Data security through trusted execution and comprehensive analysis framework

通过可信执行和全面分析框架实现数据安全

• 批准号: RGPIN-2017-04797
• 负责人: Mannan, Mohammad
• 金额: $ 1.68万
• 依托单位: Concordia University
• 依托单位国家: 加拿大
• 项目类别: Discovery Grants Program - Individual
• 财政年份: 2019
• 资助国家: 加拿大
• 起止时间: 2019-01-01 至 2020-12-31
• 项目状态: 已结题
• 来源: https://www.nserc-crsng.gc.ca/ase-oro/Details-Detailles_eng.asp?id=679204
• 关键词: Data; security; through; trusted; execution

In this proposal, I primarily target two complementary long-term objectives. (1) I will develop next generation data security mechanisms by leveraging existing and new hardware-based trusted computing features (e.g., trusted execution modes of modern CPUs, and security primitives implemented in chipsets, firmware, dedicated security chips) in three environments: laptops and client-end PCs, servers, and mobile devices. (2) I will develop new systematic and comprehensive security analysis frameworks for improved characterization of security failures due to implementation bugs and design flaws in real-world, complex software systems. I will also use trusted computing technologies to address security issues uncovered by such analysis frameworks.******Trusted computing technologies are largely under-utilized in current security solutions. Although such techniques are not new, and several academic proposals also exist, I believe real-world adoption is low due to many proposals being too narrow, i.e., solving only part of a complex problem, and processing secure user input and output is difficult. I will design more complete solutions, and present several target problems that have not been explored yet, specifically, problems that are too expensive or cumbersome to solve only through cryptographic/systems means. On the other hand, mechanisms for security analysis are in many cases adhoc, i.e., applicable to a certain piece of software or vulnerability. My goal is to develop frameworks that will be reusable (i.e., used for different software systems), and frameworks that can provide clear directions to improve security for system designers and product developers. I believe such frameworks and software tools (which I will open-source) will help researchers and developers to evaluate their intended systems more frequently, and more systematically.******The long-term vision of this proposal will be materialized through several short-term, concrete projects. I will explore security-critical applications (apps) in multiple platforms (desktops, servers, and mobile devices), including: protecting data against ransomware attacks; securely deleting data for device repurposing, and mitigating theft/coercion; securing in-memory confidential data against memory-extraction attacks; analyzing TLS implementations, and measuring real-world TLS interception; analyzing evasive malware, and consumer/enterprise applications. The target problems are broad, affecting many high-impact practical systems, and difficult to solve with current approaches. Overall, the use of trusted computing in the design of verifiable solutions, and being able to validate real-world systems through comprehensive security frameworks will increase trust for everyday/enterprise users, and encourage researchers to leverage trusted computing and rigorous analysis techniques from this proposal.

在这个提案中，我主要针对两个互补的长期目标。 (1) 我将通过在笔记本电脑和客户端 PC、服务器和移动设备这三种环境中利用现有的和新的基于硬件的可信计算功能（例如，现代 CPU 的可信执行模式，以及在芯片组、固件、专用安全芯片中实现的安全原语）来开发下一代数据安全机制。 (2) 我将开发新的系统和全面的安全分析框架，以改进对由于现实世界复杂软件系统中的实现错误和设计缺陷而导致的安全故障的表征。我还将使用可信计算技术来解决此类分析框架发现的安全问题。******可信计算技术在当前的安全解决方案中很大程度上没有得到充分利用。尽管此类技术并不新鲜，并且也存在一些学术建议，但我认为由于许多建议过于狭窄，即仅解决复杂问题的一部分，并且处理安全的用户输入和输出很困难，因此现实世界的采用率很低。我将设计更完整的解决方案，并提出几个尚未探索的目标问题，特别是那些过于昂贵或繁琐而仅通过密码/系统手段解决的问题。另一方面，安全分析机制在许多情况下是临时的，即适用于特定的软件或漏洞。我的目标是开发可重用的框架（即用于不同的软件系统），以及可以为系统设计者和产品开发者提供明确的方向来提高安全性的框架。我相信这样的框架和软件工具（我将开源）将帮助研究人员和开发人员更频繁、更系统地评估他们的预期系统。******该提案的长期愿景将通过几个短期的具体项目来实现。我将探索多个平台（桌面、服务器和移动设备）中的安全关键型应用程序（应用程序），包括：保护数据免受勒索软件攻击；安全删除数据以供设备重新利用，并减少盗窃/胁迫；保护内存中的机密数据免受内存提取攻击；分析 TLS 实施并测量现实世界的 TLS 拦截；分析规避恶意软件和消费者/企业应用程序。目标问题很广泛，影响许多高影响力的实际系统，并且很难用当前的方法解决。总体而言，在可验证解决方案的设计中使用可信计算，并能够通过全面的安全框架验证现实世界的系统，将增加日常/企业用户的信任，并鼓励研究人员利用该提案中的可信计算和严格的分析技术。