Critical resource sharing among multiple entities in a processing system is inevitable, which in turn calls for the presence of appropriate authentication and access control mechanisms. Generally speaking, these mechanisms are implemented via trusted software "policy checkers" that enforce certain high level application-specific "rules" to enforce a policy. Whether implemented as operating system modules or embedded inside the application ad hoc, these policy checkers expose additional attack surface in addition to the application logic. In order to protect application software from an adversary, modern secure processing platforms, such as Intel's Software Guard Extensions (SGX), employ principled hardware isolation to offer secure software containers or enclaves to execute trusted sensitive code with some integrity and privacy guarantees against a privileged software adversary.
We extend this model further and propose using these hardware isolation mechanisms to shield the authentication and access control logic essential to policy checker software. While relying on the fundamental features of modern secure processors, our framework introduces productive software design guidelines which enable a guarded environment to execute sensitive policy checking code -- hence enforcing application control flow integrity -- and afford flexibility to the application designer to construct appropriate high-level policies to customize policy checker software. Joint work with Syed Kamran Haider, Hamza Omar, Ilia Lebedev, and Srini Devadas.
Marten van Dijk is the Charles H. Knapp Associate Professor at the ECE department at the University of Connecticut. He has over 15 years of experience in system security research in both academia (MIT and UConn) and industry (Philips Research and RSA Laboratories). He has contributed in widely varying areas, from Physical Unclonable Functions (PUFs), to Aegis, the first single-chip secure processor that verifies integrity and freshness of external memory, to Oblivious RAM, authenticated file systems with proofs of retrievability and fully homomorphic encryption over the integers.