CISR - Lecturer Archive

Ruby Lee, Princeton
September 7, 2006:

Protecting Critical Secrets with SP Processors
Ruby B. Lee - Princeton University
Spanagel 101A - 1500-1550, Thursday September 07, 2006

A primary concern of users of computing devices is the protection of their sensitive or secret information. This includes information in both local and remote storage, during transmission and during computation. Ubiquity of networking and third-party software downloads increase the threats of undesirable observation, corruption, loss or leakage of secret or sensitive information. In typical environments, adversaries can exploit software vulnerabilities to compromise software locally or remotely, including possibly the commodity operating system, and can also steal devices or gain physical access. Can anything be done by the processor hardware to provide fundamental hooks for enhancing the protection of a user's secret information?

We propose Secret-Protected (SP) architecture, which is a minimalist set of hardware features that can be added to any microprocessor or embedded processor, which protects the "master secrets" that in turn protect other keys and encrypted information, programs and data. We also provide a secure execution environment, when the protected keys are used by software. A user is not tied to a single device, but can conveniently access his protected information on-line from multiple SP devices. In scenarios like crisis response where the user may use certain keys to gain temporary access to protected information, we also define an "authority mode" for SP devices. SP architecture is a concrete example that enhanced security can be provided without compromising performance, cost or usability. SP architecture is part of the SecureCore research project involving Princeton, NPS and USC, funded by DARPA and NSF Cybertrust. SecureCore investigates a clean-slate coordinated design of a security-aware processor, a secure operating system kernel, and secure mobile networking for commodity computing and communications devices.

Speaker's Biography:
Ruby B. Lee is the Forrest G. Hamrick Professor of Engineering and Professor of Electrical Engineering at Princeton University, with an affiliated appointment in the Computer Science Department. She is the director of the Princeton Architecture Laboratory for Multimedia and Security (PALMS). Her current research is in building security into core computer architecture, protecting critical information, providing hardware "safety-nets" for software vulnerabilities, mitigating information leaks boosted by modern microprocessor architecture features, and designing innovative instruction-set architecture to accelerate software cryptography and cryptanalysis. She is a Fellow of the ACM, Fellow of the IEEE, Associate Editor-in-Chief of IEEE Micro and Editorial Board member of IEEE Security and Privacy.

Prior to joining the Princeton faculty in 1998, Dr. Lee served as chief architect at Hewlett-Packard, responsible at different times for processor architecture, multimedia architecture and security architecture. She was a key architect of PA-RISC used in HP workstations and servers. She pioneered adding multimedia instructions to microprocessors, facilitating ubiquitous and pervasive multimedia. She has a Ph.D. in Electrical Engineering and a M.S. in Computer Science, both from Stanford University, and an A.B. with distinction from Cornell University, where she was a College Scholar. She has been granted over 115 United States and international patents, and has authored numerous conference and journal papers on computer architecture, multimedia and security topics.