Enforcing Executing-Implies-Verified with the Integrity-Aware Processor

  • Michael LeMay
  • Carl A. Gunter
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6740)

Abstract

Malware often injects and executes new code to infect hypervisors, OSs and applications. Such malware infections can be prevented by checking all code against a whitelist before permitting it to execute. The eXecuting Implies Verified Enforcer (XIVE) is a distributed system in which a kernel on each target system consults a server called the approver to verify code on-demand. We propose a new hardware mechanism to isolate the XIVE kernel from the target host. The Integrity-Aware Processor (IAP) that embodies this mechanism is based on a SPARC soft-core for an FPGA and provides high performance, high compatibility with target systems and flexible invocation options to ensure visibility into the target system. This facilitates the development of a very small trusted computing base.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Michael LeMay
    • 1
  • Carl A. Gunter
    • 1
  1. 1.University of IllinoisUrbanaUSA

Personalised recommendations