Jisoo Yang

Contact

• E-mail: jisooy AT eecs DOT umich DOT edu
• Address: 4956 CSE, 2260 Hayward St., Ann Arbor, MI 48109

Areas of interest

Contents

Current projects

I'm currently leading several projects involving virtual machine and system security. Given below is a short description on these projects.

Software-Privacy Preserving Platform (SP3)

In this project, we design and implement a new system of protection that can directly provide information secrecy to user-level applications. The result of having this protection system is the complete removal of the operating system from the trusted computing base (TCB). Specifically, the privacy of memory contents of user-level applications can be preserved even when the underlying operating system is totally compromised.

Our guiding design principle is practicality, which naturally leads us to recognize the virtue of simplicity, generality and orthogonality. The result is an abstract protection model, which we call SP3. Using encryption, SP3 provides data secrecy to user-level applications on a per-page basis. This SP3 protection model can be implemented either by hardware or by software. In the software implementation, we take advantage of techniques of hypervisors to enable efficient realization.

Click Here for details on this project.

• Jisoo Yang and Kang G. Shin. Using Hypervisor to Provide Data Secrecy for User Applications on a Per-Page Basis. Proceedings of the ACM Virtual Execution Environment (VEE'08). Mar, 2008. paper: PDF, talk slides: PPT (Warning!, file size 5.5MB)

Minuscule Security Kernel (Minsk)

Positioned between conventional operating system and hardware, Minsk provides a safe and easy-to-secure trust base for many security solutions. Minsk's primary function is to implement the SP3 protection system so that we can have a stand-alone version of SP3 protection without having to deal with the extra features and specifics of hypervisors.

Click Here for details on this project.

Early position paper:

• Jisoo Yang and Kang G. Shin. On Software Protection in Embedded Systems. ARO Workshop on Embedded Systems and Network Security. Feb, 2007. PDF

JTL Template Library (JTL)

More than 30 years ago, Brian Kernighan and Dennis Ritchie invented C to develop their Unix operating system. Today, C is still the language of systems software development. There could be many reasons for this long-lasting popularity, but many problems are now emerging as the system softwares are getting complex and evolving rapidly.

In this project, we envision a C++ library designed specifically for systems software development. One of the goals of JTL is to bring codes, that would otherwise end up with C macros, into the realm of C++ formalism of strong type-safety. To achieve this without hurting performance, we extensively use C++ templates.

Click Here for details on this project.

Past projects

Trusted In-guest Informant Typing (Trinity)

Trinity is the name of my summer project at VMware. The goal is to provide a certain level of protection and privilege to the trusted in-guest security agent. Trinity achieves this goal by modifying VMM for security features and adding hypercall interface for the agents. Contact me for more information.

EMERALDS on iPaq with Wireless support

This project involved platform-porting of EMERALDS RTOS, based on x86-PC, into ARM-based iPaq platform. Also conducted was the integration of a lightweight TCP/IP stack along with support for 802.11 wireless devices.

For those who want to know what EMERALDS is:

• K. M. Zuberi, P. Pillai, and K. G. Shin. EMERALDS: A Small-Memory Real-Time Microkernel. Proceedings of 17th ACM Symposium on Operating Systems Principles (SOSP '99). , 1999. PS.

Rotating Registers Gone Random (GRRR, initials rotated)

As a part of a course project, I have developed a way to secure the execution of a program in the instruction level by exploiting register renaming facility in a VLIW architecture.

Equipments

Developing system software often requires physical manipulation of handful of machines. Hence, several machines are dedicated for my projects and I have to administer them by myself. Unfortunately, I often forget the current configuration or lose the memo containing that information. Here I keep track of the machines that I have sole access to: Jisoo's equipments

One of the machines is dedicated as a server, and I learned hard way that I have to maintain a consolidated note on the details of the server configuration for a fast recovery. Here is the note: Jisoo's server setup

Tech tips collection

From time to time, I have to deal with a minor, incidental, but time-consuming technical problem. Like many people in this field, I used to enjoy it. But it keeps frustrating me whenever I have to deal with the same problem later again, but not soon enough that I still remember the details of the solution. To avoid future frustrations, I keep a notebook. Here is the online version: Jisoo's collection of technicalities

-- Main.jisooy - 14 Mar 2008