917 research outputs found

    A Hypervisor-Based Bus System for Usage Control

    Get PDF
    Data usage control is concerned with requirements on data after access has been granted. In order to enforce usage control requirements, it is necessary to track the different representations that the data may take (among others, file, window content, network packet). These representations exist at different layers of abstraction. As a consequence, in order to enforce usage control requirements, multiple data flow tracking and usage control enforcement monitors must exist, one at each layer. If a new representation is created at some layer of abstraction, e.g., if a cache file is created for a picture after downloading it with a browser, then the initiating layer (in the example, the browser) must notify the layer at which the new representation is created (in the example, the operating system). We present a bus system for system-wide usage control that, for security and performance reasons, is implemented in a hypervisor. We evaluate its security and performance

    It's TEEtime: A New Architecture Bringing Sovereignty to Smartphones

    Full text link
    Modern smartphones are complex systems in which control over phone resources is exercised by phone manufacturers, OS vendors, and users. These stakeholders have diverse and often competing interests. Barring some exceptions, users entrust their security and privacy to OS vendors (Android and iOS) and need to accept their constraints. Manufacturers protect their firmware and peripherals from the OS by executing in the highest privilege and leveraging dedicated CPUs and TEEs. OS vendors need to trust the highest privileged code deployed by manufacturers. This division of control over the phone is not ideal for OS vendors and is even more disadvantageous for the users. Users are generally limited in what applications they can install on their devices, in the privacy model and trust assumptions of the existing applications, and in the functionalities that applications can have. We propose TEEtime, a new smartphone architecture based on trusted execution allowing to balance the control different stakeholders exert over phones. More leveled control over the phone means that no stakeholder is more privileged than the others. In particular, TEEtime makes users sovereign over their phones: It enables them to install sensitive applications in isolated domains with protected access to selected peripherals alongside an OS. TEEtime achieves this while maintaining compatibility with the existing smartphone ecosystem and without relying on virtualization; it only assumes trust in a phone's firmware. TEEtime is the first TEE architecture that allows isolated execution domains to gain protected and direct access to peripherals. TEEtime is based on Armv8-A and achieves peripheral isolation using a novel mechanism based on memory and interrupt controller protection. We demonstrate the feasibility of our design by implementing a prototype of TEEtime, and by running exemplary sensitive applications

    E-democracy as the frame of networked public discourse : information, consensus and complexity

    Get PDF
    The quest for democracy and the political reflection about its future are to be understood nowadays in the horizon of the networked information revolution. Hence, it seems difficult to speak of democracy without speaking of e-democracy, the key issue of which is the re-configuration of models of information production and concentration of attention, which are to be investigated both from a political and an epistemological standpoint. In this perspective, our paper aims at analyzing the multi-agent dimension of networked public discourse, by envisaging two competing models of structuring this discourse (those of dialogue and of claim) and by suggesting to endorse the epistemic idea of complementarity as a guidance principle for elaborating a form of partnership between traditional and electronic media

    A Taxonomy of Virtualization Security Issues in Cloud Computing Environments

    Get PDF
    Objectives: To identify the main challenges and security issues of virtualization in cloud computing environments. It reviews the alleviation techniques for improving the security of cloud virtualization systems. Methods/ Statistical Analysis: Virtualization is a fundamental technology for cloud computing, and for this reason, any cloud vulnerabilities and threats affect virtualization. In this study, the systematic literature review is performed to find out the vulnerabilities and risks of virtualization in cloud computing and to identify threats, and attacks result from those vulnerabilities. Furthermore, we discover and analyze the effective mitigation techniques that are used to protect, secure, and manage virtualization environments. Findings: Thirty vulnerabilities are identified, explained, and classified into six proposed classes. Furthermore, fifteen main virtualization threats and attacks ar defined according to exploited vulnerabilities in a cloud environment. Application/Improvements: A set of common mitigation solutions are recognized and discovered to alleviate the virtualization security risks. These reviewed techniques are analyzed and evaluated according to five specified security criteria

    Continuous Monitoring in the Cloud Environment

    Get PDF
    The National Institute of Standards and Technology introduced a risk management framework that concludes with a process for continuous monitoring. Continuous monitoring is a way to gain near real-time insight into the security health of an information technology environment. The cloud environment is unique from other environments in the way that resources are virtualized and shared among many cloud tenants. This type of computing has been gaining popularity as a solution for organizations to purchase resources as an on-demand service in the same way that an organization purchases utilities today. In order to experience the benefits promised by the emergence of cloud computing the inherent security challenges in utilizing shared resources must be addressed. The proposed continuous monitoring program, based on recommendations from the National Institute of Standards and Technology Draft Special Publication 800-137 (Dempsey et al., 2010), is intended to address these security concerns. The program specifically addresses continuous monitoring activities for cloud providers to implement related to configuration management, patch and vulnerability management, antivirus/malicious software management, firewall management, and access management. This proposal does not address the shared responsibilities between the cloud tenant and cloud provider which is recommended as the next step in this research. The tenant and provider should have complementary controls and continuous monitoring programs to ensure the security of a cloud solution

    Thin Hypervisor-Based Security Architectures for Embedded Platforms

    Get PDF
    Virtualization has grown increasingly popular, thanks to its benefits of isolation, management, and utilization, supported by hardware advances. It is also receiving attention for its potential to support security, through hypervisor-based services and advanced protections supplied to guests. Today, virtualization is even making inroads in the embedded space, and embedded systems, with their security needs, have already started to benefit from virtualization’s security potential. In this thesis, we investigate the possibilities for thin hypervisor-based security on embedded platforms. In addition to significant background study, we present implementation of a low-footprint, thin hypervisor capable of providing security protections to a single FreeRTOS guest kernel on ARM. Backed by performance test results, our hypervisor provides security to a formerly unsecured kernel with minimal performance overhead, and represents a first step in a greater research effort into the security advantages and possibilities of embedded thin hypervisors. Our results show that thin hypervisors are both possible and beneficial even on limited embedded systems, and sets the stage for more advanced investigations, implementations, and security applications in the future

    Exploring the Integration of Memory Management and Trusted Computing

    Get PDF
    This thesis addresses vulnerabilities in current Trusted Computing architecture by exploring a design for a better Trusted Platform Module (TPM); one that integrates more closely with the CPU\u27s Memory Management Unit (MMU). We establish that software-based attacks on trusted memory can be carried out undetectably by an adversary on current TCG/TPM implementations. We demonstrate that an attacker with sufficient privileges can compromise the integrity of a TPM-protected system by modifying critical loaded code and static data after measurement has taken place. More specifically, these attacks illustrate the Time Of Check vs. Time of Use (TOCTOU) class of attacks. We propose to enhance the MMU, enabling it to detect when memory containing trusted code or data is being maliciously modified at run-time. On detection, it should be able to notify the TPM of these modifications. We seek to use the concepts of selective memory immutability as a security tool to harden the MMU, which will result in a more robust TCG/TPM implementation. To substantiate our ideas for this proposed hardware feature, we designed and implemented a software prototype system, which employs the monitoring capabilities of the Xen virtual machine monitor. We performed a security evaluation of our prototype and validated that it can detect all our software-based TOCTOU attacks. We applied our prototype to verify the integrity of data associated with an application, as well as suggested and implemented ways to prevent unauthorized use of data by associating it with its owner process. Our performance evaluation reveals minimal overhead
    • …
    corecore