Overview
Software vulnerabilities are common. One effective strategy to limit the damage of an attack is to apply the principle of least privilege in software design. That is, a software application is designed with an appropriate security architecture, which structures the application into a set of protection domains of least privilege.
This project aims to provide program-analysis tools that help developers partition an application, flexibly configure an application’s security architecture, and reason about its system security. It includes the following components:
- We have implemented automatic program partitioning tools, which take source code of an application and annotation about sensitive data and automatically partition the application into a sensitive slice and an insensitive slice, each put into a separate protection domain. Please see our CCS papers on PtrSplit and Program-mandering.
- We have designed a software virtualization layer titled uPro (for user-space Protection). It adopts software-based fault isolation (SFI) to provide user-space protection domains. Developers can configure their applications' security architecture through a declarative configuration file, provided by uPro's Security Architecture Language.
- We are also applying our program partitioning tools to isolate device drivers from the OS kernel and improving the kernel's reliability and security.
Announcements
- (6/2021) We are glad to release an upgrade of our Program-Dependence Graph (PDG) construction module to LLVM 10.0.
- (10/2019) We are glad to release an upgrade of our Program-Dependence Graph (PDG) construction module to LLVM 9.0.
- (5/2019) We are glad to release the source code of an LLVM 5.0 module for Program-Dependence Graph (PDG) construction; comments are welcome.
Participants
- Yongzhe Huang
- Kaiming Huang
- Trent Jaeger
- Gang Tan
Past Participants
- Ben Niu
- Shen Liu
- Dongrui Zeng
- Zhen Huang
Publications
- Huang, Y., Narayanan, V., Detweiler, D., Huang, K., Tan, G., Jaeger, T., and Burtsev, A. (2022b). Ksplit: Automating device driver isolation. In 16th USENIX Symposium on Operating Systems Design and Implementation (OSDI’22), pages 613–631. [paper]
- Huang, Z., Jaeger, T., and Tan, G. (2021). Fine-grained program partitioning for security. In 14th European Workshop on Systems Security (EuroSec), pages 21–26. [paper]
- Narayanan, V., Huang, Y., Tan, G., Jaeger, T., and Burtsev, A. (2020). Lightweight kernel isolation with virtualization and VM functions. 16th ACM International Conference on Virtual Execution Environments (VEE), pages 157–171. [paper]
- Liu, S., Zeng, D., Huang, Y., Capobianco, F., McCamant, S., Jaeger, T., and Tan, G. (2019). Program-mandering: Quantitative privilege separation. In 26th ACM Conference on Computer and Communications Security (CCS), pages 1023–1040. [paper]
- Liu, S., Tan, G., and Jaeger, T. (2017). PtrSplit: Supporting general pointers in automatic program partitioning. In 24th ACM Conference on Computer and Communications Security (CCS), pages 2359–2371. [paper]
- Efficient User-Space Information Flow Control. B. Niu and G. Tan. In the 8th ACM Symposium on Information, Computer and Communications Security (ASIACCS), May 2013. [paper]
- Enforcing User-Space Privilege Separation with Declarative Architectures. B. Niu and G. Tan. In The Seventh ACM Workshop on Scalable Trusted Computing (STC), 2012. [paper]
Sponsors
This project is sponsored by NSF CNS-1801534, NSF CCF-1723571, NSF CNS-1408826, NSF CCF-1149211, and a DARPA grant under the GAPS program.