Fine-grained isolation to protect data against in-process attacks on AArch64
- Authors
- Cho Y.
- Issue Date
- Feb-2020
- Publisher
- MDPI AG
- Keywords
- AArch64; EXecute-no-Read; Isolation
- Citation
- Electronics (Switzerland), v.9, no.2
- Journal Title
- Electronics (Switzerland)
- Volume
- 9
- Number
- 2
- URI
- http://scholarworks.bwise.kr/ssu/handle/2018.sw.ssu/38794
- DOI
- 10.3390/electronics9020236
- ISSN
- 2079-9292
- Abstract
- In-process attacks are a new class of attacks that circumvent protection schemes centered around inter-process isolation. Against these attacks, researchers have proposed fine-grained data isolation schemes that can protect sensitive data from malicious accesses even during the same process. Their proposals based on salient hardware features, such as ARM® processor architecture’s domain protection, are quite successful, but it cannot be applied to a specific architecture, namely AArch64, as this does not provide the same hardware features. In this paper, therefore, we present Sealer, a fine-grained data isolation scheme applicable in AArch64. Sealer achieves its objective by brilliantly harmonizing two hardware features of AArch64: The eXecute-no-Read and the cryptographic extension. Sealer provides application developers with a set of application programming interface (API) so that the developers can enjoy the fine-grained data isolation in their own way. © 2020 by the author. Licensee MDPI, Basel, Switzerland.
- Files in This Item
- There are no files associated with this item.
- Appears in
Collections - College of Information Technology > School of Software > 1. Journal Articles
![qrcode](https://api.qrserver.com/v1/create-qr-code/?size=55x55&data=https://scholarworks.bwise.kr/ssu/handle/2018.sw.ssu/38794)
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.