Faculty Search Colloquium: Leveraging Emerging Storage Functionality for New Security Services
|Author:||Kevin Butler Pennsylvania State University|
|Date:||March 01, 2010|
The complexity of modern operating systems makes securing them a challenging problem. However, changes in the computing model, such as the rise of cloud computing and smarter peripherals, have presented opportunities to reconsider system architectures, as we move from traditional "stove-pipe" computing to distributed systems. In particular, we can build trustworthy components that act to provide security in complex systems.
This talk discusses how new disk architectures may be exploited to aid the protection of systems by acting as policy decision and enforcement points. We prototype disks that enforce data immutability at the block level on critical system data, preventing malicious code from inserting itself into system configuration and boot files. We then examine how storage may be used to ensure the integrity state of hosts prior to allowing access to data, and how such a design improves the security of portable storage devices. Using continual measurements of system state, we show through formal reasoning that such a device enforces guarantees that data is read and written while the host is in a good state. Finally, I will discuss how secure disk architectures can be used as the basis for large-scale and distributed system security as I detail my future research agenda.
Kevin Butler is a Ph.D. candidate in Computer Science and Engineering at The Pennsylvania State University. Kevin's research focuses on the security of storage, large-scale systems, and networks. He has also examined malware propagation and web systems, and was a member of the EVEREST study of voting machines for the State of Ohio. Kevin is a recipient of the Symantec Graduate Fellowship and the Penn State Alumni Association Dissertation Award, and has been a member of over 20 conference program committees. After receving his M.S. in electrical engineering from Columbia University in 2003, Kevin worked in the Secure Systems Group at AT&T Labs-Research. He also has industrial experience in network operations and research.