Sciweavers

EUROSYS
2006
ACM

Reducing TCB complexity for security-sensitive applications: three case studies

14 years 9 months ago
Reducing TCB complexity for security-sensitive applications: three case studies
The large size and high complexity of securitysensitive applications and systems software is a primary cause for their poor testability and high vulnerability. One approach to alleviate this problem is to extract the security-sensitive parts of application and systems software, thereby reducing the size and complexity of software that needs to be trusted. At the system software level, we use the Nizza architecture which relies on a kernelized trusted computing base (TCB) and on the reuse of legacy code using trusted wrappers to minimize the size of the TCB. At the application level, we extract the security-sensitive portions of an already existing application into an AppCore. The AppCore is executed as a trusted process in the Nizza architecture while the rest of the application executes on a virtualized, untrusted legacy operating system. In three case studies of real-world applications (ecommerce transaction client, VPN gateway and digital signatures in an e-mail client), we achieve...
Lenin Singaravelu, Calton Pu, Hermann Härtig,
Added 10 Mar 2010
Updated 10 Mar 2010
Type Conference
Year 2006
Where EUROSYS
Authors Lenin Singaravelu, Calton Pu, Hermann Härtig, Christian Helmuth
Comments (0)