Lockdown: Towards a Safe and Practical Architecture for Security Applications on Commodity Platforms
The authors investigate a new point in the design space of red/green systems, which provide the user with a highly-protected, yet also highly-constrained trusted ("Green") environment for performing security-sensitive transactions, as well as a high-performance, general-purpose environment for all other (non-security-sensitive or "Red") applications. Through the design and implementation of the Lockdown architecture, they evaluate whether partitioning, rather than virtualizing, resources and devices can lead to better security or performance for red/green systems. They also design a simple external interface to allow the user to securely learn which environment is active and easily switch between them. They find that partitioning offers a new tradeoff between security, performance, and usability.