Secure Application Partitioning for Intellectual Property Protection

Intellectual property protection is a major concern for both hardware and software architects today. Recently secure platforms have been proposed to protect the privacy of application code and enforce that an application can only be run or accessed by authorized hosts. Unfortunately, these capabilities incur a sizeable performance overhead. Partitioning an application into secure and insecure regions can help diminish overheads but invalidates guarantees of privacy and access control. This work examines the problem of securely partitioning an application into public and private regions so that private code confidentiality is guaranteed and only authorized hosts can execute the application. This problem must be framed within the context of whole application execution for any solution to have meaning, which is a critical point when evaluating software security. The adversarial model presented balances practical generality with concrete security guarantees, and it is shown that under this model the best attack possible is a “Memoization Attack.” A practical Memoization Attack is implemented, and experimentation reveals that naive partitioning strategies can expose the functionality of hidden code in real applications, allowing unauthorized execution. To protect against such an attack, a set of indicators are presented that enable an application designer to identify these insecure application code regions. Finally, a partitioning methodology is discussed that uses these indicators to partition an application in a manner that protects the privacy of intellectual property and prohibits unauthorized execution. Thesis Supervisor: Srinivas Devadas Title: Professor of Electrical Engineering and Computer Science