82,116 research outputs found
Practical Fine-grained Privilege Separation in Multithreaded Applications
An inherent security limitation with the classic multithreaded programming
model is that all the threads share the same address space and, therefore, are
implicitly assumed to be mutually trusted. This assumption, however, does not
take into consideration of many modern multithreaded applications that involve
multiple principals which do not fully trust each other. It remains challenging
to retrofit the classic multithreaded programming model so that the security
and privilege separation in multi-principal applications can be resolved.
This paper proposes ARBITER, a run-time system and a set of security
primitives, aimed at fine-grained and data-centric privilege separation in
multithreaded applications. While enforcing effective isolation among
principals, ARBITER still allows flexible sharing and communication between
threads so that the multithreaded programming paradigm can be preserved. To
realize controlled sharing in a fine-grained manner, we created a novel
abstraction named ARBITER Secure Memory Segment (ASMS) and corresponding OS
support. Programmers express security policies by labeling data and principals
via ARBITER's API following a unified model. We ported a widely-used, in-memory
database application (memcached) to ARBITER system, changing only around 100
LOC. Experiments indicate that only an average runtime overhead of 5.6% is
induced to this security enhanced version of application
Decentralized trust in the inter-domain routing infrastructure
Inter-domain routing security is of critical importance to the Internet since it prevents unwanted traffic redirections. The current system is based on a Public Key Infrastructure (PKI), a centralized repository of digital certificates. However, the inherent centralization of such design creates tensions between its participants and hinders its deployment. In addition, some technical drawbacks of PKIs delay widespread adoption. In this paper we present IPchain, a blockchain to store the allocations and delegations of IP addresses. IPchain leverages blockchains' properties to decentralize trust among its participants, with the final goal of providing flexible trust models that adapt better to the ever-changing geopolitical landscape. Moreover, we argue that Proof of Stake is a suitable consensus algorithm for IPchain due to the unique incentive structure of this use-case, and that blockchains offer relevant technical advantages when compared to existing systems, such as simplified management. In order to show its feasibility and suitability, we have implemented and evaluated IPchain's performance and scalability storing around 350k IP prefixes in a 2.5 GB chain.Peer ReviewedPostprint (published version
On Secure Workflow Decentralisation on the Internet
Decentralised workflow management systems are a new research area, where most
work to-date has focused on the system's overall architecture. As little
attention has been given to the security aspects in such systems, we follow a
security driven approach, and consider, from the perspective of available
security building blocks, how security can be implemented and what new
opportunities are presented when empowering the decentralised environment with
modern distributed security protocols. Our research is motivated by a more
general question of how to combine the positive enablers that email exchange
enjoys, with the general benefits of workflow systems, and more specifically
with the benefits that can be introduced in a decentralised environment. This
aims to equip email users with a set of tools to manage the semantics of a
message exchange, contents, participants and their roles in the exchange in an
environment that provides inherent assurances of security and privacy. This
work is based on a survey of contemporary distributed security protocols, and
considers how these protocols could be used in implementing a distributed
workflow management system with decentralised control . We review a set of
these protocols, focusing on the required message sequences in reviewing the
protocols, and discuss how these security protocols provide the foundations for
implementing core control-flow, data, and resource patterns in a distributed
workflow environment
- …