Design and Implementation of Application Software and Data Protection in an Untrusted Environment

Abstract

Application protection is traditionally provided by the underlying operating system through process isolation. However, it has become practically impossible to completely secure modem operating systems due to their extremely large size and diversity. In this project, we introduce a new system of protection for applications, called the Software-Privacy Preserving Platform (SP3), that directly guarantees application privacy. Even when the operating system is compromised, SP3 prevents the unauthorized exposure of application information. By extending the conventional paging system, SP3 achieves a general, flexible, and easy-to-use protection interface with minimal intrusion to existing systems. We have implemented a prototype SP3 system by modifying Xen hypervisor, running modified Linux on top of it. Our experimental evaluation shows that \sppp-increases the application execution time by 0-22 percent for CPU and memory-intensive workloads.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 05, 2007
Accession Number
AD1068293

Entities

People

  • Kang G. Shin

Organizations

  • University of Michigan

Tags

Communities of Interest

  • Cyber
  • Energy and Power Technologies
  • Materials and Manufacturing Processes

DTIC Thesaurus Topics

  • Application Software
  • Computer Programming
  • Computer Programs
  • Computer Science
  • Computers
  • Cryptography
  • Detection
  • Environment
  • Hypervisors
  • Intrusion
  • Intrusion Detection
  • Operating Systems
  • Secure Communications
  • System Software
  • Virtual Machines
  • Word Processors
  • Workload

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Parallel and Distributed Computing.