Xizhe Zhang,Yong Xie,Xuejia Lai,Shensheng Zhang,Zijian Deng

DOI: https://doi.org/10.1007/978-3-540-76843-2_39

2007-01-01

Abstract:This paper presents a unique multi-core security architecture based on EFI. This architecture combines secure EFI environment with insecure OS so that it supports secure and reliable bootstrap, hardware partition, encryption service, as well as real-time security monitoring and inspection. With this architecture, secure EFI environment provides users with a management console to authenticate, monitor and audit insecure OS. Here, an insecure OS is a general purpose OS such as Linux or Windows in which a user can perform ordinary jobs without obvious limitation and performance degradation. This architecture also has a unique capability to protect authentication rules and secure information such as encrypted data even if the security ability of an OS is compromised. A prototype was designed and implemented. Experiment and test results show great performance merits for this new architecture.

谢勇,来学嘉,张熙哲

DOI: https://doi.org/10.3969/j.issn.1000-3428.2008.22.061

2008-01-01

Abstract:The Extensible Firmware Interface(EFI)specification provides a standard environment for the program before booting an OS.This paper proposes a Dual-core EFI-based Security Architecture(DESA).EFI is a secure domain that is physically and logically separate,and performs several security components services such as real-time monitoring,co-processing and auditing.A prototype for virtual disk's secure access and real-time monitor is designed and implemented.Experimental results show that DESA can enhance performance and security improvements,and provide security services for OS with low performance cost.

Priyanka Prakash Surve,Oleg Brodt,Mark Yampolskiy,Yuval Elovici,Asaf Shabtai

2023-11-07

Abstract:The Unified Extensible Firmware Interface (UEFI) is a linchpin of modern computing systems, governing secure system initialization and booting. This paper is urgently needed because of the surge in UEFI-related attacks and vulnerabilities in recent years. Motivated by this urgent concern, we undertake an extensive exploration of the UEFI landscape, dissecting its distribution supply chain, booting process, and security features. We carefully study a spectrum of UEFI-targeted attacks and proofs of concept (PoCs) for exploiting UEFI-related vulnerabilities. Building upon these insights, we construct a comprehensive attack threat model encompassing threat actors, attack vectors, attack types, vulnerabilities, attack capabilities, and attacker objectives. Drawing inspiration from the MITRE ATT&CK framework, we present a MITRE ATT&CK-like taxonomy delineating tactics, techniques, and sub-techniques in the context of UEFI attacks. This taxonomy can provide a road map for identifying existing gaps and developing new techniques for rootkit prevention, detection, and removal. Finally, the paper discusses existing countermeasures against UEFI attacks including a variety of technical and operational measures that can be implemented to lower the risk of UEFI attacks to an acceptable level. This paper seeks to clarify the complexities of UEFI and equip the cybersecurity community with the necessary knowledge to strengthen the security of this critical component against a growing threat landscape.

Cryptography and Security

Zijian Deng,Xuejia Lai

DOI: https://doi.org/10.1109/sitis.2007.38

2008-01-01

Abstract:How to protect the sensitive information from unauthorized disclosure is one of the problems in computer security. In this paper we present a new method for preventing the sensitive file from unauthorized disclosure, Security File Management (SFM). SFM relies on Dual-Core technology, Extensible Firmware Interface and Trusted computing to provide a much high level of security than current solutions. All operations of sensitive files are run in Trusted Boundary. In this paper, we present the architecture of SFM, the initial designer and the security analysis.

Wei Hu,Tianzhou Chen,Zhenjie He,Qingsong Shi

2007-01-01

WSEAS TRANSACTIONS ON INFORMATION SCIENCE AND APPLICATIONS

Abstract:Information security, which covers a wide scope in application and research, has become a mainstream issue to protect the sensitive data. Meanwhile, firmware technology is experiencing a revolution, as the newly emerged EFI is replacing legacy BIOS. This paper gives an introduction to the challenges involved in securing EFI/Tiano framework, and discusses a set of principles as well as a method to design an efficient scalable cryptographic library for cryptographic protocols.

FU Si-yuan,LIU Gong-shen,LI Jian-hua

DOI: https://doi.org/10.3969/j.issn.1000-3428.2012.09.035

2012-01-01

Abstract:Unified Extensible Firmware Interface(UEFI) faces a grim challenges of malicious code attack.The traditional computer security software can not provide security for the firmware and operating system boot process.In order to solve the problem,this paper designs a malicious code defense system based on UEFI firmware.By using the multi-pattern matching algorithm,a signature detecting engine under UEFI environment is implemented,which provides functionally of malicious code detect,boot option analysis and firmware and operating system kernel backup.Experimental results prove that the system can effectively resist malicious code with small code size and low costs to meet the firmware's need of flash size and fast boot.

Liu Gongshen,Meng Kui,Fu Siyuan

DOI: https://doi.org/10.1109/icecc.2012.196

2012-01-01

Abstract:UEFI is an international standard which describes an interface between the OS and the platform firmware. To solve the low-level attack threats to computer system, a malicious software prevention system based on UEFI firmware is proposed in this paper. By using binary signature scanning technology, a malware detecting engine under UEFI environment is implemented, whose functions include malicious code detect, boot option analysis and firmware & OS Kernel backup. It is proved that this system can prevent malicious code attacks before the platform booting into the operating system with small storage size and low performance cost.

MAO Weifeng,PING Lingdi,JIANG Li,CHEN Xiaoping

DOI: https://doi.org/10.3969/j.issn.1000-3428.2006.12.068

2006-01-01

Abstract:SECOS is a secure operating system with independent intellectual property right,which accords with the requirements of level 4 secure operation system technology.This paper illustrates some key issues of the system,including design method for enchancement of security,improved model from the Bell-La Padula MAC(mandatory access control) implementation,the realization of the model,formal method during the system development,conversiion channel analysis and its prevention,and secure deletion.The performance evaluation shows the design and implementation of SECOS is effective.

Yajin Zhou,Xiaoguang Wang,Yue Chen,Zhi Wang

DOI: https://doi.org/10.1145/2660267.2660344

2014-01-01

Abstract:Software fault isolation (SFI) is an effective mechanism to confine untrusted modules inside isolated domains to protect their host applications. Since its debut, researchers have proposed different SFI systems for many purposes such as safe execution of untrusted native browser plugins. However, most of these systems focus on the x86 architecture. In recent years, ARM has become the dominant architecture for mobile devices and gains in popularity in data centers. Hence there is a compelling need for an efficient SFI system for the ARM architecture. Unfortunately, existing systems either have prohibitively high performance overhead or place various limitations on the memory layout and instructions of untrusted modules.In this paper, we propose ARMlock, a hardware-based fault isolation for ARM. It uniquely leverages the memory domain support in ARM processors to create multiple sandboxes. Memory accesses by the untrusted module (including read, write, and execution) are strictly confined by the hardware, and instructions running inside the sandbox execute at the same speed as those outside it. ARMlock imposes virtually no structural constraints on untrusted modules. For example, they can use self-modifying code, receive exceptions, and make system calls. Moreover, system calls can be interposed by ARMlock to enforce the policies set by the host. We have implemented a prototype of ARMlock for Linux that supports the popular ARMv6 and ARMv7 sub-architecture. Our security assessment and performance measurement show that ARMlock is practical, effective, and efficient.

Tianzhou Chen,Zhenjie He,Wei Hu

2006-01-01

Abstract:As one of the most significant cryptographic algorithms, the Advanced Encryption Standard (AES) will play a central role in securing information exchange and communication in the next decade. Though its basic elements are fully defined in terms of functionality, AES requires the best exploitation of implementation in order to achieve optimum performance on specific architectures. This paper focuses on Extensible Firmware Interface (EFI) which is being applied as the next generation firmware technology. We present a new AES usage model within framework of EFI/Tiano based on IA-32 platform, which is an efficient implementation with its improved performance.

Zheng Wei,Wu Ying,Wu Xiaoxue,Feng Chen,Sui Yulei,Luo Xiapu,Zhou Yajin

DOI: https://doi.org/10.1007/s11704-019-9096-y

IF: 2.6688

2020-01-01

Frontiers of Computer Science

Abstract:This paper presents a comprehensive survey on the development of Intel SGX (software guard extensions) processors and its applications. With the advent of SGX in 2013 and its subsequent development, the corresponding research works are also increasing rapidly. In order to get a more comprehensive literature review related to SGX, we have made a systematic analysis of the related papers in this area. We first search through five large-scale paper retrieval libraries by keywords (i.e., ACM Digital Library, IEEE/IET Electronic Library, SpringerLink, Web of Science, and Elsevier Science Direct). We read and analyze a total of 128 SGX-related papers. The first round of extensive study is conducted to classify them. The second round of intensive study is carried out to complete a comprehensive analysis of the paper from various aspects. We start with the working environment of SGX and make a conclusive summary of trusted execution environment (TEE). We then focus on the applications of SGX. We also review and study multifarious attack methods to SGX framework and some recent security improvements made on SGX. Finally, we summarize the advantages and disadvantages of SGX with some future research opportunities. We hope this review could help the existing and future research works on SGX and its application for both developers and users.

Ronny Chevalier,Stefano Cristalli,Christophe Hauser,Yan Shoshitaishvili,Ruoyu Wang,Christopher Kruegel,Giovanni Vigna,Danilo Bruschi,Andrea Lanzi

DOI: https://doi.org/10.1145/3292006.3300026

2019-03-29

Abstract:Boot firmware, like UEFI-compliant firmware, has been the target of numerous attacks, giving the attacker control over the entire system while being undetected. The measured boot mechanism of a computer platform ensures its integrity by using cryptographic measurements to detect such attacks. This is typically performed by relying on a Trusted Platform Module (TPM). Recent work, however, shows that vendors do not respect the specifications that have been devised to ensure the integrity of the firmware's loading process. As a result, attackers may bypass such measurement mechanisms and successfully load a modified firmware image while remaining unnoticed. In this paper we introduce BootKeeper, a static analysis approach verifying a set of key security properties on boot firmware images before deployment, to ensure the integrity of the measured boot process. We evaluate BootKeeper against several attacks on common boot firmware implementations and demonstrate its applicability.

Cryptography and Security

Chen Tianzhou,He Zhenjie,Hu Wei

DOI: https://doi.org/10.1109/itng.2006.56

2006-01-01

Abstract:The advanced encryption standard (AES) is one of the most important algorithms in modern cryptography. Although fully defined in terms of functionality, AES requires best exploitation to achieve optimum performance on specific architectures. Generally even highly optimized SW solutions are magnitude slower than dedicated HW solutions. Our work concentrates on extensible firmware interface (EFI) is being used as the next generation firmware technology contains much more benefits than legacy BIOS. To combine the unusually high speed with platform universality, we present a new usage model of AES for EFI/Tiano framework based on IA-32

JIANG Yiming,ZHANG Shensheng,SUN Yuanhao

DOI: https://doi.org/10.3969/j.issn.1000-3428.2007.14.097

2007-01-01

Abstract:The extensible firmware interface(EFI) specification provides a standard environment for booting an OS.And NUWA system is a graphics user interface specialized for EFI environment with multi-layer design model.Graphics abstract layer(GAL) and input abstract layer(IAL) are the two abstract layers in NUWA system independent of any hardware.And the codes to implement these two layers initiate the “graphics engine” of NUWA,like the drivers in OS.This paper introduces the implementation of GAL using the EFI drive model.

邓子健,来学嘉,何大可

DOI: https://doi.org/10.3969/j.issn.1001-3695.2009.01.108

2009-01-01

Abstract:This paper proposed a DRM terminal based on extensible firmware interface and dual-core.This platform could meet most security requirement of DRM,especially preventing the REK and decrypted content object bing leaked to consumer.Under the control of this architecture,shawed the detail of play process.Also gave a download model that protected the right issue from obtaining the sensitive information from the right object generated by content provider in semi-distributed P2P network.Finally,compared a performance of AES between Linux platform and EFI platform.This DRM terminal is a new way to carry out the DRM strategy.

Jia-min MA,Li PAN,Jie-wen YAO

DOI: https://doi.org/10.3969/j.issn.1000-3428.2014.07.057

2014-01-01

Abstract:With the increase of code vulnerabilities in Unified Extensible Firmware Interface(UEFI) firmware and the lack of effective vulnerability detection systems, this paper develops a fuzzy test system for UEFI firmware. It applies fuzzy test technique to UEFI firmware vulnerability detection. The system reuses test framework of Self Certification Test(SCT) system, generates test data through a special subsystem to ensure the quality and provides APIs for creating test cases. Also, the vulnerability detection capability of the system is revealed through real security vulnerability in UEFI firmware. Experimental results show that, test cases can be written more easily but with 15%higher code coverage than the SCT system based on this system, which ensures the ability to detect deep, high risk security vulnerabilities.

Rui Chang,Liehui Jiang,Wenzhi Chen,Yaobin Xie,Zhongyong Lu

DOI: https://doi.org/10.23919/tst.2017.8030534

2017-01-01

Tsinghua Science & Technology

Abstract:The run-time security guarantee is a hotspot in current cyberspace security research, especially on embedded terminals, such as smart hardware as well as wearable and mobile devices. Typically, these devices use universal hardware and software to connect with public networks via the Internet, and are probably open to security threats from Trojan viruses and other malware. As a result, the security of sensitive personal data is threatened and economic interests in the industry are compromised. To address the run-time security problems efficiently, first, a TrustEnclave-based secure architecture is proposed, and the trusted execution environment is constructed by hardware isolation technology. Then the prototype system is implemented on real TrustZone-enabled hardware devices. Finally, both analytical and experimental evaluations are provided. The experimental results demonstrate the effectiveness and feasibility of the proposed security scheme.

Mahsa Farahani,Ghazal Shenavar,Ali Hosseinghorban,Alireza Ejlali

2024-09-22

Abstract:Firmware serves as a foundational software layer in modern computers, initiating as the first code executed on platform hardware, similar in function to a minimal operating system. Defined as a software interface between an operating system and platform firmware, the Unified Extensible Firmware Interface (UEFI) standardizes system initialization and management. A prominent open-source implementation of UEFI, the EFI Development Kit II (EDK2), plays a crucial role in shaping firmware architecture. Despite its widespread adoption, the architecture faces challenges such as limited system resources at early stages and a lack of standard security features. Furthermore, the scarcity of open-source tools specifically designed for firmware analysis emphasizes the need for adaptable, innovative solutions. In this paper, we explore the application of general code audit tools to firmware, with a particular focus on EDK2. Although these tools were not originally designed for firmware analysis, they have proven effective in identifying critical areas for enhancement in firmware security. Our findings, derived from deploying key audit tools on EDK2, categorize these tools based on their methodologies and illustrate their capability to uncover unique firmware attributes, significantly contributing to the understanding and improvement of firmware security.

Cryptography and Security,Hardware Architecture,Software Engineering

Lei Han,Jiqiang Liu,Zhen Han,Xueye Wei

DOI: https://doi.org/10.1007/s11704-011-9180-4

2011-05-14

Frontiers of Computer Science in China

Abstract:In today’s globalized digital world, network-based, mobile, and interactive collaborations have enabled work platforms of personal computers to cross multiple geographical boundaries. The new requirements of privacy-preservation, sensitive information sharing, portability, remote attestation, and robust security create new problems in system design and implementation. There are critical demands for highly secure work platforms and security enhancing mechanisms for ensuring privacy protection, component integrity, sealed storage, and remote attestation of platforms. Trusted computing is a promising technology for enhancing the security of a platform using a trusted platform module (TPM). TPM is a tamper-resistant microcontroller designed to provide robust security capabilities for computing platforms. It typically is affixed to the motherboard with a low pin count (LPC) bus. However, it limited in that TPM cannot be used directly in current common personal computers (PCs), and TPM is not flexible and portable enough to be used in different platforms because of its interface with the PC and its certificate and key structure. For these reasons, we propose a portable trusted platform module (PTPM) scheme to build a trusted platform for the common PC based on a single cryptographic chip with a universal serial bus (USB) interface and extensible firmware interface (EFI), by which platforms can get a similar degree of security protection in general-purpose systems. We show the structure of certificates and keys, which can bind to platforms via a PTPM and provide users with portability and flexibility in different platforms while still allowing the user and platform to be protected and attested. The implementation of prototype system is described in detail and the performance of the PTPM on cryptographic operations and time-costs of the system bootstrap are evaluated and analyzed. The results of experiments show that PTPM has high performances for supporting trusted computing and it can be used flexibly and portably by the user.

CHEN Zhiping,LEI Hang,YANG Xia,LI Huan

DOI: https://doi.org/10.3969/j.issn.1000-3428.2007.01.028

2007-01-01

Abstract:Based on research and analysis of traditional embedded operating system security theories and technologies, combining with characteristics of embedded operating system, this paper puts forward a security kernel frame fit for embedded operating system: ESK(embedded security kernel). It has the characteristics as follows: self-determination configuring security attributions, mandatory access control, security signs and multi-strategy determinant. Through the reconstruction of Win CE operating system, the validity of the security kernel frame is validated.