Leveraging hardware isolation for process level access control & authentication

S.K. Haider; H. Omar; I. Lebedev; S. Devadas; M. Van Dijk

doi:10.1145/3078861.3078882

Leveraging hardware isolation for process level access control & authentication

S.K. Haider
, H. Omar
, I. Lebedev
, S. Devadas
, M. Van Dijk

Research output: Chapter in Book / Report / Conference proceeding › Conference contribution › Academic › peer-review

Abstract

© 2017 Association for Computing Machinery.Critical resource sharing among multiple entities in a processing system is inevitable, which in turn calls for the presence of appropriate authentication and access control mechanisms. Generally speaking, these mechanisms are implemented via trusted software "policy checkers" that enforce certain high level application-specific "rules" to enforce a policy. Whether implemented as operating system modules or embedded inside the application ad hoc, these policy checkers expose additional attack surface in addition to the application logic. In order to protect application software from an adversary, modern secure processing platforms, such as Intel's software Guard Extensions (SGX), employ principled hardware isolation to offer secure software containers or enclaves to execute trusted sensitive code with some integrity and privacy guarantees against a privileged software adversary. We extend this model further and propose using these hardware isolation mechanisms to shield the authentication and access control logic essential to policy checker software. While relying on the fundamental features of modern secure processors, our framework introduces productive software design guidelines which enable a guarded environment to execute sensitive policy checking code - hence enforcing application control flow integrity - and afford flexibility to the application designer to construct appropriate high-level policies to customize policy checker software.

Original language	English
Title of host publication	SACMAT 2017 - Proceedings of the 22nd ACM Symposium on Access Control Models and Technologies
Publisher	Association for Computing Machinery
Pages	133-141
ISBN (Electronic)	9781450347020
DOIs	https://doi.org/10.1145/3078861.3078882
Publication status	Published - 7 Jun 2017
Externally published	Yes
Event	22nd ACM Symposium on Access Control Models and Technologies, SACMAT 2017 - Indianapolis, United States Duration: 21 Jun 2017 → 23 Jun 2017

Conference

Conference	22nd ACM Symposium on Access Control Models and Technologies, SACMAT 2017
Country/Territory	United States
City	Indianapolis
Period	21/06/17 → 23/06/17

Funding

The work is partially supported by NSF grants CNS-1413920 and CNS-1413996 for MACS: A Modular Approach to Cloud Security.

Funders	Funder number
National Science Foundation	CNS-1413996, CNS-1413920

Access to Document

10.1145/3078861.3078882

Persistent URL (handle)

Persistent link

Cite this

@inproceedings{9f78ea1cb7a34d4798f91c9a6bd0087b,

title = "Leveraging hardware isolation for process level access control \& authentication",

abstract = "{\textcopyright} 2017 Association for Computing Machinery.Critical resource sharing among multiple entities in a processing system is inevitable, which in turn calls for the presence of appropriate authentication and access control mechanisms. Generally speaking, these mechanisms are implemented via trusted software {"}policy checkers{"} that enforce certain high level application-specific {"}rules{"} to enforce a policy. Whether implemented as operating system modules or embedded inside the application ad hoc, these policy checkers expose additional attack surface in addition to the application logic. In order to protect application software from an adversary, modern secure processing platforms, such as Intel's software Guard Extensions (SGX), employ principled hardware isolation to offer secure software containers or enclaves to execute trusted sensitive code with some integrity and privacy guarantees against a privileged software adversary. We extend this model further and propose using these hardware isolation mechanisms to shield the authentication and access control logic essential to policy checker software. While relying on the fundamental features of modern secure processors, our framework introduces productive software design guidelines which enable a guarded environment to execute sensitive policy checking code - hence enforcing application control flow integrity - and afford flexibility to the application designer to construct appropriate high-level policies to customize policy checker software.",

author = "S.K. Haider and H. Omar and I. Lebedev and S. Devadas and \{Van Dijk\}, M.",

year = "2017",

month = jun,

day = "7",

doi = "10.1145/3078861.3078882",

language = "English",

pages = "133--141",

booktitle = "SACMAT 2017 - Proceedings of the 22nd ACM Symposium on Access Control Models and Technologies",

publisher = "Association for Computing Machinery",

note = "22nd ACM Symposium on Access Control Models and Technologies, SACMAT 2017 ; Conference date: 21-06-2017 Through 23-06-2017",

}

Haider, SK, Omar, H, Lebedev, I, Devadas, S & Van Dijk, M 2017, Leveraging hardware isolation for process level access control & authentication. in SACMAT 2017 - Proceedings of the 22nd ACM Symposium on Access Control Models and Technologies. Association for Computing Machinery, pp. 133-141, 22nd ACM Symposium on Access Control Models and Technologies, SACMAT 2017, Indianapolis, United States, 21/06/17. https://doi.org/10.1145/3078861.3078882

Leveraging hardware isolation for process level access control & authentication. / Haider, S.K.; Omar, H.; Lebedev, I. et al.
SACMAT 2017 - Proceedings of the 22nd ACM Symposium on Access Control Models and Technologies. Association for Computing Machinery, 2017. p. 133-141.

Research output: Chapter in Book / Report / Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - Leveraging hardware isolation for process level access control & authentication

AU - Haider, S.K.

AU - Omar, H.

AU - Lebedev, I.

AU - Devadas, S.

AU - Van Dijk, M.

PY - 2017/6/7

Y1 - 2017/6/7

N2 - © 2017 Association for Computing Machinery.Critical resource sharing among multiple entities in a processing system is inevitable, which in turn calls for the presence of appropriate authentication and access control mechanisms. Generally speaking, these mechanisms are implemented via trusted software "policy checkers" that enforce certain high level application-specific "rules" to enforce a policy. Whether implemented as operating system modules or embedded inside the application ad hoc, these policy checkers expose additional attack surface in addition to the application logic. In order to protect application software from an adversary, modern secure processing platforms, such as Intel's software Guard Extensions (SGX), employ principled hardware isolation to offer secure software containers or enclaves to execute trusted sensitive code with some integrity and privacy guarantees against a privileged software adversary. We extend this model further and propose using these hardware isolation mechanisms to shield the authentication and access control logic essential to policy checker software. While relying on the fundamental features of modern secure processors, our framework introduces productive software design guidelines which enable a guarded environment to execute sensitive policy checking code - hence enforcing application control flow integrity - and afford flexibility to the application designer to construct appropriate high-level policies to customize policy checker software.

AB - © 2017 Association for Computing Machinery.Critical resource sharing among multiple entities in a processing system is inevitable, which in turn calls for the presence of appropriate authentication and access control mechanisms. Generally speaking, these mechanisms are implemented via trusted software "policy checkers" that enforce certain high level application-specific "rules" to enforce a policy. Whether implemented as operating system modules or embedded inside the application ad hoc, these policy checkers expose additional attack surface in addition to the application logic. In order to protect application software from an adversary, modern secure processing platforms, such as Intel's software Guard Extensions (SGX), employ principled hardware isolation to offer secure software containers or enclaves to execute trusted sensitive code with some integrity and privacy guarantees against a privileged software adversary. We extend this model further and propose using these hardware isolation mechanisms to shield the authentication and access control logic essential to policy checker software. While relying on the fundamental features of modern secure processors, our framework introduces productive software design guidelines which enable a guarded environment to execute sensitive policy checking code - hence enforcing application control flow integrity - and afford flexibility to the application designer to construct appropriate high-level policies to customize policy checker software.

UR - https://www.scopus.com/pages/publications/85025470951

U2 - 10.1145/3078861.3078882

DO - 10.1145/3078861.3078882

M3 - Conference contribution

SP - 133

EP - 141

BT - SACMAT 2017 - Proceedings of the 22nd ACM Symposium on Access Control Models and Technologies

PB - Association for Computing Machinery

T2 - 22nd ACM Symposium on Access Control Models and Technologies, SACMAT 2017

Y2 - 21 June 2017 through 23 June 2017

ER -

Leveraging hardware isolation for process level access control & authentication

Abstract

Conference

Funding

Access to Document

Persistent URL (handle)

Other files and links

Fingerprint

Cite this