A Control Flow Integrity Based Trust Model
نویسندگان
چکیده
The notion of trust has traditionally been utilized at transaction level in order to bypass expensive security checks. In this paper, we extend the trust model to individual programs. Moreover, we develop a self assessment/monitoring framework for trust based on control flow integrity that can be incorporated into a compiler. We also extend the concept of Schneider’s enforceable security policy into that of an enforceable trust policy. This trust assessment model has been implemented with SUIF and gcc C compilers. An architectural modification to support efficient management of control flow integrity based trust model has also been developed and is being evaluated.
منابع مشابه
Integrity of Supply Chain Visibility: Linking Information to the Physical World
Regulatory compliance in international trade can be enhanced by facilitating electronic exchange of trade documents to increase the supply chain visibility. Crucial for acceptance of the supply chain visibility concept is trust in the reliability of the data. This depends on both the integrity of information (no data is altered illicitly) and integrity of the flow of goods (no goods are unknowi...
متن کاملCombining Control-Flow Integrity and Static Analysis for Efcient and Validated Data Sandboxing
In many software attacks, inducing an illegal control-flow transfer in the target system is one common step. ControlFlow Integrity (CFI [1]) protects a software system by enforcing a pre-determined control-flow graph. In addition to providing strong security, CFI enables static analysis on lowlevel code. This paper evaluates whether CFI-enabled static analysis can help build efficient and valid...
متن کاملCAMAC: a context-aware mandatory access control model
Mandatory access control models have traditionally been employed as a robust security mechanism in multilevel security environments such as military domains. In traditional mandatory models, the security classes associated with entities are context-insensitive. However, context-sensitivity of security classes and flexibility of access control mechanisms may be required especially in pervasive c...
متن کاملHigh-Assurance Integrity Techniques for Databases
With the increased need of data sharing among multiple organizations, such as government organizations, financial corporations, medical hospitals and academic institutions, it is critical to ensure data integrity so that effective decisions can be made based on these data. In this paper, we first present an architecture for a comprehensive integrity control system based on data validation and m...
متن کاملA New Algorithm for Load Flow Analysis in Autonomous Networks
In this paper, a novel algorithm for the load flow analysis problem in an islanded microgrid is proposed. The problem is modeled without any slack bus by considering the steady state frequency as one of the load flow variables. To model different control modes of DGs, such as droop, PV and PQ, in an islanded microgrid, a new formula for load flow equations is proposed. A hybrid optimization alg...
متن کامل