CoMeT: Configurable Tagged Memory Extension

Commodity processor architectures are releasing various instruction set extensions to support security solutions for the efficient mitigation of memory vulnerabilities. Among them, tagged memory extension (TME), such as ARM MTE and SPARC ADI, can prevent unauthorized memory access by utilizing tagged memory. However, our analysis found that TME has performance and security issues in practical use. To alleviate these, in this paper, we propose CoMeT, a new instruction set extension for tagged memory. The key idea behind CoMeT is not only to check whether the tag values in the address tag and memory tag are matched, but also to check the access permissions for each tag value. We implemented the prototype of CoMeT on the RISC-V platform. Our evaluation results confirm that CoMeT can be utilized to efficiently implement well-known security solutions, i.e., shadow stack and in-process isolation, without compromising security.

Evaluation of mobile games in the context of content: What do children face when playing mobile games?

The aim of this study is to examine mobile games in the context of their content and to evaluate the situations faced by children through document analysis in terms of age-rating, game score, access permissions, the inclusion of advertisements, in-game purchases, encouraging consumerism, the inclusion of violence, bad habits, and educational value. The review and rating data of the games which can be found in Common Sense Media and Google Play Store were included in the study. These data were analyzed by descriptive content analysis using frequency (f) and percentage(%) values. According to our findings, it was revealed that 92% of the games involved in the study included in-game purchases and 75% of them included advertising. As a result of the investigations, it was also found that mobile games requested a lot of access permissions during installation. In addition, it was concluded that 90% of mobile games encouraged consumerism and 50% contained violence and fear elements. We think that the results are important in the way that they reveal the possible risks encountered by young people while they are playing mobile games and also in terms of increasing the awareness on the subject for both the users and their parents.

Concise Read-Only Specifications for Better Synthesis of Programs with Pointers

In program synthesis there is a well-known trade-off between concise and strong specifications: if a specification is too verbose, it might be harder to write than the program; if it is too weak, the synthesised program might not match the user’s intent. In this work we explore the use of annotations for restricting memory access permissions in program synthesis, and show that they can make specifications much stronger while remaining surprisingly concise. Specifically, we enhance Synthetic Separation Logic (SSL), a framework for synthesis of heap-manipulating programs, with the logical mechanism of read-only borrows.We observe that this minimalistic and conservative SSL extension benefits the synthesis in several ways, making it more (a) expressive (stronger correctness guarantees are achieved with a modest annotation overhead), (b) effective (it produces more concise and easier-to-read programs), (c) efficient (faster synthesis), and (d) robust (synthesis efficiency is less affected by the choice of the search heuristic). We explain the intuition and provide formal treatment for read-only borrows. We substantiate the claims (a)–(d) by describing our quantitative evaluation of the borrowing-aware synthesis implementation on a series of standard benchmark specifications for various heap-manipulating programs.

Evolution of the VISPA-project

VISPA (Visual Physics Analysis) is a web-platform that enables users to work on any secure shell (SSH) reachable resource using just their webbrowser. It is used successfully in research and education for HEP data analysis. The emerging JupyterLab is an ideal choice for a comprehensive, browser-based, and extensible work environment and we seek to unify it with the efforts of the VISPA-project. The primary objective is to provide the user with the freedom to access any external resources at their disposal, while maintaining a smooth integration of preconfigured ones including their access permissions. Additionally, specialized HEP tools, such as native format data browsers (ROOT, PXL), are being migrated from VISPA- to JupyterLab-extensions as well. We present these concepts and their implementation progress.

Impact of Excessive Access Permissions and Insider Threat Opportunity in the Financial Industry

The purpose of this qualitative, exploratory research study was to gain insights into the correlations between: (a) security threats related to the dangers of excessive access permissions in information systems (IS); and (b) the potential risk exposure to insider threat in the financial sector. The study examined the vulnerability risk to insider threats from the view of the possible connection to excessive access permissions which represent a gap in the literature. The central research question of the study was: What are the determinants that influence the applicability of internal security controls such as segregation of duties (SoD), the least privilege principle, the need-to-know concept and the relationship between access permissions and insider threat in IS? A sample of 15 financial sector professionals that included business users, IT personnel, and certified fraud examiners were interviewed to answer the central research question.

A concurrent constraint programming interpretation of access permissions

A recent trend in object-oriented programming languages is the use of access permissions (APs) as an abstraction for controlling concurrent executions of programs. The use of AP source code annotations defines a protocol specifying how object references can access the mutable state of objects. Although the use of APs simplifies the task of writing concurrent code, an unsystematic use of them can lead to subtle problems. This paper presents a declarative interpretation of APs as linear concurrent constraint programs (lcc). We represent APs as constraints (i.e., formulas in logic) in an underlying constraint system whose entailment relation models the transformation rules of APs. Moreover, we use processes inlccto model the dependencies imposed by APs, thus allowing the faithful representation of their flow in the program. We verify relevant properties about AP programs by taking advantage of the interpretation oflccprocesses as formulas in Girard's intuitionistic linear logic (ILL). Properties include deadlock detection, program correctness (whether programs adhere to their AP specifications or not), and the ability of methods to run concurrently. By relying on a focusing discipline for ILL, we provide a complexity measure for proofs of the above-mentioned properties. The effectiveness of our verification techniques is demonstrated by implementing the Alcove tool that includes an animator and a verifier. The former executes thelccmodel, observing the flow of APs, and quickly finding inconsistencies of the APs vis-à-vis the implementation. The latter is an automatic theorem prover based on ILL.