Efficient software-based fault isolation
SOSP '93 Proceedings of the fourteenth ACM symposium on Operating systems principles
Safe kernel extensions without run-time checking
OSDI '96 Proceedings of the second USENIX symposium on Operating systems design and implementation
From system F to typed assembly language
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Proceedings of the seventeenth ACM symposium on Operating systems principles
WMCSA '02 Proceedings of the Fourth IEEE Workshop on Mobile Computing Systems and Applications
Improving the reliability of commodity operating systems
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Solaris Zones: Operating System Support for Consolidating Commercial Workloads
LISA '04 Proceedings of the 18th USENIX conference on System administration
Memory resource management in VMware ESX server
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
Optimizing the migration of virtual computers
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
CCured: type-safe retrofitting of legacy software
ACM Transactions on Programming Languages and Systems (TOPLAS)
Mondrix: memory isolation for linux using mondriaan memory protection
Proceedings of the twentieth ACM symposium on Operating systems principles
A Safety-Oriented Platform for Web Applications
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Protecting browser state from web privacy attacks
Proceedings of the 15th international conference on World Wide Web
The FreeBSD Handbook 3rd Edition, Vol. 1: User Guide
The FreeBSD Handbook 3rd Edition, Vol. 1: User Guide
VXA: a virtual architecture for durable compressed archives
FAST'05 Proceedings of the 4th conference on USENIX Conference on File and Storage Technologies - Volume 4
Live migration of virtual machines
NSDI'05 Proceedings of the 2nd conference on Symposium on Networked Systems Design & Implementation - Volume 2
Enhancing server availability and security through failure-oblivious computing
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Improving host security with system call policies
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Evaluating SFI for a CISC architecture
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
A secure environment for untrusted helper applications confining the Wily Hacker
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
DIGITAL FX!32 running 32-bit ×86 applications on alpha NT
NT'97 Proceedings of the USENIX Windows NT Workshop on The USENIX Windows NT Workshop 1997
AjaxScope: a platform for remotely monitoring the client-side behavior of web 2.0 applications
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
XFI: software guards for system address spaces
OSDI '06 Proceedings of the 7th symposium on Operating systems design and implementation
Vx32: lightweight user-level sandboxing on the x86
ATC'08 USENIX 2008 Annual Technical Conference on Annual Technical Conference
Using dependent types to certify the safety of assembly code
SAS'05 Proceedings of the 12th international conference on Static Analysis
Browser security: lessons from Google Chrome
Communications of the ACM - A Blind Person's Interaction with Technology
MaJaB: improving resource management for web-based applications on mobile devices
Proceedings of the 7th international conference on Mobile systems, applications, and services
Browser Security: Lessons from Google Chrome
Queue - Distributed Computing
Native Client: a sandbox for portable, untrusted x86 native code
Communications of the ACM - Amir Pnueli: Ahead of His Time
Preventing drive-by download via inter-module communication monitoring
ASIACCS '10 Proceedings of the 5th ACM Symposium on Information, Computer and Communications Security
Refactoring human roles solves systems problems
HotCloud'09 Proceedings of the 2009 conference on Hot topics in cloud computing
Convergence of desktop and web applications on a multi-service OS
HotSec'09 Proceedings of the 4th USENIX conference on Hot topics in security
Bringing P2P to the web: security and privacy in the firecoral network
IPTPS'09 Proceedings of the 8th international conference on Peer-to-peer systems
The multi-principal OS construction of the gazelle web browser
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Separating web applications from user data storage with BSTORE
WebApps'10 Proceedings of the 2010 USENIX conference on Web application development
Robusta: taming the native beast of the JVM
Proceedings of the 17th ACM conference on Computer and communications security
Proceedings of the 4th Symposium on Computer Human Interaction for the Management of Information Technology
Securing script-based extensibility in web browsers
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Rethinking the library OS from the top down
Proceedings of the sixteenth international conference on Architectural support for programming languages and operating systems
Maverick: providing web applications with safe and flexible access to local devices
WebApps'11 Proceedings of the 2nd USENIX conference on Web application development
Atlantis: robust, extensible execution environments for web applications
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Combining control-flow integrity and static analysis for efficient and validated data sandboxing
Proceedings of the 18th ACM conference on Computer and communications security
The web interface should be radically refactored
Proceedings of the 10th ACM Workshop on Hot Topics in Networks
Trust extension as a mechanism for secure code execution on commodity computers
Trust extension as a mechanism for secure code execution on commodity computers
Keeping information safe from social networking apps
Proceedings of the 2012 ACM workshop on Workshop on online social networks
TreeHouse: JavaScript sandboxes to helpWeb developers help themselves
USENIX ATC'12 Proceedings of the 2012 USENIX conference on Annual Technical Conference
Dune: safe user-level access to privileged CPU features
OSDI'12 Proceedings of the 10th USENIX conference on Operating Systems Design and Implementation
Fathom: a browser-based network measurement platform
Proceedings of the 2012 ACM conference on Internet measurement conference
Composing OS extensions safely and efficiently with Bascule
Proceedings of the 8th ACM European Conference on Computer Systems
Embassies: radically refactoring the web
nsdi'13 Proceedings of the 10th USENIX conference on Networked Systems Design and Implementation
Arrakis: a case for the end of the empire
HotOS'13 Proceedings of the 14th USENIX conference on Hot Topics in Operating Systems
Content-based isolation: rethinking isolation policy design on client systems
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
A versatile code execution isolation framework with security first
Proceedings of the 2013 ACM workshop on Cloud computing security workshop
How to run POSIX apps in a minimal picoprocess
USENIX ATC'13 Proceedings of the 2013 USENIX conference on Annual Technical Conference
Bringing java's wild native world under control
ACM Transactions on Information and System Security (TISSEC)
| Hi-index | 0.00 |
Xax is a browser plugin model that enables developers to leverage existing tools, libraries, and entire programs to deliver feature-rich applications on the web. Xax employs a novel combination of mechanisms that collectively provide security, OS-independence, performance, and support for legacy code. These mechanisms include memory-isolated native code execution behind a narrow syscall interface, an abstraction layer that provides a consistent binary interface across operating systems, system services via hooks to existing browser mechanisms, and lightweight modifications to existing tool chains and code bases. We demonstrate a variety of applications and libraries from existing code bases, in several languages, produced with various tool chains, running in multiple browsers on multiple operating systems. With roughly two person-weeks of effort, we ported 3.3 million lines of code to Xax, including a PDF viewer, a Python interpreter, a speech synthesizer, and an OpenGL pipeline.