We gratefully acknowledge support from
the Simons Foundation and member institutions.
Full-text links:

Download:

Current browse context:

cs.CR

Change to browse by:

cs

References & Citations

DBLP - CS Bibliography

Bookmark

(what is this?)
CiteULike logo BibSonomy logo Mendeley logo del.icio.us logo Digg logo Reddit logo ScienceWISE logo

Computer Science > Cryptography and Security

Title: Synergia: Hardening High-Assurance Security Systems with Confidential and Trusted Computing

Abstract: High-assurance security systems require strong isolation from the untrusted world to protect the security-sensitive or privacy-sensitive data they process. Existing regulations impose that such systems must execute in a trustworthy operating system (OS) to ensure they are not collocated with untrusted software that might negatively impact their availability or security. However, the existing techniques to attest to the OS integrity fall short due to the cuckoo attack. In this paper, we first show a novel defense mechanism against the cuckoo attack, and we formally prove it. Then, we implement it as part of an integrity monitoring and enforcement framework that attests to the trustworthiness of the OS from 3.7x to 8.5x faster than the existing integrity monitoring systems. We demonstrate its practicality by protecting the execution of a real-world eHealth application, performing micro and macro-benchmarks, and assessing the security risk.
Subjects: Cryptography and Security (cs.CR)
Journal reference: Proceedings of the 37th ACM/SIGAPP Symposium on Applied Computing, SAC 2022
DOI: 10.1145/3477314.3506961
Cite as: arXiv:2205.06091 [cs.CR]
  (or arXiv:2205.06091v1 [cs.CR] for this version)

Submission history

From: Wojciech Ozga [view email]
[v1] Thu, 12 May 2022 13:56:49 GMT (800kb,D)

Link back to: arXiv, form interface, contact.