Upload
noma
View
23
Download
0
Tags:
Embed Size (px)
DESCRIPTION
Design and Verification of Information Flow Secure Systems. PhD Defense Mohit Tiwari University of California, Santa Barbara. Design and Verification of Information Flow Secure Systems. Committee Tim Sherwood (Chair) Frederic T Chong - PowerPoint PPT Presentation
Citation preview
PhD DefenseMohit Tiwari
University of California, Santa Barbara
Design and Verification ofInformation Flow Secure Systems
Design and Verification ofInformation Flow Secure Systems
CommitteeTim Sherwood (Chair) Frederic T Chong Tevfik BultanBen HardekopfRyan Kastner
UC Santa Barbara
UC San Diego
UC Santa Barbara UC Santa Barbara UC Santa Barbara
High Assurance Systems
Flight Control NetworkPassenger Network
Confidential DataOpen Network
Enforce policies on final system implementation
High Assurance for All
Sensitive data. Untrusted services. Confinement Problem [Lampson’73]
Non-Interference
• Non-Interference: a change in a High input can never be observed or inferred from changes in the Low output. That is, High data should never leak to Low
• Confidentiality-Integrity Duality: “High” is more conservative label. Secret or Tainted/Untrusted.
High
LowLowX
“system”
Real-world systems need both Confidentiality and Integrity
Example MLS System
Example Satellite Application. [Tzvetan Metodi, Aerospace Corp.]
Kernel andDiagnostics Crypto
CommandTelemetryInterface
Time Keeping
I/O Secret
MissionSecret
MissionUnclass.
Interrupt Handlers (Sensitive)
Non-sensitive
Sensitive
Note: Since this is not a real schedule, the processes are not in any sensible execution order
Execution TimePrimary Execution Schedule
Interrupt Handlers (Non-sensitive)
Example: Satellite System
Untrusted & Unclassified
Untrusted & Secret
Trusted & Unclassified
Trusted & Secret
Kernel, Interrupt Handlers (Unclassified), Time Keeping Programs
Diagnostics, Telemetry Interfaces Custom code on Secret data
Libraries (e.g. encryption) that operate on Secret data
But assurance is not cheap
The Price of Assurance
• Evaluation Assurance Levels (EAL 1—7)– Evaluation of process, not end artifact
• RedHat Linux: EAL 4+ – $30-$40 per LOC
• Integrity RTOS: EAL 6+– $10,000 per LOC
… and increasing. Many approaches.
Prog. Language
Traditional Information Flow Security
Logic Gates
Functional Units
Microarchitecture
Instruction Set
Compiler/OS
Applications
Cache-flush: Osvik et. al. 2006...BP Scrub: Aciicmez et al. 2007...Exe Normalize: Kocher 1996…Cache Rand: Lee et al. 2005...
Volpano96, Jif99, Slam98, FlowCaml03HiStar 06, Flume 07, Laminar 09Taintcheck 04, LIFT 06, Dytan 07DIFT 04, Minos 04, LBA 06, Raksha 07
Closer look at IF analysis.
Information Flow Analysis
• Information flows through Space– Registers, Memory, Micro-architectural state etc.
• Information flows through Time– Observable events such as PC, I/O channels etc.if (untrusted == 1)
out1 = 1 else
out2 = 0 (implicit flow)
out = untrusted
(explicit flow)
Memory
CPU A CPU B
How to account for all information flows in a system?
How to construct practical systems that won’t leak?
Outline of this talk
• High Assurance Systems– Information flow security
• Analysis Technique: – Gate-Level Information Flow Tracking
• Architecture– Execution Leases
Analysis: Track all flows
• Flatten design to a (giant) state machine• Does every output have desired label?
Separation Kernel
P0 P1
CPU
Mem I/O Dev
S/WH/W
Secure System
001000101
externalinputs
Combinational Logic
external outputs
clockstate
Equivalent State Machine
10011101011110110001011001111111
Analysis: Track all flows
• Insight: All flows explicit at the gate level
Separation Kernel
P0 P1
CPU
Mem I/O Dev
S/WH/W
Secure System
001000101
externalinputs
external outputs
clockstate
Equivalent State Machine
10011101011110110001011001111111
Analysis: Track all flows
• Outputs: Logic function of state and inputs• Output Labels: Logic func. of state, inputs, and labels
Separation Kernel
P0 P1
CPU
Mem I/O Dev
S/WH/W
Secure System
001000101
externalinputs
external outputs
clockstate
Equivalent State Machine
10011101011110110001011001111111
Analysis: Track all flows
• Does not include physical side-channels – Power draw, Thermal fingerprint, EM radiation
Separation Kernel
P0 P1
CPU
Mem I/O Dev
S/WH/W
Secure System
001000101
externalinputs
Combinational Logic
external outputs
clockstate
Equivalent State Machine
10011101011110110001011001111111
CPU BCPU A
Memory
Bus ArbiterRequest A Request B
Grant A Grant B
Timing Channels
…Will look at implicit flows in a few slides.
Analysis Technique: GLIFT
a b
o
t
o
a bt
t
Shadow ANDAND
Required: Precise Information Flow
• Conventional OR-ing of labels monotonic
clock
resetD Q 010101…
11 0
Precise Information Flow: AND Gate
0 0
0
0 1
1 01 1
0 010 00 1
0 0010
00
10
000 1 0
0
0 1 a b o
a b
o
Use both inputs and input labels
Analysis Technique: GLIFT
a b
o
t
o
a bt
t
b a
o
btta
t
Sound Composition of Shadow Logic
ba
o
s
t1 t2
to
a satts b sbtts
t1 t2
MUX: gatekeeper of trust
a b
s 0
o
a b
s 1
o
a b
s *
o
All Executions: Track “Unknowns”
• Known bits at security evaluation time– Software kernel– Hardware design
• Unknown bits – External inputs– User processes
• Verify policy upheld for all unknown bits– Use abstract interpretation to prove soundness
0
*0
a
*
*1
a
GLIFT Verification Flow
Digital Design
1011
clocktest inputs
state
output
01
Specification of unknown bits
1. Abstraction
10
clockabstract inputs
state
abstract output
**
a a
a
**
10 state
input
** ** *1
Abstract Design
2. Augmentation
1 0
clock
labeled inputs
state
labeled output
* *
L L
L
T T U U
* *U U
1U T*U
T
Information flow lattice
Augmented Design
Concrete state must be enumerable. E.g. Scheduler loop
Outline of this talk
• High Assurance Systems– Information flow security
• Analysis Technique: – Gate-Level Information Flow Tracking
• Architecture – Execution Leases
Implicit Information Flows
Instr Mem
+4jump target
R1
R2RegFile
is jump?
throughdecode
PCPC
if (untrusted==1)
out = 1 tmp = 5
outtmp
Conditional execution taints critical state (PC)
•Problem: Critical CPU state becomes untrusted
Untrusted Code and Conditionals•Lease the CPU to programs for fixed time with bounded memory access
Time
Mem
ory
Stack of Nested LeasesLease = Space-Time Sandbox
Execution Lease Architecture
Instr Mem
+4jump target
R1
R2
throughdecode
PC
Predicates
Reg File
old value
Data Memory
high low
Lease Unit
Timer PC Memory
0
10
1
timer expired?restore PC
Execution Lease Architecture
Instr Mem
+4jump target
R1
R2
throughdecode
PC
Predicates
Reg File
old value
Data Memory
high low
Lease Unit
Timer PC Memory
0
10
1
timer expired?restore PC
Execution Lease Architecture
Instr Mem
+4jump target
R1
R2
throughdecode
PC
Predicates
Reg File
old value
Data Memory
high low
Lease Unit
Timer PC Memory
0
10
1
timer expired?Restore PC
Registers become untainted with trusted loads
Designing for GLIFT- 1. Trusted Reset
Instr Mem
+4jump target
R1
R2
throughdecode
PC
Predicates
Reg File
old value
Data Memory
high low
LeaseUnitTimer PC Range0
10
1
timer exprired?Restore PC
0b10
0b11
>=
<=0b00
EN
ADDR
Store value
BL BL
WL
…
…
Mem Bound Start
Mem Bound End
Tainted Store Addr
Decoder
AddressComparators
Designing for GLIFT: 2. Isolation
0b1*
0b00
BL BL
WL
…
…
AddressMem Bound Range
Tainted Store Addr
EN
Store value
Decoder
AddressBit-Mask
0b1
Designing for GLIFT: 2. Isolation
0
Designing for GLIFT: 3. Critical State
Instr Mem
+4jump target
R1
R2
throughdecode
PC
Predicates
RegFile
old value
DataMemoryhigh
low
LeaseUnitTimer PC Range0
10
1
timer exprired?Restore PC
•Stack of Nested Timers
•Timer values: bad
•Stack pointer: good
•Huge effect on software
•Arbitrary timer values => no encoding overhead
•Save and restore timers => multi-level schedulers
Designing for GLIFT: 3. Critical State
LeaseUnitTimer PC Range
timer exprired?Restore PC