This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Gate-Level Information-Flow Tracking for Secure Architectures
January/February 2010 (vol. 30 no. 1)
pp. 92-100
Mohit Tiwari, University of California, Santa Barbara
Xun Li, University of California, Santa Barbara
Hassan M.G. Wassel, University of California, Santa Barbara
Bita Mazloom, University of California, Santa Barbara
Shashidhar Mysore, University of California, Santa Barbara
Frederic T. Chong, University of California, Santa Barbara
Timothy Sherwood, University of California, Santa Barbara

This article describes a new method for constructing and analyzing architectures that can track all information flows within a processor, including explicit, implicit, and timing flows. The key to this approach is a novel gate-level information-flow-tracking method that provides a way to create complex logical structures with well-defined information-flow properties.

1. D.A. Osvik, A. Shamir, and E. Tromer, "Cache Attacks and Countermeasures: The Case of AES," Proc. Topics in Cryptology (CT-RSA 06), LNCS 3860, Springer, 2006, pp. 1-20.
2. O. Aciiçmez, C.K. Koç, and J.-P. Seifert, "Predicting Secret Keys via Branch Prediction," Proc. Topics in Cryptology (CT-RSA 07), LNCS 4377, Springer, 2007, pp. 225-242.
3. R.B. Lee et al., "Architecture for Protecting Critical Secrets in Microprocessors," Proc. 32nd Ann. Int'l Symp. Computer Architecture (ISCA 05), IEEE CS Press, 2005, pp. 2-13.
4. "What Does CC EAL6+ Mean?" Open Kernel Labs Blog, 20 Nov. 2008; http://www.ok-labs.com/blog/entrywhat-does-cc-eal6-mean .
5. M. Dalton, H. Kannan, and C. Kozyrakis, "Raksha: A Flexible Information Flow Architecture for Software Security," Proc. 34th Ann. Int'l Symp. Computer Architecture (ISCA 07), ACM Press, 2007, pp. 482-493.
6. M. Tiwari et al., "Complete Information Flow Tracking from the Gates Up," Proc. 14th Int'l Conf. Architectural Support for Programming Languages and Operating Systems (ASPLOS 09), ACM Press, 2009, pp. 109-120.
7. M. Tiwari et al., "Execution Leases: A Hardware-Supported Mechanism for Enforcing Strong Non-interference," Proc. IEEE/ACM Int'l Symp. Microarchitecture (MICRO 42), IEEE CS Press, 2009, pp. 493-504.
8. P.A. Karger et al., "A Retrospective on the VAX VMM Security Kernel," IEEE Trans. Software Eng., vol. 17, no. 11, 1991, pp. 1147-1165.
9. J.K. Millen, "20 Years of Covert Channel Modeling and Analysis," Proc. IEEE Symp. Security and Privacy (SP 99), IEEE CS Press, 1999, pp. 113-114.
10. Integrity Real-Time Operating System, Green Hills Software, 2009; http://www.ghs.com/products/rtosintegrity.html .

Index Terms:
high-assurance systems, information-flow tracking, noninterference, timing channels, covert channels
Citation:
Mohit Tiwari, Xun Li, Hassan M.G. Wassel, Bita Mazloom, Shashidhar Mysore, Frederic T. Chong, Timothy Sherwood, "Gate-Level Information-Flow Tracking for Secure Architectures," IEEE Micro, vol. 30, no. 1, pp. 92-100, Jan.-Feb. 2010, doi:10.1109/MM.2010.17
Usage of this product signifies your acceptance of the Terms of Use.