Abstract
The increased sharing of computational resources elevates the risk of side channels and covert channels, where an entity’s security is affected by the entities with which it is co-located. This introduces a strong demand for mechanisms that can effectively isolate individual computations. Such mechanisms should be efficient, allowing resource utilisation to be maximised despite isolation. In this work, we develop a model for uniformly describing isolation, co-location and containment relationships between entities at multiple levels of a computer’s architecture and at different granularities. In particular, we examine the formulation of constraints on co-location and placement using partial specifications, as well as the cost of maintaining isolation guarantees on dynamic systems. We apply the model to a number of established attacks and mitigations.
Cite
CITATION STYLE
Falzon, K., & Bodden, E. (2016). Towards a comprehensive model of isolation for mitigating illicit channels. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 9635, pp. 116–138). Springer Verlag. https://doi.org/10.1007/978-3-662-49635-0_7
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
