SaTC: CORE: Small: Information Flow Control Infrastructure for Single-Use Service Platforms

SaTC：核心：小型：一次性服务平台的信息流控制基础设施

• 批准号: 1816282
• 负责人: Trent Jaeger
• 金额: $ 50万
• 依托单位: Pennsylvania State Univ University Park
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2018
• 资助国家: 美国
• 起止时间: 2018-09-01 至 2023-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=1816282&HistoricalAwards=false
• 关键词: SaTC; CORE; Small; Information; Flow

Many applications are now being deployed on rich, distributed platforms, such as those for cloud computing and Internet of Things (IoT). Such platforms can aid developers by launching their applications dynamically to align resource use with demand in serverless platforms and by composing fine-grained components into complete applications in microservice architectures. Even with these advanced architectures, the system platforms themselves still have large trusted computing bases, where a single vulnerability may threaten the security of the entire platform. This occurs because platform services are available to all applications and are typically fully trusted by other platform services. As a result, a malicious application may compromise a vulnerable service to gain access to another application's data and/or compromise the integrity of another application's computing.The project will produce theories and techniques to deploy platform services to protect applications using information flow control. First, it is advocated that stateless platform services be deployed as single-use services: services launched on demand to perform an operation on behalf of a single command, much like serverless applications. Second, application data is protected by enforcing information flow control over single-use services, validating that enforcement services perform information flow control statically. Third, the project seeks to reduce trust in complex, monolithic services by developing methods to partition services into enforcement services and single-use services, which can be either validated or governed using information flow control. In contrast to current platforms that enforce mandatory access control to protect hosts from untrusted applications, an infrastructure will be developed to build platforms that protect applications from potentially vulnerable services using information flow control. As part of broader impacts, this research examines methods for how to "build security in" to emerging distributed platforms. A wide variety of commercial efforts are targeting container-based cloud and IoT platforms, but there is a dearth of infrastructure to aid programmers in constructing platforms that adhere to security requirements while achieving desired functionality. The open-source tools and example platforms developed will be utilized in coursework and aggressively pitched to industry practitioners to gain feedback and increase adoption.This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

许多应用程序现在都部署在丰富的分布式平台上，例如云计算和物联网（IoT）。 这些平台可以通过动态启动应用程序来帮助开发人员将资源使用与无服务器平台中的需求保持一致，并将细粒度组件组合到微服务架构中的完整应用程序中。 即使有了这些先进的架构，系统平台本身仍然拥有庞大的可信计算基础，其中单个漏洞可能会威胁到整个平台的安全。 这是因为平台服务可用于所有应用程序，并且通常完全受其他平台服务信任。 因此，恶意应用程序可能会损害易受攻击的服务，以访问另一个应用程序的数据和/或损害另一个应用程序计算的完整性。该项目将提出部署平台服务的理论和技术，以使用信息流控制来保护应用程序。首先，提倡将无状态平台服务部署为单用途服务：按需启动的服务代表单个命令执行操作，就像无服务器应用程序一样。第二，通过对一次性服务实施信息流控制来保护应用程序数据，验证实施服务静态地执行信息流控制。第三，该项目旨在通过开发将服务划分为强制服务和一次性服务的方法来减少对复杂单一服务的信任，这些服务可以使用信息流控制进行验证或管理。 与目前强制执行强制访问控制以保护主机免受不可信应用程序影响的平台相反，将开发一种基础设施，以构建使用信息流控制保护应用程序免受潜在易受攻击服务影响的平台。 作为更广泛影响的一部分，本研究探讨了如何在新兴的分布式平台上“建立安全性”的方法。 各种各样的商业努力都针对基于容器的云和物联网平台，但缺乏基础设施来帮助程序员构建符合安全要求的平台，同时实现所需的功能。 开发的开源工具和示例平台将在课程中使用，并积极地向行业从业者宣传，以获得反馈并提高采用率。该奖项反映了NSF的法定使命，并被认为值得通过使用基金会的智力价值和更广泛的影响审查标准进行评估来支持。

项目成果

Demystifying Android’s Scoped Storage Defense

揭秘 Android 的分区存储防御

• DOI: 10.1109/msec.2021.3090564
• 发表时间: 2021
• 期刊: IEEE Security & Privacy
• 影响因子: 1.9
• 作者: Lee, Yu-Tsung;Chen, Haining;Jaeger, Trent
• 通讯作者: Jaeger, Trent

PolyScope: Multi-Policy Access Control Analysis to Compute Authorized Attack Operations in Android Systems

PolyScope：用于计算 Android 系统中授权攻击操作的多策略访问控制分析

• 发表时间: 2021
• 期刊: 30th USENIX Security Symposium
• 作者: Yu-Tsung Lee, William Enck

Towards a General-Purpose Dynamic Information Flow Policy

迈向通用动态信息流政策

• DOI: 10.1109/csf54842.2022.9919639
• 发表时间: 2022
• 期刊: IEEE 35th Computer Security Foundations Symposium (CSF
• 作者: Li, Peixuan;Zhang, Danfeng
• 通讯作者: Zhang, Danfeng

Evolving Operating System Kernels Towards Secure Kernel-Driver Interfaces

• DOI: 10.1145/3593856.3595914
• 发表时间: 2023-06
• 期刊: Proceedings of the 19th Workshop on Hot Topics in Operating Systems
• 作者: A. Burtsev;Vikram Narayanan;Yongzhe Huang;Kaiming Huang;Gang Tan;T. Jaeger

Analyzing the Overhead of File Protection by Linux Security Modules

分析 Linux 安全模块的文件保护开销

• DOI: 10.1145/3433210.3453078
• 发表时间: 2021
• 期刊: 2021 ACM Asia Conference on Computer and Communications Security
• 作者: Zhang, Wenhui;Liu, Peng;Jaeger, Trent
• 通讯作者: Jaeger, Trent