Reducing the TCB: XOM and Current Projects
David Lie (Electrical and Computer Engineering, University of Toronto)
ABSTRACT
I will be discussing previous work in the eXecute Only Memory (XOM)
project and current work on Containers. XOM proposes lightweight
modifications to a processor and operating system to support a very strong
level of tamper-resistance for software. This would allow software to hide
secrets such as algorithms or simply keys. This is done by defining a
trusted hardware boundary at the pins, where anything beyond that boundary
is protected via cryptography and anything inside is protected with
architectural tags. I will then talk about preliminary work on Containers,
a system to protect security sensitive applications using low-level
virtualization technology.
BIOGRAPHY
Dr. David Lie graduated from Stanford University in 2004. Since 2003, he
has been an Assistant Professor in the Electrical and Computer Engineering
Department at the University of Toronto. While at Stanford, David led and
founded the XOM (eXecute Only Memory) Processor Project, which supports
the execution of tamper and copy-resistant software. Currently, he has
interests in computer security, operating systems, and virtual machine
monitors.