxinder S. Kanwal
{"title":"Proof of Luck: an Efficient Blockchain Consensus Protocol","authors":"Mitar Milutinovic, Warren He, Howard Wu, Maxinder S. Kanwal","doi":"10.1145/3007788.3007790","DOIUrl":"https://doi.org/10.1145/3007788.3007790","url":null,"abstract":"In the paper, we present designs for multiple blockchain consensus primitives and a novel blockchain system, all based on the use of trusted execution environments (TEEs), such as Intel SGX-enabled CPUs. First, we show how using TEEs for existing proof of work schemes can make mining equitably distributed by preventing the use of ASICs. Next, we extend the design with proof of time and proof of ownership consensus primitives to make mining energy- and time-efficient. Further improving on these designs, we present a blockchain using a proof of luck consensus protocol. Our proof of luck blockchain uses a TEE platform's random number generation to choose a consensus leader, which offers low-latency transaction validation, deterministic confirmation time, negligible energy consumption, and equitably distributed mining. Lastly, we discuss a potential protection against up to a constant number of compromised TEEs.","PeriodicalId":365574,"journal":{"name":"Proceedings of the 1st Workshop on System Software for Trusted Execution","volume":"39 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126674391","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 228
Isolating Operating System Components with Intel SGX 使用英特尔SGX隔离操作系统组件
Proceedings of the 1st Workshop on System Software for Trusted Execution Pub Date : 2016-12-12 DOI: 10.1145/3007788.3007796
Lars Richter, J. Götzfried, Tilo Müller
{"title":"Isolating Operating System Components with Intel SGX","authors":"Lars Richter, J. Götzfried, Tilo Müller","doi":"10.1145/3007788.3007796","DOIUrl":"https://doi.org/10.1145/3007788.3007796","url":null,"abstract":"In this paper, we present a novel approach on isolating operating system components with Intel SGX. Although SGX has not been designed to work in kernel mode, we found a way of wrapping Linux kernel functionality within SGX enclaves by moving parts of it to user space. Kernel components are strictly isolated from each other such that a vulnerability in one kernel module cannot escalate into compromising the entire kernel. We provide a proof-of-concept implementation which protects an exemplary kernel function, namely full disk encryption, using an Intel SGX enclave. Besides integrity of the disk encryption, our implementation ensures that the confidentiality of the disk encryption key is protected against all software level attacks as well as physical attacks. In addition to the user password, we use a second authentication factor for deriving the encryption key which is stored sealed and bound to the platform. Thus, stealing the hard drive and sniffing the user password is insufficient for an attacker to break disk encryption. Instead, the two factor authentication scheme requires an attacker to additionally obtain the actual machine to be able to break encryption.","PeriodicalId":365574,"journal":{"name":"Proceedings of the 1st Workshop on System Software for Trusted Execution","volume":"58 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115288133","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 16
Developing Secure SGX Enclaves: New Challenges on the Horizon 开发安全的新交所飞地:即将面临的新挑战
Proceedings of the 1st Workshop on System Software for Trusted Execution Pub Date : 2016-12-12 DOI: 10.1145/3007788.3007791
Raoul Strackx, F. Piessens
{"title":"Developing Secure SGX Enclaves: New Challenges on the Horizon","authors":"Raoul Strackx, F. Piessens","doi":"10.1145/3007788.3007791","DOIUrl":"https://doi.org/10.1145/3007788.3007791","url":null,"abstract":"The combination of (1) hard to eradicate low-level vulnerabilities, (2) a large trusted computing base written in a memory-unsafe language and (3) a desperate need to provide strong software security guarantees, led to the development of protected-module architectures. Such architectures provide strong isolation of protected modules: Security of code and data depends only on a module's own implementation. In this paper we discuss how such protected modules should be written. From an academic perspective it is clear that the future lies with memory-safe languages. Unfortunately, from a business and management perspective, that is a risky path and will remain so in the near future. The use of well-known but memory-unsafe languages such as C and C++ seem inevitable. We argue that the academic world should take another look at the automatic hardening of software written in such languages to mitigate low-level security vulnerabilities. This is a well-studied topic for full applications, but protected-module architectures introduce a new, and much more challenging environment. Porting existing security measures to a protected-module setting without a thorough security analysis may even harm security of the protected modules they try to protect.","PeriodicalId":365574,"journal":{"name":"Proceedings of the 1st Workshop on System Software for Trusted Execution","volume":"43 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-12-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121537595","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Proceedings of the 1st Workshop on System Software for Trusted Execution 第一届可信执行系统软件研讨会论文集
Proceedings of the 1st Workshop on System Software for Trusted Execution Pub Date : 1900-01-01 DOI: 10.1145/3007788
Kubilay Ahmet Küçük, Andrew J. Paverd, Andrew C. Martin, N. Asokan, Andrew Simpson, Robin Ankele
{"title":"Proceedings of the 1st Workshop on System Software for Trusted Execution","authors":"Kubilay Ahmet Küçük, Andrew J. Paverd, Andrew C. Martin, N. Asokan, Andrew Simpson, Robin Ankele","doi":"10.1145/3007788","DOIUrl":"https://doi.org/10.1145/3007788","url":null,"abstract":"","PeriodicalId":365574,"journal":{"name":"Proceedings of the 1st Workshop on System Software for Trusted Execution","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126195597","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信