Data security through trusted execution and comprehensive analysis framework

通过可信执行和全面分析框架实现数据安全

• 批准号: RGPIN-2017-04797
• 负责人: Mannan, Mohammad
• 金额: $ 1.68万
• 依托单位: Concordia University
• 依托单位国家: 加拿大
• 项目类别: Discovery Grants Program - Individual
• 财政年份: 2020
• 资助国家: 加拿大
• 起止时间: 2020-01-01 至 2021-12-31
• 项目状态: 已结题
• 来源: https://www.nserc-crsng.gc.ca/ase-oro/Details-Detailles_eng.asp?id=709306
• 关键词: Data; security; through; trusted; execution

In this proposal, I primarily target two complementary long-term objectives. (1) I will develop next generation data security mechanisms by leveraging existing and new hardware-based trusted computing features (e.g., trusted execution modes of modern CPUs, and security primitives implemented in chipsets, firmware, dedicated security chips) in three environments: laptops and client-end PCs, servers, and mobile devices. (2) I will develop new systematic and comprehensive security analysis frameworks for improved characterization of security failures due to implementation bugs and design flaws in real-world, complex software systems. I will also use trusted computing technologies to address security issues uncovered by such analysis frameworks. Trusted computing technologies are largely under-utilized in current security solutions. Although such techniques are not new, and several academic proposals also exist, I believe real-world adoption is low due to many proposals being too narrow, i.e., solving only part of a complex problem, and processing secure user input and output is difficult. I will design more complete solutions, and present several target problems that have not been explored yet, specifically, problems that are too expensive or cumbersome to solve only through cryptographic/systems means. On the other hand, mechanisms for security analysis are in many cases adhoc, i.e., applicable to a certain piece of software or vulnerability. My goal is to develop frameworks that will be reusable (i.e., used for different software systems), and frameworks that can provide clear directions to improve security for system designers and product developers. I believe such frameworks and software tools (which I will open-source) will help researchers and developers to evaluate their intended systems more frequently, and more systematically. The long-term vision of this proposal will be materialized through several short-term, concrete projects. I will explore security-critical applications (apps) in multiple platforms (desktops, servers, and mobile devices), including: protecting data against ransomware attacks; securely deleting data for device repurposing, and mitigating theft/coercion; securing in-memory confidential data against memory-extraction attacks; analyzing TLS implementations, and measuring real-world TLS interception; analyzing evasive malware, and consumer/enterprise applications. The target problems are broad, affecting many high-impact practical systems, and difficult to solve with current approaches. Overall, the use of trusted computing in the design of verifiable solutions, and being able to validate real-world systems through comprehensive security frameworks will increase trust for everyday/enterprise users, and encourage researchers to leverage trusted computing and rigorous analysis techniques from this proposal.

在这一建议中，我主要针对两个相辅相成的长期目标。(1)我将通过利用现有的和新的基于硬件的可信计算功能（例如，现代CPU的可信执行模式，以及在芯片组、固件、专用安全芯片中实现的安全基元），这三种环境是：膝上型计算机和客户端PC、服务器以及移动的设备。(2)我将开发新的系统和全面的安全分析框架，以改进由于现实世界中复杂软件系统的实现错误和设计缺陷而导致的安全故障的特征。我还将使用可信计算技术来解决这些分析框架所发现的安全问题。 在当前的安全解决方案中，可信计算技术在很大程度上未得到充分利用。虽然这些技术并不新鲜，而且也存在一些学术建议，但我认为现实世界的采用率很低，因为许多建议过于狭窄，即，仅解决复杂问题的一部分，并且处理安全的用户输入和输出是困难的。我将设计更完整的解决方案，并提出几个尚未探索的目标问题，特别是那些只通过加密/系统手段解决过于昂贵或繁琐的问题。另一方面，用于安全分析的机制在许多情况下是特设的，即，适用于某个软件或漏洞。我的目标是开发可重用的框架（即，用于不同的软件系统），以及可以为系统设计人员和产品开发人员提供明确方向以提高安全性的框架。我相信这样的框架和软件工具（我将开放源代码）将帮助研究人员和开发人员更频繁，更系统地评估他们的预期系统。 这一建议的长期构想将通过几个短期的具体项目来实现。我将探索多个平台（台式机、服务器和移动的设备）中的安全关键型应用程序（应用程序），包括：保护数据免受勒索软件攻击;安全删除数据以重新利用设备，并减轻盗窃/胁迫;保护内存中的机密数据免受内存提取攻击;分析TLS实现，并测量现实世界的TLS拦截;分析规避恶意软件和消费者/企业应用程序。目标问题广泛，影响许多高影响力的实际系统，并且难以用当前方法解决。总的来说，在设计可验证的解决方案时使用可信计算，并能够通过全面的安全框架验证真实世界的系统，这将增加日常/企业用户的信任，并鼓励研究人员利用可信计算和严格的分析技术。