RVsec: Towards a Comprehensive Technology Stack for Secure Deployment of Software Monitors
Runtime monitors frequently need to be deployed in highly secure software environments to help further secure the system under scrutiny. In such contexts, the monitor could benefit from security hardening over and above the rest of the system since the monitoring component is of particular interest to the attacker. If the attacker successfully disables the monitor, the attack can be executed without potential alarms being raised, leave no evidence behind. Furthermore, due to separation of concerns inherent in runtime verification, monitors are typically separated from the rest of the system, facilitating isolation and a hardened security environment which would otherwise be difficult to achieve for the whole system.
The combination of these two observations, motivate us to consider a number of approaches for increased monitor security which we present as a generic framework called RVsec which could be instantiated in various contexts. Using a quantum-safe chat application as a case study, we present a pragmatic solution to various threat scenarios while considering the trade-offs in terms of additional setup and runtime costs.
Slides (paper01ColomboCurmiAbela.pdf) | 1.79MiB |
Thu 19 SepDisplayed time zone: Amsterdam, Berlin, Bern, Rome, Stockholm, Vienna change
14:30 - 15:00 | |||
14:30 30mTalk | RVsec: Towards a Comprehensive Technology Stack for Secure Deployment of Software Monitors VORTEX File Attached |