Loading...
Please wait, while we are loading the content...
Similar Documents
Secure User I / O for Applications on an Untrusted Operating System
| Content Provider | Semantic Scholar |
|---|---|
| Copyright Year | 2014 |
| Abstract | Acknowledgements I would first like to thank my advisor Dr. Emmett Witchel. He dedicated significant time and effort to helping me learn and grow as a student and person. I would also like to thank the other students in OSA, especially Alan Dunn, for providing guidance and assistance in the face of sometimes daunting tasks. Further I would like to thank my parents and family, without whom I would certainly not be where or who I am today. 3 1 Abstract In this paper I discuss the topic of operating system trust, and specifically why it is important to remove the OS from the trusted computing base. I explore past work on running trusted applications on top of an untrusted OS including InkTag, and analyze why such systems need a mechanism for Secure User I/O. I introduce a mechanism for Secure User I/O that builds on a newer version of InkTag, taking advantage of the unique features of our system to provide an efficient and lightweight path for user input and output. This improved path for user I/O supports both graphical (X-windows) and terminal based applications with no modifications to application code. To our knowledge, this system is the first to provide a comprehensive solution for secure user I/O on an untrusted operating system without modification by the application developer. Computer systems play an increasing role in modern society. Many of the systems and applications we interact with on an everyday basis run on top of some form of commodity, off the shelf operating system. These operating systems are very complex: recent estimates place Windows at more than 50 million lines of code and the Linux kernel now exceeds 15 million lines of code [7, 12]. With codebases of this size, its almost guaranteed that bugs and security flaws will exist, and operating system manufacturers regularly release patches to fix bugs and exploits as they are discovered. As a result of such inevitable vulnerabilities, no matter how well applications are designed, a single flaw or compromise in an operating system can result in the compromise of each application running on top of it. The amount of money and effort spent on the prevention and redress of malware, rootkits and viruses across popular computing platforms today is evidence of the significance of such vulnerabilities. Existing research efforts to address operating system vulnerabilities rely on reducing the trusted computing base, the portion … |
| File Format | PDF HTM / HTML |
| Alternate Webpage(s) | https://apps.cs.utexas.edu/apps/sites/default/files/tech_reports/TR-2173.pdf |
| Alternate Webpage(s) | http://apps.cs.utexas.edu/tech_reports/reports/tr/TR-2173.pdf |
| Language | English |
| Access Restriction | Open |
| Content Type | Text |
| Resource Type | Article |
