Multi-compartment: a new architecture for secure co-hosting on SoC

Authors:
Joël Porquet;Christian Schwarz;Alain Greiner
Affiliations:
LIP6-SoC Laboratory, University of Paris-VI, Paris, France and STMicroelectronics, Advanced System Technology, Rousset, France;STMicroelectronics, Advanced System Technology, Rousset, France;LIP6-SoC Laboratory, University of Paris-VI, Paris, France
Venue:
SOC'09 Proceedings of the 11th international conference on System-on-chip
Year:
2009

Citing 5
Cited 1

Address space sparsity and fine granularity

EW 6 Proceedings of the 6th workshop on ACM SIGOPS European workshop: Matching operating systems to application needs
Mondrian memory protection

Proceedings of the 10th international conference on Architectural support for programming languages and operating systems
Intel Virtualization Technology

Computer
NOC-centric Security of Reconfigurable SoC

NOCS '07 Proceedings of the First International Symposium on Networks-on-Chip
The origin of the VM/370 time-sharing system

IBM Journal of Research and Development

Towards attacks on restricted memory areas through co-processors in embedded multi-OS environments via malicious firmware injection

Proceedings of the First Workshop on Cryptography and Security in Computing Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

Multi-compartment is a flexible, lightweight architecture for embedded systems that allows multiple protection domains (compartments) to securely share processing, memory and other system resources. Compartments run in physical address space and enjoy direct access to security-critical initiator devices, such as DMA devices, while remaining protected from one another.