skip to main content
10.1145/1995896.1995914acmconferencesArticle/Chapter ViewAbstractPublication PagesicsConference Proceedingsconference-collections
research-article

SecureME: a hardware-software approach to full system security

Published: 31 May 2011 Publication History

Abstract

With computing increasingly becoming more dispersed, relying on mobile devices, distributed computing, cloud computing, etc. there is an increasing threat from adversaries obtaining physical access to some of the computer systems through theft or security breaches. With such an untrusted computing node, a key challenge is how to provide secure computing environment where we provide privacy and integrity for data and code of the application. We propose SecureME, a hardware-software mechanism that provides such a secure computing environment. SecureME protects an application from hardware attacks by using a secure processor substrate, and also from the Operating System (OS) through memory cloaking, permission paging, and system call protection. Memory cloaking hides data from the OS but allows the OS to perform regular virtual memory management functions, such as page initialization, copying, and swapping. Permission paging extends the OS paging mechanism to provide a secure way for two applications to establish shared pages for inter-process communication. Finally, system call protection applies spatio-temporal protection for arguments that are passed between the application and the OS. Based on our performance evaluation using microbenchmarks, single-program workloads, and multiprogrammed workloads, we found that SecureME only adds a small execution time overhead compared to a fully unprotected system. Roughly half of the overheads are contributed by the secure processor substrate. SecureME also incurs a negligible additional storage overhead over the secure processor substrate.

References

[1]
N. Q. Anh and Y. Takefuji. Towards a tamper-resistant kernel rootkit detector. In SAC, New York, NY, USA, 2007.
[2]
W. Arbaugh, D. Farber, and J. Smith. A Secure and Reliable Bootstrap Architecture. In ISSP, 1997.
[3]
P. Barham, B. Dragovic, K. Fraser, S. Hand, T. Harris, A. Ho, R. Neugebar, I. Pratt, and A. Warfield. Xen and the art of virtualization. In SOSP, New York, NY, 2003.
[4]
D. Champagne and R. Lee. Scalable Architectural Support for Trusted Software. In HPCA, 2010.
[5]
X. Chen, T. Garfinkel, E. C. Lewis, P. Subrahmanyam, C. A. Waldspurger, D. Boneh, J. Dwoskin, and D. R. K. Ports. Overshadow: A virtualization-based approach to retrofitting protection in commodity operating systems. In ASPLOS, Seattle, WA, USA, 2008.
[6]
S. Chhabra, B. Rogers, and Y. Solihin. SHIELDSTRAP: Making Secure Processors Truly Secure. In ICCD, 2009.
[7]
Emery D. Berger and Kathryn S. Mckinley and Robert D. Blumofe and Paul R. Wilson. Hoard: A scalable memory allocator for multithreaded applications. In ASPLOS, 2000.
[8]
FIPS Publication 180-1. Secure Hash Standard. NIST, Federal Information Processing Standards, 1995.
[9]
B. Gassend, G. Suh, D. Clarke, M. Dijk, and S. Devadas. Caches and Hash Trees for Efficient Memory Integrity Verification. In HPCA, 2003.
[10]
T. C. Group. Trusted platform module (TPM) Main - Part 1 Design Principles.
[11]
H. Krawczyk and M. Bellare and R. Caneti. HMAC: Keyed-hashing for message authentication. http://www.ietf.org/, 1997.
[12]
IBM. IBM Extends Enhanced Data Security to Consumer Electronics Products. http://domino.research.ibm.com/comm/pr.nsf/pages/ news.20060410_security.html, April 2006.
[13]
IBM Corporation. The Cell Broadband Engine processor security architecture. http://www-128.ibm.com/developerworks/power/library/pa-cellsecurity/, 2006.
[14]
T. Kgil, L. Falk, and T. Mudge. ChipLock: Support for Secure Microarchitectures. In Proc. of the Workshop on Architectural Support for Security and Anti-Virus, Oct. 2004.
[15]
M. Kharbutli, X. Jiang, Y. Solihin, G. Venkataramani, and M. Prvulovic. Comprehensively and efficiently protecting the heap. SIGOPS Oper. Syst. Rev., 40(5):207--218, 2006.
[16]
D. Lie, J. Mitchell, C. Thekkath, and M. Horowitz. Specifying and Verifying Hardware for Tamper-Resistant Software. In ISSP, 2003.
[17]
D. Lie, C. Thekkath, M. Mitchell, P. Lincoln, D. Boneh, J. MItchell, and M. Horowitz. Architectural Support for Copy and Tamper Resistant Software. In ASPLOS, 2000.
[18]
D. Lie, C. A. Thekkath, and M. Horowitz. Implementing an untrusted operating system on trusted hardware. In SOSP, 2003.
[19]
P. S. Magnusson, M. Christensson, J. Eskilson, D. Forsgren, G. Hallberg, J. Hogberg, F. Larsson, A. Moestedt, and B. Werner. Simics: A Full System Simulation Platform. IEEE Computer Society, 35(2):50--58, 2002.
[20]
J. M. McCune, B. J. Parno, A. Perrig, M. K. Reiter, and H. Isozaki. Flicker: an execution infrastructure for tcb minimization. In Eurosys, Glasgow, Scotland UK, 2008.
[21]
Redhat. Gaining insight into the Linux kernel with kprobes. http://www.redhat.com/magazine/005mar05/features/kprobes/, 2005.
[22]
B. Rogers, S. Chhabra, Y. Solihin, and M. Prvulovic. Using Address Independent Seed Encryption and Bonsai Merkle Trees to Make Secure Processors OS- and Performance-Friendly. In MICRO, 2007.
[23]
B. Rogers, Y. Solihin, and M. Prvulovic. Efficient Data Protection for Distributed Shared Memory Multiprocessors. In PACT, 2006.
[24]
A. Seshadri, M. Luk, N. Qu, and A. Perrig. Secvisor: a tiny hypervisor to provide lifetime kernel code integrity for commodity oses. In SOSP, 2007.
[25]
W. Shi and H.-H. Lee. Authentication Control Point and Its Implications for Secure Processor Design. In MICRO, 2006.
[26]
W. Shi, H.-H. Lee, M. Ghosh, and C. Lu. Architectural Support for High Speed Protection of Memory Integrity and Confidentiality in Multiprocessor Systems. In PACT, 2004.
[27]
W. Shi, H.-H. Lee, M. Ghosh, C. Lu, and A. Boldyreva. High Efficiency Counter Mode Security Architecture via Prediction and Precomputation. In ISCA, 2005.
[28]
Standard Performance Evaluation Corporation. http://www. spec.org, 2006.
[29]
G. Suh, D. Clarke, B. Gassend, M. van Dijk, and S. Devadas. AEGIS: Architecture for Tamper-Evident and Tamper-Resistant Processing. In ICS, 2003.
[30]
G. Suh, D. Clarke, B. Gassend, M. van Dijk, and S. Devadas. Efficient Memory Integrity Verification and Encryption for Secure Processor. In MICRO, 2003.
[31]
R. Ta-min, L. Litty, and D. Lie. Splitting interfaces: Making trust between applications and operating systems configurable. In OSDI, 2006.
[32]
C. A. Waldspurger. Memory resource management in vmware esx server. SIGOPS Operating Systems Review, 36(SI):181--194, 2002.
[33]
C. Yan, B. Rogers, D. Englender, Y. Solihin, and M. Prvulovic. Improving Cost, Performance, and Security of Memory Encryption and Authentication. In ISCA, 2006.
[34]
J. Yang and K. G. Shin. Using hypervisor to provide data secrecy for user applications on a per-page basis. In VEE, 2008.
[35]
J. Yang, Y. Zhang, and L. Gao. Fast Secure Processor for Inhibiting Software Piracy and Tampering. In MICRO, 2003.
[36]
Y. Zhang, L. Gao, J. Yang, X. Zhang, and R. Gupta. SENSS: Security Enhancement to Symmetric Shared Memory Multiprocessors. In HPCA, 2005.

Cited By

View all
  • (2024)Compiler-Based Memory Encryption for Machine Learning on Commodity Low-Power DevicesProceedings of the 33rd ACM SIGPLAN International Conference on Compiler Construction10.1145/3640537.3641564(198-211)Online publication date: 17-Feb-2024
  • (2024)Data Enclave: A Data-Centric Trusted Execution Environment2024 IEEE International Symposium on High-Performance Computer Architecture (HPCA)10.1109/HPCA57654.2024.00026(218-232)Online publication date: 2-Mar-2024
  • (2023)Accelerating Extra Dimensional Page Walks for Confidential ComputingProceedings of the 56th Annual IEEE/ACM International Symposium on Microarchitecture10.1145/3613424.3614293(654-669)Online publication date: 28-Oct-2023
  • Show More Cited By

Index Terms

  1. SecureME: a hardware-software approach to full system security

      Recommendations

      Comments

      Information & Contributors

      Information

      Published In

      cover image ACM Conferences
      ICS '11: Proceedings of the international conference on Supercomputing
      May 2011
      398 pages
      ISBN:9781450301022
      DOI:10.1145/1995896
      Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

      Sponsors

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      Published: 31 May 2011

      Permissions

      Request permissions for this article.

      Check for updates

      Author Tags

      1. cloaking
      2. hardware attacks
      3. operating systems
      4. security

      Qualifiers

      • Research-article

      Conference

      ICS '11
      Sponsor:
      ICS '11: International Conference on Supercomputing
      May 31 - June 4, 2011
      Arizona, Tucson, USA

      Acceptance Rates

      Overall Acceptance Rate 629 of 2,180 submissions, 29%

      Contributors

      Other Metrics

      Bibliometrics & Citations

      Bibliometrics

      Article Metrics

      • Downloads (Last 12 months)42
      • Downloads (Last 6 weeks)3
      Reflects downloads up to 17 Jan 2025

      Other Metrics

      Citations

      Cited By

      View all
      • (2024)Compiler-Based Memory Encryption for Machine Learning on Commodity Low-Power DevicesProceedings of the 33rd ACM SIGPLAN International Conference on Compiler Construction10.1145/3640537.3641564(198-211)Online publication date: 17-Feb-2024
      • (2024)Data Enclave: A Data-Centric Trusted Execution Environment2024 IEEE International Symposium on High-Performance Computer Architecture (HPCA)10.1109/HPCA57654.2024.00026(218-232)Online publication date: 2-Mar-2024
      • (2023)Accelerating Extra Dimensional Page Walks for Confidential ComputingProceedings of the 56th Annual IEEE/ACM International Symposium on Microarchitecture10.1145/3613424.3614293(654-669)Online publication date: 28-Oct-2023
      • (2022)Efficient Application Protection against Untrusted Operating SystemsVFAST Transactions on Software Engineering10.21015/vtse.v10i4.119710:4(123-130)Online publication date: 31-Dec-2022
      • (2022)MGXProceedings of the 49th Annual International Symposium on Computer Architecture10.1145/3470496.3527418(726-741)Online publication date: 18-Jun-2022
      • (2022)SoftVNProceedings of the 49th Annual International Symposium on Computer Architecture10.1145/3470496.3527378(160-172)Online publication date: 18-Jun-2022
      • (2022)Colony: A Privileged Trusted Execution Environment With ExtensibilityIEEE Transactions on Computers10.1109/TC.2021.305529371:2(479-492)Online publication date: 1-Feb-2022
      • (2022)Cache Locking and Encryption to Prevent Memory Snooping in Embedded Systems2022 IEEE Conference on Dependable and Secure Computing (DSC)10.1109/DSC54232.2022.9888802(1-8)Online publication date: 22-Jun-2022
      • (2021)Utilizing and Extending Trusted Execution Environment in Heterogeneous SoCs for a Pay-Per-Device IP Licensing SchemeIEEE Transactions on Information Forensics and Security10.1109/TIFS.2021.305877716(2548-2563)Online publication date: 2021
      • (2021)TZ-Container: protecting container from untrusted OS with ARM TrustZoneScience China Information Sciences10.1007/s11432-019-2707-664:9Online publication date: 19-Aug-2021
      • Show More Cited By

      View Options

      Login options

      View options

      PDF

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader

      Media

      Figures

      Other

      Tables

      Share

      Share

      Share this Publication link

      Share on social media