Dynamic measurement and protected execution: model and analysis

Add to your list(s) Download to your calendar using vCal

• Ian Batten, School of Computer Science, University of Birmingham
• Thursday 18 July 2013, 11:00-12:00
• Room 245, School of Computer Science.

If you have a question about this talk, please contact Vincent Cheval.

Useful security properties arise from sealing data to specific units of code. Modern processors featuring Intel’s TXT and AMD ’s SVM achieve this by a process of measured and protected execution. Only code which has the correct measurement can access the data, and this code runs in an environment protected from observation and interference. We present a modelling language with primitives for protected execution, along with its semantics. We characterise an attacker who has access to all the capabilities of the hardware. In order to achieve automatic analysis of systems using protected execution without attempting to search an infinite state space, we define transformations that reduce the number of times the attacker needs to use protected execution to a pre-determined bound. Given reasonable assumptions we prove the soundness of the transformation: no secrecy attacks are lost by applying it. We then describe using the StatVerif extensions to ProVerif to model the bounded invocations of protected execution. We show the analysis of realistic systems, for which we provide case studies.

This talk is part of the Computer Security Seminars series.

This talk is included in these lists:

• Computer Science Departmental Series
• Computer Science Distinguished Seminars
• Computer Security Seminars
• Room 245, School of Computer Science
• computer sience

Note that ex-directory lists are not shown.