Overshadow Extension Towards Application Security on Untrusted Operating Systems Dan R. K. Ports and Tal Garfinkel Use shim to protect: ● file system ● inter-process communications ● process management ● time and randomness ● I/O and trusted paths ● identity management ● error handling http://www.usenix.org/events/hotsec08/tech/full_papers/ports/ports.pdf
CHAOS Tamper-Resistant Execution in an Untrusted Operating System Using a Virtual Machine Monitor Haibo Chen, Fengzhe Zhang, Cheng Chen, Ziye Yang, Rong Chen, Binyu Zang http://ppi.fudan.edu.cn/system/publications/paper/chaos-ppi-tr.pdf
LOKI Hardware Enforcement of Application Security Policies Using Tagged Memory Nickolai Zeldovich, Hari Kannan, Michael Dalton, and Christos Kozyrakis http://www.usenix.org/events/osdi08/tech/full_papers/zeldovich/zeldovich_html/
INVISIOS INVISIOS: A Lightweight, Minimally Intrusive Secure Execution Environment Divya Arora, Najwa Aaraj, Anand Raghunathan, Niraj K. Jha http://www.princeton.edu/~jha/files/CE-J09-001.pdf
Discussion ● What are the pros and cons of each option? ● How will each affect application development? ● Which option deserves further investigation?