23

Time protection: The missing OS abstraction

 5 years ago
source link: https://www.tuicool.com/articles/hit/VrymUrz
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
neoserver,ios ssh client

DATA61

University of Birmingham

Best Paper Award!

Abstract

Timing channels enable data leakage that threatens the security of computer systems, from cloud platforms to smart-phones and browsers executing untrusted third-party code. Preventing unauthorised information flow is a core duty of the operating system, however, present OSes are unable to prevent timing channels. We argue that OSes must provide time protection, the temporal equivalent of the established memory protection, for isolating security domains. We examine the requirements of time protection, present a design and its implementation in the seL4 microkernel, and evaluate efficacy and cost on x86 and Arm processors.

BibTeX Entry

@inproceedings{Ge_YCH_19,
    numpages         = {17},
    publisher        = {ACM},
    author           = {Ge, Qian and Yarom, Yuval and Chothia, Tom and Heiser, Gernot},
    booktitle        = {EuroSys Conference},
    year             = {2019},
    month            = mar,
    date             = {2019-3-25},
    title            = {Time Protection: the Missing {OS} Abstraction},
    address          = {Dresden, Germany}
  }

Download


report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK