Reshma Lal

Using innovative instructions to create trustworthy software solutions

Software developers face a number of challenges when creating applications that attempt to keep important data confidential. Even with diligent attention paid to correct software design and implementation practices, secrets can still be exposed through a single flaw in any of the privileged code on the platform, code which may have been written by thousands of developers from hundreds of organizations throughout the world. Intel is developing innovative security technology which provides the ability for software developers to maintain control of the security of sensitive code and data by creating trusted domains within applications to protect critical information during execution and at rest. This paper will describe how this technology has been effectively used in lab exercises to protect private information in applications including enterprise rights management, video chat, trusted financial transactions, and others. Examples will include both protection of local processing and the establishment of secure communication with cloud services. It will illustrate useful software design patterns that can be followed to create many additional types of trusted software solutions.

An architecture methodology for secure video conferencing

This paper describes how to enhance the security of VoIP applications using hardware security features on computing platforms such as notebooks, tablets and smartphones. Specifically we explain how to develop such applications using the protection offered by a processor based security technology, which provides the ability for software developers to maintain control of the security by creating trusted domains within applications. Using this processor security technology, sensitive code and data can be hosted without the risk of being observed or modified by malware present in other parts of the system. The resulting VoIP applications would better meet the strong security needs of corporate and government sectors for real time digital information sharing. We include results of a research project sponsored by the United States Department of Homeland Security and the United States Air Force Academyi where the team studied ways to enhance the security of a video conferencing application and implemented an experimental Video Chat application using security technologies provided by the processor and media processing hardware.

An analysis of secure processor architectures

Security continues to be an increasingly important concern in the design of modern systems. Many systems may have security requirements such as protecting the integrity and confidentiality of data and code stored in the system, ensuring integrity of computations, or preventing the execution of unauthorized code. Making security guarantees has become even harder with the emergence of hardware attacks where the attacker has physical access to the system and can bypass any software security mechanisms employed. To this end, researchers have proposed Secure Processor architectures that provide protection against hardware attacks using platform features. In this paper, we analyze three of the currently proposed secure uniprocessor designs in terms of their security, complexity of hardware required and performance overheads: eXecute Only Memory (XOM), Counter mode encryption and Merkle tree based authentication, and Address Independent Seed Encryption and Bonsai Merkle Tree based authentication. We then provide a discussion on the issues in securing multiprocessor systems and survey one design each for Shared Memory Multiprocessors and Distributed Shared Memory Multiprocessors. Finally, we discuss future directions in Secure Processor research which have largely been ignored forming the weakest link in the security afforded by the proposed schemes, namely, Secure booting and Secure configuration. We identify potential issues which can serve to form the foundation of further research in secure processors.

BASTION-SGX: Bluetooth and Architectural Support for Trusted I/O on SGX

This paper presents work towards realizing architectural support for Bluetooth Trusted I/O on SGX-enabled platforms, with the goal of providing I/O data protection that does not rely on system software security. Indeed, we are primarily concerned with protecting I/O from all software adversaries, including privileged software. In this paper we describe the challenges in designing and implementing Trusted I/O at the architectural level for Bluetooth. We propose solutions to these challenges. In addition, we describe our proof-of-concept work that extends existing over-the-air Bluetooth security all the way to an SGX enclave by securing user data between the Bluetooth Controller and an SGX enclave.