Virtual Ghost: Protecting Applications from Compromised Operating Systems
Event details
| Date | 12.03.2015 |
| Hour | 16:00 › 17:00 |
| Speaker | Professor John Criswell, Department of Computer Science, University of Rochester |
| Location | |
| Category | Conferences - Seminars |
Commodity operating system kernels are the foundation of our software systems, providing access control, I/O mechanisms, and memory management. However, operating system kernels are vulnerable to a variety of security attacks. Compromising the kernel allows an attacker to render any security protections, provided by the kernel or the applications running on the kernel, useless.
In this talk, he will present Virtual Ghost: a system that protects the confidentiality and integrity of application data from an operating system kernel that is completely under an attacker’s control. Virtual Ghost provides applications with private, incorruptible memory, incorruptible control flow, and secure key delivery. With these features, applications can protect their data from the operating system kernel. Unlike previous systems, Virtual Ghost employs compiler techniques to protect applications and is faster than previous solutions that rely on hypervisor-based approaches.
In this talk, he will present Virtual Ghost: a system that protects the confidentiality and integrity of application data from an operating system kernel that is completely under an attacker’s control. Virtual Ghost provides applications with private, incorruptible memory, incorruptible control flow, and secure key delivery. With these features, applications can protect their data from the operating system kernel. Unlike previous systems, Virtual Ghost employs compiler techniques to protect applications and is faster than previous solutions that rely on hypervisor-based approaches.
Practical information
- Informed public
- Free
Contact
- Madeleine Robert