Information Flow Tracking for Heterogeneous Compartmentalized Software / Oct 2023
Paper on DIFC Deluminator interface at RAID 2023. Zahra led this work on information flow tracking for heterogeneous compartmentalized software environments. The key contribution is recognizing that modern systems increasingly use diverse compartmentalization mechanisms - processes, SGX enclaves, TrustZone Trusted Apps, and intra-address space compartments - but existing abstractions assume single-compartment models. Deluminator provides OS abstractions and a userspace framework to enable extensible, fine-grained information flow tracking across these heterogeneous compartments. We implemented it on Linux for both ARM and x86-64, with evaluation showing reasonable overhead (7-29% on average) that makes it practical for real-world use.