Abstract
The ability to copy data effortlessly poses significant security issues in many applications; It is difficult to safely lend out music or e-books, virtual credits cannot be transferred between peers without contacting a central server or co-operation with other network nodes, …
Protecting digital copies is hard because of the huge software and hardware trusted computing base applications have to rely on. Protected-module architectures (PMAs) provide an interesting alternative by relying only on a minimal set of security primitives. Recently it has been proven that such platforms can provide strong security guarantees. However, transferring state of protected modules has, to the best of our knowledge, not yet been studied.
In this paper, we present a protocol to transfer protected modules from one machine to another state-continuously; From a high level point of view, only a single instance of the module exists that executes without interruption when it is transferred from one machine to another. In practice however an attacker may (i) crash the system at any point in time (i.e., a crash attack), (ii) present the system with a stale state (i.e., a rollback attack), or (iii) trick both machines to continue execution of the module (i.e., a forking attack). We also discuss use cases of such a system that go well beyond digital rights management.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Agten, P., Jacobs, B., Piessens, F.: Sound modular verification of c code executing in an unverified context. Accepted for publication in Proceedings of the 42nd Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL 2015) (January 2015)
Agten, P., Strackx, R., Jacobs, B., Piessens, F.: Secure compilation to modern processors. In: 2012 IEEE 25th Computer Security Foundations Symposium (CSF 2012), pp. 171–185. IEEE Computer Society, Los Alamitos (2012)
Anati, I., Gueron, S., Johnson, S., Scarlata, V.: Innovative technology for CPU based attestation and sealing. In: Proceedings of the 2nd International Workshop on Hardware and Architectural Support for Security and Privacy (2013)
Chan, E.M., Carlyle, J.C., David, F.M., Farivar, R., Campbell, R.H.: BootJacker: Compromising computers using forced restarts. In: Proceedings of the 15th ACM Conference on Computer and Communications Security, CCS 2008, pp. 555–564. ACM, New York (2008)
Halderman, J., Schoen, S., Heninger, N., Clarkson, W., Paul, W., Calandrino, J., Feldman, A., Appelbaum, J., Felten, E.: Lest we remember: Cold boot attacks on encryption keys. In: USENIX Security Symposium, pp. 45–60 (2008)
Intel Corporation. Software Guard Extensions Programming Reference (2013)
King-Lacroix, J., Martin, A.: Bottlecap: A credential manager for capability systems. In: Proceedings of the Seventh ACM Workshop on Scalable Trusted Computing, STC 2012, pp. 45–54. ACM, New York (2012)
Koeberl, P., Schulz, S., Sadeghi, A.-R., Varadharajan, V.: Trustlite: a security architecture for tiny embedded devices. In: Proceedings of the Ninth European Conference on Computer Systems (EuroSys 2014), p. 10. ACM (2014)
Kotla, R., Rodeheffer, T., Roy, I., Stuedi, P., Wester, B.: Pasture: secure offline data access using commodity trusted hardware. In: Proceedings of the 10th USENIX Conference on Operating Systems Design and Implementation (OSDI 2012) (2012)
McCune, J.M., Li, Y., Qu, N., Zhou, Z., Datta, A., Gligor, V., Perrig, A.: TrustVisor: Efficient TCB reduction and attestation. In: Proceedings of the IEEE Symposium on Security and Privacy (S&P 2010) (May 2010)
McCune, J.M., Parno, B., Perrig, A., Reiter, M.K., Isozaki, H.: Flicker: An execution infrastructure for TCB minimization. In: Proceedings of the ACM European Conference in Computer Systems (EuroSys), pp. 315–328. ACM (April 2008)
Noorman, J., Agten, P., Daniels, W., Strackx, R., Herrewege, A.V., Huygens, C., Preneel, B., Verbauwhede, I., Piessens, F.: Sancus: Low-cost trustworthy extensible networked devices with a zero-software trusted computing base. In: 22nd USENIX Security Symposium (Usenix 2013). USENIX Association (August 2013)
One, A.: Smashing the stack for fun and profit. Phrack Magazine 7(49) (1996)
Owusu, E., Guajardo, J., McCune, J., Newsome, J., Perrig, A., Vasudevan, A.: OASIS: on achieving a sanctuary for integrity and secrecy on untrusted platforms. In: Conference on Computer & Communications Security (CCS 2013) (2013)
Parno, B., Lorch, J.R., Douceur, J.R., Mickens, J., McCune, J.M.: Memoir: Practical state continuity for protected modules. In: Proceedings of the IEEE Symposium on Security and Privacy (S&P 2011) (May 2011)
Patrignani, M., Agten, P., Strackx, R., Jacobs, B., Clarke, D., Piessens, F.: Secure compilation to protected module architectures. Accepted for publication in Transactions on Programming Languages and Systems, TOPLAS (2014)
Patrignani, M., Clarke, D., Piessens, F.: Secure Compilation of Object-Oriented Components to Protected Module Architectures. In: Shan, C.-c. (ed.) APLAS 2013. LNCS, vol. 8301, pp. 176–191. Springer, Heidelberg (2013)
Strackx, R., Jacobs, B., Piessens, F.: ICE: A passive, high-speed, state-continuity scheme. In: Annual Computer Security Applications Conference (ACSAC 2014) (2014)
Strackx, R., Jacobs, B., Piessens, F.: ICE: A passive, high-speed, state-continuity scheme (extended version). CW Reports CW672, KU Leuven (August 2014)
Strackx, R., Piessens, F.: Fides: Selectively hardening software application components against kernel-level or process-level malware. In: Computer and Communications Security (CCS 2012) (October 2012)
Strackx, R., Piessens, F., Preneel, B.: Efficient Isolation of Trusted Subsystems in Embedded Systems. In: Jajodia, S., Zhou, J. (eds.) SecureComm 2010. LNICST, vol. 50, pp. 344–361. Springer, Heidelberg (2010)
Strackx, R., Younan, Y., Philippaerts, P., Piessens, F., Lachmund, S., Walter, T.: Breaking the memory secrecy assumption. In: Proceedings of the Second European Workshop on System Security, pp. 1–8. ACM (2009)
van Dijk, M., Rhodes, J., Sarmenta, L.F.G., Devadas, S.: Offline untrusted storage with immediate detection of forking and replay attacks. In: Proceedings of the 2007 ACM Workshop on Scalable Trusted Computing, STC 2007 (2007)
Vasudevan, A., Chaki, S., Jia, L., McCune, J., Newsome, J., Datta, A.: Design, implementation and verification of an extensible and modular hypervisor framework. In: Proceedings of the 2013 IEEE Symposium on Security and Privacy, SP 2013, pp. 430–444. IEEE Computer Society, Washington, DC (2013)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Strackx, R., Lambrigts, N. (2015). Idea: State-Continuous Transfer of State in Protected-Module Architectures. In: Piessens, F., Caballero, J., Bielova, N. (eds) Engineering Secure Software and Systems. ESSoS 2015. Lecture Notes in Computer Science, vol 8978. Springer, Cham. https://doi.org/10.1007/978-3-319-15618-7_4
Download citation
DOI: https://doi.org/10.1007/978-3-319-15618-7_4
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-15617-0
Online ISBN: 978-3-319-15618-7
eBook Packages: Computer ScienceComputer Science (R0)