Show simple item record

dc.contributor.authorNam, Myoung Jinen
dc.contributor.authorAkritidis, Periklisen
dc.contributor.authorGreaves, Daviden
dc.date.accessioned2019-12-16T15:11:42Z
dc.date.available2019-12-16T15:11:42Z
dc.identifier.urihttps://www.repository.cam.ac.uk/handle/1810/299949
dc.description.abstractSecurity mechanisms for systems programming languages, such as fine-grained memory protection for C/C++, authorize operations at runtime using access rights associated with objects and pointers. The cost of such fine-grained capability-based security models is dominated by metadata updates and lookups, making efficient metadata management the key for minimizing performance impact. Existing approaches reduce metadata management overheads by sacrificing precision, breaking binary compatibility by changing object memory layout, or wasting space with excessive alignment or large shadow memory spaces. We propose FRAMER, a capability framework with object granu- larity. Its sound and deterministic per-object metadata management mechanism enables direct access to metadata by calculating their location from a tagged pointer to the object and a compact sup- plementary table. This may improve the performance of memory safety, type safety, thread safety and garbage collection, or any so- lution that needs to map pointers to metadata. FRAMER improves over previous solutions by simultaneously (1) providing a novel encoding that derives the location of per-object metadata with low memory overhead and without any assumption of objects’ align- ment or size, (2) offering flexibility in metadata placement and size, (3) saving space by removing any padding or re-alignment, and (4) avoiding internal object memory layout changes. We evaluate FRAMER with a use case on memory safety.
dc.rightsAll rights reserved
dc.titleFRAMER: a tagged-pointer capability system with memory safety applicationsen
dc.typeConference Object
dc.identifier.doi10.17863/CAM.47019
dcterms.dateAccepted2019-09-21en
rioxxterms.versionofrecord10.1145/3359789.3359799en
rioxxterms.versionVoR
rioxxterms.licenseref.urihttp://www.rioxx.net/licenses/all-rights-reserveden
rioxxterms.licenseref.startdate2019-09-21en
dc.contributor.orcidGreaves, David [0000-0002-3766-4180]
rioxxterms.typeConference Paper/Proceeding/Abstracten
pubs.conference-name2019 Annual Computer Security Applications Conference (ACSAC 2019)en
pubs.conference-start-date2019-12-09en


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record