Access Restriction

Author Dunn, Alan M. ♦ Lee, Michael Z. ♦ Kim, Sangman ♦ Hofmann, Owen S. ♦ Witchel, Emmett
Source ACM Digital Library
Content type Text
Publisher Association for Computing Machinery (ACM)
File Format PDF
Language English
Subject Domain (in DDC) Computer science, information & general works ♦ Data processing & computer science
Subject Keyword Virtualization-based security ♦ Application protection ♦ Paraverification
Abstract InkTag is a virtualization-based architecture that gives strong safety guarantees to high-assurance processes even in the presence of a malicious operating system. InkTag advances the state of the art in untrusted operating systems in both the design of its hypervisor and in the ability to run useful applications without trusting the operating system. We introduce paraverification, a technique that simplifies the InkTag hypervisor by forcing the untrusted operating system to participate in its own verification. Attribute-based access control allows trusted applications to create decentralized access control policies. InkTag is also the first system of its kind to ensure consistency between secure data and metadata, ensuring recoverability in the face of system crashes.
Description Affiliation: The University of Texas at Auatin, Austin, TX, USA (Hofmann, Owen S.; Dunn, Alan M.; Lee, Michael Z.; Witchel, Emmett) || C, Austin, TX, USA (Kim, Sangman)
Age Range 18 to 22 years ♦ above 22 year
Educational Use Research
Education Level UG and PG
Learning Resource Type Article
Publisher Date 1981-04-01
Publisher Place New York
Journal ACM SIGARCH Computer Architecture News (CARN)
Volume Number 41
Issue Number 1
Page Count 14
Starting Page 265
Ending Page 278

Open content in new tab

   Open content in new tab
Source: ACM Digital Library