Tackling System-Wide Integrity
Trent Jaeger - Pennsylvania State
Nov 03, 2010Size: 444.9MB
Download: MP4 Video
Watch in your Browser Watch on YouTube
AbstractComputing system compromises occur because system integrity is not managed effectively. The various parties that contribute to a system, programmers, OS distributors, and system administrators, do not account for integrity threats comprehensively, leading to recurrence of the same kinds of attacks. The problem is that we lack scalable and automated approaches for these parties to assess the integrity of their individual components that enables one to build upon the efforts of others. In this talk, I will discuss an conceptual approach to composing system-wide integrity from enforcement of multiple system layers. This approach is motivated by various work in information flow security, but we find that managing system-wide integrity requires different inferencing approaches and care in mapping actual components to the model. In particular, we will discuss methods to establish a specifications of integrity, validating the initial integrity of system components and channels, and composing systems from such components that protect runtime integrity. We will demonstrate the use of methods on Xen and Linux systems for deploying cloud computing applications. We show that accounting for integrity in component design can lead to comprehensive system-wide management.
About the SpeakerTrent Jaeger is an Associate Professor in the Computer Science and Engineering Department at The Pennsylvania State University and the Co-Director of the Systems and Internet Infrastructure Security (SIIS) Lab. He joined Penn State after working for IBM Research for nine years in operating systems and system security research groups. Trent's research interests include operating systems security, access control, and source code and policy analysis tools. He has published over 90 refereed research papers on these subjects. Trent has made a variety of contributions to open source systems security, particularly to the Linux Security Modules framework, the SELinux module and policy development, integrity measurement in Linux, and the Xen security architecture. Trent is the author of the book "Operating Systems Security," which examines the principles and designs of secure
operating systems. He is active in the security research community, having been a member of the program committees of all the major security conferences, and the program chair of the ACM CCS Government and Industry Track, as well as chairing several workshops. He is an
associate editor with ACM TOIT and has been a guest editor of ACM TISSEC. Trent has an M.S. and a Ph.D. from the University of
Michigan, Ann Arbor in Computer Science and Engineering in 1993 and 1997, respectively.
The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.