Asbestos: Securing Untrusted Software with Interposition
作者: David Mazieres , Eddie Kohler , Frans Kaashoek , Robert Morris , None
DOI: 10.21236/ADA440047
关键词:
摘要: Abstract : The main goal of the Asbestos effort was to build an operating system that allows users control applications using encapsulation, without having understand application security properties. specific tasks undertaken were study interposition - as a mechanism for controlling software, investigate extensions interface mandatory access control, work out detailed message sequences example applications, and develop prototype implementation Asbestos. In end, after examination (a "hug-proof' web server) our mechanism, led realization proper can suffice kinds properties we wished achieve. Thus, relies mostly on Asbestos's labeling security, not interposition.
sci-hub.st 参考文章(50)
Peter Honeyman, Niels Provos, Markus Friedl, Preventing privilege escalation usenix security symposium. pp. 16- 16 ,(2003)
Maxwell Krohn, Building secure high-performance web services with OKWS usenix annual technical conference. pp. 15- 15 ,(2004)
Robert Watson, Wayne Morrison, Chris Vance, Brian Feldman, None, The TrustedBSD MAC Framework: Extensible Kernel Access Control for FreeBSD 5.0. usenix annual technical conference. pp. 285- 296 ,(2003)
Peter A. Loscocco, Stephen D. Smalley, Meeting Critical Security Objectives with Security-Enhanced Linux ,(2001)
Robert N. M. Watson, TrustedBSD: Adding Trusted Operating System Features to FreeBSD usenix annual technical conference. pp. 15- 28 ,(2001)
Niels Provos, Improving host security with system call policies usenix security symposium. pp. 18- 18 ,(2003)
Henry M. Levy, Capability-Based Computer Systems ,(1984)
David Mazières, A Toolkit for User-Level File Systems usenix annual technical conference. pp. 261- 274 ,(2001)
Maxwell N Krohn, Petros Efstathopoulos, Cliff Frey, M Frans Kaashoek, Eddie Kohler, David Mazieres, Robert Tappan Morris, Michelle Osborne, Steve VanDeBogart, David Ziegler, None, Make least privilege a right (not a privilege) hot topics in operating systems. pp. 21- 21 ,(2005)
William S. Frantz, Allen C. Bomberger, Ann C. Hardy, Jonathan S. Shapiro, Charles R. Landau, Norman Hardy, The KeyKOS Nanokernel Architecture Proceedings of the Workshop on Micro-kernels and Other Kernel Architectures. pp. 95- 112 ,(1992)