CN113190869B - TEE-based mandatory access control security enhancement framework performance evaluation method and system - Google Patents

TEE-based mandatory access control security enhancement framework performance evaluation method and system Download PDF

Info

Publication number
CN113190869B
CN113190869B CN202110585417.9A CN202110585417A CN113190869B CN 113190869 B CN113190869 B CN 113190869B CN 202110585417 A CN202110585417 A CN 202110585417A CN 113190869 B CN113190869 B CN 113190869B
Authority
CN
China
Prior art keywords
world
hook function
tee
access control
ree
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110585417.9A
Other languages
Chinese (zh)
Other versions
CN113190869A (en
Inventor
丁滟
李志鹏
谭郁松
董攀
黄辰林
李宝
王晓川
蹇松雷
宋连涛
王鹏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
National University of Defense Technology
Original Assignee
National University of Defense Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by National University of Defense Technology filed Critical National University of Defense Technology
Priority to CN202110585417.9A priority Critical patent/CN113190869B/en
Publication of CN113190869A publication Critical patent/CN113190869A/en
Application granted granted Critical
Publication of CN113190869B publication Critical patent/CN113190869B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/30Monitoring
    • G06F11/34Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment
    • G06F11/3409Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment for performance assessment
    • G06F11/3419Recording or statistical evaluation of computer activity, e.g. of down time, of input/output operation ; Recording or statistical evaluation of user activity, e.g. usability assessment for performance assessment by assessing time
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/36Preventing errors by testing or debugging software
    • G06F11/3668Software testing
    • G06F11/3672Test management
    • G06F11/3688Test management for test execution, e.g. scheduling of test suites

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Quality & Reliability (AREA)
  • Bioethics (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Automation & Control Theory (AREA)
  • Debugging And Monitoring (AREA)

Abstract

The invention discloses a performance evaluation method and a system of a mandatory access control security enhancement framework based on TEE, the method comprises the steps of 1) aiming at a test single item i appointed on target performance test software, obtaining the running time R of the test single item i in common world REE i And a total number n of times of HOOK function calls in HOOK function set S implemented for the evaluated mandatory access control security enhancement framework i (ii) a 2) According to T i =t×n i +R i Calculating to obtain the cost T of the test single item i i And t is the single world switching overhead of triggering the HOOK function to switch to the safe world TEE under the common world REE to make a safety strategy decision and then returning to the common world REE. The invention can realize the performance evaluation of the simulation evaluation of the performance on the premise that the TEE-based mandatory access control security enhancement framework is not particularly realized, and has good expandability and good universality.

Description

TEE-based mandatory access control security enhancement framework performance evaluation method and system
Technical Field
The invention relates to the field of information security of computer operating systems, in particular to a method and a system for evaluating the performance of a security enhancement framework based on a mandatory access control (TEE) security enhancement.
Background
With the development of cloud computing, the Linux operating system running in the terminal server manages sensitive data far beyond the front, and therefore stronger security is required. In the traditional method, the mandatory access control can carry out unified management on the authority among the objects and the hosts to control the system authority, which is an important aspect for protecting the safety of the kernel. The LSM is a concrete implementation of mandatory access control in Linux and is divided into an implementation part and a decision part. The implementation part inserts a HOOK function at key kernel codes such as system calls and the like, and implements allowed or rejected behaviors after obtaining a decision result. And the decision part carries out security examination on the system behavior through a HOOK function, and makes a behavior decision according to the host and the object and the current security policy and transmits the behavior decision to the implementation part. The whole process comprises the following steps: when the execution flow of the system passes through the HOOK function, the decision part is jumped to, the system behavior is examined based on the security policy, and the implementation part carries out corresponding processing after the examination result is obtained. LSM has been widely used in Linux, and SELinux and AppArmor based on LSM have also achieved good results in kernel security protection in the past.
However, as the volume of the inner core is continuously developed, the attack surface of the inner core becomes larger and is easy to be attacked by adversaries. Since the access control and the kernel belong to the same code space, once the kernel is compromised, the access control function is at risk of being tampered, and the security of the access control function is difficult to guarantee. Currently, the emerging TEE technology utilizes hardware support of a computer bottom layer to provide strongly isolated trusted execution environments such as a CPU, a memory, a Cache and the like for upper-layer software, and has a higher CPU operation level. Therefore, the TEE can provide a trust foundation for application software and even kernel functions to construct a safe and credible computing environment. Moving mandatory access control into a TEE isolated from the untrusted kernel is a viable safeguard.
Most of the current TEE-based mandatory access control security enhancement frameworks suffer from significant performance loss. The performance loss mainly occurs on system switching, and two major influence factors exist: the single switch time of the untrusted kernel to and from the TEE and the overall number of switches. Flexible and varied security policy configurations require repeated attempts to find the best trade-off between performance and security. The current performance evaluation is mainly performed after the system is implemented, and although feedback guidance can also be performed on the system framework design, the cost for implementing the system cannot be avoided. Therefore, there is a strong need for a method for quantitatively evaluating the performance of a system in the system design stage.
Disclosure of Invention
The technical problems to be solved by the invention are as follows: aiming at the problems in the prior art, the invention provides a method and a system for evaluating the performance of a security enhancement framework based on the forced access control of the TEE.
In order to solve the technical problems, the technical scheme adopted by the invention is as follows:
a performance evaluation method of a mandatory access control security enhancement framework based on TEE comprises the following steps:
1) Aiming at a test single item i designated on target performance test software, acquiring the running time R of the test single item i in the common world REE i And a total number n of times of HOOK function calls in HOOK function set S implemented for the evaluated mandatory access control security enhancement framework i
2) According to T i =t×n i +R i Calculating to obtain the cost T of the test single item i i And t is the single world switching overhead of triggering the HOOK function to switch to the safe world TEE to make a safety strategy decision and then returning to the common world REE under the common world REE.
Optionally, step 1) obtains the running time R of the test single item i in the common world REE i And a total number of times n of HOOK function calls in the HOOK function set S for the evaluated mandatory access control security enhancement framework implementation i Comprises the following steps:
1.1 Operate a test item i in the common world REE for a specified number N 1 Then, recording the operation N of the test single item i 1 The average running time of the second time is used as the running time R of the test single item i i Recording test items of fortuneLine N 1 Aiming at the calling times of any HOOK function j, and taking the minimum value of the calling times as the calling time n of the HOOK function j when the test single item i runs i,j Obtaining a complete set containing the calling times of each HOOK function;
1.2 For the corpus containing the number of calls per HOOK function, according to n i =Σ j∈S n i,j -b i Calculating the total times n of HOOK function calls in the HOOK function set S realized by the test single item i aiming at the evaluated mandatory access control security enhancement framework i Wherein n is i,j Number of calls to HOOK function j to test a single item i, b i In order to test the environment background sound of the single item i, the environment background sound refers to the number of times of the HOOK function call of the background program or the system service in the common world REE.
Optionally, after step 1.1) and before step 1.2) further comprises measuring the environmental background sound b of the test item i i The method comprises the following steps: aiming at a test single item i specified on target performance test software, recording a specified number N on the premise that the common world REE does not run any performance test software 2 Subsystem at runtime R i Total number of calls of HOOK function in HOOK function set S implemented for evaluated mandatory access control security enhancement framework, and N 2 The average value of the total calling times is used as the environmental background sound b of the test single item i i
Optionally, the specified number N 1 A specified number N 2 Are equal in size.
Optionally, before step 1), modifying an kernel of the common world REE operating system, adding a counter of the HOOK function to the kernel of the operating system, and adding 1 to the counter corresponding to the called HOOK function every time a call of the HOOK function is detected, thereby implementing the frequency statistical detection of the call of the HOOK function.
Optionally, the evaluated mandatory access control security enhancement framework is a Linux operating system oriented mandatory access control security enhancement framework.
Optionally, before the step 2), a step of measuring a single world handover cost t for triggering the HOOK function to be switched to the secure world TEE for making a security policy decision under the common world REE and then returning to the common world REE is further included: and measuring the number m of CPU cycles required by code operation of triggering the HOOK function under the common world to switch to a security server in the security world TEE to make a security policy decision and returning the code of the common world REE, calculating to obtain the single world switching cost t for triggering the HOOK function under the common world REE to switch to the security world TEE to make the security policy decision and returning the security world REE according to the required number m of the CPU cycles.
Optionally, the calculation function expression of the single world switching overhead t that triggers the HOOK function to switch to the secure world TEE for making the security policy decision and returns to the common world REE under the common world REE calculated according to the required number m of CPU cycles is as follows: t = m/h, where m is the number of CPU cycles required to trigger the HOOK function to switch to the security server in the security world TEE to make a security policy decision and return the code running of the common world REE, and h is the processor dominant frequency.
In addition, the invention also provides a system for evaluating the performance of the TEE-based mandatory access control security enhancement framework, which comprises a microprocessor and a memory which are connected with each other, wherein the microprocessor is programmed or configured to execute the steps of the method for evaluating the performance of the TEE-based mandatory access control security enhancement framework.
Furthermore, the present invention also provides a computer-readable storage medium having stored therein a computer program programmed or configured to execute the TEE-based mandatory access control security enhancement framework performance evaluation method.
Compared with the prior art, the invention has the following advantages: the security policy of the mandatory access control security enhancement framework is finally implemented by a subset (a HOOK function set S) in the whole HOOK set, so that based on the distribution statistics of the number of times of each HOOK call in the full set range under a Benchmark, the performance cost under the Benchmark can be estimated by selecting the HOOK function set S implemented by the security policy requiring performance evaluation. For different HOOK set implementations of different security policies, the calculation is only needed under the data of the complete set to estimate the properties of the security policiesIt is possible, and not necessary, to make one measurement for each different security policy. The decoupling of the measurement and calculation can bring great flexibility and convenience to the performance estimation. Because the sum of the times of the HOOK calls is the world switching times, the method comprises the step of acquiring the running time R of the test single item i aiming at the test single item i appointed on the target performance test software i And the number of times n of HOOK function calls in the HOOK function set S for the evaluated mandatory access control security enhancement framework implementation i (ii) a According to T i =t×n i +R i And calculating the cost of the test single item i, wherein t is the cost of single world switching. The invention can realize the performance evaluation of the simulation evaluation of the performance on the premise that the TEE-based mandatory access control security enhancement framework is not particularly realized, and has the advantages of good expandability, good universality and strong flexibility. The method can be used for guiding the designer of the framework which HOOK functions have severe influence on the performance under the current application scene, so that better balance between the performance and the safety is made.
Drawings
FIG. 1 is a schematic diagram of a basic process flow of a method according to an embodiment of the present invention.
Fig. 2 is a schematic diagram of a world switching path according to an embodiment of the present invention.
Detailed Description
As shown in fig. 1, the method for evaluating the performance of the TEE-based mandatory access control security enhancement framework in the embodiment includes:
1) Aiming at a test single item i specified on target performance test software, acquiring the running time R of the test single item i in the common world REE i And a total number n of times of HOOK function calls in HOOK function set S implemented for the evaluated mandatory access control security enhancement framework i
2) According to T i =t×n i +R i Calculating to obtain the cost T of the test single item i i And t is the single world switching overhead of triggering the HOOK function to switch to the safe world TEE to make a safety strategy decision and then returning to the common world REE under the common world REE.
This embodiment is based on TEEThe basic principle of the mandatory access control security enhancement framework performance evaluation method is as follows: the security policy of the mandatory access control security enhancement framework is finally realized by a subset (a HOOK function set S) in the whole HOOK set, so that the performance cost of the HOOK function set S under Benchmark can be estimated by selecting the HOOK function set S which needs to be realized by the security policy of performance evaluation through the distribution statistics of the number of times of each HOOK call. Since the sum of the number of times of HOOK calls is the number of times of world switching, the number of times of HOOK function calls n in the HOOK function set S implemented by the test single item i in this embodiment for the evaluated mandatory access control security enhancement framework i Multiplying the single world switching cost t to obtain the HOOK call cost of the test item, and finally comparing the HOOK call cost with the running time R of the test item i i Summing, a quantitative assessment of the overall system overhead is possible.
In this embodiment, step 1) obtains the running time R of the test item i in the common world REE i And a total number of times n of HOOK function calls in the HOOK function set S for the evaluated mandatory access control security enhancement framework implementation i Comprises the following steps:
1.1 Operate a test item i in the common world REE for a specified number N 1 Then, recording the operation N of the test single item i 1 The average running time of the second time is used as the running time R of the test single item i i Recording test singles i run N 1 Aiming at the calling times of any HOOK function j, and taking the minimum value of the calling times as the calling time n of the HOOK function j when the test single item i runs i,j Obtaining a complete set containing the calling times of each HOOK function;
1.2 For the corpus containing the number of calls for each HOOK function, according to n i =Σ j∈S n i,j -b i Calculating the total times n of the HOOK function calls in the HOOK function set S realized by the test single item i aiming at the evaluated mandatory access control security enhancement framework i Wherein n is i,j Number of calls to HOOK function j to test a single item i, b i For testing the environmental background sound of a single item i, the environmental background sound refers to a background program in the common world REE orThe number of times the system service calls the HOOK function in operation.
When the influence of the environmental background sound on the result is removed, since a background program or system service is also running when the Benchmark is running, the obtained calling times are the sum of the background sound and the testing item HOOK calling times. In order to measure the background sound, the average running time is recorded while running the test item, the total calling times of each HOOK without running Benchmark are counted in the same time, and after 100 times of comparison tests, the environmental background sound b of the test single item i is averaged i . In this embodiment, after step 1.1) and before step 1.2), the method further includes measuring an environmental background sound b of the test item i i The steps of (1): aiming at a test single item i specified on target performance test software, recording a specified number N on the premise that the common world REE does not run any performance test software 2 The subsystem is at runtime R i Total number of calls of HOOK function in HOOK function set S implemented for evaluated mandatory access control security enhancement framework, and N 2 The average value of the total calling times is used as the environmental background sound b of the test single item i i . In this embodiment, the number N is specified 1 A specified number N 2 Equal in size, e.g. all taking the value 100 in this embodiment, the number N is specified 1 A specified number N 2 In addition, the values may not be equal, and the values are enough.
In this embodiment, before step 1), modifying an kernel of the common world REE operating system, adding a counter of a HOOK function to the kernel of the operating system, and adding 1 to the counter corresponding to the called HOOK function every time a call of the HOOK function is detected, thereby implementing the frequency statistical detection of the call of the HOOK function. Specifically, in this embodiment, the source code of the LSM security module in Kernel of version 4.4.28 is modified, and the number of calls for each HOOK is counted: and adding a statistical function in each HOOK function in the object manager, and adding 1 to a counter of the corresponding function each time the HOOK function is called.
Of course, the method of the present embodiment does not depend on specific target-specific performance testing software or test singles i. For example, the mandatory access control security enhancement framework evaluated in this embodiment is a Linux operating system-oriented mandatory access control security enhancement framework, and the target performance test software may be mainstream LMbench software or UnixBench software, or may also be various other available performance test software.
For a particular mandatory access control security enhancement framework, a switch occurrence point and a switch end point are determined. The execution flow of the system switch is also deterministic and can be quantified by the number of cycles (cycles). The time taken to run the same number of cycles of instructions on the same CPU is a constant value, so that the single switch time can be measured as a constant. Fig. 2 shows a MAC security enhancement framework based on OP-TEE, which is mainly composed of two parts: the general world and the secure world. The common world and the secure world have independent user space and kernel space, except that the common world cannot access the resources of the secure world, and the secure world can access all the resources. Therefore, the untrusted kernel, which is located in the general world, cannot tamper with data and functions in the secure world. And the two worlds communicate and switch between worlds by sending SMC requests through the security monitor. As a MAC solution in Linux, the implementation and decision parts of LSM correspond to the object manager and security server in the graph, respectively. It can be seen that the security server is put into the OP-TEE OS of the secure world for protection, while the object manager is not changed and is still put in the ordinary world. Therefore, each time the ordinary world triggers the HOOK function, the ordinary world switches to the security server of the security world to make a decision on the security policy. Under this architecture, the execution flow of a single world switch is from the object manager of the ordinary world kernel to the secure server located in the secure world kernel and then back to the object manager.
In this embodiment, step 2) further includes, before the step, a step of measuring a single world switching cost t that triggers the HOOK function to switch to the safe world TEE for making a security policy decision under the ordinary world REE, and then returns to the ordinary world REE: and measuring the number m of CPU cycles required by code operation of triggering the HOOK function under the common world to switch to a security server in the security world TEE to make a security policy decision and returning the code of the common world REE, calculating to obtain the single world switching cost t for triggering the HOOK function under the common world REE to switch to the security world TEE to make the security policy decision and returning the security world REE according to the required number m of the CPU cycles.
In this embodiment, the calculation function expression of the single world switching overhead t that triggers the HOOK function to switch to the secure world TEE for making the security policy decision and then returns to the common world REE according to the required CPU cycle number m is: t = m/h, where m is the number of CPU cycles required for triggering the HOOK function to switch to the security server in the security world TEE to make a security policy decision and return the code running of the common world REE, and h is the processor dominant frequency. Specifically, the overhead of a single world switch measured in the Hikey960 development board in this embodiment is 8501 CPU cycles, and the dominant frequency of the Hikey960 is 2.4G Hz. Therefore, under the architecture, the overhead of the single world switching can be obtained by dividing the CPU cycle number by the dominant frequency, and the overhead t of the single world switching is about 3.5 mu s.
In addition, the embodiment also provides a system for evaluating the performance of the TEE-based mandatory access control security enhancement framework, which comprises a microprocessor and a memory which are connected with each other, wherein the microprocessor is programmed or configured to execute the steps of the aforementioned method for evaluating the performance of the TEE-based mandatory access control security enhancement framework.
Furthermore, the present embodiment also provides a computer-readable storage medium, in which a computer program programmed or configured to execute the foregoing TEE-based mandatory access control security enhancement framework performance evaluation method is stored.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-readable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein. The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks. These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks. These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The above description is only a preferred embodiment of the present invention, and the protection scope of the present invention is not limited to the above embodiments, and all technical solutions belonging to the idea of the present invention belong to the protection scope of the present invention. It should be noted that modifications and embellishments within the scope of the invention may occur to those skilled in the art without departing from the principle of the invention, and are considered to be within the scope of the invention.

Claims (9)

1. A performance evaluation method of a mandatory access control security enhancement framework based on TEE is characterized by comprising the following steps:
1) Testing singles specified on target performance testing softwareiObtaining test items in the common world REEiRun time ofR i And a set of HOOK functions implemented for the assessed mandatory access control security enhancement frameworkSTotal number of times of HOOK function calls in (1)n i
2) According toT i =t×n i +R i Calculating to obtain a test itemiOverhead ofT i WhereintTriggering a HOOK function to switch to a safe world TEE under the common world REE to perform a safety strategy decision and then returning to the single world switching overhead of the common world REE;
step 1) obtaining test items in common world REEiRun time of (2)R i And a set of HOOK functions implemented for the assessed mandatory access control security enhancement frameworkSTotal number of times of HOOK function calls in (1)n i Comprises the following steps:
1.1 Will test the single itemiRunning a specified number N in the common world REE 1 Recording the test itemsiRun N 1 The average running time of the second time is used as a test single itemiRun time of (2)R i Recording test itemsiOperation N 1 For any HOOK functionjThe minimum value of the calling times is taken as a running test single itemiHour HOOK functionjNumber of callsn i,j Obtaining a complete set containing the calling times of each HOOK function;
1.2 For the corpus containing the number of calls to each HOOK function, according ton i j S n i,j -b i Calculating to obtain a test itemiHOOK function set implemented for an evaluated mandatory access control security enhancement frameworkSTotal number of times of HOOK function calls in (1)n i In whichn i,j For testing individual itemsiPerform a pair HOOK functionjThe number of calls of (a) to (b),b i for testing individual itemsiThe environment background sound refers to the number of times of the HOOK function call of the background program or system service in the ordinary world REE.
2. The TEE-based mandatory access control security enhancement framework performance evaluation method according to claim 1, further comprising a measurement test single after step 1.1) and before step 1.2)iEnvironment background sound ofb i The steps of (1): test order specified on target performance testing softwareiRecording the specified number N on the premise that the common world REE does not run any performance testing software 2 The subsystem is in operation timeR i HOOK Functions collection implemented internally to a mandatory access control security enhancement framework being evaluatedSThe total number of times of calling HOOK function is added, and N is added 2 The average value of the total calling times is taken as a test single itemiIs in the environment ofb i
3. The TEE-based mandatory access control security enhancement framework performance evaluation method of claim 2, wherein the specified number N 1 A specified number N 2 Are equal in size.
4. The TEE-based mandatory access control security enhancement framework performance evaluation method of claim 2, wherein step 1) is preceded by modifying a kernel of a common world REE operating system, adding a counter of a HOOK function to the kernel of the operating system, and adding 1 to the counter corresponding to the called HOOK function every time a HOOK function call is detected, thereby implementing a statistical detection of the number of times of the HOOK function calls.
5. The TEE based mandatory access control security enhancement framework performance evaluation method according to claim 2, wherein the evaluated mandatory access control security enhancement framework is a Linux operating system oriented mandatory access control security enhancement framework.
6. The TEE-based mandatory access control security enhancement framework performance evaluation method of claim 1, wherein step 2) is preceded by measuring a single world handover cost under the common world REE triggering a HOOK function to switch to the secure world TEE for security policy decision and returning to the common world REEtThe steps of (1): measuring the number of CPU cycles required for triggering HOOK function under the common world to switch to a security server in a security world TEE for making security policy decision and returning code running of the common world REEmAccording to the number of CPU cycles requiredmCalculating single world switching cost for triggering the HOOK function to switch to the safe world TEE to make a safety strategy decision and then returning to the common world REE under the common world REEt
7. The TEE-based mandatory access control security enhancement framework performance evaluation method of claim 6, wherein the number of CPU cycles required is based onmCalculating single world switching cost for triggering the HOOK function to switch to the safe world TEE to make a safety strategy decision and then returning to the common world REE under the common world REEtThe formula of the calculation function is:t=m/hwhereinmThe number of CPU cycles required to trigger the HOOK function under the normal world to switch to a security server in the secure world TEE to make a security policy decision and return the code running for the normal world REE,his the processor dominant frequency.
8. A TEE-based mandatory access control security enhancement framework performance evaluation system comprising a microprocessor and a memory connected to each other, characterized in that the microprocessor is programmed or configured to perform the steps of the TEE-based mandatory access control security enhancement framework performance evaluation method of any one of claims 1 to 7.
9. A computer-readable storage medium having stored thereon a computer program programmed or configured to perform the TEE-based mandatory access control security enhancement framework performance evaluation method of any of claims 1 to 7.
CN202110585417.9A 2021-05-27 2021-05-27 TEE-based mandatory access control security enhancement framework performance evaluation method and system Active CN113190869B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110585417.9A CN113190869B (en) 2021-05-27 2021-05-27 TEE-based mandatory access control security enhancement framework performance evaluation method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110585417.9A CN113190869B (en) 2021-05-27 2021-05-27 TEE-based mandatory access control security enhancement framework performance evaluation method and system

Publications (2)

Publication Number Publication Date
CN113190869A CN113190869A (en) 2021-07-30
CN113190869B true CN113190869B (en) 2022-10-11

Family

ID=76985431

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110585417.9A Active CN113190869B (en) 2021-05-27 2021-05-27 TEE-based mandatory access control security enhancement framework performance evaluation method and system

Country Status (1)

Country Link
CN (1) CN113190869B (en)

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111414246A (en) * 2020-04-01 2020-07-14 中国人民解放军国防科技大学 Cross-secure-world real-time function calling method and device on computing platform with TEE extension
CN111858004A (en) * 2020-07-21 2020-10-30 中国人民解放军国防科技大学 TEE expansion-based real-time application dynamic loading method and system for computer security world

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8510805B2 (en) * 2008-04-23 2013-08-13 Samsung Electronics Co., Ltd. Safe and efficient access control mechanisms for computing environments
CN101493873A (en) * 2009-03-04 2009-07-29 浪潮电子信息产业股份有限公司 Read-write operation access control method for WIN platform based on inner core layer technology
CN102521547B (en) * 2011-12-16 2014-09-24 华中科技大学 Protecting system for access control system in virtual domain
CN105528554B (en) * 2015-11-30 2019-04-05 华为技术有限公司 User interface switching method and terminal
CN110348252B (en) * 2018-04-02 2021-09-03 华为技术有限公司 Trust zone based operating system and method
CN109359450B (en) * 2018-10-29 2021-03-05 北京猎户星空科技有限公司 Security access method, device, equipment and storage medium of Linux system
CN110276214B (en) * 2019-06-12 2021-10-12 浙江大学 Dual-core trusted SOC architecture and method based on slave access protection
CN111400723A (en) * 2020-04-01 2020-07-10 中国人民解放军国防科技大学 TEE extension-based operating system kernel mandatory access control method and system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111414246A (en) * 2020-04-01 2020-07-14 中国人民解放军国防科技大学 Cross-secure-world real-time function calling method and device on computing platform with TEE extension
CN111858004A (en) * 2020-07-21 2020-10-30 中国人民解放军国防科技大学 TEE expansion-based real-time application dynamic loading method and system for computer security world

Also Published As

Publication number Publication date
CN113190869A (en) 2021-07-30

Similar Documents

Publication Publication Date Title
Gras et al. Translation leak-aside buffer: Defeating cache side-channel protections with {TLB} attacks
Briongos et al. Cacheshield: Detecting cache attacks through self-observation
Wang et al. {CacheD}: Identifying {Cache-Based} timing channels in production software
Zhang et al. Cloudradar: A real-time side-channel attack detection system in clouds
Bazm et al. Cache-based side-channel attacks detection through intel cache monitoring technology and hardware performance counters
US10936717B1 (en) Monitoring containers running on container host devices for detection of anomalies in current container behavior
Yarom et al. {FLUSH+ RELOAD}: A high resolution, low noise, l3 cache {Side-Channel} attack
Wang et al. Numchecker: Detecting kernel control-flow modifying rootkits by using hardware performance counters
Mushtaq et al. Run-time detection of prime+ probe side-channel attack on AES encryption algorithm
Sabbagh et al. Scadet: A side-channel attack detection tool for tracking prime-probe
Irazoqui et al. Mascat: Preventing microarchitectural attacks before distribution
JP2018520446A (en) Computer security system and method using asynchronous introspection exceptions
JP2018524756A (en) System and method for tracking malicious behavior across multiple software entities
Taubmann et al. Cloudphylactor: Harnessing mandatory access control for virtual machine introspection in cloud data centers
Milenkoski et al. Evaluation of intrusion detection systems in virtualized environments using attack injection
CN106909509B (en) A kind of virtual machine process code without acting on behalf of paging type gauging system and method
Sangeetha et al. An optimistic technique to detect Cache based Side Channel attacks in Cloud
Saxena et al. An AI-driven VM threat prediction model for multi-risks analysis-based cloud cybersecurity
US11361077B2 (en) Kernel-based proactive engine for malware detection
CN113190869B (en) TEE-based mandatory access control security enhancement framework performance evaluation method and system
Mushtaq et al. Sherlock holmes of cache side-channel attacks in Intel's x86 architecture
Zhang et al. See through walls: Detecting malware in sgx enclaves with sgx-bouncer
Kadiyala et al. LAMBDA: Lightweight assessment of malware for emBeddeD architectures
Pendergrass et al. Lkim: The linux kernel integrity measurer
Zhan et al. Checking virtual machine kernel control-flow integrity using a page-level dynamic tracing approach

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant