CubicleOS: A library OS with software componentisation for practical isolation

Sartakov, Vasily; Pietzuch, Peter; Vilanova, Lluís

doi:https://www.dx.doi.org/10.1145/3445814.3446731

File(s)

asplos21main-p486-p-f2c1080e6d-49505-final.pdf (324.34 KB)

Published version

Author(s)

Sartakov, Vasily

Pietzuch, Peter

Vilanova, Lluís

Type

Conference Paper

Abstract

Library OSs have been proposed to deploy applications isolated inside containers, VMs, or trusted execution environments. They often follow a highly modular design in which third-party components are combined to offer the OS functionality needed by an application, and they are customised at compilation and deployment time to fit application requirements. Yet their monolithic design lacks isolation across components: when applications and OS components contain security-sensitive data (e.g., cryptographic keys or user data), the lack of isolation renders library OSs open to security breaches via malicious or vulnerable third-party components.

Date Issued

2021-04-17

Date Acceptance

2021-03-12

Citation

Proceedings of the 26th ACM International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS ’21), 2021, pp.546-558

URI

http://hdl.handle.net/10044/1/99118

URL

https://dl.acm.org/doi/10.1145/3445814.3446731

DOI

https://www.dx.doi.org/10.1145/3445814.3446731

Publisher

ACM

Start Page

546

End Page

558

Journal / Book Title

Proceedings of the 26th ACM International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS ’21)

Copyright Statement

Sponsor

Engineering & Physical Science Research Council (EPSRC)

Identifier

https://dl.acm.org/doi/10.1145/3445814.3446731

Grant Number

EP/V000365/1

Source

Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS ’21)

Start Date

2021-04-19

Finish Date

2021-04-23

Coverage Spatial

New York, NY, United States

Date Publish Online

2021-04-17