Thursday, February 10, 2005
2 PM - 3 PM
7331 CS
|
Tal Garfinkel
Mendel Rosenblum
Dan Boneh
Tal Garfinkel, Ben Pfaff, Jim Chow, Mendel Rosenblum, Dan Boneh
Stanford
Terra: A Virtual Machine-Based Platform for Trusted Computing
SOSP'03
URL: http://www.stanford.edu/~talg/papers/SOSP03/abstract.html
We present a flexible architecture for trusted
computing, called Terra, that allows applications
with a wide range of security requirements to run
simultaneously on commodity hardware. Applications
on Terra enjoy the semantics of running on a
separate, dedicated, tamper-resistant hardware
platform, while retaining the ability to run
side-by-side with normal applications on a
general-purpose computing platform. Terra achieves
this synthesis by use of a trusted virtual machine
monitor (TVMM) that partitions a tamper-resistant
hardware platform into multiple, isolated virtual
machines (VM), providing the appearance of multiple
boxes on a single, general-purpose platform. To each
VM, the TVMM provides the semantics of either an
``open box,'' i.e. a general-purpose hardware
platform like today's PCs and workstations, or a
``closed box,'' an opaque special-purpose platform
that protects the privacy and integrity of its
contents like today's game consoles and cellular
phones. The software stack in each VM can be
tailored from the hardware interface up to meet the
security requirements of its application(s). The
hardware and TVMM can act as a trusted party to
allow closed-box VMs to cryptographically identify
the software they run, i.e. what is in the box, to
remote parties. We explore the strengths and
limitations of this architecture by describing our
prototype implementation and several applications
that we developed for it.
|
Thursday, February 17, 2005
2 PM - 3 PM
5331 CS
|
Peter M. Chen
Peter M. Chen, Brian D. Noble
UMich
When Virtual is Better than Real
HotOS VIII
URL: http://ieeexplore.ieee.org/iel5/7758/ 21324/00990073.pdf?isnumber=21324&prod=STD&arnumber=990073 &arnumber=990073&arSt=+133&ared=+138 &arAuthor=Chen%2C+P.M.%3B+Noble%2C+B.D.
Local URL: http://www.cs.wisc.edu/areas/sec/chennoble2001.pdf
This paper argues that the operating system and
applications currently running on a real machine
should relocate into a virtual machine. This
structure enables services to be added below the
operating system and to do so without trusting or
modifying the operating system or applications. To
demonstrate the usefulness of this structure, we
describe three services that take advantage of it:
secure logging, intrusion prevention and detection,
and environment migration.
|
Thursday, February 24, 2005
2 PM - 3 PM
7331 CS
|
S. Sidiroglou
A. D. Keromytis
S. Sidiroglou, A. D. Keromytis
Columbia
Countering Network Worms Through Automatic Patch Generation
IEEE Security & Privacy
URL: http://www1.cs.columbia.edu/~angelos/Papers/2005/wormpatch.pdf
We propose the first end-point architecture for
automatically repairing software flaws such as
buffer overflows that are exploited by zero-day
worms. Our approach relies on source code
transformations to quickly apply
automaticallycreated (and tested) patches to
vulnerable segments of the targeted applications,
exploiting the fact that a worm must reveal its
infection vector to achieve further
infection. Preliminary experimental results indicate
a success rate of 82%, and a repair time of 3
seconds.
|