Software Compartmentalization and the Challenge of Interfaces
========================================
Software compartmentalization consists in breaking down an application or a system into several isolated components, with the goal of limiting exploits by confining attackers to vulnerable compartments. It is a prime example of application of the principle of least privilege to software. Although compartmentalization is still not the norm for most software running in production today (apart from specialized use cases such as operating systems), the past few years have seen the emergence of new and efficient isolation mechanisms, and compartmentalization is gaining traction in the systems software research community and industry.
In this talk I will first give an overview of software compartmentalization and present its general principles, as well as the challenges that researchers in this field still face today. I will focus in particular on the issue of securing inter-compartment boundaries, which has been overlooked by many recent compartmentalization studies. In that context, I will present ConfFuzz [1, 2], a tool built by my team to measure the effect of neglecting securing compartment interfaces. Our results show that failure to put proper interface security in place leads to the loss of most security guarantees in many compartmentalized schenarios.
[1] Lefeuvre, Hugo, Vlad-Andrei Bădoiu, Yi Chien, Felipe Huici, Nathan Dautenhahn, and Pierre Olivier. "Assessing the Impact of Interface Vulnerabilities in Compartmentalized Software." In Proceedings of 30th Network and Distributed System Security (NDSS'23). Internet Society, 2022.
[2] https://conffuzz.github.io/
----------------------------------------------------------------------
To follow the presentation remotely, please connect to the following
URL with a modern web browser:
- URL: https://bbb.inria.fr/all-t0p-qjq-9em
Access code: 192737
- Alternative audio access by phone will be possible but the
parameters will figure in the web session only a few minutes before
the presentation.
----------------------------------------------------------------------
Seminar taking place in person with mandatory registration at least
72h beforehand for *all* in-person participants by email to
Nadia Derouault <nadia [*] derouault
inria [*] fr>. Participants
non-affiliated with Inria or IRISA will be asked to present an ID at
the reception desk of the IRISA building.
To receive the SoSySec announcements, please subscribe to the SoSySec
mailing list:
https://sympa.inria.fr/sympa/subscribe/sosysec
All past and future SoSySec talks are listed at
https://seminaires-dga.inria.fr/en/seances-a-venir/
----------------------------------------------------------------------
Séminaire en présentiel ouvert à tous mais avec inscription
obligatoire au moins 72h à l'avance pour *tous* les participants
en présentiel auprès de Nadia Derouault <nadia [*] derouaultinria [*] fr>.
Les participants externes devront se présenter à l'accueil avec une
pièce d'identité.
Vous pouvez vous abonner à nos annonces de séminaires :
https://sympa.inria.fr/sympa/subscribe/sosysec
et consulter la liste des exposés passés et à venir :
https://seminaires-dga.inria.fr/seances-a-venir/