메뉴 건너뛰기




Volumn , Issue , 2010, Pages 212-223

Retaining sandbox containment despite bugs in privileged memory-safe code

Author keywords

Containment; Layering; Sandbox

Indexed keywords

APPLICATION CODES; CONTAINMENT; FILE I/O; LAYERING; NETWORK COMMUNICATIONS; SAFE CODE; SANDBOX; SECURITY CHECKS; SECURITY PROTECTION; SECURITY THREATS; STANDARD LIBRARIES; TRUSTED COMPUTING BASE; UNTRUSTED CODE;

EID: 78649981256     PISSN: 15437221     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1866307.1866332     Document Type: Conference Paper
Times cited : (32)

References (59)
  • 1
  • 4
    • 0032654073 scopus 로고    scopus 로고
    • Drawing the red line in Java
    • G. Back and W. Hsieh. Drawing the red line in Java. In HotOS'99, pages 116-121, 1999.
    • (1999) HotOS'99 , pp. 116-121
    • Back, G.1    Hsieh, W.2
  • 5
    • 84994348621 scopus 로고    scopus 로고
    • Processes in KafieOS: Isolation, resource management, and sharing in Java
    • Berkeley, CA, USA. USENIX Association
    • G. Back, W. C. Hsieh, and J. Lepreau. Processes in KafieOS: isolation, resource management, and sharing in Java. In OSDI'00, pages 23-23, Berkeley, CA, USA, 2000. USENIX Association.
    • (2000) OSDI'00 , pp. 23-23
    • Back, G.1    Hsieh, W.C.2    Lepreau, J.3
  • 10
    • 85091966368 scopus 로고    scopus 로고
    • Wedge: Splitting applications into reduced-privilege compartments
    • Berkeley, CA, USA. USENIX Association
    • A. Bittau, P. Marchenko, M. Handley, and B. Karp. Wedge: splitting applications into reduced-privilege compartments. In NSDI'08, pages 309-322, Berkeley, CA, USA, 2008. USENIX Association.
    • (2008) NSDI'08 , pp. 309-322
    • Bittau, A.1    Marchenko, P.2    Handley, M.3    Karp, B.4
  • 11
    • 78650015658 scopus 로고    scopus 로고
    • Accessed April 2, 2010
    • BOINC. http://boinc.berkeley.edu/. Accessed April 2, 2010.
  • 14
    • 70450267827 scopus 로고    scopus 로고
    • Enforcing security for desktop clients using authority aspects
    • New York, NY, USA, ACM
    • B. Cannon and E. Wohlstadter. Enforcing security for desktop clients using authority aspects. In AOSD'09, pages 255-266, New York, NY, USA, 2009. ACM.
    • (2009) AOSD'09 , pp. 255-266
    • Cannon, B.1    Wohlstadter, E.2
  • 15
    • 84877700103 scopus 로고    scopus 로고
    • SIF: Enforcing confidentiality and integrity in web applications
    • S. Chong, K. Vikram, A. Myers, et al. SIF: Enforcing confidentiality and integrity in web applications. In Proc. 16th USENIX Security, 2007.
    • (2007) Proc. 16th USENIX Security
    • Chong, S.1    Vikram, K.2    Myers, A.3
  • 16
    • 0034447026 scopus 로고    scopus 로고
    • Application isolation in the Java Virtual Machine
    • New York, NY, USA, ACM
    • G. Czajkowski. Application isolation in the Java Virtual Machine. In OOPSLA'00, pages 354-366, New York, NY, USA, 2000. ACM.
    • (2000) OOPSLA'00 , pp. 354-366
    • Czajkowski, G.1
  • 17
    • 0035551797 scopus 로고    scopus 로고
    • Multitasking without comprimise: A virtual machine evolution
    • New York, NY, USA, ACM
    • G. Czajkowski and L. Daynfies. Multitasking without comprimise: a virtual machine evolution. In OOPSLA'01, pages 125-138, New York, NY, USA, 2001. ACM.
    • (2001) OOPSLA'01 , pp. 125-138
    • Czajkowski, G.1    Daynfies, L.2
  • 19
    • 60749089448 scopus 로고
    • The structure of the -"THE"-multiprogramming system
    • E. W. Dijkstra. The structure of the -"THE"-multiprogramming system. Commun. ACM, 11(5):341-346, 1968.
    • (1968) Commun. ACM , vol.11 , Issue.5 , pp. 341-346
    • Dijkstra, E.W.1
  • 22
    • 77950789084 scopus 로고    scopus 로고
    • Accessed April 2, 2010
    • FBJS - Facebook developers wiki. http://wiki.developers.facebook.com/ index.php/FBJS. Accessed April 2, 2010.
    • FBJS - Facebook Developers Wiki
  • 23
    • 78649998896 scopus 로고    scopus 로고
    • Pwn2own 2010: interview with charlie miller. Accessed July 26, 2010
    • Pwn2own 2010: interview with charlie miller. http://www.oneitsecurity.it/ 01/03/2010/interview-with-charlie-miller-pwn2own/. Accessed July 26, 2010.
  • 25
    • 78650020771 scopus 로고    scopus 로고
    • Accessed April 15, 2010
    • FutureRepyAPI - Seattle. https://seattle.cs.washington.edu/wiki/ FutureRepyAPI. Accessed April 15, 2010.
  • 27
    • 21644455412 scopus 로고    scopus 로고
    • Terra: A virtual machine-based platform for trusted computing
    • New York, NY, USA, ACM
    • T. Garfinkel, B. Pfafi, J. Chow, M. Rosenblum, and D. Boneh. Terra: a virtual machine-based platform for trusted computing. In SOSP'03, pages 193-206, New York, NY, USA, 2003. ACM.
    • (2003) SOSP'03 , pp. 193-206
    • Garfinkel, T.1    Pfafi, B.2    Chow, J.3    Rosenblum, M.4    Boneh, D.5
  • 28
    • 85084162735 scopus 로고    scopus 로고
    • A secure environment for untrusted helper applications confining the Wily Hacker
    • Focusing on Applications of Cryptography, Berkeley, CA, USA. USENIX Association
    • I. Goldberg, D. Wagner, R. Thomas, and E. A. Brewer. A secure environment for untrusted helper applications confining the Wily Hacker. In SSYM'96: Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography, Berkeley, CA, USA, 1996. USENIX Association.
    • (1996) SSYM'96: Proceedings of the 6th Conference on USENIX Security Symposium
    • Goldberg, I.1    Wagner, D.2    Thomas, R.3    Brewer, E.A.4
  • 30
    • 84882993990 scopus 로고    scopus 로고
    • Accessed April 8, 2010
    • Learn about Java technology. http://www.java.com/en/about/, Accessed April 8, 2010.
    • Learn about Java Technology
  • 32
    • 78649995243 scopus 로고    scopus 로고
    • Accessed April 8, 2010
    • S. Koivu. Calendar bug. http://slightlyrandombrokenthoughts.blogspot.com/ 2008/12/calendar-bug.html. Accessed April 8,2010.
    • Koivu, S.1
  • 33
    • 17544394392 scopus 로고    scopus 로고
    • Computer security in the real world
    • B. Lampson. Computer security in the real world. Computer, 37:37-46.
    • Computer , vol.37 , pp. 37-46
    • Lampson, B.1
  • 35
    • 74049147430 scopus 로고    scopus 로고
    • Finding bugs in exceptional situations of JNI programs
    • New York, NY, USA, ACM
    • S. Li and G. Tan. Finding bugs in exceptional situations of JNI programs. In CCS'09, pages 442-452, New York, NY, USA, 2009. ACM.
    • (2009) CCS'09 , pp. 442-452
    • Li, S.1    Tan, G.2
  • 36
    • 2442425355 scopus 로고    scopus 로고
    • Integrating exible support for security policies into the Linux operating system
    • P. Loscocco and S. Smalley. Integrating exible support for security policies into the Linux operating system. In USENIX ATC'01, pages 29-40, 2001.
    • (2001) USENIX ATC'01 , pp. 29-40
    • Loscocco, P.1    Smalley, S.2
  • 41
    • 0003547217 scopus 로고    scopus 로고
    • O'Reilly and Associates, Inc., Sebastopol, CA, USA
    • S. Oaks. Java Security. O'Reilly and Associates, Inc., Sebastopol, CA, USA, 2001.
    • (2001) Java Security
    • Oaks, S.1
  • 42
    • 33746687945 scopus 로고    scopus 로고
    • Comparing Java and .NET security: Lessons learned and missed
    • July
    • N. Paul and D. Evans. Comparing Java and .NET security: Lessons learned and missed. Computers and Security, pages 338-350. Volume 25, Issue 5, July 2006.
    • (2006) Computers and Security , vol.25 , Issue.5 , pp. 338-350
    • Paul, N.1    Evans, D.2
  • 43
    • 78650000966 scopus 로고    scopus 로고
    • Accessed April 2, 2010
    • PlanetLab. http://www.planet-lab.org. Accessed April 2, 2010.
  • 44
    • 84878346861 scopus 로고    scopus 로고
    • Improving host security with system call policies
    • Washington, DC
    • N. Provos. Improving host security with system call policies. In Proceedings of the 12th USENIX Security Symposium, volume 1, page 10. Washington, DC, 2003.
    • (2003) Proceedings of the 12th USENIX Security Symposium , vol.1 , pp. 10
    • Provos, N.1
  • 45
    • 78649992656 scopus 로고    scopus 로고
    • Accessed April 2, 2010
    • PTrace. http://en.wikipedia.org/wiki/Ptrace. Accessed April 2, 2010.
  • 51
    • 34748842601 scopus 로고    scopus 로고
    • Reducing TCB complexity for security-sensitive applications: Three case studies
    • New York, NY, USA, ACM
    • L. Singaravelu, C. Pu, H. Härtig, and C. Helmuth. Reducing TCB complexity for security-sensitive applications: three case studies. In EuroSys'06, pages 161-174, New York, NY, USA, 2006. ACM.
    • (2006) EuroSys'06 , pp. 161-174
    • Singaravelu, L.1    Pu, C.2    Härtig, H.3    Helmuth, C.4
  • 52
    • 0041350423 scopus 로고    scopus 로고
    • Design and implementation of a distributed virtual machine for networked computers
    • New York, NY, USA, ACM
    • E. G. Sirer, R. Grimm, A. J. Gregory, and B. N. Bershad. Design and implementation of a distributed virtual machine for networked computers. In SOSP'99, pages 202-216, New York, NY, USA, 1999. ACM.
    • (1999) SOSP'99 , pp. 202-216
    • Sirer, E.G.1    Grimm, R.2    Gregory, A.J.3    Bershad, B.N.4
  • 54
    • 70350696147 scopus 로고    scopus 로고
    • An empirical security study of the native code in the JDK
    • Berkeley, CA, USA. USENIX Association
    • G. Tan and J. Croft. An empirical security study of the native code in the JDK. In Proceedings of the USENIX Security Symposium, pages 365-377, Berkeley, CA, USA, 2008. USENIX Association.
    • (2008) Proceedings of the USENIX Security Symposium , pp. 365-377
    • Tan, G.1    Croft, J.2
  • 55
    • 0346609657 scopus 로고    scopus 로고
    • Applying aspect-oriented programming to security
    • J. Viega, J. Bloch, and P. Chandra. Applying aspect-oriented programming to security. Cutter IT Journal, 14(2):31-39, 2001.
    • (2001) Cutter IT Journal , vol.14 , Issue.2 , pp. 31-39
    • Viega, J.1    Bloch, J.2    Chandra, P.3
  • 56
    • 0001225966 scopus 로고
    • Eficient software-based fault isolation
    • ACM
    • R. Wahbe, S. Lucco, T. Anderson, and S. Graham. Eficient software-based fault isolation. In SOSP'94, page 216. ACM, 1994.
    • (1994) SOSP'94 , pp. 216
    • Wahbe, R.1    Lucco, S.2    Anderson, T.3    Graham, S.4
  • 57
    • 85084162296 scopus 로고    scopus 로고
    • Exploiting concurrencyvulnerabilities in system call wrappers
    • Berkeley, CA, USA. USENIX Association
    • R. N. M. Watson. Exploiting concurrencyvulnerabilities in system call wrappers. In WOOT'07, pages 1-8, Berkeley, CA, USA, 2007. USENIX Association.
    • (2007) WOOT'07 , pp. 1-8
    • Watson, R.N.M.1


* 이 정보는 Elsevier사의 SCOPUS DB에서 KISTI가 분석하여 추출한 것입니다.