Memoir: Practical State Continuity for Protected Modules

Bryan Parno; James Mickens; Jonathan M. McCune; Jacob R. Lorch; John R. Douceur

doi:10.1109/SP.2011.38

S
SP
2011
2011 IEEE Symposium on Security and Privacy
Abstract - Memoir: Practical State Continuity for Protected Modules

	This Article
	Subscribers, please Login Purchase article: $19 PDF RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/EndNote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Bryan Parno Articles by Jacob R. Lorch Articles by John R. Douceur Articles by James Mickens Articles by Jonathan M. McCune

2011 IEEE Symposium on Security and Privacy

Memoir: Practical State Continuity for Protected Modules

Oakland, California USA

May 22-May 25

ISBN: 978-0-7695-4402-1

	ASCII Text	x
	Bryan Parno, Jacob R. Lorch, John R. Douceur, James Mickens, Jonathan M. McCune, "Memoir: Practical State Continuity for Protected Modules," Security and Privacy, IEEE Symposium on, pp. 379-394, 2011 IEEE Symposium on Security and Privacy, 2011.

	BibTex	x
	@article{ 10.1109/SP.2011.38, author = {Bryan Parno and Jacob R. Lorch and John R. Douceur and James Mickens and Jonathan M. McCune}, title = {Memoir: Practical State Continuity for Protected Modules}, journal ={Security and Privacy, IEEE Symposium on}, volume = {0}, year = {2011}, issn = {1081-6011}, pages = {379-394}, doi = {http://doi.ieeecomputersociety.org/10.1109/SP.2011.38}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Security and Privacy, IEEE Symposium on TI - Memoir: Practical State Continuity for Protected Modules SN - 1081-6011 SP379 EP394 A1 - Bryan Parno, A1 - Jacob R. Lorch, A1 - John R. Douceur, A1 - James Mickens, A1 - Jonathan M. McCune, PY - 2011 VL - 0 JA - Security and Privacy, IEEE Symposium on ER -

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/SP.2011.38

To protect computation, a security architecture must safeguard not only the software that performs it but also the state on which the software operates. This requires more than just preserving state confidentiality and integrity, since, e.g., software may err if its state is rolled back to a correct but stale version. For this reason, we present Memoir, the first system that fully ensures the continuity of a protected software module's state. In other words, it ensures that a module's state remains persistently and completely inviolate. A key contribution of Memoir is a technique to ensure rollback resistance without making the system vulnerable to system crashes. It does this by using a deterministic module, storing a concise summary of the module's request history in protected NVRAM, and allowing only safe request replays after crashes. Since frequent NVRAM writes are impractical on modern hardware, we present a novel way to leverage limited trusted hardware to minimize such writes. To ensure the correctness of our design, we develop formal, machine-verified proofs of safety. To demonstrate Memoir's practicality, we have built it and conducted evaluations demonstrating that it achieves reasonable performance on real hardware. Furthermore, by building three useful Memoir-protected modules that rely critically on state continuity, we demonstrate Memoir's versatility.

Citation:

Bryan Parno, Jacob R. Lorch, John R. Douceur, James Mickens, Jonathan M. McCune, "Memoir: Practical State Continuity for Protected Modules," sp, pp.379-394, 2011 IEEE Symposium on Security and Privacy, 2011

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.