Trust and protection in the Illinois browser operating system

Proceedings of the 9th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2010

Volumn , Issue , 2019, Pages 17-31

  Tang, Shuo ^a   Mai, Haohui ^a   King, Samuel T ^a  

^a UNIVERSITY OF ILLINOIS AT URBANA CHAMPAIGN   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

ABSTRACTING; NETWORK SECURITY; SYSTEMS ANALYSIS; TRUSTED COMPUTING;

BROWSER SECURITY; HARDWARE ABSTRACTIONS; ILLINOIS; MODERN COMPUTER SYSTEMS; TRUSTED COMPUTING BASE; TRUSTED COMPUTING BASIS;

WEB BROWSERS;

EID: 85076894667     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (58)

1. CVE - Common Vulnerabilities and Exposures (CVE). http://cve.mitre.org.
2. Gecko plugin API reference. https://developer.mozilla.org/en/Gecko_Plugin_API_Reference.
3. Qt - A Cross-platform application and UI. http://qt.nokia.com/.
4. Symantec internet security threat report april 2010. http://www.symantec.com/business/theme.jsp?themeid=threatreport.
5. The WebKit Open Source Project. http://webkit.org/.
6. uClibc. http://www.uclibc.org/.
7. Qt labs blogs: So long and thanks for the blit, 2008. http://labs.trolltech.com/blogs/2008/10/22/so- long- and- thanks- for- the- blit/.
8. L4Ka::Pistachio microkernel, 2010. http://l4ka.org/projects/pistachio.
9. ANDERSON, J. P. Computer security technology planning study. Tech. rep., HQ Electronic Systems Division (AFSC), October 1972. ESD-TR-73-51.
10. BARTH, A., CABALLERO, J., AND SONG, D. Secure content sniffing for web browsers or how to stop papers from reviewing themselves. In Proceedings of the IEEE Symposium on Security and Privacy (May 2009).
11. BARTH, A., JACKSON, C., REIS, C., AND THE GOOGLE CHROME TEAM. The security architecture of the chromium browser, 2008. http://crypto.stanford.edu/websec/chromium/ chromium-security-architecture.pdf..
12. BOMBERGER, A. C., FRANTZ, W. S., HARDY, A. C., HARDY, N., LANDAU, C. R., AND SHAPIRO, J. S. The KeyKOS nanokernel architecture. In Proceedings of the Workshop on Microkernels and Other Kernel Architectures (Berkeley, CA, USA, 1992), USENIX Association, pp. 95-112.
13. CHEN, S., MESEGUER, J., SASSE, R., WANG, H. J., AND WANG, Y.-M. A systematic approach to uncover security flaws in GUI logic. In Proceedings of the 2007 IEEE Symposium on Security and Privacy (May 2007), pp. 71-85.
14. CHEN, S., ROSS, D., AND WANG, Y.-M. An analysis of browser domain-isolation bugs and a light-weight transparent defense mechanism. In Proceedings of the 14th ACM Conference on Computer and Communications Security (CCS) (2007), pp. 2-11.
15. COX, R. S., HANSEN, J. G., GRIBBLE, S. D., AND LEVY, H. M. A safety-oriented platform for web applications. In Proceedings of the 2006 IEEE Symposium on Security and Privacy (May 2006), pp. 350-364.
16. CRISWELL, J., GEOFFRAY, N., AND ADVE, V. Memory safety for low-level software/hardware interactions. In Proceedings of the Eighteenth Usenix Security Symposium (August 2009).
17. DUNKELS, A., WOESTENBERG, L., MANSLEY, K., AND MONOSES, J. lwIP embedded TCP/IP stack. http://savannah.nongnu.org/projects/lwip/, 2004.
18. EFSTATHOPOULOS, P., KROHN, M., VANDEBOGART, S., FREY, C., ZIEGLER, D., KOHLER, E., MAZIÈRES, D., KAASHOEK, F., AND MORRIS, R. Labels and event processes in the asbestos operating system. In SOSP'05: Proceedings of the Twentieth ACM Symposium on Operating Systems Principles (New York, NY, USA, 2005), ACM, pp. 17-30.
19. ENGLER, D. R., KAASHOEK, M. F., AND JR., J. O. Exokernel: an operating system architecture for application-level resource management. In Proceedings of the 1995 Symposium on Operating Systems Principles (December 1995), pp. 251-266.
20. ERLINGSSON, U., ABADI, M., VRABLE, M., BUDIU, M., AND NECULA, G. C. Xfi: software guards for system address spaces. In OSDI'06: Proceedings of the 7th symposium on Operating systems design and implementation (Berkeley, CA, USA, 2006), USENIX Association, pp. 75-88.
21. FESKE, N., AND HÄRTIG, H. DOpE - a window server for real-time and embedded systems. In RTSS'03: Proceedings of the 24th IEEE International Real-Time Systems Symposium (Washington, DC, USA, 2003), IEEE Computer Society, p. 74.
22. FESKE, N., AND HELMUTH, C. A Nitpicker's guide to a minimal-complexity secure GUI. In ACSAC'05: Proceedings of the 21st Annual Computer Security Applications Conference (Washington, DC, USA, 2005), IEEE Computer Society, pp. 85-94.
23. GARFINKEL, T. Traps and Pitfalls: Practical Problems in System Call Interposition Based Security Tools. In Proceedings of the 2003 Network and Distributed System Security Symposium (NDSS) (February 2003).
24. GOLUB, D., DEAN, R., FORIN, A., AND RASHID, R. Unix as an Application Program. In Proceedings of the 1990 USENIX Summer Conference (1990).
25. GOOGLE INC. Chromium OS, 2010. http://www.chromium.org/chromium- os.
26. GRIER, C., TANG, S., AND KING, S. T. Secure web browsing with the OP web browser. In Proceedings of the 2008 IEEE Symposium on Security and Privacy (May 2008), pp. 402-416.
27. HÄRTIG, H., HOHMUTH, M., LIEDTKE, J., WOLTER, J., AND SCHÖNBERG, S. The performance of µ-kernel-based systems. In SOSP'97: Proceedings of the sixteenth ACM Symposium on Operating Systems Principles (New York, NY, USA, 1997), ACM, pp. 66-77.
28. HERDER, J. N., BOS, H., GRAS, B., HOMBURG, P., AND TANENBAUM, A. S. MINIX 3: a highly reliable, self-repairing operating system. SIGOPS Oper. Syst. Rev. 40, 3 (2006), 80-89.
29. IOANNIDIS, S., AND BELLOVIN, S. M. Building a secure web browser. In Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference (June 2001).
30. IOANNIDIS, S., BELLOVIN, S. M., AND SMITH, J. Sub-operating systems: A new approach to application security. In SIGOPS European Workshop (September 2002).
31. KAASHOEK, M. F., ENGLER, D. R., GANGER, G. R., BRICEÑO, H. M., HUNT, R., MAZIÈRES, D., PINCKNEY, T., GRIMM, R., JANNOTTI, J., AND MACKENZIE, K. Application performance and flexibility on exokernel systems. In SOSP'97: Proceedings of the sixteenth ACM symposium on Operating systems principles (New York, NY, USA, 1997), ACM, pp. 52-65.
32. KLEIN, G., ELPHINSTONE, K., HEISER, G., ANDRONICK, J., COCK, D., DERRIN, P., ELKADUWE, D., ENGELHARDT, K., KOLANSKI, R., NORRISH, M., SEWELL, T., TUCH, H., AND WINWOOD, S. seL4: formal verification of an os kernel. In SOSP'09: Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles (New York, NY, USA, 2009), ACM, pp. 207-220.
33. KROHN, M., YIP, A., BRODSKY, M., CLIFFER, N., KAASHOEK, M. F., KOHLER, E., AND MORRIS, R. Information flow control for standard OS abstractions. In SOSP'07: Proceedings of twenty-first ACM Symposium on Operating Systems Principles (New York, NY, USA, 2007), ACM, pp. 321-334.
34. LAWRENCE, E. Combating clickjacking with x-frame-options, March 2010. http://blogs.msdn.com/b/ieinternals/archive/2010/03/30/ combating- clickjacking- with- x- frame- options. aspx.
35. LESLIE, B., AND HEISER, G. Towards untrusted device drivers. Tech. rep., UNSW-CSE-TR-0303, 2003.
36. LEVASSEUR, J., UHLIG, V., STOESS, J., AND GOTZ, S. Unmodified Device Driver Reuse and Improved System Dependability via Virtual Machines. In Proceedings of the 2004 Symposium on Operating Systems Design and Implementation (OSDI) (December 2004).
37. MOSHCHUK, A., BRAGIN, T., GRIBBLE, S. D., AND LEVY, H. M. A crawler-based study of spyware on the web. In Proceedings of the 2006 Network and Distributed System Security Symposium (NDSS) (February 2006).
38. MOSHCHUK, A., AND WANG, H. J. Resource Management for Web Applications in ServiceOS. Tech. rep., Microsoft Research, May 2010.
39. OKHRAVI, H., AND NICOL, D. M. Trustgraph: Trusted graphics subsystem for high assurance systems. In ACSAC'09: Proceedings of the 2009 Annual Computer Security Applications Conference (Washington, DC, USA, 2009), IEEE Computer Society, pp. 254-265.
40. PALM INC. webOS, 2010. http://opensource.palm. com.
41. PROVOS, N., MAVROMMATIS, P., RAJAB, M. A., AND MON-ROSE, F. All your iFRAMEs point to us. In Proceedings of the 17th Usenix Security Symposium (July 2008), pp. 1-15.
42. PROVOS, N., MCNAMEE, D., MAVROMMATIS, P., WANG, K., AND MODADUGU, N. The ghost in the browser: Analysis of Web-based malware. In Proceedings of the 2007 Workshop on Hot Topics in Understanding Botnets (HotBots) (April 2007).
43. REIS, C., AND GRIBBLE, S. D. Isolating web programs in modern browser architectures. In Proceedings of the 2009 EuroSys conference (2009).
44. REIS, C., GRIBBLE, S. D., AND LEVY, H. M. Architectural principles for safe web programs. In Proceedings of the Sixth Workshop on Hot Topics in Networks (HotNets) (November 2007).
45. SHAPIRO, J. S., SMITH, J. M., AND FARBER, D. J. EROS: a fast capability system. In SOSP'99: Proceedings of the seventeenth ACM symposium on Operating systems principles (New York, NY, USA, 1999), ACM, pp. 170-185.
46. SHAPIRO, J. S., VANDERBURGH, J., NORTHUP, E., AND CHIZMADIA, D. Design of the EROS trusted window system. In Proceedings of the 13th conference on USENIX Security Symposium (Berkeley, CA, USA, 2004), USENIX Association, pp. 12-12.
47. SINGH, K., MOSHCHUK, A., WANG, H. J., AND LEE, W. On the incoherencies in web browser access control policies. In Proceedings of the IEEE Symposium on Security and Privacy (May 2010).
48. SWIFT, M. M., ANNAMALAI, M., BERSHAD, B. N., AND LEVY, H. M. Recovering Device Drivers. In Proceedings of the 2004 Symposium on Operating Systems Design and Implementation (OSDI) (December 2004).
49. SWIFT, M. M., BERSHAD, B. N., AND LEVY, H. M. Improving the reliability of commodity operating systems. In SOSP'03: Proceedings of the nineteenth ACM symposium on Operating systems principles (New York, NY, USA, 2003), ACM, pp. 207-222.
50. SYMANTEC INC. Symantec global Internet security threat report: Trends for 2008, April 2009. http://www.symantec.com/business/theme.jsp?themeid=threatreport.
51. TAN, L., ZHANG, X., MA, X., XIONG, W., AND ZHOU, Y. AutoISES: Automatically inferring security specifications and detecting violations. In Proceedings of the 17th USENIX Security Symposium (USENIX Security'08) (July-August 2008).
52. WANG, H. J., GRIER, C., MOSHCHUK, A., KING, S. T., CHOUDHURY, P., AND VENTER, H. The multi-principal OS construction of the Gazelle web browser. In Proceedings of the 2009 USENIX Security Symposium (August 2009).
53. WANG, Y.-M., BECK, D., JIANG, X., ROUSSEV, R., VERBOWSKI, C., CHEN, S., AND KING, S. Automated Web Patrol with Strider HoneyMonkeys: Finding Web sites that exploit browser vulnerabilities. In Proceedings of the 2006 Network and Distributed System Security Symposium (NDSS) (February 2006).
54. WHEELER, D. SLOCcount, 2009. http://www.dwheeler.com/sloccount/.
55. WILLIAMS, D., REYNOLDS, P., WALSH, K., SIRER, E. G., AND SCHNEIDER, F. B. Device driver safety through a reference validation mechanism. In OSDI 08: Proceedings of the 8th symposium on operating systems design and implementation (2008).
56. WOODWARD, J. P. Security requirementes for systems high and compartemented mode workstations. Tech. rep., MITRE Corp., 1987. MTR 9992.
57. ZELDOVICH, N., BOYD-WICKIZER, S., KOHLER, E., AND MAZIÈRES, D. Making information flow explicit in HiStar. In OSDI'06: Proceedings of the 7th symposium on Operating systems design and implementation (Berkeley, CA, USA, 2006), USENIX Association, pp. 263-278.
58. ZHOU, F., CONDIT, J., ANDERSON, Z., BAGRAK, I., ENNALS, R., HARREN, M., NECULA, G., AND BREWER, E. Safedrive: safe and recoverable extensions using language-based techniques. In OSDI'06: Proceedings of the 7th symposium on Operating systems design and implementation (Berkeley, CA, USA, 2006), USENIX Association, pp. 45-60.