Resource Isolation

To enforce resource isolation, systems may make use of access control and security policies. The entities enforcing these policies, such as hypervisors, operating system kernels, middleware or applications, are themselves vulnerable to attacks. Therefore, improving the security of such policy-enforcing-entities (monitors) improves the security guarantees provided by the policies.
The main objective of the project is to design mechanisms that improve the security of monitors either through: (a) removing vulnerabilities present in the code base, (b) preventing such vulnerabilities from being reachable by attackers, or (c) in the presence of attacker-reachable vulnerabilities, preventing their exploitation.

Container Isolation component

The Container Isolation module provides two functionalities: First, it implements a tool used to extract and encrypt a Docker container image layer in order to safely transfer it into a target Docker host. Second, it enables a container to store its data over encrypted storage mediums, in order to ensure that the confidential data cannot be retrieved by an adversary with access in the host’s storage backend

Vulnerability Discovery

This tool behaves like a classic fuzz tester, by supplying mutated input to a program and observing its behaviour. Often, mutated input leads to crashes, and the crashes reveal ways of exploiting the program. Standard fuzzers however do not take into account the distributed nature of some of the software that powers the cloud. The distributed fuzzer will be optimized for distributed programs and components. The output is a series of crash reports including back-traces and the developer/tester can manually intervene to fix the bug and harden the code.