he goal of this CAREER project is to develop novel mechanisms that use transactions to improve software assurance. This project is developing Transactional Memory Introspection---or TMI, which is an approach tobuilding software security mechanisms by leveraging recent advances inhardware and software transactional memory. Security mechanisms basedon TMI build upon the same machinery that transactional memory systemsuse to ensure performance and functionality. TMI therefore promises tomake security mechanisms efficient and easy to integrate with software. TMI-based security mechanisms being researched in this project include: (1) TxAuth: a reference monitor architecture to better ensure complete mediation of security-sensitive operations and allow easier integrationwith legacy systems; (2) TxInt: a data structure integrity monitor to protect extensiblesoftware systems, such as operating systems and browsers, from untrustedextensions; and (3) TMWatch: a data watchpoint framework that equips malware analysistools and debuggers with new capabilities to reverse-engineer malwarebehavior. More broadly, this project seeks to demonstrate that concurrency control machinery implemented in transactional memory systems can also be used toimprove software assurance. These additional benefits may lead to moreresearch on transactions and their ultimate adoption by hardware andsoftware vendors. The results from this project are being disseminatedvia the development of new course material that will expose students andsoftware vendors to the dos and don'ts of secure programming. Suitablecourse material developed in this project is also being included incourses targeted towards K-12 and undergraduate students to attract them to computer science programs.
|Effective start/end date||9/1/10 → 8/31/12|
- National Science Foundation (NSF)