The Experts below are selected from a list of 139956 Experts worldwide ranked by ideXlab platform
Frederic T Chong - One of the best experts on this subject based on the ideXlab platform.
-
sapper a language for Hardware Level security policy enforcement
Architectural Support for Programming Languages and Operating Systems, 2014Co-Authors: Xun Li, Vineeth Kashyap, Jason Oberg, Mohit Tiwari, Vasanth Ram Rajarathinam, Ryan Kastner, Timothy Sherwood, Ben Hardekopf, Frederic T ChongAbstract:Privacy and integrity are important security concerns. These concerns are addressed by controlling information flow, i.e., restricting how information can flow through a system. Most proposed systems that restrict information flow make the implicit assumption that the Hardware used by the system is fully ``correct'' and that the Hardware's instruction set accurately describes its behavior in all circumstances. The truth is more complicated: modern Hardware designs defy complete verification; many aspects of the timing and ordering of events are left totally unspecified; and implementation bugs present themselves with surprising frequency. In this work we describe Sapper, a novel Hardware description language for designing security-critical Hardware components. Sapper seeks to address these problems by using static analysis at compile-time to automatically insert dynamic checks in the resulting Hardware that provably enforce a given information flow policy at execution time. We present Sapper's design and formal semantics along with a proof sketch of its security. In addition, we have implemented a compiler for Sapper and used it to create a non-trivial secure embedded processor with many modern microarchitectural features. We empirically evaluate the resulting Hardware's area and energy overhead and compare them with alternative designs.
-
ASPLOS - Sapper: a language for Hardware-Level security policy enforcement
Proceedings of the 19th international conference on Architectural support for programming languages and operating systems - ASPLOS '14, 2014Co-Authors: Vineeth Kashyap, Jason Oberg, Mohit Tiwari, Vasanth Ram Rajarathinam, Ryan Kastner, Timothy Sherwood, Ben Hardekopf, Frederic T ChongAbstract:Privacy and integrity are important security concerns. These concerns are addressed by controlling information flow, i.e., restricting how information can flow through a system. Most proposed systems that restrict information flow make the implicit assumption that the Hardware used by the system is fully ``correct'' and that the Hardware's instruction set accurately describes its behavior in all circumstances. The truth is more complicated: modern Hardware designs defy complete verification; many aspects of the timing and ordering of events are left totally unspecified; and implementation bugs present themselves with surprising frequency. In this work we describe Sapper, a novel Hardware description language for designing security-critical Hardware components. Sapper seeks to address these problems by using static analysis at compile-time to automatically insert dynamic checks in the resulting Hardware that provably enforce a given information flow policy at execution time. We present Sapper's design and formal semantics along with a proof sketch of its security. In addition, we have implemented a compiler for Sapper and used it to create a non-trivial secure embedded processor with many modern microarchitectural features. We empirically evaluate the resulting Hardware's area and energy overhead and compare them with alternative designs.
Timothy Sherwood - One of the best experts on this subject based on the ideXlab platform.
-
sapper a language for Hardware Level security policy enforcement
Architectural Support for Programming Languages and Operating Systems, 2014Co-Authors: Xun Li, Vineeth Kashyap, Jason Oberg, Mohit Tiwari, Vasanth Ram Rajarathinam, Ryan Kastner, Timothy Sherwood, Ben Hardekopf, Frederic T ChongAbstract:Privacy and integrity are important security concerns. These concerns are addressed by controlling information flow, i.e., restricting how information can flow through a system. Most proposed systems that restrict information flow make the implicit assumption that the Hardware used by the system is fully ``correct'' and that the Hardware's instruction set accurately describes its behavior in all circumstances. The truth is more complicated: modern Hardware designs defy complete verification; many aspects of the timing and ordering of events are left totally unspecified; and implementation bugs present themselves with surprising frequency. In this work we describe Sapper, a novel Hardware description language for designing security-critical Hardware components. Sapper seeks to address these problems by using static analysis at compile-time to automatically insert dynamic checks in the resulting Hardware that provably enforce a given information flow policy at execution time. We present Sapper's design and formal semantics along with a proof sketch of its security. In addition, we have implemented a compiler for Sapper and used it to create a non-trivial secure embedded processor with many modern microarchitectural features. We empirically evaluate the resulting Hardware's area and energy overhead and compare them with alternative designs.
-
ASPLOS - Sapper: a language for Hardware-Level security policy enforcement
Proceedings of the 19th international conference on Architectural support for programming languages and operating systems - ASPLOS '14, 2014Co-Authors: Vineeth Kashyap, Jason Oberg, Mohit Tiwari, Vasanth Ram Rajarathinam, Ryan Kastner, Timothy Sherwood, Ben Hardekopf, Frederic T ChongAbstract:Privacy and integrity are important security concerns. These concerns are addressed by controlling information flow, i.e., restricting how information can flow through a system. Most proposed systems that restrict information flow make the implicit assumption that the Hardware used by the system is fully ``correct'' and that the Hardware's instruction set accurately describes its behavior in all circumstances. The truth is more complicated: modern Hardware designs defy complete verification; many aspects of the timing and ordering of events are left totally unspecified; and implementation bugs present themselves with surprising frequency. In this work we describe Sapper, a novel Hardware description language for designing security-critical Hardware components. Sapper seeks to address these problems by using static analysis at compile-time to automatically insert dynamic checks in the resulting Hardware that provably enforce a given information flow policy at execution time. We present Sapper's design and formal semantics along with a proof sketch of its security. In addition, we have implemented a compiler for Sapper and used it to create a non-trivial secure embedded processor with many modern microarchitectural features. We empirically evaluate the resulting Hardware's area and energy overhead and compare them with alternative designs.
-
Understanding computer systems through online analysis of architecture-Level events
2009Co-Authors: Timothy Sherwood, Shashidhar MysoreAbstract:Modern processors execute billions of seemingly indistinguishable instructions every second, yet these instructions are in reality a complex tapestry of specific applications, operating systems, middleware, and system libraries. Though, at the lowest Level, the execution of such programs seems like a series of random bit manipulations, in reality, these executions do preserve, and in fact carry-out, the semantics of the full system as specified by the software developers. I propose that efficient extraction and analysis of such semantic information at the Hardware Level is possible, and that inferences drawn from this knowledge can provide useful insights ranging from complex networked system-wide characteristics to finer application Level behaviors. However, realizing these application Level semantics at the Hardware Level poses challenging research problems, especially when systems are composed of multiple services, running across multiple machines. Firstly, we need an efficient way to non-intrusively extract relevant bits from the processor - I propose the use of 3D Integration technology to tap signals out of a processor and transport them across to a place where these bits can be analyzed. Secondly, we need efficient data-stream analysis techniques to summarize useful information from among the billions of bits that flow in every second - I present Range Adaptive Profiling to pinpoint various program "hot-spots". Thirdly, the summarized information for the various pieces of system-wide computations now needs to be understood in relation to the application semantic. This calls for understanding the interaction between different pieces of code executing on the processors and the information owing in and out of the network - I present Data Flow Tomography, a tool to extract and understand application and network Level semantics at the Hardware Level. The dissertation elaborates on these three aspects of understanding modern computer systems and explains the proposed solutions with example real-world scenarios.
Xun Li - One of the best experts on this subject based on the ideXlab platform.
-
sapper a language for Hardware Level security policy enforcement
Architectural Support for Programming Languages and Operating Systems, 2014Co-Authors: Xun Li, Vineeth Kashyap, Jason Oberg, Mohit Tiwari, Vasanth Ram Rajarathinam, Ryan Kastner, Timothy Sherwood, Ben Hardekopf, Frederic T ChongAbstract:Privacy and integrity are important security concerns. These concerns are addressed by controlling information flow, i.e., restricting how information can flow through a system. Most proposed systems that restrict information flow make the implicit assumption that the Hardware used by the system is fully ``correct'' and that the Hardware's instruction set accurately describes its behavior in all circumstances. The truth is more complicated: modern Hardware designs defy complete verification; many aspects of the timing and ordering of events are left totally unspecified; and implementation bugs present themselves with surprising frequency. In this work we describe Sapper, a novel Hardware description language for designing security-critical Hardware components. Sapper seeks to address these problems by using static analysis at compile-time to automatically insert dynamic checks in the resulting Hardware that provably enforce a given information flow policy at execution time. We present Sapper's design and formal semantics along with a proof sketch of its security. In addition, we have implemented a compiler for Sapper and used it to create a non-trivial secure embedded processor with many modern microarchitectural features. We empirically evaluate the resulting Hardware's area and energy overhead and compare them with alternative designs.
Vineeth Kashyap - One of the best experts on this subject based on the ideXlab platform.
-
sapper a language for Hardware Level security policy enforcement
Architectural Support for Programming Languages and Operating Systems, 2014Co-Authors: Xun Li, Vineeth Kashyap, Jason Oberg, Mohit Tiwari, Vasanth Ram Rajarathinam, Ryan Kastner, Timothy Sherwood, Ben Hardekopf, Frederic T ChongAbstract:Privacy and integrity are important security concerns. These concerns are addressed by controlling information flow, i.e., restricting how information can flow through a system. Most proposed systems that restrict information flow make the implicit assumption that the Hardware used by the system is fully ``correct'' and that the Hardware's instruction set accurately describes its behavior in all circumstances. The truth is more complicated: modern Hardware designs defy complete verification; many aspects of the timing and ordering of events are left totally unspecified; and implementation bugs present themselves with surprising frequency. In this work we describe Sapper, a novel Hardware description language for designing security-critical Hardware components. Sapper seeks to address these problems by using static analysis at compile-time to automatically insert dynamic checks in the resulting Hardware that provably enforce a given information flow policy at execution time. We present Sapper's design and formal semantics along with a proof sketch of its security. In addition, we have implemented a compiler for Sapper and used it to create a non-trivial secure embedded processor with many modern microarchitectural features. We empirically evaluate the resulting Hardware's area and energy overhead and compare them with alternative designs.
-
ASPLOS - Sapper: a language for Hardware-Level security policy enforcement
Proceedings of the 19th international conference on Architectural support for programming languages and operating systems - ASPLOS '14, 2014Co-Authors: Vineeth Kashyap, Jason Oberg, Mohit Tiwari, Vasanth Ram Rajarathinam, Ryan Kastner, Timothy Sherwood, Ben Hardekopf, Frederic T ChongAbstract:Privacy and integrity are important security concerns. These concerns are addressed by controlling information flow, i.e., restricting how information can flow through a system. Most proposed systems that restrict information flow make the implicit assumption that the Hardware used by the system is fully ``correct'' and that the Hardware's instruction set accurately describes its behavior in all circumstances. The truth is more complicated: modern Hardware designs defy complete verification; many aspects of the timing and ordering of events are left totally unspecified; and implementation bugs present themselves with surprising frequency. In this work we describe Sapper, a novel Hardware description language for designing security-critical Hardware components. Sapper seeks to address these problems by using static analysis at compile-time to automatically insert dynamic checks in the resulting Hardware that provably enforce a given information flow policy at execution time. We present Sapper's design and formal semantics along with a proof sketch of its security. In addition, we have implemented a compiler for Sapper and used it to create a non-trivial secure embedded processor with many modern microarchitectural features. We empirically evaluate the resulting Hardware's area and energy overhead and compare them with alternative designs.
Ryan Kastner - One of the best experts on this subject based on the ideXlab platform.
-
sapper a language for Hardware Level security policy enforcement
Architectural Support for Programming Languages and Operating Systems, 2014Co-Authors: Xun Li, Vineeth Kashyap, Jason Oberg, Mohit Tiwari, Vasanth Ram Rajarathinam, Ryan Kastner, Timothy Sherwood, Ben Hardekopf, Frederic T ChongAbstract:Privacy and integrity are important security concerns. These concerns are addressed by controlling information flow, i.e., restricting how information can flow through a system. Most proposed systems that restrict information flow make the implicit assumption that the Hardware used by the system is fully ``correct'' and that the Hardware's instruction set accurately describes its behavior in all circumstances. The truth is more complicated: modern Hardware designs defy complete verification; many aspects of the timing and ordering of events are left totally unspecified; and implementation bugs present themselves with surprising frequency. In this work we describe Sapper, a novel Hardware description language for designing security-critical Hardware components. Sapper seeks to address these problems by using static analysis at compile-time to automatically insert dynamic checks in the resulting Hardware that provably enforce a given information flow policy at execution time. We present Sapper's design and formal semantics along with a proof sketch of its security. In addition, we have implemented a compiler for Sapper and used it to create a non-trivial secure embedded processor with many modern microarchitectural features. We empirically evaluate the resulting Hardware's area and energy overhead and compare them with alternative designs.
-
ASPLOS - Sapper: a language for Hardware-Level security policy enforcement
Proceedings of the 19th international conference on Architectural support for programming languages and operating systems - ASPLOS '14, 2014Co-Authors: Vineeth Kashyap, Jason Oberg, Mohit Tiwari, Vasanth Ram Rajarathinam, Ryan Kastner, Timothy Sherwood, Ben Hardekopf, Frederic T ChongAbstract:Privacy and integrity are important security concerns. These concerns are addressed by controlling information flow, i.e., restricting how information can flow through a system. Most proposed systems that restrict information flow make the implicit assumption that the Hardware used by the system is fully ``correct'' and that the Hardware's instruction set accurately describes its behavior in all circumstances. The truth is more complicated: modern Hardware designs defy complete verification; many aspects of the timing and ordering of events are left totally unspecified; and implementation bugs present themselves with surprising frequency. In this work we describe Sapper, a novel Hardware description language for designing security-critical Hardware components. Sapper seeks to address these problems by using static analysis at compile-time to automatically insert dynamic checks in the resulting Hardware that provably enforce a given information flow policy at execution time. We present Sapper's design and formal semantics along with a proof sketch of its security. In addition, we have implemented a compiler for Sapper and used it to create a non-trivial secure embedded processor with many modern microarchitectural features. We empirically evaluate the resulting Hardware's area and energy overhead and compare them with alternative designs.
