1. Summary
① This paper introduces controlled-channel attack.
② That allows an untrusted OS to extract large amounts of sensitive information from protected applications on systems like Overshadow, InkTag or Haven.
③ Authors implement the attacks on Haven and InkTag.
④ And, Demonstrate their power by extracting complete text documents and outlines of JPEG images from widely deployed application libraries.
⑤ through this paper, it is unclear if Overshadow’s vision of protecting unmodified legacy applications from legacy OS running on off-the-shelf hardware is still tenable.
2. Related work Summary
➀ Cache side-channel attacks are most closely related to the attacks described in this paper, as both exploit secret-dependent memory accesses by the victim.
➁ Contrary to other works, Attacks in this paper targets a different class of system(shielding systems).
➂ Author speaks that they have different advarsary models, different channels, different challenges and different techniques and more powerful.
3. The Good
➀ Attack is able to extract much richer informations like a full text and images.
➁ It has a full practicality
➂ and This paper give real data to explain possibility
4. The Bad
➀ The attacks are limited to general user programs such as image and text processing.
5. Your Comment
why simple approaches such as self-paging, randomization, and masking timingside-channel briefly conjectured in this paper are insufficient?
There is no detailed information..
'정보보안 > 커널 보안' 카테고리의 다른 글
| ARM Cortex-A 페이징(1) (0) | 2016.04.09 |
|---|---|
| MMU와 MPU의 차이 (0) | 2015.10.23 |
| Shielding application from an untrusted cloud with summary (0) | 2015.10.15 |
| Rethinking the Lib OS from ... Summary (0) | 2015.10.15 |
| Inktag Summary (0) | 2015.10.15 |