New security architectures based on emerging disk functionality

Kevin Butler, Steve McLaughlin, Thomas Moyer, Patrick McDaniel

Research output: Contribution to journalArticle

1 Citation (Scopus)

Abstract

Securing operating systems has become increasingly difficult as their size and complexity continue to grow. New advances in hard disk technologies, however, provide a means for helping to manage this complexity; the new functionality made available at the disk level allows them to be used as security policy enforcement sites that are autonomous from the rest of the system. The proposed SwitchBlade architecture provides isolation for multiple OSs running on a single machine by confining them into segments that users can only access using a physical token. The authors show that the isolation guarantees SwitchBlade provides are equivalent to physically separate systems without the traditional usability burdens.

Original languageEnglish (US)
Article number5456358
Pages (from-to)34-41
Number of pages8
JournalIEEE Security and Privacy
Volume8
Issue number5
DOIs
StatePublished - Sep 1 2010

Fingerprint

Hard disk storage
functionality
social isolation
security policy
guarantee

All Science Journal Classification (ASJC) codes

  • Computer Networks and Communications
  • Electrical and Electronic Engineering
  • Law

Cite this

Butler, Kevin ; McLaughlin, Steve ; Moyer, Thomas ; McDaniel, Patrick. / New security architectures based on emerging disk functionality. In: IEEE Security and Privacy. 2010 ; Vol. 8, No. 5. pp. 34-41.
@article{a00cc25e9a1d4f5aa56e216f824bae90,
title = "New security architectures based on emerging disk functionality",
abstract = "Securing operating systems has become increasingly difficult as their size and complexity continue to grow. New advances in hard disk technologies, however, provide a means for helping to manage this complexity; the new functionality made available at the disk level allows them to be used as security policy enforcement sites that are autonomous from the rest of the system. The proposed SwitchBlade architecture provides isolation for multiple OSs running on a single machine by confining them into segments that users can only access using a physical token. The authors show that the isolation guarantees SwitchBlade provides are equivalent to physically separate systems without the traditional usability burdens.",
author = "Kevin Butler and Steve McLaughlin and Thomas Moyer and Patrick McDaniel",
year = "2010",
month = "9",
day = "1",
doi = "10.1109/MSP.2010.90",
language = "English (US)",
volume = "8",
pages = "34--41",
journal = "IEEE Security and Privacy",
issn = "1540-7993",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
number = "5",

}

New security architectures based on emerging disk functionality. / Butler, Kevin; McLaughlin, Steve; Moyer, Thomas; McDaniel, Patrick.

In: IEEE Security and Privacy, Vol. 8, No. 5, 5456358, 01.09.2010, p. 34-41.

Research output: Contribution to journalArticle

TY - JOUR

T1 - New security architectures based on emerging disk functionality

AU - Butler, Kevin

AU - McLaughlin, Steve

AU - Moyer, Thomas

AU - McDaniel, Patrick

PY - 2010/9/1

Y1 - 2010/9/1

N2 - Securing operating systems has become increasingly difficult as their size and complexity continue to grow. New advances in hard disk technologies, however, provide a means for helping to manage this complexity; the new functionality made available at the disk level allows them to be used as security policy enforcement sites that are autonomous from the rest of the system. The proposed SwitchBlade architecture provides isolation for multiple OSs running on a single machine by confining them into segments that users can only access using a physical token. The authors show that the isolation guarantees SwitchBlade provides are equivalent to physically separate systems without the traditional usability burdens.

AB - Securing operating systems has become increasingly difficult as their size and complexity continue to grow. New advances in hard disk technologies, however, provide a means for helping to manage this complexity; the new functionality made available at the disk level allows them to be used as security policy enforcement sites that are autonomous from the rest of the system. The proposed SwitchBlade architecture provides isolation for multiple OSs running on a single machine by confining them into segments that users can only access using a physical token. The authors show that the isolation guarantees SwitchBlade provides are equivalent to physically separate systems without the traditional usability burdens.

UR - http://www.scopus.com/inward/record.url?scp=77958129275&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=77958129275&partnerID=8YFLogxK

U2 - 10.1109/MSP.2010.90

DO - 10.1109/MSP.2010.90

M3 - Article

AN - SCOPUS:77958129275

VL - 8

SP - 34

EP - 41

JO - IEEE Security and Privacy

JF - IEEE Security and Privacy

SN - 1540-7993

IS - 5

M1 - 5456358

ER -