高效安全多执行的关键部分自动分析

2019 IEEE 19th International Conference on Software Quality, Reliability and Security (QRS) Pub Date : 2019-07-22 DOI:10.1109/QRS.2019.00048

Tobias F. Pfeffer, Thomas Göthel, S. Glesner

{"title":"高效安全多执行的关键部分自动分析","authors":"Tobias F. Pfeffer, Thomas Göthel, S. Glesner","doi":"10.1109/QRS.2019.00048","DOIUrl":null,"url":null,"abstract":"Enforcement of hypersafety security policies such as noninterference can be achieved through Secure Multi-Execution (SME). While this is typically very resource-intensive, more efficient solutions such as Demand-Driven Secure Multi-Execution (DDSME) exist. Here, the resource requirements are reduced by restricting multi-execution enforcement to critical sections in the code. However, the current solution requires manual binary analysis. In this paper, we propose a fully automatic critical section analysis. Our analysis extracts a context-sensitive boundary of all nodes that handle information from the reachability relation implied by the control-flow graph. We also provide evaluation results, demonstrating the correctness and acceleration of DDSME with our analysis.","PeriodicalId":122665,"journal":{"name":"2019 IEEE 19th International Conference on Software Quality, Reliability and Security (QRS)","volume":"223 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-07-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Automatic Analysis of Critical Sections for Efficient Secure Multi-Execution\",\"authors\":\"Tobias F. Pfeffer, Thomas Göthel, S. Glesner\",\"doi\":\"10.1109/QRS.2019.00048\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Enforcement of hypersafety security policies such as noninterference can be achieved through Secure Multi-Execution (SME). While this is typically very resource-intensive, more efficient solutions such as Demand-Driven Secure Multi-Execution (DDSME) exist. Here, the resource requirements are reduced by restricting multi-execution enforcement to critical sections in the code. However, the current solution requires manual binary analysis. In this paper, we propose a fully automatic critical section analysis. Our analysis extracts a context-sensitive boundary of all nodes that handle information from the reachability relation implied by the control-flow graph. We also provide evaluation results, demonstrating the correctness and acceleration of DDSME with our analysis.\",\"PeriodicalId\":122665,\"journal\":{\"name\":\"2019 IEEE 19th International Conference on Software Quality, Reliability and Security (QRS)\",\"volume\":\"223 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-07-22\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 IEEE 19th International Conference on Software Quality, Reliability and Security (QRS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/QRS.2019.00048\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE 19th International Conference on Software Quality, Reliability and Security (QRS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/QRS.2019.00048","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

可以通过安全多执行(SME)实现超安全安全策略的强制执行，例如不干扰。虽然这通常是非常资源密集型的，但存在更有效的解决方案，例如需求驱动的安全多执行(dddme)。在这里，通过将多执行强制限制到代码中的关键部分来减少资源需求。然而，当前的解决方案需要手工二进制分析。在本文中，我们提出了一个全自动临界截面分析。我们的分析提取了所有节点的上下文敏感边界，这些节点处理来自控制流图隐含的可达性关系的信息。最后给出了评价结果，验证了该方法的正确性和快速性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Automatic Analysis of Critical Sections for Efficient Secure Multi-Execution

Enforcement of hypersafety security policies such as noninterference can be achieved through Secure Multi-Execution (SME). While this is typically very resource-intensive, more efficient solutions such as Demand-Driven Secure Multi-Execution (DDSME) exist. Here, the resource requirements are reduced by restricting multi-execution enforcement to critical sections in the code. However, the current solution requires manual binary analysis. In this paper, we propose a fully automatic critical section analysis. Our analysis extracts a context-sensitive boundary of all nodes that handle information from the reachability relation implied by the control-flow graph. We also provide evaluation results, demonstrating the correctness and acceleration of DDSME with our analysis.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2019 IEEE 19th International Conference on Software Quality, Reliability and Security (QRS)

自引率

0.00%

发文量