Practical Security Properties on Commodity Computing Platforms - Amit Vasudevan

Blick ins Buch

Practical Security Properties on Commodity Computing Platforms (eBook)

The uber eXtensible Micro-Hypervisor Framework

Amit Vasudevan (Autor)

eBook Download: PDF

2019
85 Seiten
Springer International Publishing (Verlag)
978-3-030-25049-2 (ISBN)

Lese- und Medienproben

Ebook-Leseprobe (PDF)

This SpringerBrief discusses the uber eXtensible Micro-hypervisor Framework (uberXMHF), a novel micro-hypervisor system security architecture and framework that can isolate security-sensitive applications from other untrustworthy applications on commodity platforms, enabling their safe co-existence. uberXMHF, in addition, facilitates runtime monitoring of the untrustworthy components, which is illustrated in this SpringerBrief. uberXMHF focuses on three goals which are keys to achieving practical security on commodity platforms: (a) commodity compatibility (e.g., runs unmodified Linux and Windows) and unfettered access to platform hardware; (b) low trusted computing base and complexity; and (c) efficient implementation.

uberXMHF strives to be a comprehensible, practical and flexible platform for performing micro-hypervisor research and development. uberXMHF encapsulates common hypervisor core functionality in a framework that allows developers and users to build custom micro-hypervisor based (security-sensitive) applications (called 'uberapps'). The authors describe several uberapps that employ uberXMHF and showcase the framework efficacy and versatility. These uberapps span a wide spectrum of security applications including application compartmentalization and sandboxing, attestation, approved code execution, key management, tracing, verifiable resource accounting, trusted-path and on-demand I/O isolation.

The authors are encouraged by the end result - a clean, barebones, low trusted computing base micro-hypervisor framework for commodity platforms with desirable performance characteristics and an architecture amenable to manual audits and/or formal reasoning. Active, open-source development of uberXMHF continues.

The primary audience for this SpringerBrief is system (security) researchers and developers of commodity system software. Practitioners working in system security deployment mechanisms within industry and defense, as well as advanced-level students studying computer science with an interest in security will also want to read this SpringerBrief.

Amit Vasudevan is a Computer Scientist at the Software Engineering Institute (SEI), Carnegie Mellon University (CMU). His research interests include secure (embedded) systems and IoT, virtualization, trusted computing, formal methods, malware analysis and operating systems. His present research focuses on building formally verifiable and trustworthy computing systems. He is the principal force behind the design and development of uberSpark - an innovative architecture and framework for compositional formal verification of security properties of commodity system software; and the uber eXtensible Micro-Hypervisor Framework (uberXMHF) - an open-source, extensible and formally verifiable micro-hypervisor framework which forms the foundation for a new class of (security-oriented) micro-hypervisor based applications ('uberapps') on commodity computing platforms.

He received his Ph.D. and M.S degrees from the Computer Science Department at UT Arlington and spent three years as a Post-doctoral fellow at CyLab, Carnegie Mellon University. Before that, he obtained his B.E. from the Computer Science Department at the BMS College of Engineering, Bangalore, India.

Erscheint lt. Verlag	20.9.2019
Reihe/Serie	SpringerBriefs in Computer Science
Reihe/Serie	SpringerBriefs in Computer Science
Zusatzinfo	XIX, 85 p. 8 illus.
Sprache	englisch
Themenwelt	Mathematik / Informatik ► Informatik
Schlagworte	Compositional verification • cybersecurity • Development compatible verification • Extensible and verifiable micro-hypervisor • Low-TCB micro-hypervisor framework • micro-hypervisor • Micro-hypervisor application compartmentalization • Micro-Hypervisor assisted security applications • Micro-hypervisor attestation • Micro-hypervisor I/O isolaton • Micro-hypervisor key management • Micro-Hypervisor System Security Architecture • Micro-hypervisor trusted-path • Micro-hypervisor verifiable resource accounting • Salient security properties • security applications • uberapps • uber eXtensible Micro-Hypervisor Framework (uberXMHF) • Verifiable object architecture (uber-objects) • Verified trace properties on commodity platforms
ISBN-10	3-030-25049-0 / 3030250490
ISBN-13	978-3-030-25049-2 / 9783030250492

Informationen gemäß Produktsicherheitsverordnung (GPSR)
Haben Sie eine Frage zum Produkt?

PDF (Wasserzeichen)

DRM: Digitales Wasserzeichen
Dieses eBook enthält ein digitales Wasserzeichen und ist damit für Sie personalisiert. Bei einer missbräuchlichen Weitergabe des eBooks an Dritte ist eine Rückverfolgung an die Quelle möglich.

Dateiformat: PDF (Portable Document Format)
Mit einem festen Seitenlayout eignet sich die PDF besonders für Fachbücher mit Spalten, Tabellen und Abbildungen. Eine PDF kann auf fast allen Geräten angezeigt werden, ist aber für kleine Displays (Smartphone, eReader) nur eingeschränkt geeignet.

Systemvoraussetzungen:
PC/Mac: Mit einem PC oder Mac können Sie dieses eBook lesen. Sie benötigen dafür einen PDF-Viewer - z.B. den Adobe Reader oder Adobe Digital Editions.
eReader: Dieses eBook kann mit (fast) allen eBook-Readern gelesen werden. Mit dem amazon-Kindle ist es aber nicht kompatibel.
Smartphone/Tablet: Egal ob Apple oder Android, dieses eBook können Sie lesen. Sie benötigen dafür einen PDF-Viewer - z.B. die kostenlose Adobe Digital Editions-App.

Buying eBooks from abroad
For tax law reasons we can sell eBooks just within Germany and Switzerland. Regrettably we cannot fulfill eBook-orders from other countries.

Print-Ausgabe

Buch | Softcover

CHF 74,85