Skip to main content
SpringerLink
Log in

SILVER: Fine-Grained and Transparent Protection Domain Primitives in Commodity OS Kernel

  • Conference paper
Book cover Research in Attacks, Intrusions, and Defenses (RAID 2013)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8145))

Included in the following conference series:

Abstract

Untrusted kernel extensions remain one of the major threats to the security of commodity OS kernels. Current containment approaches still have limitations in terms of security, granularity and flexibility, primarily due to the absence of secure resource management and communication methods. This paper presents SILVER, a framework that offers transparent protection domain primitives to achieve fine-grained access control and secure communication between OS kernel and extensions. SILVER keeps track of security properties (e.g., owner principal and integrity level) of data objects in kernel space with a novel security-aware memory management scheme, which enables fine-grained access control in an effective manner. Moreover, SILVER introduces secure primitives for data communication between protection domains based on a unified integrity model. SILVER’s protection domain primitives provide great flexibility by allowing developers to explicitly define security properties of individual program data, as well as control privilege delegation, data transfer and service exportation. We have implemented a prototype of SILVER in Linux. The evaluation results reveal that SILVER is effective against various kinds of kernel threats with a reasonable performance and resource overhead.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Android: Security and Permissions, http://developer.android.com/guide/topics/security/security.html

  2. Linux kernel can slub overflow, http://jon.oberheide.org/blog/2010/09/10/linux-kernel-can-slub-overflow/

  3. NSA. Security enhanced linux, http://www.nsa.gov/selinux/

  4. The SLUB allocator, http://lwn.net/Articles/229984/

  5. Abadi, M., Budiu, M., Erlingsson, U., Ligatti, J.: Control-flow Integrity. In: CCS 2005 (2005)

    Google Scholar 

  6. Biba, K.J.: Integrity Considerations for Secure Computer Systems. Tech. Rep. MTR-3153, The Mitre Corporation (1977)

    Google Scholar 

  7. Castro, M., Costa, M., Martin, J.P., Peinado, M., Akritidis, P., Donnelly, A., Barham, P., Black, R.: Fast Byte-granularity Software Fault Isolation. In: SOSP 2009 (2009)

    Google Scholar 

  8. Chase, J.S., Levy, H.M., Feeley, M.J., Lazowska, E.D.: Sharing and Protection in a Single-Address-Space Operating System. ACM Trans. Comput. Syst. 12, 271–307 (1994)

    Article  Google Scholar 

  9. Chen, X., Garfinkel, T., Lewis, E.C., Subrahmanyam, P., Waldspurger, C.A., Boneh, D., Dwoskin, J., Ports, D.R.: Overshadow: a Virtualization-based Approach to Retrofitting Protection in Commodity Operating Systems. In: ASPLOS 2008 (2008)

    Google Scholar 

  10. Chiueh, T.C., Venkitachalam, G., Pradhan, P.: Integrating Segmentation and Paging Protection for Safe, Efficient and Transparent Software Extensions. In: SOSP 1999 (1999)

    Google Scholar 

  11. Douceur, J.R., Elson, J., Howell, J., Lorch, J.R.: Leveraging Legacy Code to Deploy Desktop Applications on the Web. In: OSDI 2008 (2008)

    Google Scholar 

  12. Erlingsson, U., Abadi, M., Vrable, M., Budiu, M., Necula, G.C.: XFI: Software Guards for System Address Spaces. In: OSDI 2006 (2006)

    Google Scholar 

  13. Fähndrich, M., Aiken, M., Hawblitzel, C., Hodson, O., Hunt, G., Larus, J.R., Levi, S.: Language Support for Fast and Reliable Message-based Communication in Singularity OS. In: EuroSys 2006 (2006)

    Google Scholar 

  14. Ford, B., Cox, R.: Vx32: Lightweight User-level Sandboxing on the x86. In: USENIX ATC (2008)

    Google Scholar 

  15. Garfinkel, T., Pfaff, B., Rosenblum, M.: Ostia: A Delegating Architecture for Secure System Call Interposition. In: NDSS 2004 (2004)

    Google Scholar 

  16. Klein, G., Elphinstone, K., Heiser, G., Andronick, J., Cock, D., Derrin, P., Elkaduwe, D., Engelhardt, K., Kolanski, R., Norrish, M., Sewell, T., Tuch, H., Winwood, S.: seL4: Formal Verification of an OS Kernel. In: SOSP 2009 (2009)

    Google Scholar 

  17. Krohn, M., Yip, A., Brodsky, M., Cliffer, N., Kaashoek, M.F., Kohler, E., Morris, R.: Information Flow Control for Standard OS Abstractions. In: SOSP 2007 (2007)

    Google Scholar 

  18. Liedtke, J.: On Micro-kernel Construction. In: SOSP 1995 (1995)

    Google Scholar 

  19. Mao, Y., Chen, H., Zhou, D., Wang, X., Zeldovich, N., Kaashoek, M.F.: Software fault isolation with API integrity and multi-principal modules. In: SOSP 2011 (2011)

    Google Scholar 

  20. McCune, J.M., Li, Y., Qu, N., Zhou, Z., Datta, A., Gligor, V., Perrig, A.: TrustVisor: Efficient TCB Reduction and Attestation. In: Proceedings of the 2010 IEEE Symposium on Security and Privacy (2010)

    Google Scholar 

  21. Riley, R., Jiang, X., Xu, D.: Guest-Transparent Prevention of Kernel Rootkits with VMM-Based Memory Shadowing. In: Lippmann, R., Kirda, E., Trachtenberg, A. (eds.) RAID 2008. LNCS, vol. 5230, pp. 1–20. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  22. Seshadri, A., Luk, M., Qu, N., Perrig, A.: SecVisor: A Tiny Hypervisor to Provide Lifetime Kernel Code Integrity for Commodity OSes. In: SOSP 2007 (2007)

    Google Scholar 

  23. Shapiro, J.S., Smith, J.M., Farber, D.J.: EROS: a Fast Capability System. In: SOSP 1999 (1999)

    Google Scholar 

  24. Sharif, M.I., Lee, W., Cui, W., Lanzi, A.: Secure in-vm monitoring using hardware virtualization. In: CCS 2009, pp. 477–487. ACM, New York (2009)

    Google Scholar 

  25. Swift, M.M., Bershad, B.N., Levy, H.M.: Improving the Reliability of Commodity Operating Systems. In: SOSP 2003 (2003)

    Google Scholar 

  26. Wahbe, R., Lucco, S., Anderson, T.E., Graham, S.L.: Efficient Software-based Fault Isolation. In: SOSP 1993 (1993)

    Google Scholar 

  27. Wang, H.J., Grier, C., Moshchuk, A., King, S.T., Choudhury, P., Venter, H.: The Multi-principal OS Construction of the Gazelle Web Browser. In: USENIX Security 2009 (2009)

    Google Scholar 

  28. Wang, Z., Jiang, X., Cui, W., Ning, P.: Countering Kernel Rootkits with Lightweight Hook Protection. In: CCS 2009 (2009)

    Google Scholar 

  29. Watson, R.N.M., Anderson, J., Laurie, B., Kennaway, K.: Capsicum: Practical Capabilities for UNIX. In: USENIX Security 2010 (2010)

    Google Scholar 

  30. Witchel, E., Rhee, J., Asanović, K.: Mondrix: Memory Isolation for Linux using Mondriaan Memory Protection. In: SOSP 2005 (2005)

    Google Scholar 

  31. Xiong, X., Tian, D., Liu., P.: Practical Protection of Kernel Integrity for Commodity OS from Untrusted Extensions. In: NDSS 2011 (2011)

    Google Scholar 

  32. Yee, B., Sehr, D., Dardyk, G., Chen, J.B., Muth, R., Ormandy, T., Okasaka, S., Narula, N., Fullagar, N.: Native Client: A Sandbox for Portable, Untrusted x86 Native Code. In: IEEE Symposium on Security and Privacy (2009)

    Google Scholar 

  33. Zeldovich, N., Boyd-Wickizer, S., Kohler, E., Mazières, D.: Making Information Flow Explicit in HiStar. In: OSDI 2006 (2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Penn State University, USA

    Xi Xiong & Peng Liu

Authors
  1. Xi Xiong
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Peng Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, Columbia University, 1214 Amsterdam Avenue, 10027, NY, USA

    Salvatore J. Stolfo

  2. Department of Computer Science, George Mason University, 22030, Fairfax, VA, USA

    Angelos Stavrou

  3. Department of Computer Science, Portland State University, 97201, Portland, OR, USA

    Charles V. Wright

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Xiong, X., Liu, P. (2013). SILVER: Fine-Grained and Transparent Protection Domain Primitives in Commodity OS Kernel. In: Stolfo, S.J., Stavrou, A., Wright, C.V. (eds) Research in Attacks, Intrusions, and Defenses. RAID 2013. Lecture Notes in Computer Science, vol 8145. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-41284-4_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-41284-4_6

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-41283-7

  • Online ISBN: 978-3-642-41284-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation