|
To address today's environment of constant security challenges and cyber-threats, the Hardware-Assisted Lightweight Capability Optimization (HALCYON) research explores novel techniques to make the performance of more secure system designs acceptable to users. Conventional system designs have achieved acceptable performance, but have evolved from hardware and software designs that carry forward compromises in security that made sense in the past, but not with modern hardware resources in today's security climate. HALCYON uses an approach, called "capabilities", that provides better control of information sharing and protection in computer systems than today's architectures. Capability access control is preferred by many security experts, but conventional wisdom holds that it is too slow to be used in practice. If HALCYON is successful, a new generation of fundamentally more secure software systems will be enabled, at little to no cost in performance.
HALCYON research explores hardware acceleration of selected operations in the use of per-object access controls in an object-oriented programmer-controlled protection model based on capabilities. The measurement and data driven exploration is based on understanding the quantitative benefits of hardware acceleration on microkernels such as L4 that are used in mobile phones and other devices. Examples of hardware accelerations include lightweight support for fat pointers ("low-fat pointers"), object pointers with associated access control specifications. Such fat pointers, which have been designed, validated and implemented, can protect units as small as individual memory words. As an initial example, the project is using measurements to identify the impact of this hardware acceleration. Measurement data from the quantitative exploration allows the researchers to identify both worthwhile hardware accelerations and opportunities for operating system restructuring that exploit those accelerations.
|
TWC: Medium: HARDWARE-ASSISTED LIGHTWEIGHT CAPABILITY OPTIMIZATION (HALCYON)