Abstract

InkTag is a virtualization-based architecture that gives strong safety guarantees to high-assurance processes even in the presence of a malicious operating system. InkTag advances the state of the art in untrusted operating systems in both the design of its hypervisor and in the ability to run useful applications without trusting the operating system. We introduce paraverification , a technique that simplifies the InkTag hypervisor by forcing the untrusted operating system to participate in its own verification. Attribute-based access control allows trusted applications to create decentralized access control policies. InkTag is also the first system of its kind to ensure consistency between secure data and metadata, ensuring recoverability in the face of system crashes.

Full Text
Paper version not known

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Similar Papers

Paper Title
Journal
Date
Author
InkTag
Owen S Hofmann ... Michael Z Lee
-
Owen S Hofmann, et. al.Owen S Hofmann ... Michael Z Lee
16 Mar 2013
InkTag
Owen S Hofmann ... Alan M Dunn
ACM SIGARCH Computer Architecture News | VOL. 41
Owen S Hofmann, et. al.Owen S Hofmann ... Alan M Dunn
16 Mar 2013
Controlled-Channel Attacks: Deterministic Side Channels for Untrusted Operating Systems
Yuanzhong Xu ... Weidong Cui
-
Yuanzhong Xu, et. al.Yuanzhong Xu ... Weidong Cui
01 May 2015
A Secure User Interface for Web Applications Running Under an Untrusted Operating System
Chunxiao Li ... Anand Raghunathan
-
Chunxiao Li, et. al.Chunxiao Li ... Anand Raghunathan
01 Jun 2010
View more papers

More From: ACM SIGPLAN Notices

Paper Title
Journal
Date
Author
Regenerate: a language generator for extended regular expressions
Gabriel Radanne ... Peter Thiemann
ACM SIGPLAN Notices | VOL. 53
Gabriel Radanne, et. al.Gabriel Radanne ... Peter Thiemann
07 Apr 2020
Implementing a semi-causal domain-specific language for context detection over binary sensors
Nic Volanschi ... Charles Consel
ACM SIGPLAN Notices | VOL. 53
Nic Volanschi, et. al.Nic Volanschi ... Charles Consel
07 Apr 2020
Orchestrating dynamic analyses of distributed processes for full-stack JavaScript programs
Laurent Christophe ... Coen De Roover
ACM SIGPLAN Notices | VOL. 53
Laurent Christophe, et. al.Laurent Christophe ... Coen De Roover
07 Apr 2020
Model-based security analysis of feature-oriented software product lines
Sven Peldszus ... Jan Jürjens
ACM SIGPLAN Notices | VOL. 53
Sven Peldszus, et. al.Sven Peldszus ... Jan Jürjens
07 Apr 2020
View more papers

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.