Sciweavers

CCS
2015
ACM

Mitigating Storage Side Channels Using Statistical Privacy Mechanisms

8 years 7 months ago
Mitigating Storage Side Channels Using Statistical Privacy Mechanisms
A storage side channel occurs when an adversary accesses data objects influenced by another, victim computation and infers information about the victim that it is not permitted to learn directly. We bring advances in privacy for statistical databases to bear on storage side-channel defense, and specifically demonstrate the feasibility of applying differentially private mechanisms to mitigate storage side channels in procfs, a pseudo file system broadly used in Linux and Android kernels. Using a principled design with quantifiable security, our approach injects noise into kernel datastructure values that are used to generate procfs contents, but also reestablishes invariants on these noised values so as to not violate assumptions on which procfs or its clients depend. We show that our modifications to procfs can be configured to mitigate known storage side channels while preserving its utility for monitoring and diagnosis. Categories and Subject Descriptors D.4.6 [OPERATING SYST...
Qiuyu Xiao, Michael K. Reiter, Yinqian Zhang
Added 17 Apr 2016
Updated 17 Apr 2016
Type Journal
Year 2015
Where CCS
Authors Qiuyu Xiao, Michael K. Reiter, Yinqian Zhang
Comments (0)