Secure compilation to modern processors: extended version

We present a secure (fully abstract) compilation scheme to compile an object-based high-level language to low-level machine code. Full abstraction is achieved by relying on a fine-grained program counter-based memory access protection scheme, which is part of our low-level target language. We discuss why standard compilers fail to provide full abstraction and introduce enhancements needed to achieve this goal. We prove that our enhanced compilation scheme provides full abstraction from our high-level source language to our low-level target language. Lastly, we show by means of a prototype implementation that our low-level language with fine-grained memory access control can be realized efficiently on modern commodity

[1]  Fred B. Schneider,et al.  Independence from obfuscation: A semantic framework for diversity , 2010, J. Comput. Secur..

[2]  Peng Ning,et al.  SICE: a hardware-level strongly isolated computing environment for x86 multi-core platforms , 2011, CCS '11.

[3]  Benjamin C. Pierce,et al.  Types and programming languages: the next generation , 2003, 18th Annual IEEE Symposium of Logic in Computer Science, 2003. Proceedings..

[4]  Adrian Perrig,et al.  TrustVisor: Efficient TCB Reduction and Attestation , 2010, 2010 IEEE Symposium on Security and Privacy.

[5]  Michael K. Reiter,et al.  Flicker: an execution infrastructure for tcb minimization , 2008, Eurosys '08.

[6]  Karim Eldefrawy SMART: Secure and Minimal Architecture for (Establishing a Dynamic) Root of Trust , 2012, NDSS 2012.

[7]  Wouter Joosen,et al.  Runtime countermeasures for code injection attacks against C and C++ programs , 2012, CSUR.

[8]  Andrew Kennedy Securing the .NET programming model , 2006, Theor. Comput. Sci..

[9]  Calton Pu,et al.  Reducing TCB complexity for security-sensitive applications: three case studies , 2006, EuroSys.

[10]  Hovav Shacham,et al.  Return-Oriented Programming: Systems, Languages, and Applications , 2012, TSEC.

[11]  Stephen N. Zilles,et al.  Programming with abstract data types , 1974, SIGPLAN Symposium on Very High Level Languages.

[12]  Julian Rathke,et al.  Java Jr: Fully Abstract Trace Semantics for a Core Java Language , 2005, ESOP.

[13]  Úlfar Erlingsson,et al.  Low-Level Software Security by Example , 2010, Handbook of Information and Communication Security.

[14]  Martín Abadi,et al.  Protection in Programming-Language Translations , 1998, ICALP.

[15]  Mihai Budiu,et al.  Control-flow integrity principles, implementations, and applications , 2009, TSEC.

[16]  James H. Morris Protection in programming languages , 1973, CACM.

[17]  Frank Piessens,et al.  Efficient Isolation of Trusted Subsystems in Embedded Systems , 2010, SecureComm.

[18]  Martín Abadi,et al.  On Protection by Layout Randomization , 2010, 2010 23rd IEEE Computer Security Foundations Symposium.

[19]  Frank Piessens,et al.  Breaking the memory secrecy assumption , 2009, EUROSEC '09.

[20]  Julian Rathke,et al.  Local Memory via Layout Randomization , 2011, 2011 IEEE 24th Computer Security Foundations Symposium.