SCONE: Secure Linux Container Environments with Intel SGX
|
|
- Muriel Long
- 6 years ago
- Views:
Transcription
1 SCONE: Secure Linux Container Environments with Intel SGX S. Arnautov, B. Trach, F. Gregor, Thomas Knauth, and A. Martin, Technische Universität Dresden; C. Priebe, J. Lind, D. Muthukumaran, D. O'Keeffe, and M. Stillwell, Imperial College London; D. Goltzsche, Technische Universität Braunschweig; D. Eyers, University of Otago; R. Kapitza, Technische Universität Braunschweig; P. Pietzuch, Imperial College London; C. Fetzer, Technische Universität Dresden 1
2 Trust Issues: The Provider s Perspective Cloud provider does not trust users Use virtual machines to isolate users from each other and the host VMs only provide one way protection Redis OS VMM Firmware Cloud platform Staff trusted 2
3 Trust Issues: The User s Perspective Users trust their application Users must implicitly trust the cloud provider Existing applications implicitly assume trusted operating system Redis OS VMM Firmware Cloud platform Staff untrusted 3
4 Containers are the new VMs Containers provide resource isolation and bundling Smaller resource overhead than virtual machines Convenient tooling to create and deploy applications in the cloud 4
5 Disaster! OS VMM Firmware Cloud platform Staff untrusted 5
6 Disaster! OS VMM Firmware Cloud platform Staff untrusted 6
7 Disaster! OS VMM Firmware Cloud platform Staff untrusted 7
8 Disaster! OS VMM Firmware Cloud platform Staff untrusted 8
9 We want to OS VMM Firmware Cloud platform Staff untrusted 9
10 We want to run unmodified Linux applications OS VMM Firmware Cloud platform Staff untrusted 9
11 We want to run unmodified Linux applications OS in containers VMM Firmware Cloud platform Staff untrusted 9
12 We want to run unmodified Linux applications OS VMM Firmware Cloud platform Staff untrusted in containers in an untrusted cloud 9
13 We want to run unmodified Linux applications OS VMM Firmware Cloud platform Staff untrusted in containers in an untrusted cloud securely and 9
14 We want to run unmodified Linux applications OS VMM Firmware Cloud platform Staff untrusted in containers in an untrusted cloud securely and with acceptable performance 9
15 Secure Guard Extensions Enclave New enclave processor mode OS VMM Firmware Cloud platform Staff untrusted Users can create a HWenforced trusted environment Only trust Intel and Secure Guard Extensions (SGX) implementation 10
16 SGX: HW-enforced Security 18 new instructions to manage enclave life cycle Enclave memory only accessible from enclave Certain instructions disallowed, e.g., syscall untrusted EENTER trusted Execute Return privileged access from OS, VMM, SMM forbidden 11
17 Challenge 1: Interface Library OS inside TCB Haven (OSDI 14): library operating system in enclave Large TCB more vulnerable Small interface (22 system calls) Shields protect the interface External container interface trusted untrusted Application Code Libraries C Library Library OS Shielding layer Host OS 12
18 Challenge 1: Interface Minimal TCB Application Code Small TCB C library interface is complex Libraries Shim C Library Harder to protect C Library Host OS 13
19 Challenge 2: Performance system call frequency (1000s/second) native synchronous enclave exits pwrite() with 32 byte buffer 4 cores with hyper threading Threads
20 Challenge 2: Performance system call frequency (1000s/second) native synchronous enclave exits pwrite() with 32 byte buffer 4 cores with hyper threading Threads
21 SCONE Architecture Application Libraries SCONE module Intel SGX driver Container (cgroups) Host operating system 15
22 SCONE Architecture Enhanced C library small TCB (Challenge 1) Application Libraries SCONE C library SCONE module Intel SGX driver Container (cgroups) Host operating system 15
23 SCONE Architecture Enhanced C library small TCB (Challenge 1) Asynchronous system calls and user space threading reduce number of enclave exits (Challenge 2) Application Libraries M:N threading SCONE C library Asynchronous system calls SCONE module Intel SGX driver Container (cgroups) Host operating system 15
24 SCONE Architecture Enhanced C library small TCB (Challenge 1) Asynchronous system calls and user space threading reduce number of enclave exits (Challenge 2) Network and file system shields actively protect user data Application Libraries Network shield File system shield M:N threading SCONE C library Asynchronous system calls SCONE module Intel SGX driver Container (cgroups) Host operating system 15
25 Anatomy of a System Call enclave kernel 16
26 Anatomy of a System Call T1 read(fd, read, buf, size) enclave kernel [0] [1] [2] 17 system call slots
27 Anatomy of a System Call T1 S1 read(fd, buf, size) enclave kernel [0] [1] read, fd, buf, size [2] 18 system call slots
28 Anatomy of a System Call T1 read(fd, buf, size) enclave kernel [0] [0] [1] [2] read, fd, buf, size 19 system call slots
29 Anatomy of a System Call T1 read(fd, buf, size) enclave kernel [0] [1] read, fd, buf, size [2] 19 system call slots
30 Anatomy of a System Call T1 read(fd, buf, size) T2 read(fd, read, buf, size) enclave kernel [0] [1] read, fd, buf, size [2] 19 system call slots
31 Anatomy of a System Call T1 read(fd, buf, size) switch to ready user space thread T2 read(fd, read, buf, size) enclave kernel [0] read, fd, buf, size [1] [2] 19 system call slots
32 Anatomy of a System Call T1 read(fd, buf, size) switch to ready user space thread T2 read(fd, read, buf, size) enclave kernel [0] read, fd, buf, size [1] [2] read, fd, buf, size 19 system call slots
33 Anatomy of a System Call T1 read(fd, buf, size) switch to ready user space thread T2 read(fd, read, buf, size) enclave kernel [2] [0] [1] [2] read, fd, buf, size read, fd, buf, size 19 system call slots
34 Anatomy of a System Call T1 read(fd, buf, size) T2 read(fd, read, buf, size) enclave kernel 20 [0] [1] [2] read, fd, buf, size read, fd, buf, size system call slots
35 Anatomy of a System Call T1 read(fd, buf, size) T2 read(fd, read, buf, size) [0] [0] [1] #2&$?% read, fd, buf, size enclave kernel 20 [2] read, fd, buf, size system call slots
36 Anatomy of a System Call T1 read(fd, buf, size) switch to ready user space thread T2 read(fd, read, buf, size) enclave #2&$?% kernel [0] [0] read, fd, buf, size [1] [2] read, fd, buf, size 20 system call slots
37 Anatomy of a System Call T1 read(fd, buf, size) T2 read(fd, read, buf, size) [0] [0] [1] #2&$?% read, fd, buf, size enclave kernel 20 [2] read, fd, buf, size system call slots
38 Anatomy of a System Call T1 GET K1 read(fd, buf, size) decrypt buffer into enclave T2 read(fd, read, buf, size) enclave #2&$?% kernel [0] [0] read, fd, buf, size [1] [2] read, fd, buf, size 20 system call slots
39 Container Integration Repository Docker Engine Secure Image SCONE Client Docker Client Enclave 21
40 Container Integration Repository Docker Engine 1. push image Secure Image SCONE Client Docker Client Enclave 21
41 Container Integration Repository Docker Engine 2. run 1. push image Secure Image SCONE Client Docker Client Enclave 21
42 Container Integration 3. pull image Repository Docker Engine 2. run 1. push image Secure Image SCONE Client Docker Client Enclave 21
43 Container Integration 3. pull image Repository Docker Engine 2. run 1. push image 4. execute Secure Image SCONE Client Docker Client Enclave 21
44 Container Integration 3. pull image Repository Docker Engine 2. run Secure Image 1. push image SCONE Client Docker Client 5. secure channel 4. execute Enclave 21
45 System Call Performance native System call frequency (1000s/second) async sync pwrite() with 32 byte buffer 4 cores with hyper threading Threads
46 System Call Performance async with 1 thread achieves 80% native System call frequency (1000s/second) async sync pwrite() with 32 byte buffer 4 cores with hyper threading Threads
47 System Call Performance async with 1 thread achieves 80% optimized queue may help native System call frequency (1000s/second) async sync pwrite() with 32 byte buffer 4 cores with hyper threading Threads
48 Apache Throughput Latency (seconds) sync async glibc Throughput (requests / second) 23
49 Performance Overview Application Throughput w.r.t. native async (%) sync (%) Memcached Apache NGINX Redis
50 Performance Overview Application Throughput w.r.t. native async (%) sync (%) Memcached Apache NGINX Redis inline encryption has less overhead 24
51 Performance Overview Application Throughput w.r.t. native async (%) sync (%) Memcached Apache NGINX Redis inline encryption has less overhead 24 inline encryption hurts performance with single thread
52 Summary Small trusted computing base ( of native binary size) Low runtime overhead ( of native throughput) Transparent to the container engine (e.g. Docker) 25
Graphene-SGX. A Practical Library OS for Unmodified Applications on SGX. Chia-Che Tsai Donald E. Porter Mona Vij
Graphene-SGX A Practical Library OS for Unmodified Applications on SGX Chia-Che Tsai Donald E. Porter Mona Vij Intel SGX: Trusted Execution on Untrusted Hosts Processing Sensitive Data (Ex: Medical Records)
More informationMaru: Hardware-Assisted Secure Cloud Computing
Maru: Hardware-Assisted Secure Coud Computing Peter Pietzuch prp@imperia.ac.uk Large-Scae Distributed Systems Group Department of Computing, Imperia Coege London Peter R. Pietzuch http://sds.doc.ic.ac.uk
More informationEndBox: Scalable Middlebox Functions Using Client-Side Trusted Execution
: Scalable Functions Using -Side Trusted Execution Image CC-BY-SA Victorgrigas David Goltzsche, 1 Signe Rüsch, 1 Manuel Nieke, 1 Sébastien Vaucher, 2 Nico Weichbrodt, 1 Valerio Schiavoni, 2 Pierre-Louis
More informationSGXBounds Memory Safety for Shielded Execution
SGXBounds Memory Safety for Shielded Execution Dmitrii Kuvaiskii, Oleksii Oleksenko, Sergei Arnautov, Bohdan Trach, Pramod Bhatotia *, Pascal Felber, Christof Fetzer TU Dresden, * The University of Edinburgh,
More informationSafeBricks: Shielding Network Functions in the Cloud
SafeBricks: Shielding Network Functions in the Cloud Rishabh Poddar, Chang Lan, Raluca Ada Popa, Sylvia Ratnasamy UC Berkeley Network Functions (NFs) in the cloud Clients 2 Enterprise Destination Network
More informationEleos: Exit-Less OS Services for SGX Enclaves
Eleos: Exit-Less OS Services for SGX Enclaves Meni Orenbach Marina Minkin Pavel Lifshits Mark Silberstein Accelerated Computing Systems Lab Haifa, Israel What do we do? Improve performance: I/O intensive
More informationVarys. Protecting SGX Enclaves From Practical Side-Channel Attacks. Oleksii Oleksenko, Bohdan Trach. Mark Silberstein
Varys Protecting SGX Enclaves From Practical Side-Channel Attacks Oleksii Oleksenko, Bohdan Trach Robert Krahn, Andre Martin, Christof Fetzer Mark Silberstein Key issue of the cloud: We cannot trust it
More informationA Comparison Study of Intel SGX and AMD Memory Encryption Technology
A Comparison Study of Intel SGX and AMD Memory Encryption Technology Saeid Mofrad, Fengwei Zhang Shiyong Lu Wayne State University {saeid.mofrad, Fengwei, Shiyong}@wayne.edu Weidong Shi (Larry) University
More informationException-Less System Calls for Event-Driven Servers
Exception-Less System Calls for Event-Driven Servers Livio Soares and Michael Stumm University of Toronto Talk overview At OSDI'10: exception-less system calls Technique targeted at highly threaded servers
More informationIntroduction to SGX (Software Guard Extensions) and SGX Virtualization. Kai Huang, Jun Nakajima (Speaker) July 12, 2017
Introduction to SGX (Software Guard Extensions) and SGX Virtualization Kai Huang, Jun Nakajima (Speaker) July 12, 2017 1 INTEL RESTRICTED SECRET Agenda SGX Introduction Xen SGX Virtualization Support Backup
More informationA Userspace Packet Switch for Virtual Machines
SHRINKING THE HYPERVISOR ONE SUBSYSTEM AT A TIME A Userspace Packet Switch for Virtual Machines Julian Stecklina OS Group, TU Dresden jsteckli@os.inf.tu-dresden.de VEE 2014, Salt Lake City 1 Motivation
More informationObliviate: A Data Oblivious File System for Intel SGX. Adil Ahmad Kyungtae Kim Muhammad Ihsanulhaq Sarfaraz Byoungyoung Lee
Obliviate: A Data Oblivious File System for Intel SGX Adil Ahmad Kyungtae Kim Muhammad Ihsanulhaq Sarfaraz Byoungyoung Lee 1 Clouds? The Ultimate Dream? User Clouds 2 Clouds? The Ultimate Dream? User Clouds
More informationCSC 5930/9010 Cloud S & P: Virtualization
CSC 5930/9010 Cloud S & P: Virtualization Professor Henry Carter Fall 2016 Recap Network traffic can be encrypted at different layers depending on application needs TLS: transport layer IPsec: network
More informationCPS 510 final exam, 4/27/2015
CPS 510 final exam, 4/27/2015 Your name please: This exam has 25 questions worth 12 points each. For each question, please give the best answer you can in a few sentences or bullets using the lingo of
More informationThe Challenges of X86 Hardware Virtualization. GCC- Virtualization: Rajeev Wankar 36
The Challenges of X86 Hardware Virtualization GCC- Virtualization: Rajeev Wankar 36 The Challenges of X86 Hardware Virtualization X86 operating systems are designed to run directly on the bare-metal hardware,
More informationViryaOS RFC: Secure Containers for Embedded and IoT. A proposal for a new Xen Project sub-project
ViryaOS RFC: Secure Containers for Embedded and IoT A proposal for a new Xen Project sub-project Stefano Stabellini @stabellinist The problem Package applications for the target Contain all dependencies
More informationCIS 4360 Secure Computer Systems SGX
CIS 4360 Secure Computer Systems SGX Professor Qiang Zeng Spring 2017 Some slides are stolen from Intel docs Previous Class UEFI Secure Boot Windows s Trusted Boot Intel s Trusted Boot CIS 4360 Secure
More informationRacing in Hyperspace: Closing Hyper-Threading Side Channels on SGX with Contrived Data Races. CS 563 Young Li 10/31/18
Racing in Hyperspace: Closing Hyper-Threading Side Channels on SGX with Contrived Data Races CS 563 Young Li 10/31/18 Intel Software Guard extensions (SGX) and Hyper-Threading What is Intel SGX? Set of
More informationIntel s Virtualization Extensions (VT-x) So you want to build a hypervisor?
Intel s Virtualization Extensions (VT-x) So you want to build a hypervisor? Mr. Jacob Torrey May 13, 2014 Dartmouth College 153 Brooks Road, Rome, NY 315.336.3306 http://ainfosec.com @JacobTorrey torreyj@ainfosec.com
More informationFlexSC. Flexible System Call Scheduling with Exception-Less System Calls. Livio Soares and Michael Stumm. University of Toronto
FlexSC Flexible System Call Scheduling with Exception-Less System Calls Livio Soares and Michael Stumm University of Toronto Motivation The synchronous system call interface is a legacy from the single
More informationNested Virtualization and Server Consolidation
Nested Virtualization and Server Consolidation Vara Varavithya Department of Electrical Engineering, KMUTNB varavithya@gmail.com 1 Outline Virtualization & Background Nested Virtualization Hybrid-Nested
More informationWORKLOAD CHARACTERIZATION OF INTERACTIVE CLOUD SERVICES BIG AND SMALL SERVER PLATFORMS
WORKLOAD CHARACTERIZATION OF INTERACTIVE CLOUD SERVICES ON BIG AND SMALL SERVER PLATFORMS Shuang Chen*, Shay Galon**, Christina Delimitrou*, Srilatha Manne**, and José Martínez* *Cornell University **Cavium
More informationLecture Notes for 04/04/06: UNTRUSTED CODE Fatima Zarinni.
Lecture Notes for 04/04/06 UNTRUSTED CODE Fatima Zarinni. Last class we started to talk about the different System Solutions for Stack Overflow. We are going to continue the subject. Stages of Stack Overflow
More informationScotch: Combining Software Guard Extensions and System Management Mode to Monitor Cloud Resource Usage
Scotch: Combining Software Guard Extensions and System Management Mode to Monitor Cloud Resource Usage Kevin Leach 1, Fengwei Zhang 2, and Westley Weimer 1 1 University of Michigan, 2 Wayne State University
More informationUnikernels as Processes
Unikernels as Processes Dan Williams, Ricardo Koller (IBM Research) Martin Lucina (robur.io/center for the Cultivation of Technology) Nikhil Prakash (BITS Pilani) What is a unikernel? An application linked
More informationVirtualization. ! Physical Hardware Processors, memory, chipset, I/O devices, etc. Resources often grossly underutilized
Starting Point: A Physical Machine Virtualization Based on materials from: Introduction to Virtual Machines by Carl Waldspurger Understanding Intel Virtualization Technology (VT) by N. B. Sahgal and D.
More informationVirtualization. Starting Point: A Physical Machine. What is a Virtual Machine? Virtualization Properties. Types of Virtualization
Starting Point: A Physical Machine Virtualization Based on materials from: Introduction to Virtual Machines by Carl Waldspurger Understanding Intel Virtualization Technology (VT) by N. B. Sahgal and D.
More informationBuilding A Better Test Platform:
Building A Better Test Platform: A Case Study of Improving Apache HBase Testing with Docker Aleks Shulman, Dima Spivak Outline About Cloudera Apache HBase Overview API compatibility API compatibility testing
More informationDISTRIBUTED SYSTEMS Principles and Paradigms Second Edition ANDREW S. TANENBAUM MAARTEN VAN STEEN. Chapter 3 Processes
DISTRIBUTED SYSTEMS Principles and Paradigms Second Edition ANDREW S. TANENBAUM MAARTEN VAN STEEN Chapter 3 Processes Context Switching Processor context: The minimal collection of values stored in the
More informationOperating system hardening
Operating system Comp Sci 3600 Security Outline 1 2 3 4 5 6 What is OS? Hardening process that includes planning, ation, uration, update, and maintenance of the operating system and the key applications
More informationPreserving I/O Prioritization in Virtualized OSes
Preserving I/O Prioritization in Virtualized OSes Kun Suo 1, Yong Zhao 1, Jia Rao 1, Luwei Cheng 2, Xiaobo Zhou 3, Francis C. M. Lau 4 The University of Texas at Arlington 1, Facebook 2, University of
More informationIntel Software Guard Extensions
Intel Software Guard Extensions Dr. Matthias Hahn, Intel Deutschland GmbH July 12 th 2017 cryptovision Mindshare, Gelsenkirchen Intel SGX Making Headlines Premium Content requiring Intel SGX on PC Intel
More informationInfluential OS Research Security. Michael Raitza
Influential OS Research Security Michael Raitza raitza@os.inf.tu-dresden.de 1 Security recap Various layers of security Application System Communication Aspects of security Access control / authorization
More informationSandboxing. CS-576 Systems Security Instructor: Georgios Portokalidis Spring 2018
Sandboxing CS-576 Systems Security Instructor: Georgios Portokalidis Sandboxing Means Isolation Why? Software has bugs Defenses slip Untrusted code Compartmentalization limits interference and damage!
More informationLeveraging Intel SGX to Create a Nondisclosure Cryptographic library
CS 2530 - Computer and Network Security Project presentation Leveraging Intel SGX to Create a Nondisclosure Cryptographic library Mohammad H Mofrad & Spencer L Gray University of Pittsburgh Thursday, December
More informationM 3 Microkernel-based System for Heterogeneous Manycores
M 3 Microkernel-based System for Heterogeneous Manycores Nils Asmussen MKC, 06/29/2017 1 / 35 Outline 1 Introduction 2 Data Transfer Unit 3 Prototype Platforms 4 M 3 5 Summary 2 / 35 Outline 1 Introduction
More informationOS Security IV: Virtualization and Trusted Computing
1 OS Security IV: Virtualization and Trusted Computing Chengyu Song Slides modified from Dawn Song 2 Administrivia Lab2 More questions? 3 Virtual machine monitor +-----------+----------------+-------------+
More informationI/O and virtualization
I/O and virtualization CSE-C3200 Operating systems Autumn 2015 (I), Lecture 8 Vesa Hirvisalo Today I/O management Control of I/O Data transfers, DMA (Direct Memory Access) Buffering Single buffering Double
More informationVirtual Machines. Part 2: starting 19 years ago. Operating Systems In Depth IX 1 Copyright 2018 Thomas W. Doeppner. All rights reserved.
Virtual Machines Part 2: starting 19 years ago Operating Systems In Depth IX 1 Copyright 2018 Thomas W. Doeppner. All rights reserved. Operating Systems In Depth IX 2 Copyright 2018 Thomas W. Doeppner.
More informationOPERATING SYSTEM SUPPORT FOR REDUNDANT MULTITHREADING. Björn Döbel (TU Dresden)
OPERATING SYSTEM SUPPORT FOR REDUNDANT MULTITHREADING Björn Döbel (TU Dresden) Brussels, 02.02.2013 Hardware Faults Radiation-induced soft errors Mainly an issue in avionics+space 1 DRAM errors in large
More informationarxiv: v2 [cs.cr] 20 Aug 2017
CacheZoom: How SGX Amplifies The Power of Cache Attacks arxiv:1703.06986v2 [cs.cr] 20 Aug 2017 Ahmad Moghimi Worcester Polytechnic Institute amoghimi@wpi.edu Abstract In modern computing environments,
More informationRyoan: A Distributed Sandbox for Untrusted Computation on Secret Data
Ryoan: A Distributed Sandbox for Untrusted Computation on Secret Data Tyler Hunt, Zhiting Zhu, Yuanzhong Xu, Simon Peter, and Emmett Witchel University of Texas at Austin OSDI 2016 Presented by John Alsop
More informationBUILDING SECURE (CLOUD) APPLICATIONS USING INTEL S SGX
BUILDING SECURE (CLOUD) APPLICATIONS USING INTEL S SGX FLORIAN KERSCHBAUM, UNIVERSITY OF WATERLOO JOINT WORK WITH BENNY FUHRY (SAP), ANDREAS FISCHER (SAP) AND MANY OTHERS DO YOU TRUST YOUR CLOUD SERVICE
More informationINFLUENTIAL OPERATING SYSTEM RESEARCH: SECURITY MECHANISMS AND HOW TO USE THEM CARSTEN WEINHOLD
Faculty of Computer Science Institute of Systems Architecture, Operating Systems Group INFLUENTIAL OPERATING SYSTEM RESEARCH: SECURITY MECHANISMS AND HOW TO USE THEM CARSTEN WEINHOLD OVERVIEW Fundamental
More informationMassively Parallel Hardware Security Platform
Massively Parallel Hardware Security Platform Dan Cvrček, Enigma Bridge, UK dan@enigmabridge.com Petr Švenda, CRoCS, Masaryk University, CZ svenda@fi.muni.cz Overview 1. Cryptography as a Service 2. Usage
More informationCSE 120 Principles of Operating Systems
CSE 120 Principles of Operating Systems Fall 2016 Lecture 2: Architectural Support for Operating Systems Geoffrey M. Voelker Administrivia Project 0 Due 10/4, done individually Homework #1 Due 10/6 Project
More informationAdvanced Systems Security: Virtual Machine Systems
Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security:
More informationEE 660: Computer Architecture Cloud Architecture: Virtualization
EE 660: Computer Architecture Cloud Architecture: Virtualization Yao Zheng Department of Electrical Engineering University of Hawaiʻi at Mānoa Based on the slides of Prof. Roy Campbell & Prof Reza Farivar
More informationTolerating Malicious Drivers in Linux. Silas Boyd-Wickizer and Nickolai Zeldovich
XXX Tolerating Malicious Drivers in Linux Silas Boyd-Wickizer and Nickolai Zeldovich How could a device driver be malicious? Today's device drivers are highly privileged Write kernel memory, allocate memory,...
More informationKernel Bypass. Sujay Jayakar (dsj36) 11/17/2016
Kernel Bypass Sujay Jayakar (dsj36) 11/17/2016 Kernel Bypass Background Why networking? Status quo: Linux Papers Arrakis: The Operating System is the Control Plane. Simon Peter, Jialin Li, Irene Zhang,
More informationIAGO ATTACKS: WHY THE SYSTEM CALL API IS A BAD UNTRUSTED RPC INTERFACE
IAGO ATTACKS: WHY THE SYSTEM CALL API IS A BAD UNTRUSTED RPC INTERFACE Stephen Checkoway and Hovav Shacham March 19, 2013 1 1 A vulnerable program #include int main() { void *p = malloc(100);
More informationSanctum: Minimal HW Extensions for Strong SW Isolation
CSE 5095 & ECE 4451 & ECE 5451 Spring 2017 Lecture 7a Sanctum: Minimal HW Extensions for Strong SW Isolation Marten van Dijk Syed Kamran Haider, Chenglu Jin, Phuong Ha Nguyen Department of Electrical &
More informationOperating System Security
Operating System Security Operating Systems Defined Hardware: I/o...Memory.CPU Operating Systems: Windows or Android, etc Applications run on operating system Operating Systems Makes it easier to use resources.
More informationXen and the Art of Virtualization. Nikola Gvozdiev Georgian Mihaila
Xen and the Art of Virtualization Nikola Gvozdiev Georgian Mihaila Outline Xen and the Art of Virtualization Ian Pratt et al. I. The Art of Virtualization II. Xen, goals and design III. Xen evaluation
More informationSpring 2017 :: CSE 506. Introduction to. Virtual Machines. Nima Honarmand
Introduction to Virtual Machines Nima Honarmand Virtual Machines & Hypervisors Virtual Machine: an abstraction of a complete compute environment through the combined virtualization of the processor, memory,
More informationKubernetes The Path to Cloud Native
Kubernetes The Path to Cloud Native Eric Brewer VP, Infrastructure @eric_brewer August 28, 2015 ACM SOCC Cloud Na*ve Applica*ons Middle of a great transition unlimited ethereal resources in the Cloud an
More informationRISCV with Sanctum Enclaves. Victor Costan, Ilia Lebedev, Srini Devadas
RISCV with Sanctum Enclaves Victor Costan, Ilia Lebedev, Srini Devadas Today, privilege implies trust (1/3) If computing remotely, what is the TCB? Priviledge CPU HW Hypervisor trusted computing base OS
More informationCSE 153 Design of Operating Systems Fall 18
CSE 153 Design of Operating Systems Fall 18 Lecture 2: OS model and Architectural Support Last time/today l Historic evolution of Operating Systems (and computing!) l Today: We start our journey in exploring
More informationKruiser: Semi-synchronized Nonblocking Concurrent Kernel Heap Buffer Overflow Monitoring
NDSS 2012 Kruiser: Semi-synchronized Nonblocking Concurrent Kernel Heap Buffer Overflow Monitoring Donghai Tian 1,2, Qiang Zeng 2, Dinghao Wu 2, Peng Liu 2 and Changzhen Hu 1 1 Beijing Institute of Technology
More informationCOMPUTER ARCHITECTURE. Virtualization and Memory Hierarchy
COMPUTER ARCHITECTURE Virtualization and Memory Hierarchy 2 Contents Virtual memory. Policies and strategies. Page tables. Virtual machines. Requirements of virtual machines and ISA support. Virtual machines:
More informationTUX : Trust Update on Linux Kernel
TUX : Trust Update on Linux Kernel Suhho Lee Mobile OS Lab, Dankook university suhho1993@gmail.com -- Hyunik Kim, and Seehwan Yoo {eternity13, seehwan.yoo}@dankook.ac.kr Index Intro Background Threat Model
More informationISOLATION DEFENSES GRAD SEC OCT
ISOLATION DEFENSES GRAD SEC OCT 03 2017 ISOLATION Running untrusted code in a trusted environment Setting Possibly with multiple tenants OS: users / processes Browser: webpages / browser extensions Cloud:
More informationFeature Comparison Summary
Feature Comparison Summary, and The cloud-ready operating system Thanks to cloud technology, the rate of change is faster than ever before, putting more pressure on IT. Organizations demand increased security,
More information1 System & Activities
1 System & Activities Gerd Liefländer 23. April 2009 System Architecture Group 2009 Universität Karlsruhe (TU), System Architecture Group 1 Roadmap for Today & Next Week System Structure System Calls (Java)
More informationIntel SGX Virtualization
Sean Christopherson Intel Intel SGX Virtualization KVM Forum 2018 Traditional VM Landscape App s secrets accessible by any privileged entity, e.g. VMM and OS App App App or a malicious app that has exploited
More informationCSE 120 Principles of Operating Systems
CSE 120 Principles of Operating Systems Spring 2018 Lecture 2: Architectural Support for Operating Systems Geoffrey M. Voelker Administrivia Project 0 Due 4/9 11:59pm, done individually Homework #1 Due
More informationInkTag: Secure Applications on an Untrusted Operating System. Owen Hofmann, Sangman Kim, Alan Dunn, Mike Lee, Emmett Witchel UT Austin
InkTag: Secure lications on an Untrusted Operating System Owen Hofmann, Sangman Kim, Alan Dunn, Mike Lee, Emmett Witchel UT Austin You trust your... should you? The is the software root of trust on most
More information, Inc
Monthly Research SELinux in Virtualization and Containers, Inc http://www.ffri.jp Ver 1.00.02 1 SELinux in Virtualization and Containers Virtualization security with SELinux Threat model of operating system
More informationOS Virtualization. Linux Containers (LXC)
OS Virtualization Emulate OS-level interface with native interface Lightweight virtual machines No hypervisor, OS provides necessary support Referred to as containers Solaris containers, BSD jails, Linux
More informationOS Security III: Sandbox and SFI
1 OS Security III: Sandbox and SFI Chengyu Song Slides modified from Dawn Song 2 Administrivia Lab2 VMs on lab machine Extension? 3 Users and processes FACT: although ACLs use users as subject, the OS
More informationDecoupling Dynamic Information Flow Tracking with a Dedicated Coprocessor
1 Decoupling Dynamic Information Flow Tracking with a Dedicated Coprocessor Hari Kannan, Michael Dalton, Christos Kozyrakis Presenter: Yue Zheng Yulin Shi Outline Motivation & Background Hardware DIFT
More informationHAFT Hardware-Assisted Fault Tolerance
HAFT Hardware-Assisted Fault Tolerance Dmitrii Kuvaiskii Rasha Faqeh Pramod Bhatotia Christof Fetzer Technische Universität Dresden Pascal Felber Université de Neuchâtel Hardware Errors in the Wild Online
More information4. Jump to *RA 4. StackGuard 5. Execute code 5. Instruction Set Randomization 6. Make system call 6. System call Randomization
04/04/06 Lecture Notes Untrusted Beili Wang Stages of Static Overflow Solution 1. Find bug in 1. Static Analysis 2. Send overflowing input 2. CCured 3. Overwrite return address 3. Address Space Randomization
More informationOS Extensibility: SPIN and Exokernels. Robert Grimm New York University
OS Extensibility: SPIN and Exokernels Robert Grimm New York University The Three Questions What is the problem? What is new or different? What are the contributions and limitations? OS Abstraction Barrier
More informationLecture Secure, Trusted and Trustworthy Computing Introduction to SGX
Lecture Secure, and Trustworthy Computing Introduction to Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt Germany Winter Term 2016/17 Intel Software Guard Extensions
More informationSGX Enclave Life Cycle Tracking TLB Flushes Security Guarantees
CSE 5095 & ECE 4451 & ECE 5451 Spring 2017 Lecture 3b SGX Enclave Life Cycle Tracking TLB Flushes Security Guarantees Slide deck extracted from Kamran s tutorial on SGX and Chenglu s security analysis
More informationLamassu: Storage-Efficient Host-Side Encryption
Lamassu: Storage-Efficient Host-Side Encryption Peter Shah, Won So Advanced Technology Group 9 July, 2015 1 2015 NetApp, Inc. All rights reserved. Agenda 1) Overview 2) Security 3) Solution Architecture
More informationDocker 101 Workshop. Eric Smalling - Solution Architect, Docker
Docker 101 Workshop Eric Smalling - Solution Architect, Docker Inc. @ericsmalling Who Am I? Eric Smalling Solution Architect Docker Customer Success Team ~25 years in software development, architecture,
More informationLINUX CONTAINERS. Where Enterprise Meets Embedded Operating Environments WHEN IT MATTERS, IT RUNS ON WIND RIVER
Where Enterprise Meets Embedded Operating Environments WHEN IT MATTERS, IT RUNS ON WIND RIVER EXECUTIVE SUMMARY Flexible and connected platforms are core components in leading computing fields, including
More informationServerless Computing: Design, Implementation, and Performance. Garrett McGrath and Paul R. Brenner
Serverless Computing: Design, Implementation, and Performance Garrett McGrath and Paul R. Brenner Introduction Serverless Computing Explosion in popularity over the past 3 years Offerings from all leading
More informationDistributed Systems COMP 212. Lecture 18 Othon Michail
Distributed Systems COMP 212 Lecture 18 Othon Michail Virtualisation & Cloud Computing 2/27 Protection rings It s all about protection rings in modern processors Hardware mechanism to protect data and
More informationThe four forces of Cloud Native
1 Aplicaciones Nativas En La Nube The four forces of Cloud Native Iñaki Borrero- Advisory vspecialist MEDI, Dell EMC @DellEMCForum 2 Containers Devops Confluence of 4 forces Agile 3 3 Microservices 4 4
More informationDeterministic Process Groups in
Deterministic Process Groups in Tom Bergan Nicholas Hunt, Luis Ceze, Steven D. Gribble University of Washington A Nondeterministic Program global x=0 Thread 1 Thread 2 t := x x := t + 1 t := x x := t +
More informationBeBanjo Infrastructure and Security Overview
BeBanjo Infrastructure and Security Overview Can you trust Software-as-a-Service (SaaS) to run your business? Is your data safe in the cloud? At BeBanjo, we firmly believe that SaaS delivers great benefits
More informationTEN LAYERS OF CONTAINER SECURITY. Kirsten Newcomer Security Strategist
TEN LAYERS OF CONTAINER SECURITY Kirsten Newcomer Security Strategist WHAT ARE CONTAINERS? Containers change how we develop, deploy and manage applications INFRASTRUCTURE Sandboxed application processes
More informationCloud I - Introduction
Cloud I - Introduction Chesapeake Node.js User Group (CNUG) https://www.meetup.com/chesapeake-region-nodejs-developers-group START BUILDING: CALLFORCODE.ORG 3 Agenda Cloud Offerings ( Cloud 1.0 ) Infrastructure
More informationAchieving safe, certified, multicore avionics systems with Separation Kernel Hypervisors
Safety & Security for the Connected World Achieving safe, certified, multicore avionics systems with Separation Kernel Hypervisors 13 October 2015 Mark Pitchford, Technical Manager, EMEA Achieving safe,
More informationLeaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX
Leaky Cauldron on the Dark Land: Understanding Memory Side-Channel Hazards in SGX W. Wang, G. Chen, X, Pan, Y. Zhang, XF. Wang, V. Bindschaedler, H. Tang, C. Gunter. September 19, 2017 Motivation Intel
More informationENDBOX: Scalable Middlebox Functions Using Client-Side Trusted Execution
ENDBOX: Scalable Middlebox Functions Using -Side Trusted Execution David Goltzsche, Signe Rüsch, Manuel Nieke, Sébastien Vaucher, Nico Weichbrodt, Valerio Schiavoni, Pierre-Louis Aublin, Paolo Costa, Christof
More informationContaining RDMA and High Performance Computing
Containing RDMA and High Performance Computing Liran Liss ContainerCon 2015 Agenda High Performance Computing (HPC) networking RDMA 101 Containing RDMA Challenges Solution approach RDMA network namespace
More informationIntroduction to Containers
Introduction to Containers Shawfeng Dong Principal Cyberinfrastructure Engineer University of California, Santa Cruz What are Containers? Containerization, aka operating-system-level virtualization, refers
More informationNetwork File System (NFS)
Network File System (NFS) Brad Karp UCL Computer Science CS GZ03 / M030 14 th October 2015 NFS Is Relevant Original paper from 1985 Very successful, still widely used today Early result; much subsequent
More informationSecurity of Embedded Systems
Security of Embedded Systems Matthias Schunter, Intel Labs, Ahmad Sadeghi, TU Darmstadt + Teams (F. Brasser, L. Davi, P. Koeberl, S. Schulz, et. al.) 1 2015 Intel Corporation What is an Embedded System?
More informationWhat is KVM? KVM patch. Modern hypervisors must do many things that are already done by OSs Scheduler, Memory management, I/O stacks
LINUX-KVM The need for KVM x86 originally virtualization unfriendly No hardware provisions Instructions behave differently depending on privilege context(popf) Performance suffered on trap-and-emulate
More informationNetwork File System (NFS)
Network File System (NFS) Brad Karp UCL Computer Science CS GZ03 / M030 19 th October, 2009 NFS Is Relevant Original paper from 1985 Very successful, still widely used today Early result; much subsequent
More informationAdvanced Systems Security: Virtual Machine Systems
Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security:
More informationSoftware Solutions to Micro-architectural Side Channels. Yinqian Zhang Assistant Professor Computer Science & Engineering The Ohio State University
Software Solutions to Micro-architectural Side Channels Yinqian Zhang Assistant Professor Computer Science & Engineering The Ohio State University Introduction Research interests Computer system security
More informationContainer Isolation at Scale (... and introducing gvisor) Dawn Chen and Zhengyu He
Container Isolation at Scale (... and introducing gvisor) Dawn Chen and Zhengyu He Containers are amazing! Year 2013: Docker Inc. released its container engine Million downloads and about 8,000 docker
More informationDeployment Patterns using Docker and Chef
Deployment Patterns using Docker and Chef Sandeep Chellingi Sandeep.chellingi@prolifics.com Agenda + + Rapid Provisioning + Automated and Managed Deployment IT Challenges - Use-cases What is Docker? What
More informationXen and the Art of Virtualization. CSE-291 (Cloud Computing) Fall 2016
Xen and the Art of Virtualization CSE-291 (Cloud Computing) Fall 2016 Why Virtualization? Share resources among many uses Allow heterogeneity in environments Allow differences in host and guest Provide
More information