PROJECT TITLE :
Flexible Hardware-Managed Isolated Execution: Architecture, Software Support and Applications - 2018
We tend to consider the matter of how to produce an execution setting where the application's secrets are safe even in the presence of malicious system software layers. We tend to propose Iso-X-a flexible, fine-grained hardware-supported framework that provides isolation for security-vital pieces of an application such that they'll execute securely even within the presence of untrusted system software. Isolation in Iso-X is achieved by creating and dynamically managing compartments (isolated software modules) to host critical fragments of code and associated knowledge. Iso-X provides fine-grained isolation at the memory-page level, versatile allocation of memory, and a low-complexity, hardware-only trusted computing base. Iso-X needs minimal additional hardware, a small number of recent ISA directions to manage compartments, and minimal changes to the operating system which need not be in the trusted computing base. The run-time performance overhead of Iso-X is negligible and even the overhead of making and destroying compartments is modest. An FPGA implementation of Iso-X runtime mechanisms shows a negligible impact on the processor cycle time.
Did you like this research project?
To get this research project Guidelines, Training and Code... Click Here