Cache-Leakage Resilient OS Isolation in an Idealized Model of Virtualization. Barthe, G., Betarte, G., Campo, J. D., & Luna, C. 2012.
doi  abstract   bibtex   
Virtualization platforms allow multiple operating systems to run on the same hardware. One of their central goal is to provide strong isolation between guest operating systems, unfortunately, they are often vulnerable to practical side-channel attacks. Cache attacks are a common class of side-channel attacks that use the cache as a side channel. We formalize an idealized model of virtualization that features the cache and the Translation Look aside Buffer (TLB), and that provides an abstract treatment of cache-based side-channels. We then use the model for reasoning about cache-based attacks and countermeasures, and for proving that isolation between guest operating systems can be enforced by flushing the cache upon context switch. In addition, we show that virtualized platforms are transparent, i.e. a guest operating system cannot distinguish whether it executes alone or together with other guest operating systems on the platform. The models and proofs have been machine-checked in the Coqproof assistant.
@conference {barthe_cache-leakage_2012,
	title = {Cache-Leakage Resilient {OS} Isolation in an Idealized Model of Virtualization},
	booktitle = {Computer Security Foundations Symposium ({CSF)}, 2012 {IEEE} 25th},
	year = {2012},
	pages = {186{\textendash}197},
	abstract = {Virtualization platforms allow multiple operating systems to run on the same hardware. One of their central goal is to provide strong isolation between guest operating systems, unfortunately, they are often vulnerable to practical side-channel attacks. Cache attacks are a common class of side-channel attacks that use the cache as a side channel. We formalize an idealized model of virtualization that features the cache and the Translation Look aside Buffer ({TLB)}, and that provides an abstract treatment of cache-based side-channels. We then use the model for reasoning about cache-based attacks and countermeasures, and for proving that isolation between guest operating systems can be enforced by flushing the cache upon context switch. In addition, we show that virtualized platforms are transparent, i.e. a guest operating system cannot distinguish whether it executes alone or together with other guest operating systems on the platform. The models and proofs have been machine-checked in the Coqproof assistant.},
	keywords = {abstract treatment, cache attacks, cache storage, cache-based side-channels, Cache-leakage, cache-leakage resilient {OS} isolation, Cognition, Computational modeling, Coqproof assistant, guest operating systems, inference mechanisms, Isolation, Memory management, Operating systems, operating systems (computers), reasoning, security of data, Semantics, side-channel attacks, Switches, theorem proving, Translation Look aside Buffer, Transparency, Virtual machine monitors, virtualisation, Virtualization, virtualization platforms, {TLB}},
	doi = {10.1109/CSF.2012.17},
	author = {Barthe, G. and Gustavo Betarte and Campo, Juan Diego and Luna, Carlos}
}
Downloads: 0
About
Documentation
Keywords
Search
Users
Terms and Conditions of Use
Privacy Policy
Sitemap
© BibBase.org 2021