To protect the system from software attacks, various security approaches, such as formal verification and memory safety, have been proposed by researchers. However, many of the security approaches have not been practical to apply to real-world systems...
다국어 입력
あ
ぁ
か
が
さ
ざ
た
だ
な
は
ば
ぱ
ま
や
ゃ
ら
わ
ゎ
ん
い
ぃ
き
ぎ
し
じ
ち
ぢ
に
ひ
び
ぴ
み
り
う
ぅ
く
ぐ
す
ず
つ
づ
っ
ぬ
ふ
ぶ
ぷ
む
ゆ
ゅ
る
え
ぇ
け
げ
せ
ぜ
て
で
ね
へ
べ
ぺ
め
れ
お
ぉ
こ
ご
そ
ぞ
と
ど
の
ほ
ぼ
ぽ
も
よ
ょ
ろ
を
ア
ァ
カ
サ
ザ
タ
ダ
ナ
ハ
バ
パ
マ
ヤ
ャ
ラ
ワ
ヮ
ン
イ
ィ
キ
ギ
シ
ジ
チ
ヂ
ニ
ヒ
ビ
ピ
ミ
リ
ウ
ゥ
ク
グ
ス
ズ
ツ
ヅ
ッ
ヌ
フ
ブ
プ
ム
ユ
ュ
ル
エ
ェ
ケ
ゲ
セ
ゼ
テ
デ
ヘ
ベ
ペ
メ
レ
オ
ォ
コ
ゴ
ソ
ゾ
ト
ド
ノ
ホ
ボ
ポ
モ
ヨ
ョ
ロ
ヲ
―
http://chineseinput.net/에서 pinyin(병음)방식으로 중국어를 변환할 수 있습니다.
변환된 중국어를 복사하여 사용하시면 됩니다.
예시)
- 中文 을 입력하시려면 zhongwen을 입력하시고 space를누르시면됩니다.
- 北京 을 입력하시려면 beijing을 입력하시고 space를 누르시면 됩니다.
А
Б
В
Г
Д
Е
Ё
Ж
З
И
Й
К
Л
М
Н
О
П
Р
С
Т
У
Ф
Х
Ц
Ч
Ш
Щ
Ъ
Ы
Ь
Э
Ю
Я
а
б
в
г
д
е
ё
ж
з
и
й
к
л
м
н
о
п
р
с
т
у
ф
х
ц
ч
ш
щ
ъ
ы
ь
э
ю
я
′
″
℃
Å
¢
£
¥
¤
℉
‰
$
%
F
₩
㎕
㎖
㎗
ℓ
㎘
㏄
㎣
㎤
㎥
㎦
㎙
㎚
㎛
㎜
㎝
㎞
㎟
㎠
㎡
㎢
㏊
㎍
㎎
㎏
㏏
㎈
㎉
㏈
㎧
㎨
㎰
㎱
㎲
㎳
㎴
㎵
㎶
㎷
㎸
㎹
㎀
㎁
㎂
㎃
㎄
㎺
㎻
㎽
㎾
㎿
㎐
㎑
㎒
㎓
㎔
Ω
㏀
㏁
㎊
㎋
㎌
㏖
㏅
㎭
㎮
㎯
㏛
㎩
㎪
㎫
㎬
㏝
㏐
㏓
㏃
㏉
㏜
㏆
RISS 인기검색어
https://www.riss.kr/link?id=T14816755
- 저자
-
발행사항
서울 : 서울대학교 대학원, 2018
-
학위논문사항
학위논문(박사) -- 서울대학교 대학원 , 전기·컴퓨터공학부 전기·컴퓨터공학전공 , 2018. 2
-
발행연도
2018
-
작성언어
영어
- 주제어
-
DDC
621.3 판사항(22)
-
발행국(도시)
서울
-
기타서명
ARM 기반 기기의 보안 향상을 위한 하드웨어 기반의 격리 기술
-
형태사항
vii, 111 p. : 삽화, 도표 ; 26 cm
-
일반주기명
참고문헌 수록
- DOI식별코드
-
소장기관
- 국립중앙도서관
- 서울대학교 중앙도서관
- 국립중앙도서관
-
0
상세조회 -
0
다운로드
부가정보
다국어 초록 (Multilingual Abstract)
To protect the system from software attacks, various security approaches, such as formal verification and memory safety, have been proposed by researchers. However, many of the security approaches have not been practical to apply to real-world systems because they involve too strict restrictions or incurs significant performance overhead. In this situation, security researchers have proposed isolation approaches that dramatically reduce the attack surface by isolating security-critical parts of software from the others. The isolation approaches have been adopted in many security studies to increase the security level of software with minimal overhead. However, the security studies based on the isolation approaches have been carried out focusing on the systems, such as desktop PCs and servers. Unfortunately, in the mobile devices, the most widely used systems these days, only a few related studies have been conducted, so in these devices, the isolation approaches have evolved less in terms of security, coverage, and efficiency.
In this thesis, therefore, I will perform a series of research to enhance the isolation approaches, and ultimately to increase the security level of the mobile devices. I first will analyze the usage scenarios and environments of the mobile devices and confirm the required security capabilities and levels. Subsequently, I will carefully review the recent ARM architectures that are mainly used in the mobile devices and find some salient hardware features. After that, on top of these features, I will propose novel security solutions stemming from the isolation approaches. These solutions targeting from applications to different types of system software satisfy the required security capability and levels confirmed by the previous analysis. In this thesis, I will describe the details of design and implementation of these security solutions, around the isolation approaches based on the salient hardware features. Also, the efficiency and effectiveness of these solutions will be demonstrated through various experimental results.
In this thesis, therefore, I will perform a series of research to enhance the isolation approaches, and ultimately to increase the security level of the mobile devices. I first will analyze the usage scenarios and environments of the mobile devices and confirm the required security capabilities and levels. Subsequently, I will carefully review the recent ARM architectures that are mainly used in the mobile devices and find some salient hardware features. After that, on top of these features, I will propose novel security solutions stemming from the isolation approaches. These solutions targeting from applications to different types of system software satisfy the required security capability and levels confirmed by the previous analysis. In this thesis, I will describe the details of design and implementation of these security solutions, around the isolation approaches based on the salient hardware features. Also, the efficiency and effectiveness of these solutions will be demonstrated through various experimental results.
To protect the system from software attacks, various security approaches, such as formal verification and memory safety, have been proposed by researchers. However, many of the security approaches have not been practical to apply to real-world systems because they involve too strict restrictions or incurs significant performance overhead. In this situation, security researchers have proposed isolation approaches that dramatically reduce the attack surface by isolating security-critical parts of software from the others. The isolation approaches have been adopted in many security studies to increase the security level of software with minimal overhead. However, the security studies based on the isolation approaches have been carried out focusing on the systems, such as desktop PCs and servers. Unfortunately, in the mobile devices, the most widely used systems these days, only a few related studies have been conducted, so in these devices, the isolation approaches have evolved less in terms of security, coverage, and efficiency.
In this thesis, therefore, I will perform a series of research to enhance the isolation approaches, and ultimately to increase the security level of the mobile devices. I first will analyze the usage scenarios and environments of the mobile devices and confirm the required security capabilities and levels. Subsequently, I will carefully review the recent ARM architectures that are mainly used in the mobile devices and find some salient hardware features. After that, on top of these features, I will propose novel security solutions stemming from the isolation approaches. These solutions targeting from applications to different types of system software satisfy the required security capability and levels confirmed by the previous analysis. In this thesis, I will describe the details of design and implementation of these security solutions, around the isolation approaches based on the salient hardware features. Also, the efficiency and effectiveness of these solutions will be demonstrated through various experimental results.
목차 (Table of Contents)
- Abstract
- Contents ii
- List of Tables v
- List of Figures vi
- 1 INTRODUCTION 1
- Abstract
- Contents ii
- List of Tables v
- List of Figures vi
- 1 INTRODUCTION 1
- 2 Hardware-Assisted On-Demand Hypervisor Activation for Efficient Security
- Critical Code Execution on Mobile Devices 7
- 2.1 Introduction
- 2.2 Background
- 2.2.1 Security extensions
- 2.2.2 Virtualization extensions
- 2.3 Threat model and Assumptions
- 2.4 Design
- 2.4.1 Design objectives
- 2.4.2 Overall Design
- 2.4.3 Development of SCCs
- 2.4.4 Provision of SCCs
- 2.4.5 Execution of SCCs
- 2.4.6 On-demand activation of the OSP hypervisor
- 2.4.7 Interface implementation
- 2.5 Implementation
- 2.5.1 OSP Hypervisor
- 2.5.2 Boot Sequence of OSP
- 2.6 Evaluation
- 2.6.1 Performance impact
- 2.6.2 World switching latency
- 2.6.3 Application benchmarks
- 2.6.4 Security analysis
- 2.7 Future work
- 2.8 Related work
- 2.9 Conclusion
- 3 Dynamic Virtual Address Range Adjustment
- for Intra-Level Privilege Separation on ARM 37
- 3.1 Introduction
- 3.2 Threat Model and Related Work
- 3.2.1 Threat Model
- 3.2.2 Related Work
- 3.3 Background
- 3.3.1 Exception Level
- 3.3.2 Virtual Address Range
- 3.3.3 Translation Lookaside Buffer
- 3.4 Design
- 3.4.1 Overview of Hilps
- 3.4.2 Intra-Level Isolation Mechanism
- 3.4.3 Domain Switching Mechanism
- 3.4.4 Monitoring Capability
- 3.5 Implementation
- 3.6 Evaluation
- 3.6.1 Switching Overhead
- 3.6.2 Micro Benchmarks
- 3.6.3 Macro Benchmarks
- 3.6.4 Security Application Benchmark
- 3.7 Discussion
- 3.8 Conclusion
- 4 Instruction-Level Data Isolation for the Kernel on ARM 76
- 4.1 Introduction
- 4.2 Related Work
- 4.3 Background
- 4.4 Design and Implementation
- 4.4.1 Threat Model and Assumption
- 4.4.2 ILDI Mechanism
- 4.4.3 Enforcement of the ILDI mechanism
- 4.4.4 Security Analysis
- 4.5 Evaluation
- 4.5.1 Primitive Operation
- 4.5.2 Impact on the System
- 4.6 Conclusion
- 5 CONCLUSION
- Abstract (In Korean)
분석정보
연관 공개강의(KOCW)
-
Social Isolation and Parenting
Teachers TV Teachers TV -
Scanning for Security
Teachers TV Teachers TV -
Identity, Agency, Equality and Security in the Age of AI
K-MOOC 이화여자대학교 문혜진 -
Identity, Agency, Equality and Security in the Age of AI
K-MOOC 이화여자대학교 문혜진 -
Identity, Agency, Equality and Security in the Age of AI
K-MOOC 이화여자대학교 문혜진
이 자료와 함께 이용한 RISS 자료
나만을 위한 추천자료
