Creating Security using Software and Hardware Bradley Herrup CS297- Security and Programming Languages.

Slides:



Advertisements
Similar presentations
Interactive lesson about operating system
Advertisements

An Overview Of Virtual Machine Architectures Ross Rosemark.
Memory.
TIE Extensions for Cryptographic Acceleration Charles-Henri Gros Alan Keefer Ankur Singla.
Operating Systems Lecture 10 Issues in Paging and Virtual Memory Adapted from Operating Systems Lecture Notes, Copyright 1997 Martin C. Rinard. Zhiqing.
1 Implementing an Untrusted Operating System on Trusted Hardware David Lie Chandramohan A. Thekkath Mark Horowitz University of Toronto, Microsoft Research,
1 Specifying and Verifying Hardware Support for Copy and Tamper-Resistant Software David Lie, John Mitchell, Chandramohan Thekkath and Mark Horowitz Computer.
Implementing an Untrusted Operating System on Trusted Hardware.
Computer Organization CS224 Fall 2012 Lesson 44. Virtual Memory  Use main memory as a “cache” for secondary (disk) storage l Managed jointly by CPU hardware.
1 A Real Problem  What if you wanted to run a program that needs more memory than you have?
CS 345 Computer System Overview
CS 153 Design of Operating Systems Spring 2015
Operating System Support Focus on Architecture
CS 104 Introduction to Computer Science and Graphics Problems
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
Computer System Overview
State Machines Timing Computer Bus Computer Performance Instruction Set Architectures RISC / CISC Machines.
Cs238 Lecture 3 Operating System Structures Dr. Alan R. Davis.
Modified from Silberschatz, Galvin and Gagne ©2009 CS 446/646 Principles of Operating Systems Lecture 1 Chapter 1: Introduction.
03/22/2004CSCI 315 Operating Systems Design1 Virtual Memory Notice: The slides for this lecture have been largely based on those accompanying the textbook.
1  1998 Morgan Kaufmann Publishers Chapter Seven Large and Fast: Exploiting Memory Hierarchy (Part II)
03/17/2008CSCI 315 Operating Systems Design1 Virtual Memory Notice: The slides for this lecture have been largely based on those accompanying the textbook.
Chapter 1: IntroductionDhamdhere: Operating Systems— A Concept-Based Approach Slide No: 1 Copyright ©2005 Overview of Operating Systems Chapters 1 and.
GallagherP188/MAPLD20041 Accelerating DSP Algorithms Using FPGAs Sean Gallagher DSP Specialist Xilinx Inc.
Silberschatz, Galvin and Gagne ©2009 Operating System Concepts – 8 th Edition, Chapter 1: Introduction.
Operating System A program that controls the execution of application programs An interface between applications and hardware 1.
A Portable Virtual Machine for Program Debugging and Directing Camil Demetrescu University of Rome “La Sapienza” Irene Finocchi University of Rome “Tor.
Operating System Review September 10, 2012Introduction to Computer Security ©2004 Matt Bishop Slide #1-1.
IT253: Computer Organization Lecture 4: Instruction Set Architecture Tonga Institute of Higher Education.
Three fundamental concepts in computer security: Reference Monitors: An access control concept that refers to an abstract machine that mediates all accesses.
© Janice Regan, CMPT 300, May CMPT 300 Introduction to Operating Systems Principles of I/0 hardware.
1 Architectural Support for Copy and Tamper Resistant Software David Lie, Chandu Thekkath, Mark Mitchell, Patrick Lincoln, Dan Boneh, John Mitchell and.
8.4 paging Paging is a memory-management scheme that permits the physical address space of a process to be non-contiguous. The basic method for implementation.
Hardware Assisted Control Flow Obfuscation for Embedded Processors Xiaoton Zhuang, Tao Zhang, Hsien-Hsin S. Lee, Santosh Pande HIDE: An Infrastructure.
July 30, 2001Systems Architecture II1 Systems Architecture II (CS ) Lecture 8: Exploiting Memory Hierarchy: Virtual Memory * Jeremy R. Johnson Monday.
Chapter 1: Introduction. 1.2 Silberschatz, Galvin and Gagne ©2005 Operating System Concepts Chapter 1: Introduction What Operating Systems Do Computer-System.
Operating Systems Lecture No. 2. Basic Elements  At a top level, a computer consists of a processor, memory and I/ O Components.  These components are.
Computers Operating System Essentials. Operating Systems PROGRAM HARDWARE OPERATING SYSTEM.
VIRTUAL MEMORY By Thi Nguyen. Motivation  In early time, the main memory was not large enough to store and execute complex program as higher level languages.
CE Operating Systems Lecture 14 Memory management.
By Teacher Asma Aleisa Year 1433 H.   Goals of memory management  To provide a convenient abstraction for programming.  To allocate scarce memory.
Virtual Memory Lecture for CPSC 5155 Edward Bosworth, Ph.D. Computer Science Department Columbus State University.
Operating Systems Security
DSP Architectures Additional Slides Professor S. Srinivasan Electrical Engineering Department I.I.T.-Madras, Chennai –
Multilevel Caches Microprocessors are getting faster and including a small high speed cache on the same chip.
Lecture 1: Review of Computer Organization
1 Lecture 1: Computer System Structures We go over the aspects of computer architecture relevant to OS design  overview  input and output (I/O) organization.
CS2100 Computer Organisation Virtual Memory – Own reading only (AY2015/6) Semester 1.
Exploiting Instruction Streams To Prevent Intrusion Milena Milenkovic.
Virtual Memory Ch. 8 & 9 Silberschatz Operating Systems Book.
Protection of Processes Security and privacy of data is challenging currently. Protecting information – Not limited to hardware. – Depends on innovation.
Security Architecture and Design Chapter 4 Part 2 Pages 319 to 357.
CS4315A. Berrached:CMS:UHD1 Introduction to Operating Systems Chapter 1.
Chapter 11 System Performance Enhancement. Basic Operation of a Computer l Program is loaded into memory l Instruction is fetched from memory l Operands.
1 Chapter 2: Operating-System Structures Services Interface provided to users & programmers –System calls (programmer access) –User level access to system.
Architecture Support for Secure Computing Mikel Bezdek Chun Yee Yu CprE 585 Survey Project 12/10/04.
A Framework For Trusted Instruction Execution Via Basic Block Signature Verification Milena Milenković, Aleksandar Milenković, and Emil Jovanov Electrical.
Memory Management.
Memory COMPUTER ARCHITECTURE
Chapter 8: Main Memory.
CS161 – Design and Architecture of Computer
Chapter 1: Introduction
Overview Introduction General Register Organization Stack Organization
Morgan Kaufmann Publishers
Chapter 8: Main Memory.
OS Virtualization.
User-mode Secret Protection (SP) architecture
Introduction to Computer Systems
Translation Buffers (TLB’s)
Translation Buffers (TLBs)
Presentation transcript:

Creating Security using Software and Hardware Bradley Herrup CS297- Security and Programming Languages

XOM Architecture Execute-Only Memory Creating a Secure Execution Environment Uses Public-Key Cryptology Framework Do not Secure the entire program just the secure parts

An Abstract XOM Machine Has Four Distinct Premises A Scheme to decrypt symmetric keys using private-public keys The Symmetric key act as Session keys Facilities for real-time decryption Instructions for entering and exiting XOM modes Including Interrupts Tagging Systems

Implementing XOM Using a Virtual Machine Possible to implement XOM on a Virtual Machine In either software or hardware So can be run internally on a typical CPU Uses a monitor to maintain assurance

Full XOM Machine enter_xom and exit_xom Must also implement a method of secure_store and secure_load (also referred to as restore_secure) Use of MAC to assure secure transference

Security Issues with XOM Spoofing Attacks Solved using MAC Execution is halted if MAC does not match Splicing Attacks Replacing ciphertext with other valid ciphertext our of sequence MAC includes a destination and location variable Replay attacks Can cause unintentional interrupts which would allow access to area outside XOM

Performance Implications Memory delay of about 100 cycles Memory latency is the greatest delay Using more specialized hardware to decrease the speed elsewhere to compensate for memory latency Leads into SAFE-OPS

SAFE-OPS Software/Architecture Framework for the Efficient Operation of Protected Software Want to be able to create tamperproof, secure and reliable software Can be accomplished by utilizing not only software tactics but also hardware secure designs Face the problems that become addressed in a smaller environment that is not

Hardware Security Smart Cards Tamper Resistant Packaging Secure Coprocessing

Software Security Copyright/ watermarking and stegonography Obfuscation Code and Checksums Proof-carrying code Custom OS Smaller footprints for Embedded Systems

SAFE-OPS Approach Solve the security problem by using optimization techniques Fine-tune code Compiler assistance in helping Give the user the choice as to where to put portions of security On the software side or the hardware However, Secure hardware increases the assurance of the software

Using FPGAS Field Programmable Gate Array Programmable Logic Chip Can be used and instantiated to perform various functions Must be a level of trust insured in the security of the FPGA Can be updated and reconfigured on a whim to move with the ever changing tie of security

Examples of Choice Register Streaming FPGA watches instruction stream and uses said stream to create a key Decryption of sequence created by compiler representing the instruction sequence If both code and key match continue to execute the instructions

FPGA-Instruction Based Caching Use FPGA to reduce operating times as secondary Cache Secondary L2 Cache Secure Block cache Secure Register Sequence Buffer

Discussion

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.