CS Special Seminar: Jan-Erik Ekberg "Hardware -assisted memory protection"

Hardware -assisted memory protection

Jan-Erik Ekberg
Huawei & Aalto University

Abstract: Contemporary and soon-to emerge commercial processors carry architectural features that, when used, allows for authentication of register content when such are stored in memory, memory tagging (or coloring) so that mutually exclusive memory domains at a high resolution can be set up. Flow-control features such as shadow stacks and branch-target protections complete the picture. My talk will be about recent and ongoing research where we leverage these features in the compiler pipeline or by software design -- providing solutions for call-flow integrity and data safety for both user-space programs and code at higher privilege levels. My intent is to provide a panorama and share insight into how these features can be leveraged for security, as well as to shed light on the functional and performance cost of doing so. 

Bio: Dr. Jan-Erik Ekberg has worked in the telecom industry with the topic of securing mobile and embedded devices for 20+ years. He has participated in security standardization (Mobile TPM, WLAN, BT, BLE security, GP TEE standards) and he is the holder of 80+ patent families in the field of trusted execution environments, secure enclaves, smart cards etc. Jan-Erik's current affiliation is Head of Helsinki System Security Laboratory in Huawei, Finland, but he also serves as adjunct professor in Computer Science (Security) in his alma mater, Aalto University. One of Jan-Erik's recent research interests is on hardware-assisted memory protection technologies, and how these are efficiently used to mitigate attacks in contemporary computing devices.