• PDF / 789,198 Bytes
• 16 Pages / 439.37 x 666.142 pts Page_size
• 63 Downloads / 199 Views

DOWNLOAD

REPORT

Abstract. This paper discusses a research project that develops enhanced security protections for operating systems running on security enhanced microprocessors. Security tagging schemes are promising mechanisms for enhancing the security of computer systems. The idea of tagging schemes is to attach metadata tags to memory and registers to carry information about the data being tagged. This paper summarizes the features of these new microprocessors and discusses the use of these features in the design of enhanced operating system security for an exemplary real time operating system.

1

Security Tagging Schemes

Computers play an increasingly important role in modern life and it is now widely recognized that people need to pay more attention to computer security issues. Over the years, researchers and developers have devised various techniques including encryption, firewalls, and virus scanners to provide secure computing environments. The idea of enhancing these mechanisms by using hardware to provide security features for operating systems and user applications is not new. Decades ago researchers proposed techniques to add security labels (tags) at the hardware level to help with the enforcement of system security properties [1,3]. Unfortunately, these techniques required more computing resources and memory than was feasible at the time. As hardware speeds have improved, the idea of security tagging has resurfaced as a promising mechanism for enhancing security. Security tagging schemes attach labels to memory and/or registers to carry information about data during program execution. These labels are also called tags. They have been used by researchers to ensure that the semantics of computations are correctly implemented; to isolate code and data, users and system; and to enforce security policies at the hardware level. The implementation of tagging in hardware provides developers with enhanced security mechanisms without a penalty on performance, as compared to traditional microprocessors. Therefore, tagging schemes are seen as promising mechanisms to help processors and OSs (Operating Systems) implement security properly. Security tagging schemes are known as promising mechanisms for enhancing the security of computer systems. Security tagging was first designed and implemented to protect against some low-level attacks, such as buffer overflow and c Springer International Publishing Switzerland 2016  K. Haltinner et al. (Eds.): CSS 2015, CCIS 589, pp. 3–18, 2016. DOI: 10.1007/978-3-319-28313-5 1

4

J. Song and J. Alves-Foss

format string attacks [6,7,12,14]. Recently, security tagging schemes have been improved to prevent high-level attacks, which include SQL (Structured Query Language) injection and cross-site scripting [2,4]. Tags are also implemented in some specific architectures to support memory access control [8,9,13,15]. The details of the comparison of these tagging schemes can be found in another paper of the authors [11]. As part of the University of Idaho’s (UI) UITags research project, a tagging sc

Recommend Documents

Building a Kernel Image of RTEMS on Host Operating System

217 11 39MB

An Approach to Multiple Security System Development Using Database Schemas

178 42 116MB

Blog Classification Using Tags: An Empirical Study

174 106 32MB

Expanding Peace Ecology: Peace, Security, Sustainability, Equity, and Gender

214 2 4MB

Expanding Peace Ecology: Peace, Security, Sustainability, Equity and Gender

165 11 4MB

A Larger, Expanding Universe

158 10 14MB

Teaching Industrial Control System Security Using Collaborative Projects

158 69 9MB

A Limited Feedback SDMA for Downlink of Multiuser MIMO Communication System

161 12 490KB

Speaker Verification Method Using HTM for Security System

167 4 47MB

Cyber Threat Prediction Model Using Security Monitoring System Event

157 35 29MB

Massively Multiuser Online Game

170 79 27MB

Block-healthnet: security based healthcare system using block-chain technology

158 83 2MB