Plugging Side-Channel Leaks with Timing Information Flow Control
نویسنده
چکیده
The cloud model’s dependence on massive parallelism and resource sharing exacerbates the security challenge of timing side-channels. Timing Information Flow Control (TIFC) is a novel adaptation of IFC techniques that may offer a way to reason about, and ultimately control, the flow of sensitive information through systems via timing channels. With TIFC, objects such as files, messages, and processes carry not just content labels describing the ownership of the object’s “bits,” but also timing labels describing information contained in timing events affecting the object, such as process creation/termination or message reception. With two system design tools—deterministic execution and pacing queues—TIFC enables the construction of “timinghardened” cloud infrastructure that permits statistical multiplexing, while aggregating and rate-limiting timing information leakage between hosted computations.
منابع مشابه
Unintentional and Hidden Information Leaks in Networked Software Applications
Side channels are vulnerabilities that can be attacked by observing the behaviour of applications and by inferring sensitive information just from this behaviour. Because side channel vulnerabilities appear in such a large spectrum of contexts, there does not seem to be a generic way to prevent all side channel attacks once and for all. A practical approach is to research for new side channels ...
متن کاملDetecting Hidden Storage Side Channel Vulnerabilities in Networked Applications
Side channels are communication channels that were not intended for communication and that accidentally leak information. A storage side channel leaks information through the content of the channel and not its timing behavior. Storage side channels are a large problem in networked applications since the output at the level of the protocol encoding (e.g., HTTP and HTML) often depends on data and...
متن کاملLanguage Support for Controlling Timing-Based Covert Channels
The problem of controlling information flow in multithreaded programs remains an important open challenge. A major difficulty for tracking information flow in concurrent programs is due to the internal timing covert channel. Information is leaked via this channel when secrets affect the timing behavior of a thread, which, via the scheduler, affects the interleaving of public events. This channe...
متن کاملSecuring functional programs with floating-label information-flow control
The work presented in this thesis focuses on information-flow control systems for functional programs, particularly on the LIO library in Haskell. The thesis considers three main aspects in this area: timing covert channels, dynamic policies and enforcement mechanisms that improve precision of the analysis. Timing channels are dangerous in the presence of concurrency. We start with the design, ...
متن کاملØzone: Efficient execution with zero timing leakage for modern microarchitectures
Time variation during program execution can leak sensitive information. Time variations due to program control flow and hardware resource contention have been used to steal encryption keys in cipher implementations such as AES and RSA. A number of approaches to mitigate timing-based side-channel attacks have been proposed including cache partitioning, controlflow obfuscation and injecting timin...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- CoRR
دوره abs/1203.3428 شماره
صفحات -
تاریخ انتشار 2012