Computer Science Colloquia
John Criswell, University of Illinois, Urbana-Champaign
Wednesday, March 26, 2014
3:30 PM, Rice Hall, Rm. 130 (Light refreshments after the seminar Rice Hall 4th floor atrium)
HOST: Mohammad Mahmoody
Secure Virtual Architecture: Strong Security for Commodity Systems
Commodity operating system kernels are the foundation of our
software systems, providing access control, I/O mechanisms, and memory
management. However, operating system kernels are vulnerable to a
variety of security attacks. Compromising the kernel allows an attacker
to render any security protections, provided by the kernel or the
applications running on the kernel, useless.
Secure Virtual Architecture (SVA) is a compiler-based infrastructure designed to address the challenges of securing commodity operating systems. SVA compiles the kernel down to a virtual instruction set that is designed for aggressive static analysis and compiler instrumentation. SVA also provides instructions for manipulating hardware state (such as the MMU) and performing state manipulation (such as context switching). With these features, SVA can protect both operating system and application code via compiler instrumentation techniques.
In this talk, I will present my work on designing and building SVA and on using it to secure commodity systems. I will briefly describe how SVA can protect commodity operating system kernels from buffer overflow and other memory safety attacks. I will then describe Virtual Ghost: a system that protects the confidentiality and integrity of application data from an operating system kernel that is completely under an attacker's control. Virtual Ghost provides applications with private, incorruptible memory and secure key delivery and is faster than previous solutions that rely on hypervisor-based approaches.
Bio: John Criswell is a research programmer and Ph.D. student at the University of Illinois at Urbana-Champaign. His research interests focus on computer security and automatic compiler transformations that can be used to enforce security policies on commodity software. John's primary research work is on the Secure Virtual Architecture (SVA). SVA enforces security policies on commodity operating system and application code via compiler instrumentation. Using SVA, John has built systems that protect commodity operating systems from buffer overflows and other memory safety attacks. More recently, John used SVA to create the Virtual Ghost system that protects application data and control-flow integrity from a compromised operating system kernel.
Prior to joining the University of Illinois, John worked at Argus Systems Group, Inc. While there, John worked on adding mandatory access controls to the networking subsystem of the AIX operating system.