A cryptographic file system for UNIX
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
A pump for rapid, reliable, secure communication
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
An entropy conservation law for testing the completeness of covert channel analysis
CCS '94 Proceedings of the 2nd ACM Conference on Computer and communications security
Disco: running commodity operating systems on scalable multiprocessors
ACM Transactions on Computer Systems (TOCS)
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Cellular Disco: resource management using virtual clusters on shared-memory multiprocessors
Proceedings of the seventeenth ACM symposium on Operating systems principles
Shared resource matrix methodology: an approach to identifying storage and timing channels
ACM Transactions on Computer Systems (TOCS)
Certification of programs for secure information flow
Communications of the ACM
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
Terra: a virtual machine-based platform for trusted computing
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Memory resource management in VMware ESX server
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
Covert and Side Channels Due to Processor Architecture
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
HOTOS'05 Proceedings of the 10th conference on Hot Topics in Operating Systems - Volume 10
Analyzing integrity protection in the SELinux example policy
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Design and implementation of a TCG-based integrity measurement architecture
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
HOTSEC'08 Proceedings of the 3rd conference on Hot topics in security
Lest we remember: cold boot attacks on encryption keys
SS'08 Proceedings of the 17th conference on Security symposium
Application containers without virtual machines
Proceedings of the 1st ACM workshop on Virtual machine security
Apiary: easy-to-use desktop application fault containment on commodity operating systems
USENIXATC'10 Proceedings of the 2010 USENIX conference on USENIX annual technical conference
Making programs forget: enforcing lifetime for sensitive data
HotOS'13 Proceedings of the 13th USENIX conference on Hot topics in operating systems
Cloud terminal: secure access to sensitive applications from untrusted systems
USENIX ATC'12 Proceedings of the 2012 USENIX conference on Annual Technical Conference
Eternal sunshine of the spotless machine: protecting privacy with ephemeral channels
OSDI'12 Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
Protecting sensitive web content from client-side vulnerabilities with CRYPTONS
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
| Hi-index | 0.00 |
Protecting confidential information is a major concern for organizations and individuals alike, who stand to suffer huge losses if private data falls into the wrong hands. One of the primary threats to confidentiality is malicious software on personal computers, which is estimated to already reside on 100 to 150 million machines. Current security controls, such as firewalls, anti-virus software, and intrusion detection systems, are inadequate at preventing malware infection. This paper introduces Storages Capsules, a new approach for protecting confidential files on a personal computer. Storage Capsules are encrypted file containers that allow a compromised machine to securely view and edit sensitive files without malware being able to steal confidential data. The system achieves this goal by taking a checkpoint of the current system state and disabling device output before allowing access a Storage Capsule. Writes to the Storage Capsule are then sent to a trusted module. When the user is done editing files in the Storage Capsule, the system is restored to its original state and device output resumes normally. Finally, the trusted module declassifies the Storage Capsule by re-encrypting its contents, and exports it for storage in a low-integrity environment. This work presents the design, implementation, and evaluation of Storage Capsules, with a focus on exploring covert channels.