ICST Transactions Preprint Salus: Kernel Support for Secure Process Compartments
نویسندگان
چکیده
Consumer devices are increasingly being used to perform security and privacy critical tasks. The software used to perform these tasks is often vulnerable to attacks, due to bugs in the application itself or in included software libraries. Recent work proposes the isolation of security-sensitive parts of applications into protected modules, each of which can be accessed only through a predefined public interface. But most parts of an application can be considered security-sensitive at some level, and an attacker who is able to gain inapplication level access may be able to abuse services from protected modules. We propose Salus, a Linux kernel modification that provides a novel approach for partitioning processes into isolated compartments sharing the same address space. Salus significantly reduces the impact of insecure interfaces and vulnerable compartments by enabling compartments (1) to restrict the system calls they are allowed to perform, (2) to authenticate their callers and callees and (3) to enforce that they can only be accessed via unforgeable references. We describe the design of Salus, report on a prototype implementation and evaluate it in terms of security and performance. We show that Salus provides a significant security improvement with a low performance overhead, without relying on any non-standard hardware support.
منابع مشابه
Salus: Kernel Support for Secure Process Compartments
Consumer devices are increasingly being used to perform security and privacy critical tasks. The software used to perform these tasks is often vulnerable to attacks, due to bugs in the application itself or in included software libraries. Recent work proposes the isolation of security-sensitive parts of applications into protected modules, each of which can be accessed only through a predefined...
متن کاملSalus: Non-hierarchical Memory Access Rights to Enforce the Principle of Least Privilege
Consumer devices are increasingly being used to perform security and privacy critical tasks. The software used to perform these tasks is often vulnerable to attacks, due to bugs in the application itself or in included software libraries. Recent work proposes the isolation of security-sensitive parts of applications into protected modules, each of which can only be accessed through a predefined...
متن کاملICST Transactions Preprint Middleware-based Security for Hyperconnected Applications in Future In-Car Networks
Today’s cars take advantage of powerful electronic platforms and provide more and more sophisticated connected services. More than just ensuring the role of a safe transportation mean, they process private information, industrial secrets, communicate with our smartphones, Internet and will soon host thirdparty applications. Their pervasive computerization makes them vulnerable to common securit...
متن کاملWelcome message from the Editors-in-Chief
On behalf of the Editorial board, we welcome you to the inaugural issue of the ICST Transactions on Ambient Systems! We are delighted to launch this new transactions journal after a preparatory process that has received encouraging support from the Editorial Board and from ICST/ EAI. The design of Ambient Systems is yielding novel challenges and opportunities to IT research and industry that re...
متن کاملSecurity, Privacy and Trust in Cyber Physical Systems
The first issue of the third volume of the EAI transactions on Security and Safety provides an insight to methods and techniques that improve security, safety and privacy of benchmark systems. Actually, two main classes of research results are considered. The first one is on attack prevention and secure planning while the second one is focused on forensics analysis. In particular, in the area o...
متن کامل