Safe execution of untrusted applications on embedded network processors

被引：2

作者：

Bos, Herbert ^{[1
]}

Samwel, Bart ^{[2
]}

Cristea, Mihai ^{[3
]}

Anagnostakis, Kostas ^{[4
]}

机构：

[1] Vrije Univ Amsterdam, Amsterdam, Netherlands

[2] Aia Software, Nijmegen, Netherlands

[3] Univ Amsterdam, Amsterdam, Netherlands

[4] Inst Infocomm Res, Singapore, Singapore

来源：

INTERNATIONAL JOURNAL OF EMBEDDED SYSTEMS | 2008年 / 3卷 / 04期

关键词：

network processsors; open kernels; embedded systems; security;

D O I：

10.1504/IJES.2008.022399

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

This paper summarises research conducted in 2002 on the programmability of network processors. Controlling the function of embedded network processor systems has so far been confined to simple configuration languages while full programmability is available only to trusted system-level programmers. In this paper, we enable the safe execution of untrusted code on IXP network processors. We extend techniques used in extensible OS kernels, adapting them to the characteristics of network processing to produce a restricted execution model trading off some flexibility for robustness, yet enabling a wide range of low-level applications not presently possible.

引用

页码：294 / 303

页数：10

共 50 条

[1] Safe Loading - A Foundation for Secure Execution of Untrusted Programs
Payer, Mathias
Hartmann, Tobias
Gross, Thomas R.
2012 IEEE SYMPOSIUM ON SECURITY AND PRIVACY (SP), 2012, : 18 - 32
[2] Programs from Proofs: A Framework for the Safe Execution of Untrusted Software
Jakobs, Marie-Christine
Wehrheim, Heike
ACM TRANSACTIONS ON PROGRAMMING LANGUAGES AND SYSTEMS, 2017, 39 (02):
[3] Resilient Authenticated Execution of Critical Applications in Untrusted Environments
Kirkpatrick, Michael S.
Ghinita, Gabriel
Bertino, Elisa
IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2012, 9 (04) : 597 - 609
[4] Reducing execution unit leakage power in embedded processors
Homayoun, Houman
Baniasadi, Amirali
EMBEDDED COMPUTER SYSTEMS: ARCHITECTURES, MODELING, AND SIMULATION, PROCEEDINGS, 2006, 4017 : 299 - 308
[5] Enhancing embedded processors with specific instruction set extensions for network applications
Chormoviti, A.
Vassiliadis, N.
Theodoridis, G.
Nikolaidis, S.
2005 IEEE INTELLIGENT DATA ACQUISITION AND ADVANCED COMPUTING SYSTEMS: TECHNOLOGY AND APPLICATIONS, 2005, : 199 - 203
[6] Cooperative software multithreading to enhance utilization of embedded processors for network applications
Albrecht, C
Hagenau, R
Döring, A
12TH EUROMICRO CONFERENCE ON PARALLEL, DISTRIBUTED AND NETWORK-BASED PROCESSING, PROCEEDINGS, 2004, : 300 - 307
[7] Impact of configurability and extensibility on IPSec protocol execution on embedded processors
Potlapally, NR
Ravi, S
Raghunathan, A
Lee, RB
Jha, NK
19TH INTERNATIONAL CONFERENCE ON VLSI DESIGN, PROCEEDINGS, 2005, : 299 - 304
[8] Configuration and extension of embedded processors to optimize IPSec protocol execution
Potlapally, Nachiketh R.
Ravi, Srivaths
Raghunathan, Anand
Lee, Ruby B.
Jha, Niraj K.
IEEE TRANSACTIONS ON VERY LARGE SCALE INTEGRATION (VLSI) SYSTEMS, 2007, 15 (05) : 605 - 609
[9] Design tradeoffs for embedded network processors
Wolf, T
Franklin, MA
TRENDS IN NETWORK AND PERVASIVE COMPUTING - ARCS 2002, 2002, 2299 : 149 - 164
[10] Synthesising monitors from high-level policies for the safe execution of untrusted software
Brown, Andrew
Ryan, Mark
INFORMATION SECURITY PRACTICE AND EXPERIENCE, 2008, 4991 : 233 - 247

← 1 2 3 4 5 →