Presentation is loading. Please wait.

Presentation is loading. Please wait.

Hardware, Languages, and Architectures for Defense Against Hostile Operating Systems (DHOSA) Vikram Adve, Krste Asanović, David Evans, Sam King, Greg Morrisett,

Published byEmma Parks Modified over 9 years ago

Similar presentations

Presentation on theme: "Hardware, Languages, and Architectures for Defense Against Hostile Operating Systems (DHOSA) Vikram Adve, Krste Asanović, David Evans, Sam King, Greg Morrisett,"— Presentation transcript:

1 Hardware, Languages, and Architectures for Defense Against Hostile Operating Systems (DHOSA) Vikram Adve, Krste Asanović, David Evans, Sam King, Greg Morrisett, R. Sekar, Dawn Song, David Wagner (PI) http://www.dhosa.org/

2 Vikram Adve (UIUC) Krste Asanović (UC Berkeley) David Evans (U Virginia) Sam King (UIUC) Greg Morrisett (Harvard) R. Sekar (Stony Brook) Dawn Song (UC Berkeley) David Wagner (UC Berkeley)

3 Overview Conventional wisdom: If the OS is malicious or subverted, you are hosed. This project: Actually, maybe there is hope… Project goal: Explore new approaches to defend against a malicious OS.

4 Problem Statement Defend against a compromised, hostile, or malicious operating system. Today: If the OS is malicious, all is lost. Desired end state: We can survive a malicious OS, perhaps with degraded functionality or availability.

5 Exploring New Territory This is exploratory research. (Not an engineering project.) We are exploring many approaches to the problem. We do not know which will prove most effective. Some may fail. We hope some of our ideas will have applications to other security problems outside of the hostile OS problem.

6 TRANSFORMATION HARDWARE SYSTEM ARCHITECTURES SVA Binary translation and emulation Formal methods Hardware support for isolation Dealing with malicious hardware Cryptographic secure computation Data-centric security Secure browser appliance Secure servers WEB-BASED ARCHITECTURES e.g., Enforce properties on a malicious OS e.g., Prevent data exfiltration e.g., Enable complex distributed systems, with resilience to hostile OS’s

7 Agenda 8:30- 9:00Welcome + Overview 9:00- 9:30Secure Virtual Architecture 9:30- 9:50Binary translation 9:50-10:20Formal methods 10:20-10:35Testing binary emulators 10:50-11:10Hardware support 11:10-11:25Defenses against malicious hardware 11:25-11:40Cryptographic secure computation 11:40-12:20Lunch 12:20-12:50Data-centric security 12:50- 1:20Secure web-based architecture 1:20- 1:45Discussion and feedback

Download ppt "Hardware, Languages, and Architectures for Defense Against Hostile Operating Systems (DHOSA) Vikram Adve, Krste Asanović, David Evans, Sam King, Greg Morrisett,"

Similar presentations

An Overview Of Virtual Machine Architectures Ross Rosemark.

An Overview Of Virtual Machine Architectures Ross Rosemark.
Unmodified Device Driver Reuse and Improved System Dependability via Virtual Machines J. LeVasseur V. Uhlig J. Stoess S. G¨otz University of Karlsruhe,

Unmodified Device Driver Reuse and Improved System Dependability via Virtual Machines J. LeVasseur V. Uhlig J. Stoess S. G¨otz University of Karlsruhe,
Rohit Kugaonkar CMSC 601 Spring 2011 May 9 th 2011

Rohit Kugaonkar CMSC 601 Spring 2011 May 9 th 2011
Vulnerability, Attack, Defense Split Tunneling Cross-Site Request Forgery And You Mary Henthorn OIT Senior Technology Analyst February 8, 2007.

Vulnerability, Attack, Defense Split Tunneling Cross-Site Request Forgery And You Mary Henthorn OIT Senior Technology Analyst February 8, 2007.
School of Engineering & Technology Computer Architecture Pipeline.

School of Engineering & Technology Computer Architecture Pipeline.
1 Hardware Support for Isolation Krste Asanovic U.C. Berkeley MURI “DHOSA” Site Visit April 28, 2011.

1 Hardware Support for Isolation Krste Asanovic U.C. Berkeley MURI “DHOSA” Site Visit April 28, 2011.
Trusted Ring: A Security Enhancing Software Architecture Michael DiRossi, Inventor The Johns Hopkins University Applied Physics Laboratory.

Trusted Ring: A Security Enhancing Software Architecture Michael DiRossi, Inventor The Johns Hopkins University Applied Physics Laboratory.
Cloakware Corporation, 260 Hearst Way, Suite 311, Kanata, Ontario, Canada K2L 3H1 Spencer Cheng Trusting DRM Software Presentation.

Cloakware Corporation, 260 Hearst Way, Suite 311, Kanata, Ontario, Canada K2L 3H1 Spencer Cheng Trusting DRM Software Presentation.
#1 The Conventional Wisdom About Sensor Network Security… David Wagner U.C. Berkeley.

#1 The Conventional Wisdom About Sensor Network Security… David Wagner U.C. Berkeley.
Chap 1: Overview Concepts of CIA: confidentiality, integrity, and availability Confidentiality: concealment of information –The need arises from sensitive.

Chap 1: Overview Concepts of CIA: confidentiality, integrity, and availability Confidentiality: concealment of information –The need arises from sensitive.
Data-Centric Security Dawn Song UC Berkeley Collaboration with Lorenzo Martignoni, Stephen McCamant, Pongsin Poosankam, Matei Zaharia, Scott Shenker, Ion.

Data-Centric Security Dawn Song UC Berkeley Collaboration with Lorenzo Martignoni, Stephen McCamant, Pongsin Poosankam, Matei Zaharia, Scott Shenker, Ion.
Secure web browsers, malicious hardware, and hardware support for binary translation Sam King.

Secure web browsers, malicious hardware, and hardware support for binary translation Sam King.
SCRUB: Secure Computing Research for Users’ Benefit David Wagner 1.

SCRUB: Secure Computing Research for Users’ Benefit David Wagner 1.
Anthony D. Joseph UC Berkeley SCRUB ISTC: Secure Computing Research for Users’ Benefit TRUST Autumn 2011 Conference.

Anthony D. Joseph UC Berkeley SCRUB ISTC: Secure Computing Research for Users’ Benefit TRUST Autumn 2011 Conference.
Malicious Attacks By: Albert, Alex, Andon, Ben, Robert.

Malicious Attacks By: Albert, Alex, Andon, Ben, Robert.
Security for ad-hoc networks: Cryptography and beyond David Wagner U.C. Berkeley.

Security for ad-hoc networks: Cryptography and beyond David Wagner U.C. Berkeley.
1 Next-Generation Secure Internet: Security Overview and Context Adrian Perrig in collaboration with Steven Bellovin, David Clark, Dawn Song.

1 Next-Generation Secure Internet: Security Overview and Context Adrian Perrig in collaboration with Steven Bellovin, David Clark, Dawn Song.
TRANSFORMATION HARDWARE SYSTEM ARCHITECTURES SVA Binary translation and emulation Formal methods Hardware support for isolation Dealing with malicious.

TRANSFORMATION HARDWARE SYSTEM ARCHITECTURES SVA Binary translation and emulation Formal methods Hardware support for isolation Dealing with malicious.
Software Security David Wagner University of California at Berkeley.

Software Security David Wagner University of California at Berkeley.
Instrumentation and Profiling David Kaeli Department of Electrical and Computer Engineering Northeastern University Boston, MA

Instrumentation and Profiling David Kaeli Department of Electrical and Computer Engineering Northeastern University Boston, MA

Similar presentations

Ads by Google