TU BRAUNSCHWEIG
| Carl Friedrich Gauß Faculty | Department of Computer Science
Informatikzentrum

Automated Partitioning for Rust Applications

Student(anonymous, Login required)
SupervisorManuel Nieke
ProfessorProf. Dr. Rüdiger Kapitza
IBR GroupDS (Prof. Kapitza)
TypeBachelor Thesis
Statustentative

Introduction

With the widespread availability of trusted hardware, e.g. Intel's Software Guard Extenseions (SGX) included in most common Intel CPUs, confidential computing has received a lot of attention recently. Such hardware can be used to create Trusted Execution Environments (TEEs) which protect contained code and data against unintended access, even if an attacker has access to priviledged software or directly to the hardware.

Among its numerous applications is the possibility to enhance a program's privacy preservation, as is researched in the PRIMaTE project. One focus of this project is to evaluate the feasability of partitioning, i.e. introducing multiple TEEs into the application, as a means of enhancing privacy even in the presence of exploitable software vulnerabilities.

Problem statement

Experience has shown that manually extending an application with a TEE is time consuming, and even more so if several partitions should be used. In order to make partitioning a viable approach to protect applications, it is, therefore, necessary to automate this process as much as possible. For this process, a data accessibility analysis, which is performed by an existing framework, should be used as the basis for the partitioning.

Task description

The goal of this thesis is the design and implementation of a tool for automated partitioning of given applications. This tool should take input from the existing data accessibility framework to make its decision for a good partitioning and generate it. As the data analysis framework is limited to applications written in Rust, the partitioning will be applied to such applications as well.

Prerequisites

  • Knowledge of Rust
  • Willingness to work with Intel SGX

last changed 2020-05-18, 16:26 by Manuel Nieke
printemailtop