eCommons

 

HyperFlow: A Processor Architecture for Timing-Safe Information-Flow Security

dc.contributor.authorFerraiuolo, Andrew
dc.contributor.authorZhao, Yuqi
dc.contributor.authorSuh, G. Edward
dc.contributor.authorMyers, Andrew C.
dc.date.accessioned2018-05-01T15:23:17Z
dc.date.available2018-05-01T15:23:17Z
dc.date.issued2018-05-01
dc.description.abstractThis paper presents HyperFlow, a processor that enforces secure information flow, including control over timing channels. The design and implementation of HyperFlow offer security assurance because it is implemented using a security-typed hardware description language that enforces secure information flow. Unlike prior information-flow secured processors that aim to strictly enforce noninterference, HyperFlow supports complex information flow policies that can be configured at run time, and provides support for secure interprocess communication (IPC) and system calls. The architecture also offers a new model for process isolation in which memory protection is provided via information flow control with strong security assurance while allowing IPC and shared memory. HyperFlow is designed to support practical applications and system architectures. It therefore supports decentralized information flow mechanisms that allow controlled communication among mutually distrusting processes, mediated by dynamic, fine-grained labels. Static information- flow verification of such a complex processor architecture poses significant challenges, which require contributions in both the hardware architecture and the security type system. The paper discusses the architecture decisions that make the processor secure and describes a new secure HDL, named ChiselFlow, that allows these decisions to be verified in a lightweight way. The HyperFlow architecture is also prototyped on a fully-featured processor that offers a complete RISC-V instruction set, and is shown to have moderate overhead on area and performance.en_US
dc.identifier.urihttps://hdl.handle.net/1813/57020
dc.language.isoen_USen_US
dc.rightsAttribution-NonCommercial-NoDerivatives 4.0 International*
dc.rights.urihttps://creativecommons.org/licenses/by-nc-nd/4.0/*
dc.subjectHardware Security, Information Flow, Language-Based Securityen_US
dc.titleHyperFlow: A Processor Architecture for Timing-Safe Information-Flow Securityen_US
dc.typetechnical reporten_US

Files

Original bundle
Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
paper.pdf
Size:
326.42 KB
Format:
Adobe Portable Document Format
Description: