1 |
Attack and Defense with Hardware-Aided SecurityZhang, Ning 26 August 2016 (has links)
Riding on recent advances in computing and networking, our society is now experiencing the evolution into the age of information. While the development of these technologies brings great value to our daily life, the lucrative reward from cyber-crimes has also attracted criminals. As computing continues to play an increasing role in the society, security has become a pressing issue. Failures in computing systems could result in loss of infrastructure or human life, as demonstrated in both academic research and production environment. With the continuing widespread of malicious software and new vulnerabilities revealing every day, protecting the heterogeneous computing systems across the Internet has become a daunting task. Our approach to this challenge consists of two directions. The first direction aims to gain a better understanding of the inner working of both attacks and defenses in the cyber environment. Meanwhile, our other direction is designing secure systems in adversarial environment. / Ph. D.
|
2 |
TLS Library for Isolated Enclaves : Optimizing the performance of TLS libraries for SGXLi, Jiatong January 2019 (has links)
Nowadays cloud computing systems handle large amounts of data and process this data across different systems. It is essential to considering data security vulnerabilities and data protection. One means of decreasing security vulnerabilities is to partition the code into distinct modules and then isolate the execution of the code together with its data. Intel’s Software Guard Extension (SGX) provides security critical code isolation in an enclave. By isolating the code’s execution from an untrusted zone (an unprotected user platform), code integrity and confidentiality are ensured. Transport Layer Security (TLS) is responsible for providing integrity and confidentiality for communication between two entities. Several TLS libraries support cryptographic functions both for an untrusted zone and an enclave. Different TLS libraries have different performance when used with Intel’s SGX. It is desirable to use the best performance TLS library for specific cryptographic functions. This thesis describes a performance evaluation several popular TLS libraries performance on Intel SGX. Using the evaluation results and combining several different TLS libraries together, the thesis proposes a new solution to improve the performance of TLS libraries on Intel SGX. The performance is best when invoking the best specific TLS library based upon the data size – as there is a crossover in performance between the two best libraries. This solution also maintains the versatility of the existing cryptographic functions. / Numera hanterar molnberäkningssystem stora mängder data och bearbetar dessa data över olika system. Det är viktigt att ta itu med datasäkerhetsproblem och dataskydd. Ett sätt att minska säkerhetsproblem är att partitionera koden i olika moduler och sedan isolera kodens exekvering tillsammans med dess data. Intel’s Software Guard Extension (SGX) tillhandahåller säkerhetskritisk kodisolering i en enklav. Genom att isolera kodens körning från en otillförlitlig zon (en oskyddad användarplattform) säkerställs kodintegritet och sekretess. Transport Layer Security (TLS) ansvarar för att ge integritet och konfidentialitet för kommunikation mellan två enheter. Flera TLS-bibliotek stödjer kryptografiska funktioner både för en osäker zon och en enklav. Olika TLS-bibliotek har olika prestanda när de används med Intel’s SGX. Det är önskvärt att använda TLS-bibliotekets bästa prestanda för specifika kryptografiska funktioner. Denna avhandling beskriver en prestationsutvärdering av flera populära TLS-bibliotekens prestanda på Intel SGX. Genom att använda utvärderingsresultaten och kombinera flera olika TLS-bibliotek tillsammans, presenterar avhandlingen en ny design och lösning för att förbättra prestanda för TLS-bibliotek på Intel SGX. Den resulterande prestanda åberopar TLS-bibliotekets bästa prestanda inom en viss datastorlek samtidigt som krypteringsfunktionerna är mångsidiga.
|
3 |
Cloud execution environment for real-time media applicationsKämpe, Eddie January 2015 (has links)
Smartphones and other Internet of Things devices have become a rapidly growing topic. Along with the growth comes new technologies, likeWeb Real- Time Communication (WebRTC), that enables richer services to be built for the devices. These kind of services are typically consumed on-demand, in shorter periods at a time. Likewise have cloud computing exploded in popularity during the last years. Cloud computing offers compelling advantages, such as rapid elasticity and on-demand usage, that allow servers' resource utilization to be more effcient. The flexibility of allocating and releasing resources swiftly as they are required, enables services that run in the cloud to adopt to ephemeral workloads. The research in this thesis targets a real-time video streaming service that is based on WebRTC. Incoming streams are handled by Multipoint Control Units (MCUs) that have the responsibility to redistribute the incoming streams to the consumers. Scaling horizontally aligns well with the idea of cloud computing. The work in this thesis is based on the extreme case where each of the incoming streams are handled by a separate MCU. The thesis presents the process of finding a exible Cloud Execution Environment (CEE) for the streaming service. The process includes an analysis of the streaming service's requirements, an evaluation of existing solutions, and an implementation. Moreover, the thesis includes a discussion about the capabilities of the implemented system. The result of the thesis is a CEE upon which the streaming service can be deployed and managed. The developed CEE allows any workload that is encapsulated within a Docker container to be orchestrated, not exclusively the streaming service, which makes the implementation viable to other cloud computing projects. / Användandet av smartphones och andra "Internet of Things"-enheter ökar snabbt. I takt med ökningen, så släpps nya tekniker som möjliggör utveckling av mer avancerade tjänster. Ett exampel är Web Real-Time Communication (WebRTC). Den här typen av tjänster konsumeras oftast sporadiskt under kortare tidsintervall. även cloud computing har drastiskt ökat i popularitet under de senaste åren. Hög elasticitet samt möjligheten att allokera datorresurser på begäran har medfört att utnyttjandegraden av datorers kapacitet kan höjas. Flexibiliteten att snabbt kunna allokera och frigöra resurser möjliggör att tjänster kan utvecklas för att utnyttja upp- och nerskalningsm öjligheterna bättre, även för kortvariga lastökningar. Forskningen i rapporten riktar in sig på ett system för videoströmning mellan användare i realtid baserat påa WebRTC. Inkommande strömmar hanteras av Multipoint Control Units (MCUs), som har som uppgift att vidaredistribuera strömmarna till andra användare som vill spela upp strömmen. Horisontell skalning och cloud computing har mycket gemensamt. Det underliggande arbetet till den här rapporten fokuserar på ett extremfall, där varje inkommande videoström hanteras av en enskild MCU. Den här uppsatsen presenterar den process som användes för att ta fram en lämplig molnlösning för strömningssystemet. Processen beståar av en kravanalys av strömningssystemet, en jämförelse av befintliga lösningar samt en implementation av en molnlösning. Slutligen så innehåller uppsatsen en utvärdering av implementationen. Resultatet av uppsatsen är en molnlösning som videoströmningssystemet kan driftsättas och köras på. Molnlösningen är inte begränsad till videoströmningssystemet utan klarar av att hantera alla applikationer som paketerats inuti Docker-kapslar. Molnlösningen är så pass generell att den kan användas till andra projekt inom cloud computing.
|
4 |
Enclave Host Interface for SecuritySinha, Anmol January 2022 (has links)
Secure enclave technology has during the last decade emerged as an important hardware security primitive in server computer cores, and increasingly also in chips intended for consumer devices like mobile phones and PCs. The Linux Confidential Compute Consortium has taken a leading role in defining the host APIs for enclave access (e.g. OpenEnclave APIs). Earlier solutions for security isolation in mobile phones relied on so called Trusted Execution Environments, which are similar in hardware isolation, but serve primarily OEM device security use-cases, and the environments are access controlled by remote trust roots (code signatures). This thesis examines the security requirements for enclaves, visible through APIs and SDKs. An augmented IDE / SDK interface that accounts for security, including legacy considerations present with TEEs is also proposed. This thesis also attempts to improve developer experience related to development of trusted application by providing a tight integration with IDE and an expressive way to select methods which can be carved out of an existing rust application into a seperate trusted application. Furthermore, this thesis also discusses some common pitfalls while developing code for trusted applications and attempts to mitigate several of the discussed risks. The work plan includes a background study on existing TEE and enclave SDKs, a novel SDK augmentation that accounts for the features listed above, and a prototype implementation that highlights the enclave security needs beyond mere isolated execution. An IDE plugin is also implemented, that exemplifies how software engineers (with potentially limited security knowledge) can implement a trusted application service with enclave support such that the end result (enclave code) will run without information leakage or interface security problems. / Säker enklavteknologi har under S senaste decenniet framstått som en viktig hårdvarusäkerhets primitiv i serverdatorkärnor och i allt högre grad även i chips avsedda för konsumentenheter som mobiltelefoner och datorer. Linux Confidential Compute Consortium har tagit en ledande roll i att definiera värdAPI:erna för enklavåtkomst (t.ex. OpenEnclave APIs). Tidigare lösningar för säkerhetsisolering i mobiltelefoner förlitade sig på så kallade Trusted Execution Environments, som liknar hårdvaruisolering, men som i första hand tjänar OEMenhetssäkerhetsanvändning, och miljöerna är åtkomstkontrollerade av fjärrstyrda förtroenderötter (kodsignaturer). Denna avhandling undersöker säkerhetskraven för enklaver, synliga genom API:er och SDK:er. Ett utökat IDE/SDK-gränssnitt som står för säkerhet, inklusive äldre överväganden som finns med TEE, föreslås också. Detta examensarbete försöker också förbättra utvecklarupplevelsen relaterad till utveckling av betrodda applikationer genom att tillhandahålla en tät integration med IDE och ett uttrycksfullt sätt att välja metoder som kan skäras ut ur en befintlig rostapplikation till en separat betrodd applikation. Dessutom diskuterar denna avhandling också några vanliga fallgropar samtidigt som man utvecklar kod för betrodda applikationer och försöker mildra flera av de diskuterade riskerna. Arbetsplanen inkluderar en bakgrundsstudie av befintliga TEE- och enklav-SDK:er, en ny SDK-förstärkning som står för funktionerna som anges ovan, och en prototypimplementering som belyser enklavens säkerhetsbehov utöver enbart isolerad exekvering. En IDE-plugin är också implementerad, som exemplifierar hur mjukvaruingenjörer (med potentiellt begränsad säkerhetskunskap) kan implementera en betrodd applikationstjänst med enklavstöd så att slutresultatet (enklavkoden) kommer att köras utan informationsläckage eller gränssnittssäkerhetsproblem.
|
5 |
Trusted Execution Environment deployment through cloud Virtualization : Aproject on scalable deployment of virtual machines / Implementering av Trusted Execution Environment genom Cloud Virtualization : Ett projekt om skalbar distribution av virtuella maskinerStaboli, Luca January 2022 (has links)
In the context of cloud computing, Trusted Execution Environments (TEE) are isolated areas of application software that can be executed with better security, building a trusted and secure environment that is detached from the rest of the memory. Trusted Execution Environment is a technology that become available only in the last few years, and it is not widespread yet. This thesis investigates the most popular approaches to build a TEE, namely the process-based and the virtualization-based, and will abstract them as much as possible to design a common infrastructure that can deploy TEEs on an external cloud provider, no matter which technology approach is used. The thesis is relevant and novel because the project will give the possibility to use different technologies for the deployment, such as Intel SGX and AMD SEV, which are the two main solutions, but without being reliant on any particular one. If in the future new technologies or vendors’ solutions will become popular, they can be simply added to the list of options. The same can be said for the cloud provider choice. The results show that it is possible to abstract the common features of different TEE’s technologies and to use a unique Application Programming Interface (API) to deploy different TEE´s technologies. We will also ran a performance and quality evaluation, and the results show that the API is performant and respect the common standard quality. This tool is useful for the problem owner and future works on the topic of cloud security. / I samband med cloud computing är Trusted Execution Environments (TEE) isolerade områden av applikationsprogramvara som kan köras med bättre säkerhet, bygga en pålitlig och säker miljö som är frikopplad från resten av minnet. Trusted Execution Environment är en teknik som blivit tillgänglig först under de senaste åren, och den är inte utbredd ännu. Denna avhandling undersöker de mest populära metoderna för att bygga en TEE, nämligen den processbaserade och den virtualiseringsbaserade, och kommer att abstrahera dem så mycket som möjligt för att designa en gemensam infrastruktur som kan distribuera TEEs på en extern molnleverantör, oavsett vilken teknik tillvägagångssätt används. Avhandlingen är relevant och ny eftersom projektet kommer att ge möjligheten att använda olika teknologier för implementeringen, såsom Intel SGX och AMD SEV, som är de två huvudlösningarna, men utan att vara beroende av någon speciell. Om i framtiden nya teknologier eller leverantörers lösningar kommer att bli populära kan de helt enkelt läggas till i listan över alternativ. Detsamma kan sägas om valet av molnleverantör. Resultaten visar att det är möjligt att abstrahera de gemensamma egenskaperna hos olika TEE:s teknologier och att använda ett unikt Application Programming Interface (API) för att distribuera olika TEE:s teknologier. Vi kommer också att göra en prestanda- och kvalitetsutvärdering, och resultaten visar att API:et är prestanda och respekterar den gemensamma standardkvaliteten. Det här verktyget är användbart för problemägaren och framtida arbeten på ämnet molnsäkerhet.
|
6 |
Using ARM TrustZone for Secure Resource Monitoring of IoT Devices Running Contiki-NG / Använda ARM TrustZone för säker resursövervakning av IoT-enheter som kör Contiki-NGGeorgiou, Nikolaos January 2023 (has links)
The rapid development of Internet of Things (IoT) devices has brought unparalleled convenience and efficiency to our daily lives. However, with this exponential growth comes the pressing need to address the critical security challenges posed by these interconnected devices. IoT devices are typically resource-constrained, lacking the robust computing power and memory capacity of traditional computing systems, which often leads to a lack of adequate security mechanisms and leaves them vulnerable to various attacks. This master’s thesis contributes by investigating a secure mechanism that utilizes the hardware isolation provided by the TrustZone technology found in ARM’s Cortex-M processors. TrustZone is a hardware-based security extension in ARM processors that enables a secure, isolated environment for executing sensitive code alongside a regular, non-secure operating system. This thesis uses this mechanism and implements a Trusted Execution Environment (TEE) in the secure environment of TrustZone that monitors the resource usage of applications running in the non-secure operating system. The aim of the TEE is to monitor the network communication and the CPU usage of the applications running on the IoT device, protecting its integrity and detecting any abnormal behavior. The implementation is done inside the Contiki-NG operating system, a well-known operating system designed for constrained IoT devices. The thesis conducts a comprehensive evaluation of the developed security solution through extensive experiments using two micro-benchmarks. It analyzes the impact of the security mechanism on various aspects of the IoT device, such as runtime overhead, energy consumption, and memory requirements, while taking into account the resource constraints. Furthermore, the effectiveness of the security solution in identifying malicious activities and abnormal behaviors is thoroughly assessed. The findings demonstrate that the TrustZone-based security mechanism introduces relatively minimal overhead to the device’s operation, making it a viable option for IoT devices that can accommodate such slight performance impacts. The research sheds light on the critical issue of IoT device security, emphasizing the need for tailored solutions that consider the resource constraints of these devices. It presents an alternative solution that utilizes TrustZone’s hardware isolation to effectively monitor the applications running in IoT devices and opens a new approach to securing such kinds of devices. / Den snabba utvecklingen av Internet of Things (IoT)-enheter har gett oöverträffad bekvämlighet och effektivitet i våra dagliga liv. Men med denna exponentiella tillväxt kommer det trängande behovet att ta itu med de kritiska säkerhetsutmaningarna som dessa sammankopplade enheter utgör. IoT-enheter är vanligtvis resursbegränsade och saknar den robusta datorkraften och minneskapaciteten hos traditionella datorsystem, vilket ofta leder till brist på adekvata säkerhetsmekanismer och gör dem sårbara för olika attacker. Denna rapport bidrar genom att undersöka en säker mekanism som använder hårdvaruisoleringen som tillhandahålls av TrustZone-teknologin som finns i ARMs Cortex-M-processorer. TrustZone är ett hårdvarubaserad säkerhetstillägg i ARM-processorer som möjliggör en säker, isolerad miljö för exekvering av känslig kod tillsammans med ett vanligt, osäkrat operativsystem. Denna rapport använder denna mekanism och implementerar ett Trusted Execution Environment (TEE) i den säkra miljön i TrustZone som övervakar resursanvändningen av applikationer som körs i det osäkra operativsystemet. Syftet med TEE är att övervaka nätverkskommunikationen och CPU-användningen för de applikationer som körs på IoT-enheten, skydda dess integritet och upptäcka eventuellt onormalt beteende. Implementeringen görs i operativsystemet Contiki-NG, ett välkänt operativsystem designat för begränsade IoT-enheter. Rapporten genomför en omfattande utvärdering av den utvecklade säkerhetslösningen genom omfattande experiment med två mikroriktmärken. Den analyserar effekten av säkerhetsmekanismen på olika aspekter av IoTenheten, såsom overhead under drift, energiförbrukning och minneskrav, samtidigt som resursbegränsningarna tas i beaktande. Dessutom utvärderas effektiviteten grundligt hos säkerhetslösningen för att identifiera skadliga aktiviteter och onormala beteenden. Resultaten visar att den TrustZonebaserade säkerhetsmekanismen introducerar relativt minimal overhead för enhetens drift, vilket gör det till ett genomförbart alternativ för IoT-enheter som kan hantera en liten prestandapåverkan. Forskningen belyser den kritiska frågan om IoT-enhetssäkerhet och betonar behovet av skräddarsydda lösningar som tar hänsyn till dessa enheters resursbegränsningar. Den presenterar en alternativ lösning som använder TrustZones hårdvaruisolering för att effektivt övervaka applikationer som körs i IoT-enheter och öppnar ett nytt tillvägagångssätt för att säkra sådana typer av enheter.
|
7 |
Anahy-DVM: um módulo para escalonamento distribuído / Anahy-DVM: a module for distributed schedulingCardozo Junior, Marcelo Augusto 14 March 2006 (has links)
Made available in DSpace on 2015-03-05T13:56:58Z (GMT). No. of bitstreams: 0
Previous issue date: 14 / Hewlett-Packard Brasil Ltda / Atualmente o uso de aglomerados de computadores para fins de alto desempenho tem aumentado. Contudo, a programação desse tipo de arquitetura não é trivial. Pois,além de desenvolver a aplicação, detectar e explicitar a concorrência nela existente, o programador também é responsável por implementar o escalonamento de sua aplicação para
efetivamente usar o paralelismo dos aglomerados. Existem ferramentas que se propõem a solucionar esses problemas; a ferramenta de programação Anahy é uma destas.
Este trabalho se propõe a implementar um módulo para Anahy com fins de provêla de suporte à execução em ambientes dotados de memória distribuída. Para isso seu núcleo executivo foi estendido para que se possa ter acesso as estruturas de dados imprescindíveis à distribuição da carga computacional. Também será necessário desenvolver um
mecanismo de comunicação entre os nós do aglomerado para que estes troquem as informações necessárias para o andamento da computação. Por fim, o módulo desenvolvido
é avaliado através do / Lately, the usage of computer clusters has increased. However, programming for this class of architecture is non trivial. This happens due the fact that, besides programming
the application, detecting and specifying its concurrency, the programmer is also responsible for coding the scheduler of the application so it can use computer clusters efficiently. There are programming tools that propose solutions for these problems, one of these tools is Anahy. This work proposes an extension for Anahy runtime in order to provide support for
distributed memory environments. In order to achieve this objective, the execution core of Anahy is extended so the necessary data structures can be accessed by this module. It
is also necessary to develop a comunication mechanism among the nodes of the cluster so they can exchange the necessary information to complete the computation. Finally, the module is evaluated using a synthetic application. Through this evaluation, the module is analyzed relating to its usability in the
|
8 |
On-demand Isolated I/O for Security-sensitive Applications on Commodity PlatformsZhou, Zongwei 01 May 2014 (has links)
Today large software systems (i.e., giants) thrive in commodity markets, but are untrustworthy due to their numerous and inevitable software bugs that can be exploited by the adversary. Thus, the best hope of security is that some small, simple, and trustworthy software components (i.e., wimps) can be protected from attacks launched by adversary-controlled giants. However, wimps in isolation typically give up a variety of basic services (e.g., file system, networking, device I/O), trading usefulness and viability with security.
Among these basic services, isolated I/O channels remained an unmet challenge over the past three decades. Isolated I/O is a critical security primitive for a myriad of applications (e.g., secure user interface, remote device control). With this primitive, isolated wimps can transfer I/O data to commodity peripheral devices and the data secrecy and authenticity are protected from the co-existing giants.
This thesis addresses this challenge by proposing a new security architecture to provide services to isolated wimps. Instead of restructuring the giants or bloating the Trusted Computing Base that underpins wimp-giant isolation (dubbed underlying TCB), this thesis presents a unique on-demand I/O isolation model and a trusted add-on component called wimpy kernel to instantiate this model. In our model, the wimpy kernel dynamically takes control of the devices managed by a commodity OS, connects them to the isolated wimps, and relinquishes controls to the OS when done. This model creates ample opportunities for the wimpy kernel to outsource I/O subsystem functions to the untrusted OS and verify their results. The wimpy kernel further exports device drivers and I/O subsystem code to wimps and mediates the operations of the exported code. These two methodologies help to significantly reduce the size and complexity of the wimpy kernel for high security assurance. Using the popular and complex USB subsystem as a case study, this thesis illustrates the dramatic reduction of the wimpy kernel; i.e., over 99% of the Linux USB code base is removed. In addition, the wimpy kernel also composes with the underlying TCB, by retaining its code size, complexity and security properties.
|
9 |
Variabilita běhových prostředí komponentových systémů / Variability of Execution Environments for Component-based SystemsMalohlava, Michal January 2012 (has links)
Reuse is considered as one of the most crucial software engineering concerns. It allows for delivering software systems faster with less effort. Therefore, the thesis explores limits of reuse in the context of component systems. It analyzes in depth contemporary component systems, finds their commonalities and variation points, and introduces a meta-component system -- a software product line which allows for producing a tailored component system based on a set of requirements. The thesis addresses the meta-component system definition and focuses on its crucial aspects which play the key role in component systems preparation- (1) a configurable execution environment and (2) generation of implementation artifacts. To address the first aspect, the thesis proposes a model-driven method for creating configurable execution environments. Motivated by creating execution environments, the thesis contributes to (2) by introducing a notion of domain-specific languages interoperability in the context of the code generation. Furthermore, the thesis elaborates the proposed notion resulting into a family of interoperable domain-specific languages which is parametrized by a general purpose language.
|
10 |
Arguing Assurance in Trusted Execution Environments using Goal Structuring Notation / Argumentera assurans i trusted execution environment med goal structuring notationCole, Nigel January 2021 (has links)
A trusted execution environment (TEE) is an isolated environment used for trusted execution. TEE solutions are usually proprietary and specific for a certain hardware specification, thereby limiting developers that use those TEEs. A potential solution to this issue is the use of open-source alternatives such as the TEE framework Keystone and the Reduced Instruction Set Computer V (RISC-V) hardware. These alternatives are rather young and are not as well established as the variants developed by ARM and Intel. To this end, the assurance in Keystone and RISC-V are analysed by studying a remote attestation assurance use case using the goal structuring notation (GSN) method. The aim is to investigate how GSN can be utilised to build assurance cases for TEEs on RISC-V. This thesis presents a process of how GSNs can be created to argue assurance for a TEE solution. Furthermore, Keystone operates under a specific threat model with made assumptions that may have a large impact depending on the use case. Therefore, Keystone is analysed to understand whether the framework mitigates existing vulnerabilities in TEEs. It is concluded that GSN is a viable method for arguing assurance in TEEs, providing great freedom in the creation of the GSN model. The freedom is also its weakness since the argument composition has a high impact on the argument. Furthermore, we conclude that Keystone mitigates multiple known vulnerabilities primarily through made assumptions in its threat model. These cases need to be considered by developers utilising Keystone to determine whether or not the assumptions are valid for their use case.
|
Page generated in 0.1179 seconds