Skip to main content
SpringerLink
Log in

Information Leakage as a Scheduling Resource

  • Conference paper
  • First Online:
Critical Systems: Formal Methods and Automated Verification (AVoCS 2017, FMICS 2017)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 10471))

  • 570 Accesses

Abstract

High-security processes have to load confidential information into shared resources as part of their operation. This confidential information may be leaked (directly or indirectly) to low-security processes via the shared resource. This paper considers leakage from high-security to low-security processes from the perspective of scheduling. The workflow model is here extended to support preemption, security levels, and leakage. Formalization of leakage properties is then built upon this extended model, allowing formal reasoning about the security of schedulers. Several heuristics are presented in the form of compositional preprocessors and postprocessors as part of a more general scheduling approach. The effectiveness of such heuristics are evaluated experimentally, showing them to achieve significantly better schedulability than the state of the art. Modeling of leakage from cache attacks is presented as a case study.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Technical details for X86-64 (https://software.intel.com/sites/default/files/article/402129/mpx-linux64-abi.pdf) and ELF initialization (http://lxr.linux.no/linux+v3.2.4/arch/ia64/include/asm/elf.h).

  2. 2.

    30,000 sets of tasks were generated, 22 were discarded as unschedulable.

  3. 3.

    Available via git from: https://scm.gforge.inria.fr/anonscm/git/secleakpublic/secleakpublic.git.

  4. 4.

    Demo available via website at: http://secleakpublic.gforge.inria.fr/.

References

  1. Alvim, M.S., Chatzikokolakis, K., Palamidessi, C., Smith, G.: Measuring information leakage using generalized gain functions. In: Chong, S. (ed.) CSF. IEEE (2012)

    Google Scholar 

  2. Backes, M., Köpf, B., Rybalchenko, A.: Automatic discovery and quantification of information leaks. In: S&P, pp. 141–153. IEEE (2009)

    Google Scholar 

  3. Benoit, A., Çatalyürek, U.V., Robert, Y., Saule, E.: A survey of pipelined workflow scheduling: models and algorithms. ACM Comput. Surv. 45(4), 50:1–50:36 (2013)

    Article  Google Scholar 

  4. Biondi, F., Legay, A., Malacaria, P., Wasowski, A.: Quantifying information leakage of randomized protocols. Theor. Comput. Sci. 597, 62–87 (2015)

    Article  MATH  MathSciNet  Google Scholar 

  5. Biondi, F., Legay, A., Traonouez, L.-M., Wąsowski, A.: QUAIL: a quantitative security analyzer for imperative code. In: Sharygina, N., Veith, H. (eds.) CAV 2013. LNCS, vol. 8044, pp. 702–707. Springer, Heidelberg (2013). doi:10.1007/978-3-642-39799-8_49

    Chapter  Google Scholar 

  6. Chothia, T., Kawamoto, Y., Novakovic, C.: LeakWatch: estimating information leakage from java programs. In: Kutyłowski, M., Vaidya, J. (eds.) ESORICS 2014. LNCS, vol. 8713, pp. 219–236. Springer, Cham (2014). doi:10.1007/978-3-319-11212-1_13

    Google Scholar 

  7. Costan, V., Devadas, S.: Intel sgx explained. IACR ePrint Archive 2016, 86 (2016)

    Google Scholar 

  8. Falliere, N., Murchu, L.O., Chien, E.: W32.Stuxnet dossier (2011)

    Google Scholar 

  9. Graham, R.L.: Bounds for certain multiprocessing anomalies. Bell Syst. Tech. J. 45(9), 1563–1581 (1966)

    Article  MATH  Google Scholar 

  10. Gruss, D., Maurice, C., Wagner, K., Mangard, S.: Flush+Flush: a fast and stealthy cache attack. In: Caballero, J., Zurutuza, U., Rodríguez, R.J. (eds.) DIMVA 2016. LNCS, vol. 9721, pp. 279–299. Springer, Cham (2016). doi:10.1007/978-3-319-40667-1_14

    Google Scholar 

  11. Gruss, D., Spreitzer, R., Mangard, S.: Cache template attacks: automating attacks on inclusive last-level caches. In: Usenix Security 2015, pp. 897–912 (2015)

    Google Scholar 

  12. Heusser, J., Malacaria, P.: Quantifying information leaks in software. In: Gates, C., Franz, M., McDermott, J.P. (ed.) ACSAC, pp. 261–269. ACM (2010)

    Google Scholar 

  13. Kim, J.H., Legay, A., Larsen, K.G., Mikučionis, M., Nielsen, B.: Resource-parameterized timing analysis of real-time systems. In: Piterman, N. (ed.) HVC 2015. LNCS, vol. 9434, pp. 190–205. Springer, Cham (2015). doi:10.1007/978-3-319-26287-1_12

    Chapter  Google Scholar 

  14. Kim, J.H., Legay, A., Traonouez, L., Boudjadar, A., Nyman, U., Larsen, K.G., Lee, I., Choi, J.: Optimizing the resource requirements of hierarchical scheduling systems. SIGBED Rev. 13(3), 41–48 (2016)

    Article  Google Scholar 

  15. Mohan, S., Yoon, M., Pellizzoni, R., Bobba, R.: Real-time systems security through scheduler constraints. In: ECRTS, pp. 129–140. IEEE Computer Society (2014)

    Google Scholar 

  16. Osvik, D.A., Shamir, A., Tromer, E.: Cache attacks and countermeasures: the case of AES. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 1–20. Springer, Heidelberg (2006). doi:10.1007/11605805_1

    Chapter  Google Scholar 

  17. Pellizzoni, R., Paryab, N., Yoon, M., Bak, S., Mohan, S., Bobba, R.: A generalized model for preventing information leakage in hard real-time systems. In: RTAS. IEEE (2015)

    Google Scholar 

  18. Ristenpart, T., Tromer, E., Shacham, H., Savage, S.: Hey, you, get off of my cloud: exploring information leakage in third-party compute clouds. In: CCS 2009. ACM (2009)

    Google Scholar 

  19. Schwarz, M., Weiser, S., Gruss, D., Maurice, C., Mangard, S.: Malware guard extension: Using SGX to conceal cache attacks. arXiv preprint (2017). arXiv:1702.08719

  20. Son, J., Alves-Foss, J.: Covert timing channel capacity of rate monotonic real-time scheduling algorithm in MLS systems. In: IASTED, pp. 13–18 (2006)

    Google Scholar 

  21. Son, S.H., Mukkamala, R., David, R.: Integrating security and real-time requirements using covert channel capacity. IEEE Trans. Knowl. Data Eng. 12(6), 865–879 (2000)

    Article  Google Scholar 

  22. Tromer, E., Osvik, D.A., Shamir, A.: Efficient cache attacks on AES, and countermeasures. J. Cryptol. 23(1), 37–71 (2010)

    Article  MATH  MathSciNet  Google Scholar 

  23. Val, C.G., Enescu, M.A., Bayless, S., Aiello, W., Hu, A.J.: Precisely measuring quantitative information flow: 10k lines of code and beyond. In: Euro S&P. IEEE (2016)

    Google Scholar 

  24. Varadarajan, V., Ristenpart, T., Swift, M.M.: Scheduler-based defenses against cross-VM side-channels. In: Usenix Security, pp. 687–702 (2014)

    Google Scholar 

  25. Yarom, Y., Falkner, K.: FLUSH+RELOAD: a high resolution, low noise, L3 cache side-channel attack. In: USENIX Security, pp. 719–732 (2014)

    Google Scholar 

  26. Yoon, M.-K., Mohan, S., Chen, C.-Y., Sha, L.: Taskshuffler: a schedule randomization protocol for obfuscation against timing inference attacks in real-time systems. In: RTAS, pp. 1–12. IEEE (2016)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. CentraleSupélec, Châtenay-Malabry, France

    Fabrizio Biondi

  2. Inria, Paris, France

    Mounir Chadli, Thomas Given-Wilson & Axel Legay

Authors
  1. Fabrizio Biondi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mounir Chadli
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Thomas Given-Wilson
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Axel Legay
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Thomas Given-Wilson .

Editor information

Editors and Affiliations

  1. Paris 13 University, Villetaneuse, France

    Laure Petrucci

  2. Mälardalen University, Västerås, Sweden

    Cristina Seceleanu

  3. University of York, York, United Kingdom

    Ana Cavalcanti

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this paper

Cite this paper

Biondi, F., Chadli, M., Given-Wilson, T., Legay, A. (2017). Information Leakage as a Scheduling Resource. In: Petrucci, L., Seceleanu, C., Cavalcanti, A. (eds) Critical Systems: Formal Methods and Automated Verification. AVoCS FMICS 2017 2017. Lecture Notes in Computer Science(), vol 10471. Springer, Cham. https://doi.org/10.1007/978-3-319-67113-0_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-67113-0_6

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-67112-3

  • Online ISBN: 978-3-319-67113-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation