Memory protection in embedded systems

We present a model of a protection system based on passwords, protection contexts and protection domains.A protection context is a set of access rights for the memory pages.Passwords are associated with protection domains, which are sets of protection contexts.At the hardware level, the model is supported by a memory protection unit interposed between the processor and the main memory. With reference to an embedded system featuring no support for memory management, we present a model of a protection system based on passwords. At the hardware level, our model takes advantage of a memory protection unit (MPU) interposed between the processor and the complex of the main memory and the input-output devices. The MPU supports both concepts of a protection context and a protection domain. A protection context is a set of access rights for the memory pages; a protection domain is a set of one or more protection contexts. Passwords are associated with protection domains. A process that holds a given password can take advantage of this password to activate the corresponding domain. A small set of protection primitives makes it possible to modify the composition of the domains in a strictly controlled fashion.The proposed protection model is evaluated from a number of important viewpoints, which include password distribution, review and revocation, the memory requirements for storage of the information concerning protection, and the time necessary for password validation. Display Omitted

[1]  Claude Castelluccia,et al.  Defending embedded systems against control flow attacks , 2009, SecuCode '09.

[2]  Henry M. Levy,et al.  Capability-Based Computer Systems , 1984 .

[3]  Ravi S. Sandhu,et al.  Cryptographic Implementation of a Tree Hierarchy for Access Control , 1988, Inf. Process. Lett..

[4]  Adam Dunkels,et al.  Contiki - a lightweight and flexible operating system for tiny networked sensors , 2004, 29th Annual IEEE International Conference on Local Computer Networks.

[5]  Praveen Budhwar,et al.  TinyOS: An Operating System for Wireless Sensor Networks , 2015 .

[6]  Jerome H. Saltzer,et al.  The protection of information in computer systems , 1975, Proc. IEEE.

[7]  C. S. Wallace,et al.  A Password-Capability System , 1986, Comput. J..

[8]  Sabrina De Capitani di Vimercati,et al.  Access Control Policies, Models, and Mechanisms , 2011, Encyclopedia of Cryptography and Security.

[9]  Peter Langendörfer,et al.  Design of a tailor-made memory protection unit for low power microcontrollers , 2013, 2013 8th IEEE International Symposium on Industrial Embedded Systems (SIES).

[10]  Andrew W. Leung,et al.  Scalable security for petascale parallel file systems , 2007, Proceedings of the 2007 ACM/IEEE Conference on Supercomputing (SC '07).

[11]  Leslie Lamport,et al.  Password authentication with insecure communication , 1981, CACM.

[12]  Veljko M. Milutinovic,et al.  A Survey of Microprocessor Architectures for Memory Management , 1987, Computer.

[13]  Fred B. Schneider,et al.  Least Privilege and More , 2003, IEEE Secur. Priv..

[14]  Virgil D. Gligor Review and Revocation of Access Privileges Distributed Through Capabilities , 1979, IEEE Transactions on Software Engineering.

[15]  Lanfranco Lopriore Hardware support for memory protection in sensor nodes , 2014, Microprocess. Microsystems.

[16]  Donald S. Miller,et al.  LOWER LEVEL ARCHITECTURE OF THE SOMBRERO SINGLE ADDRESS SPACE DISTRIBUTED OPERATING SYSTEM , 2007 .

[17]  Mani B. Srivastava,et al.  A System For Coarse Grained Memory Protection In Tiny Embedded Processors , 2007, 2007 44th ACM/IEEE Design Automation Conference.

[18]  Ronald Pose Password-capabilities: their evolution from the password-capability system into Walnut and beyond , 2001, Proceedings 6th Australasian Computer Systems Architecture Conference. ACSAC 2001.

[19]  Rajeev Barua,et al.  Segment protection for embedded systems using run-time checks , 2005, CASES '05.

[20]  Lanfranco Lopriore,et al.  Password Capabilities Revisited , 2015, Comput. J..

[21]  Luis Gonzalez,et al.  A brief essay on capabilities , 1995, SIGP.

[22]  J. Shapiro,et al.  EROS: a fast capability system , 2000, OPSR.

[23]  Anh-Vu Dinh-Duc,et al.  MemMON: run-time off-chip detection for memory access violation in embedded systems , 2010, SoICT '10.

[24]  Sang Lyul Min,et al.  Scratchpad Memory Management Techniques for Code in Embedded Systems without an MMU , 2010, IEEE Transactions on Computers.

[25]  Jochen Liedtke,et al.  The mungi single‐address‐space operating system , 1998, Softw. Pract. Exp..

[26]  Lanfranco Lopriore,et al.  Protection Structures in Multithreaded Systems , 2013, Comput. J..

[27]  Trevor N. Mudge,et al.  Virtual Memory: Issues of Implementation , 1998, Computer.

[28]  K. J. Ray Liu,et al.  Key management and distribution for secure multimedia multicast , 2003, IEEE Trans. Multim..

[29]  Peter Langendörfer,et al.  Towards a Secure Address Space Separation for Low Power Sensor Nodes , 2011, PECCS.

[30]  Markus Jakobsson,et al.  Efficient Constructions for One-Way Hash Chains , 2005, ACNS.

[31]  Seh-Woong Jeong,et al.  A Low Power TLB Structure for Embedded Systems , 2002, IEEE Computer Architecture Letters.

[32]  Maurice V. Wilkes Hardware support for memory protection: Capability implementations , 1982, ASPLOS I.