Computing Reviews, the leading online review service for computing literature.

Search

AppSec: a safe execution environment for security sensitive applications
Ren J., Qi Y., Dai Y., Wang X., Shi Y. VEE 2015 (Proceedings of the 11th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, Istanbul, Turkey, Mar 14-15, 2015)187-199.2015.Type:Proceedings

Date Reviewed: Apr 22 2015

The authors of AppSec present a proposed implementation to achieve a secure environment without modifying the operating system (OS) kernel or applications. The main concept is that only the OS is untrusted, while the hardware and the firmware are presumed to be trusted. “A hypervisor-based safe execution environment,” protects security-sensitive applications from an untrusted OS. The authors focus on a combination of mechanisms to secure “dynamic shared objects during runtime,” “kernel memory access according to [the] application’s intention,” and input/output (I/O) communication from the end user to the application. The AppSec architecture overview is illustrated, and its elements are described meticulously. The safe loader component ensures the integrity of loaded applications and dynamic shared objects. The page tracker assures un-bypassed and transparent memory access by collecting information on sensitive applications’ memory pages, and by raising a nested page table fault when the kernel tries to access them. Access is then granted according to the application’s intentions. The I/O connections are secured with a privilege-based window-management system, with security-sensitive applications having the highest privilege. The authors detail the evaluation of their system, with respect to the performance overhead, by using native Linux execution rates as a baseline. The tests were performed on a server with AMD processors, running Debian “wheezy” with Linux 3.1. SPEC CPU2006, Apache, and Google V8 benchmarks, and a few microbenchmarks, were used to compare against the baseline and the modified version with AppSec off and on. The tests concluded that a performance overhead of 6-to-10 percent incurred when all protection mechanisms were activated. The authors then present the limitations of the system and compare their work to similar techniques for protecting the user’s privacy. The most important differences were that AppSec does not modify the OS in any way and secures both memory and human-machine interaction data.

Reviewer: Patriciu Victor-Valeriu	Review #: CR143381 (1507-0599)

Security and Protection (D.4.6 )

Would you recommend this review?

yes

Other reviews under "Security and Protection":	Date

Practical UNIX security Garfinkel S., Spafford G., O’Reilly & Associates, Inc., Sebastopol, CA, 1991. Type: Book (9780937175729)	Jun 1 1992

Trusted products evaluation Chokhani S. Communications of the ACM 35(7): 64-76, 1992. Type: Article	Oct 1 1993

An experience using two covert channel analysis techniques on a real system design Haigh J., Kemmerer R., McHugh J., Young W. IEEE Transactions on Software Engineering SE-13(2): 157-168, 1987. Type: Article	Nov 1 1987

more...

Reproduction in whole or in part without permission is prohibited. Copyright 1999-2024 ThinkLoud^®
Terms of Use | Privacy Policy