Projekte pro Jahr
Abstract
Isolation is a long-standing security challenge. Privilege rings and virtual memory are increasingly augmented with capabilities, protection keys, and powerful enclaves. Moreover, we are facing an increased need for physical protection, e.g., via transparent memory encryption, resulting in a complex interplay of various security mechanisms. In this work, we tackle the isolation challenge with a new extensible isolation primitive called authenticryption shield that unifies various isolation policies. By using authenticated memory encryption, we streamline the security reasoning towards cryptographic guarantees. We showcase the versatility of our approach by designing and prototyping SERVAS – a novel enclave architecture for RISC-V. SERVAS facilitates a new efficient and secure enclave memory sharing mechanism. While the memory encryption constitutes the main overhead, invoking SERVAS enclave requires only 3.5x of a simple syscall instead of 71x for Intel SGX.
Originalsprache | englisch |
---|---|
Titel | Computer Security – ESORICS 2021 |
Untertitel | 26th European Symposium on Research in Computer Security, Darmstadt, Germany, October 4–8, 2021, Proceedings, Part II |
Redakteure/-innen | Elisa Bertino, Haya Shulman, Michael Waidner |
Erscheinungsort | Cham |
Herausgeber (Verlag) | Springer |
Seiten | 370-391 |
Seitenumfang | 22 |
ISBN (Print) | 978-3-030-88427-7 |
DOIs | |
Publikationsstatus | Veröffentlicht - 2 Okt. 2021 |
Veranstaltung | 26th European Symposium on Research in Computer Security: ESORICS 2021 - Darmstadt Dauer: 4 Okt. 2021 → 8 Okt. 2021 |
Publikationsreihe
Name | Lecture Notes in Computer Science |
---|---|
Band | 12973 |
Konferenz
Konferenz | 26th European Symposium on Research in Computer Security |
---|---|
Kurztitel | ESORICS 2021 |
Ort | Darmstadt |
Zeitraum | 4/10/21 → 8/10/21 |
ASJC Scopus subject areas
- Theoretische Informatik
- Allgemeine Computerwissenschaft
Fingerprint
Untersuchen Sie die Forschungsthemen von „SERVAS! Secure Enclaves via RISC-V Authenticryption Shield“. Zusammen bilden sie einen einzigartigen Fingerprint.-
Data Security - KC - KD-07 Skalierbare Knowledge-Discovery-Komponenten
1/07/17 → 31/12/26
Projekt: Forschungsprojekt
-
Espresso - Skalierbare hardware-gesicherte authentifizierung und Personalisierung intelligenter Sensorknoten
1/05/18 → 31/10/20
Projekt: Forschungsprojekt
-
EU - SOPHIA - Absicherung von Software gegen Physische Angriffe
1/09/16 → 31/12/21
Projekt: Forschungsprojekt