Contrasting characteristics and cache performance of technical and multi-user commercial workloads
ASPLOS VI Proceedings of the sixth international conference on Architectural support for programming languages and operating systems
Architectural support for fast symmetric-key cryptography
ASPLOS IX Proceedings of the ninth international conference on Architectural support for programming languages and operating systems
ATS '00 Proceedings of the 9th Asian Test Symposium
Hardware Support for Tamper-Resistant and Copy-Resistant Software
Hardware Support for Tamper-Resistant and Copy-Resistant Software
Mondrix: memory isolation for linux using mondriaan memory protection
Proceedings of the twentieth ACM symposium on Operating systems principles
Nexus: a new operating system for trustworthy computing
Proceedings of the twentieth ACM symposium on Operating systems principles
Tamper-proofing basis path by using oblivious hashing on Java
ACM SIGPLAN Notices
A Framework for Trustworthy Service-Oriented Computing (Short Paper)
ICISS '08 Proceedings of the 4th International Conference on Information Systems Security
A session key caching and prefetching scheme for secure communication in cluster systems
Journal of Parallel and Distributed Computing
Embedded software security through key-based control flow obfuscation
InfoSecHiComNet'11 Proceedings of the First international conference on Security aspects in information technology
An operating system design for the security architecture for microprocessors
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
A new encryption and hashing scheme for the security architecture for microprocessors
CMS'06 Proceedings of the 10th IFIP TC-6 TC-11 international conference on Communications and Multimedia Security
Inspection resistant memory: architectural support for security from physical examination
Proceedings of the 39th Annual International Symposium on Computer Architecture
Improving virtualization security by splitting hypervisor into smaller components
DBSec'12 Proceedings of the 26th Annual IFIP WG 11.3 conference on Data and Applications Security and Privacy
Authenticated encryption primitives for size-constrained trusted computing
TRUST'12 Proceedings of the 5th international conference on Trust and Trustworthy Computing
Security challenges in embedded systems
ACM Transactions on Embedded Computing Systems (TECS) - Special section on ESTIMedia'12, LCTES'11, rigorous embedded systems design, and multiprocessor system-on-chip for cyber-physical systems
A fully homomorphic crypto-processor design: correctness of a secret computer
ESSoS'13 Proceedings of the 5th international conference on Engineering Secure Software and Systems
Security Verification of Hardware-enabled Attestation Protocols
MICROW '12 Proceedings of the 2012 45th Annual IEEE/ACM International Symposium on Microarchitecture Workshops
A survey of security issues in hardware virtualization
ACM Computing Surveys (CSUR)
OASIS: on achieving a sanctuary for integrity and secrecy on untrusted platforms
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Hi-index | 0.00 |
Although there have been attempts to develop code transformations that yield tamper-resistant software, no reliable software-only methods are known. This paper studies the hardware implementation of a form of execute-only memory (XOM) that allows instructions stored in memory to be executed but not otherwise manipulated. To support XOM code we use a machine that supports internal compartments---a process in one compartment cannot read data from another compartment. All data that leaves the machine is encrypted, since we assume external memory is not secure. The design of this machine poses some interesting trade-offs between security, efficiency, and flexibility. We explore some of the potential security issues as one pushes the machine to become more efficient and flexible. Although security carries a performance penalty, our analysis indicates that it is possible to create a normal multi-tasking machine where nearly all applications can be run in XOM mode. While a virtual XOM machine is possible, the underlying hardware needs to support a unique private key, private memory, and traps on cache misses. For efficient operation, hardware assist to provide fast symmetric ciphers is also required.