Security and Privacy in Communication Networks. 11th International Conference, SecureComm 2015, Dallas, TX, USA, October 26-29, 2015, Revised Selected Papers

Research Article

SuperCall: A Secure Interface for Isolated Execution Environment to Dynamically Use External Services

Download
237 downloads
  • @INPROCEEDINGS{10.1007/978-3-319-28865-9_11,
        author={Yueqiang Cheng and Qing Li and Miao Yu and Xuhua Ding and Qingni Shen},
        title={SuperCall: A Secure Interface for Isolated Execution Environment to Dynamically Use External Services},
        proceedings={Security and Privacy in Communication Networks. 11th International Conference, SecureComm 2015, Dallas, TX, USA, October 26-29, 2015, Revised Selected Papers},
        proceedings_a={SECURECOMM},
        year={2016},
        month={2},
        keywords={},
        doi={10.1007/978-3-319-28865-9_11}
    }
    
  • Yueqiang Cheng
    Qing Li
    Miao Yu
    Xuhua Ding
    Qingni Shen
    Year: 2016
    SuperCall: A Secure Interface for Isolated Execution Environment to Dynamically Use External Services
    SECURECOMM
    Springer
    DOI: 10.1007/978-3-319-28865-9_11
Yueqiang Cheng1,*, Qing Li2,*, Miao Yu1,*, Xuhua Ding3,*, Qingni Shen2,*
  • 1: Carnegie Mellon University
  • 2: Peking University
  • 3: Singapore Management University
*Contact email: yueqiang@andrew.cmu.edu, qingli@pku.edu.cn, miaoy1@andrew.cmu.edu, xhding@smu.edu.sg, qingnishen@ss.pku.edu.cn

Abstract

Recent years have seen many virtualization-based Isolated Execution Environments (IEE) proposed in the literature to protect a Piece of Application Logic (PAL) against attacks from an untrusted guest kernel. A prerequisite of these IEE system is that the PAL is small and self-contained. Therefore, a PAL is deprived of channels to interact with the external execution environment including the kernel and application libraries. As a result, the PAL can only perform limited tasks such as memory-resident computation with inflexible utilization of system resources. To protect more sophisticated tasks, the application developer has to segment it into numerous PALs satisfying the IEE prerequisite, which inevitably lead to development inefficiency and more erroneous code. In this paper, we propose SuperCall, a new function call interface for a PAL to safely and efficiently call untrusted code in both the kernel and user spaces. It not only allows flexible interactions between a PAL and untrusted environments, but also improved the utilization of resources, without compromising the security of the PAL. We have implemented SuperCall on top of a tiny hypervisor. To demonstrate and evaluate SuperCall, we use it to build a PAL as part of a password checking program. The experiment results show that SuperCall improves the development efficiency and incurs insignificant performance overhead.