The design and implementation of hardware systems for information flow tracking
Abstract/Contents
- Abstract
- Computer security is a critical problem impacting every segment of social life. Recent research has shown that Dynamic Information Flow Tracking (DIFT) is a promising technique for detecting a wide range of security attacks. With hardware support, DIFT can provide comprehensive protection to unmodified application binaries against input validation attacks such as SQL injection, with minimal performance overhead. This dissertation presents Raksha, the first flexible hardware platform for DIFT that protects both unmodified applications, and the operating system from both low-level memory corruption exploits such as buffer overflows, and high-level semantic vulnerabilities such as SQL injections and cross-site scripting. Raksha uses tagged memory to support multiple, programmable security policies that can protect the system against concurrent attacks. It also describes the full-system prototype of Raksha constructed using a synthesizable SPARC V8 core and an FPGA board. This prototype provides comprehensive security protection with no false-positives and minimal performance, and area overheads. Traditional DIFT architectures require significant changes to the processors and caches, and are not portable across different processor designs. This dissertation addresses this practicality issue of hardware DIFT and proposes an off-core coprocessor approach that greatly reduces the design and validation costs associated with hardware DIFT systems. Observing that DIFT operations and regular computation need only synchronize on system calls to maintain security guarantees, the coprocessor decouples all DIFT functionality from the main core. Using a full-system prototype based on a synthesizable SPARC core, it shows that the coprocessor approach to DIFT provides the same security guarantees as Raksha, with low performance and hardware overheads. It also provides a practical and fast hardware solution to the problem of inconsistency between data and metadata in multiprocessor systems, when DIFT functionality is decoupled from the main core. This dissertation also explores the use of tagged memory architectures for solving se- curity problems other than DIFT. Recent work has shown that application policies can be expressed in terms of information flow restrictions and enforced in an OS kernel, providing a strong assurance of security. This thesis shows that enforcement of these policies can be pushed largely into the processor itself, by using tagged memory support, which can pro- vide stronger security guarantees by enforcing application security even if the OS kernel is compromised. It presents the Loki architecture that uses tagged memory to directly enforce application security policies in hardware. Using a full-system prototype, it shows that such an architecture can help reduce the amount of code that must be trusted by the operating system kernel.
Description
| Type of resource | text |
|---|---|
| Form | electronic; electronic resource; remote |
| Extent | 1 online resource. |
| Publication date | 2010 |
| Issuance | monographic |
| Language | English |
Creators/Contributors
| Associated with | Kannan, Hari S |
|---|---|
| Associated with | Stanford University, Department of Electrical Engineering |
| Primary advisor | Kozyrakis, Christoforos, 1974- |
| Thesis advisor | Kozyrakis, Christoforos, 1974- |
| Thesis advisor | Mitra, Subhasish |
| Thesis advisor | Olukotun, Oyekunle Ayinde |
| Advisor | Mitra, Subhasish |
| Advisor | Olukotun, Oyekunle Ayinde |
Subjects
| Genre | Theses |
|---|
Bibliographic information
| Statement of responsibility | Hari Kannan. |
|---|---|
| Note | Submitted to the Department of Electrical Engineering. |
| Thesis | Ph. D. Stanford University 2010 |
| Location | electronic resource |
Access conditions
- Copyright
- © 2010 by Hari S Kannan
- License
- This work is licensed under a Creative Commons Attribution Non Commercial 3.0 Unported license (CC BY-NC).
Also listed in
Loading usage metrics...