Trusted System Design

This website it dedicated to hosting the trusted system design reading group.

List of all Papers

Meeting 26 June 2018

For our fifth meeting Lawrence will present his work on CheriOS. If you're interested you can look at the github repository. This is unpublished work, but here is an abstract:

Out of necessity operating system are given a large amount of power in order to fulfill their role, and conventionally we have taken this to mean they should also be trusted. However, this trust is ill founded. Operating systems are notoriously hard to create bug free and systems are routinely broken. Furthermore due the monolithic nature of certain hardware privileges most compromises are a complete compromise. This motivates a system which, although privileged to carry out certain tasks, is in fact untrusted by its users. I will present my work on CheriOS (based on the CHERI-MIPS platform), a heavily compartmentalised capability based microkernel where every entity in the system is mutually distrusting. Programs running under CheriOS can be guaranteed isolation, integrity and confidentially in a single address space, even if CheriOS itself is taken over by a malicious entity.

Meeting 6 June 2018

For the fourth meeting we will discuss data provenance, which describes how data came to be in its present form. CamFlow is a whole-system provenance capture mechanism, which is more practical than previous systems. Please find the paper here.

We will have guest speakers come and present the paper. They may also discuss a paper titled Role-based access control for publish/subscribe middleware architectures.

Meeting 15 May 2018

For the third meeting we will discuss SOAAP (Security-Oriented Analysis of Application Programs), which is an LLVM-based tool that allows programmers to reason about comparmentalization using source-code annotations. Please find the paper here.


Meeting 24 April 2018

For the second meeting we will discuss Chiron, which provides privacy-aware in-enclave machine learning services. Please find the paper here.


Meeting 3 April 2018

For the first meeting we will discuss MIT's Sanctum processor. Please find the paper here.