skip to main content
10.1145/2382196.2382201acmconferencesArticle/Chapter ViewAbstractPublication PagesccsConference Proceedingsconference-collections
research-article

A software-hardware architecture for self-protecting data

Published: 16 October 2012 Publication History

Abstract

We propose a software-hardware architecture, DataSafe, that realizes the concept of self-protecting data: data that is protected by a given policy whenever it is accessed by any application -- including unvetted third-party applications. Our architecture provides dynamic instantiations of secure data compartments (SDCs), with hardware monitoring of the information flows from the compartment using hardware policy tags associated with the data at runtime. Unbypassable hardware output control prevents confidential information from being leaked out. Unlike previous hardware information flow tracking systems, DataSafe software architecture bridges the semantic gap by supporting flexible, high-level software policies for the data, seamlessly translating these policies to efficient hardware tags at runtime. Applications need not be modified to interface to these software-hardware mechanisms. DataSafe architecture is designed to prevent illegitimate secondary dissemination of protected plaintext data by authorized recipients, to track and protect data derived from sensitive data, and to provide lifetime enforcement of the confidentiality policies associated with the sensitive data.

References

[1]
M. I. Al-Saleh and J. R. Crandall. On information flow for intrusion detection: what if accurate full-system dynamic information flow tracking was possible? In Proceedings of the Workshop on New Security Paradigms, pages 17--32, 2010.
[2]
D. Brumley, J. Caballero, Z. Liang, J. Newsome, and D. Song. Towards automatic discovery of deviations in binary implementations with applications to error detection and fingerprint generation. In Proceedings of USENIX Security Symposium, pages 15:1--15:16, 2007.
[3]
D. Champagne and R. B. Lee. Scalable architectural support for trusted software. In Proceedings of the IEEE International Symposium on High Performance Computer Architecture, pages 1--12, 2010.
[4]
S. Chhabra, B. Rogers, Y. Solihin, and M. Prvulovic. Secureme: a hardware-software approach to full system security. In Proceedings of the International Conference on Supercomputing, pages 108--119, 2011.
[5]
C. Y. Cho, D. Babić, P. Poosankam, K. Z. Chen, E. X. Wu, and D. Song. Mace: model-inference-assisted concolic exploration for protocol and vulnerability discovery. In Proceedings of USENIX Security Symposium, pages 10--10, 2011.
[6]
J. Chow, B. Pfaff, T. Garfinkel, K. Christopher, and M. Rosenblum. Understanding data lifetime via whole system simulation. In Proceedings of USENIX Security Symposium, pages 22--22, 2004.
[7]
M. Dalton, H. Kannan, and C. Kozyrakis. Raksha: a flexible information flow architecture for software security. In Proceedings of the ACM/IEEE International Symposium on Computer Architecture, pages 482--493, 2007.
[8]
J. S. Dwoskin and R. B. Lee. Hardware-rooted trust for secure key management and transient trust. In Proceedings of the ACM Conference on Computer and Communications Security, pages 389--400, 2007.
[9]
P. Efstathopoulos and E. Kohler. Manageable fine-grained information flow. In Proceedings of the ACM SIGOPS/EuroSys European Conference on Computer Systems, pages 301--313, 2008.
[10]
P. Efstathopoulos, M. Krohn, S. VanDeBogart, C. Frey, D. Ziegler, E. Kohler, D. Mazières, F. Kaashoek, and R. Morris. Labels and event processes in the asbestos operating system. In Proceedings of the ACM Symposium on Operating Systems Principles, pages 17--30, 2005.
[11]
M. Egele, C. Kruegel, E. Kirda, H. Yin, and D. Song. Dynamic spyware analysis. In Proceedings of the USENIX Annual Technical Conference, pages 18:1--18:14, 2007.
[12]
J. A. Halderman, S. D. Schoen, N. Heninger, W. Clarkson, W. Paul, J. A. Calandrino, A. J. Feldman, J. Appelbaum, and E. W. Felten. Lest we remember: cold boot attacks on encryption keys. In Proceedings of USENIX Security Symposium, pages 45--60, 2008.
[13]
R. Iannella. Open digital rights language (ODRL), Version 0.5, Aug. 2000.odrl.net/ODRL-05.pdf.
[14]
N. P. Jouppi. Improving direct-mapped cache performance by the addition of a small fully-associative cache and prefetch buffers. In Proceedings of the ACM/IEEE International Symposium on Computer Architecture, pages 364--373, 1990.
[15]
M. G. Kang, S. McCamant, P. Poosankam, and D. Song. DTA++: Dynamic taint analysis with targeted control-flow propagation. In Proceedings of the Network and Distributed System Security Symposium, 2011.
[16]
R. B. Lee, P. C. S. Kwan, J. P. McGregor, J. Dwoskin, and Z. Wang. Architecture for protecting critical secrets in microprocessors. In Proceedings of the ACM/IEEE International Symposium on Computer Architecture, pages 2--13, 2005.
[17]
D. Lie, C. A. Thekkath, and M. Horowitz. Implementing an untrusted operating system on trusted hardware. In Proceedings of the ACM Symposium on Operating Systems Principles, pages 178--192, 2003.
[18]
J. M. McCune, Y. Li, N. Qu, Z. Zhou, A. Datta, V. Gligor, and A. Perrig. TrustVisor: Efficient TCB Reduction and Attestation. In Proceedings of the IEEE Security and Privacy, pages 143--158, 2010.
[19]
J. M. McCune, B. J. Parno, A. Perrig, M. K. Reiter, and H. Isozaki. Flicker: an execution infrastructure for TCB minimization. In Proceedings of the ACM SIGOPS/EuroSys European Conference on Computer Systems, pages 315--328, 2008.
[20]
V. Nagarajan, H.-S. Kim, Y. Wu, and R. Gupta. Dynamic information flow tracking on multicores. In Workshop on Interaction between Compilers and Computer Architectures, 2008.
[21]
J. Park and R. Sandhu. The UCONABC usage control model. ACM Trans. Inf. Syst. Secur., 7(1):128--174, 2004.
[22]
F. Qin, C. Wang, Z. Li, H.-s. Kim, Y. Zhou, and Y. Wu. Lift: A low-overhead practical information flow tracking system for detecting security attacks. In Proceedings of the IEEE/ACM International Symposium on Microarchitecture, pages 135--148, 2006.
[23]
A. Sabelfeld and A. C. Myers. Language-based information-flow security. Selected Areas in Communications, IEEE Journal on, 21(1):5--19, Jan. 2003.
[24]
L. Singaravelu, C. Pu, H. Hartig, and C. Helmuth. Reducing tcb complexity for security-sensitive applications: three case studies. In Proceedings of the ACM SIGOPS/EuroSys European Conference on Computer Systems, pages 161--174, 2006.
[25]
D. Song, D. Brumley, H. Yin, J. Caballero, I. Jager, M. G. Kang, Z. Liang, N. James, P. Poosankam, and P. Saxena. BitBlaze: A new approach to computer security via binary analysis. In Proceedings of the International Conference on Information Systems Security. Keynote invited paper., pages 1--25, 2008.
[26]
G. E. Suh, J. W. Lee, D. Zhang, and S. Devadas. Secure program execution via dynamic information flow tracking. In Proceedings of the International Conference on Architectural Support for Programming Languages and Operating Systems, pages 85--96, 2004.
[27]
M. Tiwari, H. M. Wassel, B. Mazloom, S. Mysore, F. T. Chong, and T. Sherwood. Complete information flow tracking from the gates up. In Proceedings of the International Conference on Architectural Support for Programming Languages and Operating Systems, pages 109--120, 2009.
[28]
Trusted Computing Group. Trusted Platform Module. https://www.trustedcomputinggroup.org/home.
[29]
N. Vachharajani, M. J. Bridges, J. Chang, R. Rangan, G. Ottoni, J. A. Blome, G. A. Reis, M. Vachharajani, and D. I. August. RIFLE: An Architectural Framework for User-Centric Information-Flow Security. In Proceedings of the IEEE/ACM International Symposium on Microarchitecture, pages 243--254, 2004.
[30]
S. Vandebogart, P. Efstathopoulos, E. Kohler, M. Krohn, C. Frey, D. Ziegler, F. Kaashoek, R. Morris, and D. Mazières. Labels and event processes in the asbestos operating system. ACM Trans. Comput. Syst., 25, December 2007.
[31]
XrML 2.0 technical overview, version 1.0, March 2002. www.xrml.org/reference/XrMLTechnicalOverviewV1.pdf%.
[32]
H. Yin, D. Song, M. Egele, C. Kruegel, and E. Kirda. Panorama: capturing system-wide information flow for malware detection and analysis. In Proceedings of the ACM Conference on Computer and Communications Security, pages 116--127, 2007.
[33]
N. Zeldovich, S. Boyd-Wickizer, E. Kohler, and D. Mazières. Making information flow explicit in histar. In Proceedings of the Symposium on Operating Systems Design and Implementation, pages 263--278, 2006.

Cited By

View all
  • (2024)Dynamic Possible Source Count Analysis for Data Leakage PreventionProceedings of the 21st ACM SIGPLAN International Conference on Managed Programming Languages and Runtimes10.1145/3679007.3685065(98-111)Online publication date: 13-Sep-2024
  • (2024)PrivData Network: A Privacy-Preserving On-Chain Data Factory and Trading MarketIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2023.328456521:3(1424-1436)Online publication date: May-2024
  • (2023)Secure Instruction and Data-Level Information Flow Tracking Model for RISC-VCryptography10.3390/cryptography70400587:4(58)Online publication date: 16-Nov-2023
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
CCS '12: Proceedings of the 2012 ACM conference on Computer and communications security
October 2012
1088 pages
ISBN:9781450316514
DOI:10.1145/2382196
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 16 October 2012

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. architecture
  2. information flow tracking
  3. policy languages
  4. security
  5. self-protecting data
  6. trusted computing

Qualifiers

  • Research-article

Conference

CCS'12
Sponsor:
CCS'12: the ACM Conference on Computer and Communications Security
October 16 - 18, 2012
North Carolina, Raleigh, USA

Acceptance Rates

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Upcoming Conference

CCS '25

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)14
  • Downloads (Last 6 weeks)4
Reflects downloads up to 19 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2024)Dynamic Possible Source Count Analysis for Data Leakage PreventionProceedings of the 21st ACM SIGPLAN International Conference on Managed Programming Languages and Runtimes10.1145/3679007.3685065(98-111)Online publication date: 13-Sep-2024
  • (2024)PrivData Network: A Privacy-Preserving On-Chain Data Factory and Trading MarketIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2023.328456521:3(1424-1436)Online publication date: May-2024
  • (2023)Secure Instruction and Data-Level Information Flow Tracking Model for RISC-VCryptography10.3390/cryptography70400587:4(58)Online publication date: 16-Nov-2023
  • (2023)Pervasive Micro Information Flow TrackingIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2023.323854720:6(4957-4975)Online publication date: Nov-2023
  • (2023)HyperPS: A Virtual-Machine Memory Protection Approach Through Hypervisor's Privilege SeparationIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2022.320020620:4(2925-2938)Online publication date: 1-Jul-2023
  • (2022)TAG: Tagged Architecture GuideACM Computing Surveys10.1145/353370455:6(1-34)Online publication date: 7-Dec-2022
  • (2022)WHISTLE: CPU Abstractions for Hardware and Software Memory Safety InvariantsIEEE Transactions on Computers10.1109/TC.2022.3180990(1-13)Online publication date: 2022
  • (2022)A Review on Cybersecurity of Cloud Computing for Supporting Connected Vehicle ApplicationsIEEE Internet of Things Journal10.1109/JIOT.2022.31524779:11(8250-8268)Online publication date: 1-Jun-2022
  • (2021)Practical and Scalable Security Verification of Secure ArchitecturesProceedings of the 10th International Workshop on Hardware and Architectural Support for Security and Privacy10.1145/3505253.3505256(1-9)Online publication date: 18-Oct-2021
  • (2021)Challenges and Opportunities for Practical and Effective Dynamic Information Flow TrackingACM Computing Surveys10.1145/348379055:1(1-33)Online publication date: 23-Nov-2021
  • Show More Cited By

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media