Sub-operating systems: A new approach to application security

Proceedings of the 10th Workshop on ACM SIGOPS European Workshop, EW 10

Volumn , Issue , 2002, Pages 108-115

  Ioannidis, Sotiris ^a   Bellovin, Steven M ^b   Smith, Jonathan M ^a  

^a UNIVERSITY OF PENNSYLVANIA   (United States)

^b AT AND T LABS RESEARCH   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

ACCESS CONTROL POLICIES; ACTIVE CONTENT; APPLICATION SECURITY; DATA FILES; DATA OBJECTS; FILE OWNER; JAVASCRIPT; MICROSOFT WORD; NEW APPROACHES; OPERATING SYSTEMS; PROTECTION MECHANISMS; SECURITY CONTEXT; SYSTEM APPLICATIONS; USER ID;

COMPUTER OPERATING SYSTEMS; SECURITY SYSTEMS;

ACCESS CONTROL;

EID: 33645977900     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1133373.1133394     Document Type: Conference Paper

References (30)

1. CERT Advisories. http://www.cert.org/advisories/.
2. The OpenBSD Operating System. http://www.openbsd.org/.
3. A. Acharya and M. Raje. Mapbox: Using parameterized behavior classes to confine applications. In Proceedings of the 2000 USENIX Security Symposium, pages 1-17, Denver, CO, August 2000.
4. A. Alexandrov, P. Kmiec, and K. Schauser. Consh: A confined execution environment for internet computations, December 1998.
5. R. Balzer and N. Goldman. Mediating connectors: A non-bypassable process wrapping technology. In Proceeding of the 19th IEEE International Conference on Distributed Computing Systems, June 1999.
6. A. Berman, V. Bourassa, and E. Selberg. TRON: Process-Specific File Protection for the UNIX Operating System. In Proceedings of the USENIX 1995 Technical Conference, New Orleans, Louisiana, January 1995.
7. C. Cowan, S. Beattie, C. Pu, P.Wagle, and V. Gligor. SubDomain: Parsimonious Security for Server Appliances. In Proceedings of the 14th USENIX System Administration Conference (LISA 2000), Mar. 2000.
8. H. Custer. Inside Windows NT. Microsoft Press, 1993.
9. H. Custer. Inside the Windows NT File System. Microsoft Press, 1994.
10. T. Fraser, L. Badger, and M. Feldman. Hardening COTS Software with Generic Software Wrappers. In Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, May 1999.
11. D. P. Ghormley, D. Petrou, S. H. Rodrigues, and T. E. Anderson. SLIC: An Extensibility System for Commodity Operating Systems. In Proceedings of the 1998 USENIX Annual Technical Conference, pages 39-52, June 1998.
12. I. Goldberg, D. Wagner, R. Thomas, and E. A. Brewer. A Secure Environment for Untrusted Helper Applications. In Procedings of the 1996 USENIX Annual Technical Conference, 1996.
13. L. Gong. Inside Java 2 Platform Security. Addison-Wesley, 1999.
14. J. Gosling, B. Joy, and G. Steele. The Java Language Specification. Addison Wesley, Reading, 1996.
15. M. Hicks, P. Kakkar, J. T. Moore, C. A. Gunter, and S. Nettles. PLAN: A Programming Language for Active Networks. Technical Report MS-CIS-98-25, Department of Computer and Information Science, University of Pennsylvania, February 1998.
16. S. Ioannidis and S. M. Bellovin. Building a Secure Browser. In Proceedings of the Annual USENIX Technical Conference, Freenix Track, June 2001.
17. T. Jaeger, A. D. Rubin, and A. Prakash. Building systems that flexibly control downloaded executable content. In Proceedings of the 1996 USENIX Security Symposium, pages 131-148, San Jose, Ca., 1996.
18. R. Kaplan. SUID and SGID Based Attacks on UNIX: a Look at One Form of the Use and Abuse of Privileges. Computer Security Journal, 9(1):73-7, 1993.
19. X. Leroy. Le système Caml Special Light: modules et compilation efficace en Caml. Research report 2721, INRIA, November 1995.
20. J. Y. Levy, L. Demailly, J. K. Ousterhout, and B. B. Welch. The Safe-Tcl Security Model. In USENIX 1998 Annual Technical Conference, New Orleans, Louisiana, June 1998.
21. D. Mazieres and M. F. Kaashoek. Secure Applications Need Flexible Operating Systems. In The 6th Workshop on Hot Topics in Operating Systems, May 1997.
22. G. McGraw and E.W. Felten. Java Security: hostile applets, holes and antidotes. Wiley, New York, NY, 1997.
23. M. D. McIlroy and J. A. Reeds. Multilevel security in the unix tradition. Software Practice and Experience, 22(8):673-694, 1992.
24. T. Mitchem, R. Lu, and R. O'Brien. Using Kernel Hypervisors to Secure Applications. In Proceedings of the Annual Computer Security Applications Conference, Dec. 1997.
25. G. C. Necula and P. Lee. Safe, Untrusted Agents using Proof-Carrying Code. In Lecture Notes in Computer Science, Special Issue on Mobile Agents, October 1997.
26. R. Spencer, S. Smalley, P. Loscocco, M. Hibler, D. Anderson, and J. Lepreau. The flask security architecture: System support for diverse security policies. In Proceedings of the 2000 USENIX Security Symposium, pages 123-139, Denver, CO, August 2000.
27. J. Tardo and L. Valente. Mobile Agent Security and Telescript. In Proceedings of the 41st IEEE Computer Society Conference (COMPCON), pages 58-63, February 1996.
28. R. Wahbe, S. Lucco, T. E. Anderson, and S. L. Graham. Efficient Software - Based Fault Isolation. In Proceedings of the 14th ACM Symposium on Operating Systems Principles, pages 203-216, December 1993.
29. K. M.Walker, D. F. Stern, L. Badger, K. A. Oosendorp, M. J. Petkac, and D. L. Sherman. Confining root programs with domain and type enforcement. In Proceedings of the 1996 USENIX Security Symposium, pages 21-36, July 1996.
30. D. S. Wallach, D. Balfanz, D. Dean, and E. W. Felten. Extensible Security Architectures for Java. In Proceedings of the 16th ACM Symposium on Operating Systems Principles, October 1997.