Trusted System Design

This website it dedicated to hosting the trusted system design reading group.

List of all Papers

• 2018-06-26: Github repository for CheriOS
• 2018-06-06: Practical whole-system provenance capture
• 2018-05-15: SOAAPP: reasoning about compartmentalization with LLVM and source code annotations
• 2018-04-24: Chiron: in-enclave machine learning
• 2018-04-03: Sanctum hardware extension for software isolation

Meeting 2 November 2018

This meeting will be guided by Anwaar Ali with the topic of Effective governance by blockchain.

Abstract: My doctoral research is to come up with an overall generic system's solution for the governance with blockchain problem. The inspiration comes directly from the original premise of trust and decentralization of the blockchain technology. This premise implies that this technology can be used for different data record applications. Similarly, my aim is to design a generic and (maybe an) auxiliary solution to the blockchain technology that can facilitate its applications to different use cases while keeping it in compliance with the laws and policies that go with a particular use case. By taking this approach we might be able to preserve the pure decentralized nature of the blockchain idea.

Meeting 26 June 2018

For our fifth meeting Lawrence will present his work on CheriOS. If you're interested you can look at the github repository. This is unpublished work, but here is an abstract:

Out of necessity operating system are given a large amount of power in order to fulfill their role, and conventionally we have taken this to mean they should also be trusted. However, this trust is ill founded. Operating systems are notoriously hard to create bug free and systems are routinely broken. Furthermore due the monolithic nature of certain hardware privileges most compromises are a complete compromise. This motivates a system which, although privileged to carry out certain tasks, is in fact untrusted by its users. I will present my work on CheriOS (based on the CHERI-MIPS platform), a heavily compartmentalised capability based microkernel where every entity in the system is mutually distrusting. Programs running under CheriOS can be guaranteed isolation, integrity and confidentially in a single address space, even if CheriOS itself is taken over by a malicious entity.

Meeting 6 June 2018

For the fourth meeting we will discuss data provenance, which describes how data came to be in its present form. CamFlow is a whole-system provenance capture mechanism, which is more practical than previous systems. Please find the paper here.

We will have guest speakers come and present the paper. They may also discuss a paper titled Role-based access control for publish/subscribe middleware architectures.

Meeting 15 May 2018

For the third meeting we will discuss SOAAP (Security-Oriented Analysis of Application Programs), which is an LLVM-based tool that allows programmers to reason about comparmentalization using source-code annotations. Please find the paper here.

• 20 minutes: Introduction by Domagoj on paper and background.
• 20 minutes: Discussing the pros and cons of the paper.
• 20 minutes: Open discussion.

Meeting 24 April 2018

For the second meeting we will discuss Chiron, which provides privacy-aware in-enclave machine learning services. Please find the paper here.

• 20 minutes: Introduction by Zahra on paper and background.
• 20 minutes: Discussing the pros and cons of the paper.
• 20 minutes: Open discussion.

Meeting 3 April 2018

For the first meeting we will discuss MIT's Sanctum processor. Please find the paper here.

• 10 minutes: Introducing the Trusted System Design reading group and its goals.
• 10 minutes: Short introduction by Marno on the paper.
• 20 minutes: Discussing the paper and the importance of being resilient to cache and TLB timing attacks.
• 20 minutes: Open discussion.