CODOMs: Protecting software with Code-centric memory Domains

Lluis Vilanova; Muli Ben-Yehuda; Nacho Navarro; Yoav Etsion; Mateo Valero

doi:10.1109/ISCA.2014.6853202

CODOMs: Protecting software with Code-centric memory Domains

Lluis Vilanova, Muli Ben-Yehuda, Nacho Navarro, Yoav Etsion, Mateo Valero

Electrical and Computer Engineering

Technion - Israel Institute of Technology

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

Abstract

Today's complex software systems are neither secure nor reliable. The rudimentary software protection primitives provided by current hardware forces systems to run many distrusting software components (e.g., procedures, libraries, plugins, modules) in the same protection domain, or otherwise suffer degraded performance from address space switches. We present CODOMs (COde-centric memory DOMains), a novel architecture that can provide finer-grained isolation between software components with effectively zero run-time overhead, all at a fraction of the complexity of other approaches. An implementation of CODOMs in a cycle-accurate full-system x86 simulator demonstrates that with the right hardware support, finer-grained protection and run-time performance can peacefully coexist.

Original language	English
Title of host publication	41st Annual International Symposium on Computer Architecture, ISCA 2014 - Conference Proceedings
Pages	469-480
Number of pages	12
DOIs	https://doi.org/10.1109/ISCA.2014.6853202
State	Published - 2014
Event	2014 ACM/IEEE 41st International Symposium on Computer Architecture, ISCA 2014 - Minneapolis, MN, United States Duration: 14 Jun 2014 → 18 Jun 2014

Publication series

Name	Proceedings - International Symposium on Computer Architecture

Conference

Conference	2014 ACM/IEEE 41st International Symposium on Computer Architecture, ISCA 2014
Country/Territory	United States
City	Minneapolis, MN
Period	14/06/14 → 18/06/14

All Science Journal Classification (ASJC) codes

Hardware and Architecture

Access to Document

10.1109/ISCA.2014.6853202

Cite this

Vilanova, L., Ben-Yehuda, M., Navarro, N., Etsion, Y., & Valero, M. (2014). CODOMs: Protecting software with Code-centric memory Domains. In 41st Annual International Symposium on Computer Architecture, ISCA 2014 - Conference Proceedings (pp. 469-480). Article 6853202 (Proceedings - International Symposium on Computer Architecture). https://doi.org/10.1109/ISCA.2014.6853202

@inproceedings{193dd5f2404f4de7a4c10d2f2d856b20,

title = "CODOMs: Protecting software with Code-centric memory Domains",

abstract = "Today's complex software systems are neither secure nor reliable. The rudimentary software protection primitives provided by current hardware forces systems to run many distrusting software components (e.g., procedures, libraries, plugins, modules) in the same protection domain, or otherwise suffer degraded performance from address space switches. We present CODOMs (COde-centric memory DOMains), a novel architecture that can provide finer-grained isolation between software components with effectively zero run-time overhead, all at a fraction of the complexity of other approaches. An implementation of CODOMs in a cycle-accurate full-system x86 simulator demonstrates that with the right hardware support, finer-grained protection and run-time performance can peacefully coexist.",

author = "Lluis Vilanova and Muli Ben-Yehuda and Nacho Navarro and Yoav Etsion and Mateo Valero",

year = "2014",

doi = "10.1109/ISCA.2014.6853202",

language = "الإنجليزيّة",

isbn = "9781479943968",

series = "Proceedings - International Symposium on Computer Architecture",

pages = "469--480",

booktitle = "41st Annual International Symposium on Computer Architecture, ISCA 2014 - Conference Proceedings",

note = "2014 ACM/IEEE 41st International Symposium on Computer Architecture, ISCA 2014 ; Conference date: 14-06-2014 Through 18-06-2014",

}

Vilanova, L, Ben-Yehuda, M, Navarro, N, Etsion, Y & Valero, M 2014, CODOMs: Protecting software with Code-centric memory Domains. in 41st Annual International Symposium on Computer Architecture, ISCA 2014 - Conference Proceedings., 6853202, Proceedings - International Symposium on Computer Architecture, pp. 469-480, 2014 ACM/IEEE 41st International Symposium on Computer Architecture, ISCA 2014, Minneapolis, MN, United States, 14/06/14. https://doi.org/10.1109/ISCA.2014.6853202

CODOMs: Protecting software with Code-centric memory Domains. / Vilanova, Lluis; Ben-Yehuda, Muli; Navarro, Nacho et al.
41st Annual International Symposium on Computer Architecture, ISCA 2014 - Conference Proceedings. 2014. p. 469-480 6853202 (Proceedings - International Symposium on Computer Architecture).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - CODOMs

T2 - 2014 ACM/IEEE 41st International Symposium on Computer Architecture, ISCA 2014

AU - Vilanova, Lluis

AU - Ben-Yehuda, Muli

AU - Navarro, Nacho

AU - Etsion, Yoav

AU - Valero, Mateo

PY - 2014

Y1 - 2014

N2 - Today's complex software systems are neither secure nor reliable. The rudimentary software protection primitives provided by current hardware forces systems to run many distrusting software components (e.g., procedures, libraries, plugins, modules) in the same protection domain, or otherwise suffer degraded performance from address space switches. We present CODOMs (COde-centric memory DOMains), a novel architecture that can provide finer-grained isolation between software components with effectively zero run-time overhead, all at a fraction of the complexity of other approaches. An implementation of CODOMs in a cycle-accurate full-system x86 simulator demonstrates that with the right hardware support, finer-grained protection and run-time performance can peacefully coexist.

AB - Today's complex software systems are neither secure nor reliable. The rudimentary software protection primitives provided by current hardware forces systems to run many distrusting software components (e.g., procedures, libraries, plugins, modules) in the same protection domain, or otherwise suffer degraded performance from address space switches. We present CODOMs (COde-centric memory DOMains), a novel architecture that can provide finer-grained isolation between software components with effectively zero run-time overhead, all at a fraction of the complexity of other approaches. An implementation of CODOMs in a cycle-accurate full-system x86 simulator demonstrates that with the right hardware support, finer-grained protection and run-time performance can peacefully coexist.

UR - http://www.scopus.com/inward/record.url?scp=84905459124&partnerID=8YFLogxK

U2 - 10.1109/ISCA.2014.6853202

DO - 10.1109/ISCA.2014.6853202

M3 - منشور من مؤتمر

SN - 9781479943968

T3 - Proceedings - International Symposium on Computer Architecture

SP - 469

EP - 480

BT - 41st Annual International Symposium on Computer Architecture, ISCA 2014 - Conference Proceedings

Y2 - 14 June 2014 through 18 June 2014

ER -

CODOMs: Protecting software with Code-centric memory Domains

Abstract

Publication series

Conference

All Science Journal Classification (ASJC) codes

Access to Document

Other files and links

Fingerprint

Cite this