sponsors
usenix conference policies
Plugging Side-Channel Leaks with Timing Information Flow Control
12 Tuesday | 13 Wednesday | 14 Thursday | 15 Friday |
---|---|---|---|
HotCloud '12 | TaPP '12 | ||
WiAC '12 | USENIX ATC '12 | ||
UCMS '12 | HotStorage '12 | NSDR '12 | |
USENIX Cyberlaw '12 | WebApps '12 |
Bryan Ford, Yale University
The cloud model’s dependence on massive parallelism and resource sharing exacerbates the security challenge of timing side-channels. Timing Information Flow Control (TIFC) is a novel adaptation of IFC techniques that may offer a way to reason about, and ultimately control, the flow of sensitive information through systems via timing channels. With TIFC, objects such as files, messages, and processes carry not just content labels describing the ownership of the object’s “bits,” but also timing labels describing information contained in timing events affecting the object, such as process creation/termination or message reception. With two system design tools—deterministic execution and pacing queues—TIFC enables the construction of “timing-hardened” cloud infrastructure that permits statistical multiplexing, while aggregating and rate-limiting timing information leakage between hosted computations.
Open Access Media
USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.
author = {Bryan Ford},
title = {Plugging {Side-Channel} Leaks with Timing Information Flow Control},
booktitle = {4th USENIX Workshop on Hot Topics in Cloud Computing (HotCloud 12)},
year = {2012},
address = {Boston, MA},
url = {https://www.usenix.org/conference/hotcloud12/workshop-program/presentation/ford_bryan_plugging},
publisher = {USENIX Association},
month = jun
}
connect with us