论文信息 - Work-in-progress: towards the application of flask security architecture to SoC design

Work-in-progress: towards the application of flask security architecture to SoC design

In this work, we explore a security reference monitor (RM) design which borrows from the Flask security architecture. Our RM design goal is to achieve complete mediation by checking and verifying the authority and the authenticity of every access to every system object in systems-on-chip (SoCs). Access decisions are administered by a security logic “server" implemented as an extension of the peripheral bus. Initial results show a minimal increase in resource overhead and no significant impact on the performance.

Christophe Bobda | Festus Hategekimana | C. Bobda | Festus Hategekimana

[1] Christophe Bobda,et al. Hardware/Software Isolation and Protection Architecture for Transparent Security Enforcement in Networked Devices , 2016, 2016 IEEE Computer Society Annual Symposium on VLSI (ISVLSI).

[2] Ryan Kastner,et al. Designing secure systems on reconfigurable hardware , 2008, TODE.

[3] Stephen Smalley,et al. Integrating Flexible Support for Security Policies into the Linux Operating System , 2001, USENIX Annual Technical Conference, FREENIX Track.

[4] Mike Hibler,et al. The Flask Security Architecture: System Support for Diverse Security Policies , 1999, USENIX Security Symposium.