Automation for creating and configuring security manifests for hardware containers

Author

Leontie, Eugen ; Bloom, Gedare ; Simha, Rahul

Author_Institution

Dept. of Comput. Sci., George Washington Univ., Washington, DC, USA

fYear

2011

fDate

Oct. 31 2011-Nov. 1 2011

Firstpage

1

Lastpage

2

Abstract

Hardware containers provide fine-grained memory access control to isolate memory regions and sandbox memory references between components of an application. A hardware reference monitor enforces a security manifest of memory access permissions for the currently executing component. In this paper we discuss how automation tools can help software developers to create the security manifest that configures hardware containers. The goal of this work is to foster discussion about our proposals for automation tools: to date we know of no solutions for extracting the metadata (permissions) required for fine-grained memory access control.

Keywords

authorisation; software development management; automation tool; fine-grained memory access control; hardware container; hardware reference monitor; memory access permission; memory region; sandbox memory reference; security manifest; software developer; Access control; Automation; Containers; Hardware; Monitoring; Software;

fLanguage

English

Publisher

ieee

Conference_Titel

Configuration Analytics and Automation (SAFECONFIG), 2011 4th Symposium on

Conference_Location

Arlington, VA

Print_ISBN

978-1-4673-0401-6

Electronic_ISBN

978-1-4673-0400-9

Type

conf

DOI

10.1109/SafeConfig.2011.6111677

Filename

6111677