Trusted Enforcement of Application-specific Security Policies
This work addresses security policy enforcement for applications with high-abstraction objects, offering a more tamperproof and correct solution, though it appears incremental by building on existing trusted execution environment concepts.
The paper tackles the problem of enforcing application-specific security policies without relying on large, complex trusted computing bases by proposing AppSPEAR, a configurable C++ framework that leverages hardware-based trusted execution environments, and demonstrates its effectiveness through a practical evaluation on an electronic medical record system.
While there have been approaches for integrating security policies into operating systems (OSs) for more than two decades, applications often use objects of higher abstraction requiring individual security policies with application-specific semantics. Due to insufficient OS support, current approaches for enforcing application-level policies typically lead to large and complex trusted computing bases rendering tamperproofness and correctness difficult to achieve. To mitigate this problem, we propose the application-level policy enforcement architecture AppSPEAR and a C++ framework for its implementation. The configurable framework enables developers to balance enforcement rigor and costs imposed by different implementation alternatives and thus to easily tailor an AppSPEAR implementation to individual application requirements. We especially argue that hardware-based trusted execution environments offer an optimal balance between effectiveness and efficiency of policy protection and enforcement. This claim is substantiated by a practical evaluation based on an electronic medical record system.