Antikernel: a decentralized secure hardware-software operating system architecture

Add to your list(s) Download to your calendar using vCal

• Andrew D. Zonenberg, IOActive
• Friday 15 December 2017, 16:00-16:30
• Computer Laboratory, William Gates Building, Room FW11.

If you have a question about this talk, please contact Markus Kuhn.

The “kernel” model has been part of operating system architecture for decades, but upon closer inspection it clearly violates the principle of least required privilege. The kernel is a single entity which provides many services (memory management, interfacing to drivers, context switching, IPC ) which have no real relation to each other, and has the ability to observe or tamper with all state of the system. This work presents Antikernel, a novel operating system architecture consisting of both hardware and software components and designed to be fundamentally more secure than the state of the art. To make formal verification easier, and improve parallelism, the Antikernel system is highly modular and consists of many independent hardware state machines (one or more of which may be a general-purpose CPU running application or systems software) connected by a packet-switched network-on-chip (NoC). We create and verify an FPGA -based prototype of the system.

CHES 2016 , https://eprint.iacr.org/2016/550

This talk is part of the Computer Laboratory Security Group meeting presentations series.

This talk is included in these lists:

• All Talks (aka the CURE list)
• Cambridge talks
• Computer Laboratory Security Group meeting presentations
• Computer Laboratory, William Gates Building, Room FW11
• Department of Computer Science and Technology talks and seminars
• Interested Talks
• School of Technology
• Security-related talks
• Trust & Technology Initiative - interesting events
• bld31

Note that ex-directory lists are not shown.