|
Attacks on software applications such as email readers and web browsers are common. These attacks can cause damages ranging from application malfunction, loss of private data, to a complete takeover of users' computers. One effective strategy for limiting the damage is to adopt the principle of least privilege in application design: the application is split into several protection domains and each domain is given only the necessary privileges to perform its task. In this design, the compromise of one domain does not directly lead to the compromise of other security-sensitive domains. The PI proposes to design and implement a framework that makes it easy for software developers to apply the principle of least privilege to their applications. The proposed framework will significantly improve the security of critical software applications. It will benefit the software industry by designing new technologies for building secure software systems.
The proposed research combines several novel ideas: (1) user-space protection domains through binary-level enforcement of isolation and information-flow security; (2) a declarative language that allows for flexible configuration of an application's security architecture; (3) a binary-level partitioning tool that automatically splits an application into components of least privilege; (4) a compositional reasoning mechanism that allows developers to perform formal reasoning about an application's end-to-end information security. By staying in the user space, the proposed framework is OS independent, and by working on binary code, it is source-language agnostic, making it more broadly applicable. Developers can use it to partition an application, flexibly configure its security architecture, and reason about its information security. On the education side, the PI will organize a series of activities to increase high school students' awareness of security, privacy, and secure programming. The central activity is a summer workshop that gathers local high-school technology teachers and helps them design lesson plans that can be integrated into their schools' technology curriculum.
|
CAREER: User-Space Protection Domains for Compositional Information Security