学位论文详细信息
  1. 返回上一页
Building trust in the user I/O in computer systems
Security;I/O
Jang, Yeong Jin ; Lee, Wenke Kim, Taesoo Computer Science Ahamad, Mustaque Li, Kang Kim, Yongdae ; Lee, Wenke
University:Georgia Institute of Technology
Department:Computer Science
关键词: Security;    I/O;   
Others  :  https://smartech.gatech.edu/bitstream/1853/58732/1/JANG-DISSERTATION-2017.pdf
美国|英语
来源: SMARTech Repository
PDF
【 摘 要 】

User input plays an essential role in computer security because it can control system behavior and make security decisions in the system. System output to users, or user output, is also important because it often contains security-critical information that must be protected regarding its integrity and confidentiality, such as passwords and user’s private data. Despite the importance of user input and output (I/O), modern computer systems often fail to provide necessary security guarantees on them, which could result in serious security breaches. This dissertation aims to build trust in the user I/O in computer systems to keep the systems secure from attacks on the user I/O. To this end, we analyze the user I/O paths on popular platforms including desktop operating systems, mobile operating systems, and trusted execution environments such as Intel SGX, and identified that threats and attacks on the user I/O can be blocked by guaranteeing three key security properties of user I/O: integrity, confidentiality, and authenticity. First, GYRUS addresses the integrity of user input by matching the user’s original input with the content of outgoing network traffic to authorize user-intended network transactions. Second, M-AEGIS addresses the confidentiality of user I/O by implementing an encryption layer on top of user interface layer that provides user-to-user encryption. Third, the A11Y ATTACK addresses the importance of verifying user I/O authenticity by demonstrating twelve new attacks. Finally, to establish trust in the user I/O in a commodity computer system, I built a system called SGX-USB, which combines all three security properties to ensure the assurance of user I/O. The implemented system supports common user input devices such as a keyboard and a mouse over the trusted channel. Having assurance in user I/O allows the computer system to securely handle commands and data from the user by eliminating attack pathways to a system’s I/O paths.

【 预 览 】
附件列表
Files Size Format View
Building trust in the user I/O in computer systems 12837KB PDF download
  文献评价指标  
  下载次数:7次 浏览次数:20次
   
推荐资源列表
关于我们|团队介绍|帮助中心|联系我们

Copyright © 2016 中国科学院文献情报中心

京公网安备340104078870146号  878987797  028-85220240

OAinOne平台基于对开放资源的发现、遴选和评价方式,发现、获取、集成9类优质的开放科技资源,包括开放期刊、开放会议论文、开放课件、科技政策、开放学位论文、开放图书、开放科技报告、科研项目、开放科学数据。同时,为实现开放知识资源普遍服务、个性化服务、精准服务,基于OAinONE集成的丰富开放资源,开发建设领域开放知识资源服务定制工具(OAtoYOU)、开放资源评价评估体系(OAEvaluation),建设集成OAinONE资源及其他第三方资源的OA Hub,及其面向我院分布式大数据知识资源系统及其他第三方的开放接口服务,并打造特色专题数据库产品建设,包括科技政策集成及趋势平台、开放课程大讲堂等。此外,OAinOne构建开放知识资源建设的可持续发展机制,支持我院研究所特色馆藏资源、自建资源、古籍资源等在OAinONE平台上的集成、开放、共享。