Trust less : shrinking the trusted parts of trusted systems

Author(s)
Lebedev, Ilia Andreevich.
Thumbnail
Download1201261019-MIT.pdf (34.18Mb)
Alternative title
Shrinking the trusted parts of trusted systems
Other Contributors
Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science.
Advisor
Srinivas Devadas.
Terms of use
MIT theses may be protected by copyright. Please reuse MIT thesis content according to the MIT Libraries Permissions Policy, which is available through the URL provided. http://dspace.mit.edu/handle/1721.1/7582
Metadata
Show full item record
Abstract
Modern computers, industrial control systems, and other automation are broadly vulnerable as a result of decades of systemic forces that have prioritized cost and performance over security. Computers across the board face a crisis in the form of motivated software adversaries with access to our imperfect and enormously complex software. Considering these weaknesses, trust in modern computing systems is often not well-placed. Looking ahead to a shift in our collective priorities, this thesis is centered around a rigorous discussion of hardware-assisted isolation and enclaves -- authenticated software modules -- as a means to drastically reduce the complexity of trusted systems. By allowing trustworthy enclaved software to co-exist with, but remain strongly isolated from, existing software, we enable a gentle transition toward trustworthy systems. Specifically, this thesis refines formal definitions of enclaved execution and threat model via a series of hardware and software co-designs. These case studies explore enclave processors with small trusted computing bases spanning a gradient from an embedded SoC to a modern high-performance processor. This work is complementary to, and enables more effective application of, many powerful ideas such as information flow control, formal verification, multi-party computation, and other tools for trustworthy computing.
Description
Thesis: Ph. D., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, 2020
 
Cataloged from PDF of thesis.
 
Includes bibliographical references (pages 213-227).
 
Date issued
2020
URI
https://hdl.handle.net/1721.1/128315
Department
Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science
Publisher
Massachusetts Institute of Technology
Keywords
Electrical Engineering and Computer Science.
Collections