Safe and efficient implementation of a security system on ARM using intra-level privilege separation
DC Field | Value | Language |
---|---|---|
dc.contributor.author | Kwon, D. | - |
dc.contributor.author | Yi, H. | - |
dc.contributor.author | Cho, Y. | - |
dc.contributor.author | Paek, Y. | - |
dc.date.available | 2020-09-14T08:12:36Z | - |
dc.date.created | 2019-03-12 | - |
dc.date.issued | 2019-02 | - |
dc.identifier.issn | 2471-2566 | - |
dc.identifier.uri | http://scholarworks.bwise.kr/ssu/handle/2018.sw.ssu/39099 | - |
dc.description.abstract | Security monitoring has long been considered as a fundamental mechanism to mitigate the damage of a security attack. Recently, intra-level security systems have been proposed that can efficiently and securely monitor system software without any involvement of more privileged entity. Unfortunately, there exists no full intra-level security system that can universally operate at any privilege level on ARM. However, as malware and attacks increase against virtually every level of privileged software including an OS, a hypervisor, and even the highest privileged software armored by TrustZone, we have been motivated to develop an intra-level security system, named Hilps. Hilps realizes true intra-level scheme in all these levels of privileged software on ARM by elaborately exploiting a new hardware feature of ARM's latest 64-bit architecture, called TxSZ, that enables elastic adjustment of the accessible virtual address range. Furthermore, Hilps newly supports the sandbox mechanism that provides security tools with individually isolated execution environments, thereby minimizing security threats from untrusted security tools. We have implemented a prototype of Hilps on a real machine. The experimental results demonstrate that Hilps is quite promising for practical use in real deployments. © 2019 Association for Computing Machinery. | - |
dc.language | 영어 | - |
dc.language.iso | en | - |
dc.publisher | Association for Computing Machinery | - |
dc.relation.isPartOf | ACM Transactions on Privacy and Security | - |
dc.title | Safe and efficient implementation of a security system on ARM using intra-level privilege separation | - |
dc.type | Article | - |
dc.identifier.doi | 10.1145/3309698 | - |
dc.type.rims | ART | - |
dc.identifier.bibliographicCitation | ACM Transactions on Privacy and Security, v.22, no.2 | - |
dc.description.journalClass | 1 | - |
dc.identifier.wosid | 000468051200003 | - |
dc.identifier.scopusid | 2-s2.0-85062343285 | - |
dc.citation.number | 2 | - |
dc.citation.title | ACM Transactions on Privacy and Security | - |
dc.citation.volume | 22 | - |
dc.contributor.affiliatedAuthor | Cho, Y. | - |
dc.type.docType | Article | - |
dc.description.isOpenAccess | N | - |
dc.subject.keywordAuthor | Isolation | - |
dc.subject.keywordAuthor | Privilege separation | - |
dc.subject.keywordAuthor | Security system | - |
dc.description.journalRegisteredClass | scie | - |
Items in ScholarWorks are protected by copyright, with all rights reserved, unless otherwise indicated.
Soongsil University Library 369 Sangdo-Ro, Dongjak-Gu, Seoul, Korea (06978)02-820-0733
COPYRIGHT ⓒ SOONGSIL UNIVERSITY, ALL RIGHTS RESERVED.
Certain data included herein are derived from the © Web of Science of Clarivate Analytics. All rights reserved.
You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.