Compilers: principles, techniques, and tools
Compilers: principles, techniques, and tools
Scale and performance in a distributed file system
ACM Transactions on Computer Systems (TOCS)
The packer filter: an efficient mechanism for user-level network code
SOSP '87 Proceedings of the eleventh ACM Symposium on Operating systems principles
Inclusion of new types in relational data base systems
Readings in database systems
Performance of the world's fastest distributed operating system
ACM SIGOPS Operating Systems Review
Program optimization for instruction caches
ASPLOS III Proceedings of the third international conference on Architectural support for programming languages and operating systems
Using registers to optimize cross-domain call performance
ASPLOS III Proceedings of the third international conference on Architectural support for programming languages and operating systems
Lightweight remote procedure call
ACM Transactions on Computer Systems (TOCS)
Performance of the Firefly RPC
ACM Transactions on Computer Systems (TOCS)
Profile guided code positioning
PLDI '90 Proceedings of the ACM SIGPLAN 1990 conference on Programming language design and implementation
The interaction of architecture and operating system design
ASPLOS IV Proceedings of the fourth international conference on Architectural support for programming languages and operating systems
User-level interprocess communication for shared memory multiprocessors
ACM Transactions on Computer Systems (TOCS)
Active messages: a mechanism for integrated communication and computation
ISCA '92 Proceedings of the 19th annual international symposium on Computer architecture
Optimally profiling and tracing programs
POPL '92 Proceedings of the 19th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Application-controlled physical memory using external page-cache management
ASPLOS V Proceedings of the fifth international conference on Architectural support for programming languages and operating systems
Communications of the ACM
The SEQUOIA 2000 storage benchmark
SIGMOD '93 Proceedings of the 1993 ACM SIGMOD international conference on Management of data
Matchmaker: an interface specification language for distributed processing
POPL '85 Proceedings of the 12th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Implementing remote procedure calls
ACM Transactions on Computer Systems (TOCS)
Pilot: an operating system for a personal computer
Communications of the ACM
A comparison of list schedules for parallel processing systems
Communications of the ACM
Windows Programmer's Guide to OLE\DDE with Disk
Windows Programmer's Guide to OLE\'DDE with Disk
SPLASH: Stanford parallel applications for shared-memory
SPLASH: Stanford parallel applications for shared-memory
Code Reorginazation for Instruction Caches
Code Reorginazation for Instruction Caches
A Performance Evaluation of the Dash Message-Passing System
A Performance Evaluation of the Dash Message-Passing System
Reducing cross domain call overhead using batched futures
OOPSLA '94 Proceedings of the ninth annual conference on Object-oriented programming systems, language, and applications
Avoiding conflict misses dynamically in large direct-mapped caches
ASPLOS VI Proceedings of the sixth international conference on Architectural support for programming languages and operating systems
Hardware support for fast capability-based addressing
ASPLOS VI Proceedings of the sixth international conference on Architectural support for programming languages and operating systems
The operating system kernel as a secure programmable machine
ACM SIGOPS Operating Systems Review
Objects to the rescue! or httpd: the next generation operating system
ACM SIGOPS Operating Systems Review
EEL: machine-independent executable editing
PLDI '95 Proceedings of the ACM SIGPLAN 1995 conference on Programming language design and implementation
Active memory: a new abstraction for memory-system simulation
Proceedings of the 1995 ACM SIGMETRICS joint international conference on Measurement and modeling of computer systems
SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
Rover: a toolkit for mobile information access
SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
Exokernel: an operating system architecture for application-level resource management
SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
Extensibility safety and performance in the SPIN operating system
SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
Efficient and language-independent mobile programs
PLDI '96 Proceedings of the ACM SIGPLAN 1996 conference on Programming language design and implementation
Relocating machine instructions by currying
PLDI '96 Proceedings of the ACM SIGPLAN 1996 conference on Programming language design and implementation
Flexibility and performance of parallel file systems
ACM SIGOPS Operating Systems Review
Embra: fast and flexible machine simulation
Proceedings of the 1996 ACM SIGMETRICS international conference on Measurement and modeling of computer systems
Safe and efficient sharing of persistent objects in Thor
SIGMOD '96 Proceedings of the 1996 ACM SIGMOD international conference on Management of data
Proceedings of the seventh international conference on Architectural support for programming languages and operating systems
The Rio file cache: surviving operating system crashes
Proceedings of the seventh international conference on Architectural support for programming languages and operating systems
POPL '96 Proceedings of the 23rd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Active memory: a new abstraction for memory system simulation
ACM Transactions on Modeling and Computer Simulation (TOMACS)
ASHs: Application-specific handlers for high-performance messaging
Conference proceedings on Applications, technologies, architectures, and protocols for computer communications
Automatic checking of instruction specifications
ICSE '97 Proceedings of the 19th international conference on Software engineering
Specifying representations of machine instructions
ACM Transactions on Programming Languages and Systems (TOPLAS)
ASHs: application-specific handlers for high-performance messaging
IEEE/ACM Transactions on Networking (TON)
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Application performance and flexibility on exokernel systems
Proceedings of the sixteenth ACM symposium on Operating systems principles
Free transactions with Rio Vista
Proceedings of the sixteenth ACM symposium on Operating systems principles
Extensible security architectures for Java
Proceedings of the sixteenth ACM symposium on Operating systems principles
From system F to typed assembly language
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Secure and portable database extensibility
SIGMOD '98 Proceedings of the 1998 ACM SIGMOD international conference on Management of data
Active disks: programming model, algorithms and evaluation
Proceedings of the eighth international conference on Architectural support for programming languages and operating systems
Overlapping execution with transfer using non-strict execution for mobile programs
Proceedings of the eighth international conference on Architectural support for programming languages and operating systems
Type-safe linking and modular assembly language
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Typed memory management in a calculus of capabilities
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Automatic I/O hint generation through speculative execution
OSDI '99 Proceedings of the third symposium on Operating systems design and implementation
Defending against denial of service attacks in Scout
OSDI '99 Proceedings of the third symposium on Operating systems design and implementation
Fine-grained dynamic instrumentation of commodity operating system kernels
OSDI '99 Proceedings of the third symposium on Operating systems design and implementation
Interface Compilation: Steps Toward Compiling Program Interfaces as Languages
IEEE Transactions on Software Engineering
Active network vision and reality: lessions from a capsule-based system
Proceedings of the seventeenth ACM symposium on Operating systems principles
Proceedings of the seventeenth ACM symposium on Operating systems principles
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A semantic model of types and machine instructions for proof-carrying code
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A type system for expressive security policies
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
SASI enforcement of security policies: a retrospective
Proceedings of the 1999 workshop on New security paradigms
Safety checking of machine code
PLDI '00 Proceedings of the ACM SIGPLAN 2000 conference on Programming language design and implementation
Derive: a tool that automatically reverse-engineers instruction encodings
DYNAMO '00 Proceedings of the ACM SIGPLAN workshop on Dynamic and adaptive compilation and optimization
Application isolation in the Java Virtual Machine
OOPSLA '00 Proceedings of the 15th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
ACM Transactions on Information and System Security (TISSEC)
Typed memory management via static capabilities
ACM Transactions on Programming Languages and Systems (TOPLAS)
Separating access control policy, enforcement, and functionality in extensible systems
ACM Transactions on Computer Systems (TOCS)
The Design and Verification of the Rio File Cache
IEEE Transactions on Computers
Uniprocessor Virtual Memory without TLBs
IEEE Transactions on Computers
Secure Internet programming
Providing policy-neutral and transparent access control in extensible systems
Secure Internet programming
J-Kernel: a capability-based operating system for Java
Secure Internet programming
Secure Internet programming
Multitasking without comprimise: a virtual machine evolution
OOPSLA '01 Proceedings of the 16th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Towards safe and efficient customization in distributed systems
EW 6 Proceedings of the 6th workshop on ACM SIGOPS European workshop: Matching operating systems to application needs
The operating system kernel as a secure programmable machine
EW 6 Proceedings of the 6th workshop on ACM SIGOPS European workshop: Matching operating systems to application needs
Objects to the rescue!: or httpd: the next generation operating system
EW 6 Proceedings of the 6th workshop on ACM SIGOPS European workshop: Matching operating systems to application needs
Verification caching: towards efficient and secure mobile code execution environments
Proceedings of the 2002 ACM symposium on Applied computing
Stack and Queue Integrity on Hostile Platforms
IEEE Transactions on Software Engineering
Towards robust OSes for appliances: a new approach based on domain-specific languages
EW 9 Proceedings of the 9th workshop on ACM SIGOPS European workshop: beyond the PC: new challenges for the operating system
Building appliances out of components using Pebble
EW 9 Proceedings of the 9th workshop on ACM SIGOPS European workshop: beyond the PC: new challenges for the operating system
A survey of customizability in operating systems research
ACM Computing Surveys (CSUR)
Proceedings of the 10th international conference on Architectural support for programming languages and operating systems
Securing Systems Against External Programs
IEEE Internet Computing
MiSFIT: Constructing Safe Extensible Systems
IEEE Concurrency
Security Control for COTS Components
Computer
A Case for NOW (Networks of Workstations)
IEEE Micro
Automated techniques for provably safe mobile code
Theoretical Computer Science - Dependable computing
Watermarking, tamper-proffing, and obfuscation: tools for software protection
IEEE Transactions on Software Engineering
Enforcing Safety Properties Using Type Specialization
ESOP '01 Proceedings of the 10th European Symposium on Programming Languages and Systems
Trustless Grid Computing in ConCert
GRID '02 Proceedings of the Third International Workshop on Grid Computing
XtremWeb: Building an Experimental Platform for Global Computing
GRID '00 Proceedings of the First IEEE/ACM International Workshop on Grid Computing
Fine-Grain Access Control for Securing Shared Resources in Computational Grids
IPDPS '02 Proceedings of the 16th International Parallel and Distributed Processing Symposium
Supporting Flexible Safety and Sharing in Multi-threaded Environments
IPDPS '00 Proceedings of the 15 IPDPS 2000 Workshops on Parallel and Distributed Processing
Practical Network Applications on a Lightweight Active Management Environment
IWAN '01 Proceedings of the IFIP-TC6 Third International Working Conference on Active Networks
The OKE Corral: Code Organisation and Reconfiguration at Runtime Using Active Linking
IWAN '02 Proceedings of the IFIP-TC6 4th International Working Conference on Active Networks
MFCS '99 Proceedings of the 24th International Symposium on Mathematical Foundations of Computer Science
Active Storage for Large-Scale Data Mining and Multimedia
VLDB '98 Proceedings of the 24rd International Conference on Very Large Data Bases
Integrating Reliable Memory in Databases
VLDB '97 Proceedings of the 23rd International Conference on Very Large Data Bases
From Specifications to Code in CASL
AMAST '02 Proceedings of the 9th International Conference on Algebraic Methodology and Software Technology
Providing Secure Environments for Untrusted Network Applications
WET-ICE '97 Proceedings of the 6th Workshop on Enabling Technologies on Infrastructure for Collaborative Enterprises
VECPAR '00 Selected Papers and Invited Talks from the 4th International Conference on Vector and Parallel Processing
User-Level Extensibility in the Mona File System
Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
Reverse-Engineering Instruction Encodings
Proceedings of the General Track: 2002 USENIX Annual Technical Conference
Sharing in Typed Module Assembly Language
TIC '00 Selected papers from the Third International Workshop on Types in Compilation
A Language-Based Approach to Security
Informatics - 10 Years Back. 10 Years Ahead.
Software Deployment Using Mobile Agents
CD '02 Proceedings of the IFIP/ACM Working Conference on Component Deployment
Trust Relationships in a Mobile Agent System
MA '01 Proceedings of the 5th International Conference on Mobile Agents
Mobile Agents and Security
Safe, Untrusted Agents Using Proof-Carrying Code
Mobile Agents and Security
Integrating reliable memory in databases
The VLDB Journal — The International Journal on Very Large Data Bases
Streaming extensibility in the modify-on-access file system
Journal of Systems and Software
Using Replication and Partitioning to Build Secure Distributed Systems
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
Adaptive object management for a reconfigurable microkernel
IWOOOS '96 Proceedings of the 5th International Workshop on Object Orientation in Operating Systems (IWOOOS '96)
Fine-grained, dynamic user customization of operating systems
IWOOOS '96 Proceedings of the 5th International Workshop on Object Orientation in Operating Systems (IWOOOS '96)
DISE: a programmable macro engine for customizing applications
Proceedings of the 30th annual international symposium on Computer architecture
Structuring the Kernel as a Toolkit of Extensible, Reusable Components
IWOOOS '95 Proceedings of the 4th International Workshop on Object-Orientation in Operating Systems
Making Meta-Object Protocols Practial for Operating Systems
IWOOOS '95 Proceedings of the 4th International Workshop on Object-Orientation in Operating Systems
OS portal: an economic approach for making an embedded kernel extensible
Journal of Systems and Software
Detection and Recovery Techniques for Database Corruption
IEEE Transactions on Knowledge and Data Engineering
Upgrading transport protocols using untrusted mobile code
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Transforming policies into mechanisms with infokernel
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Improving the reliability of commodity operating systems
SOSP '03 Proceedings of the nineteenth ACM symposium on Operating systems principles
Proceedings of the 2003 ACM workshop on Rapid malcode
Protection in flexible operating system architectures
ACM SIGOPS Operating Systems Review
Grid-computing portals and security issues
Journal of Parallel and Distributed Computing - Scalable web services and architecture
Program specialization for execution monitoring
Journal of Functional Programming
HOIST: a system for automatically deriving static analyzers for embedded systems
ASPLOS XI Proceedings of the 11th international conference on Architectural support for programming languages and operating systems
Devirtualizable virtual machines enabling general, single-node, online maintenance
ASPLOS XI Proceedings of the 11th international conference on Architectural support for programming languages and operating systems
Gray-box extraction of execution graphs for anomaly detection
Proceedings of the 11th ACM conference on Computer and communications security
From Sandbox to Playground: Dynamic Virtual Environments in the Grid
GRID '04 Proceedings of the 5th IEEE/ACM International Workshop on Grid Computing
Software environment for integrating critical real-time control systems
Journal of Systems Architecture: the EUROMICRO Journal
SubDomain: Parsimonious Server Security
LISA '00 Proceedings of the 14th USENIX conference on System administration
Communication and recovery issues in grid environment
InfoSecu '04 Proceedings of the 3rd international conference on Information security
Improving the reliability of commodity operating systems
ACM Transactions on Computer Systems (TOCS)
Memory safety without garbage collection for embedded applications
ACM Transactions on Embedded Computing Systems (TECS)
Efficient and Safe Execution of User-Level Code in the Kernel
IPDPS '05 Proceedings of the 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05) - Workshop 10 - Volume 11
Using DISE to protect return addresses from attack
ACM SIGARCH Computer Architecture News - Special issue: Workshop on architectural support for security and anti-virus (WASSA)
Interactive and Probabilistic Proof of Mobile Code Safety
Automated Software Engineering
Owl: next generation system monitoring
Proceedings of the 2nd conference on Computing frontiers
A generic anti-spyware solution by access control list at kernel level
Journal of Systems and Software - Special issue: Software engineering education and training
The KaffeOS Java runtime system
ACM Transactions on Programming Languages and Systems (TOPLAS)
Safety assurance contracts for integrated modular avionics
SCS '03 Proceedings of the 8th Australian workshop on Safety critical systems and software - Volume 33
Segment protection for embedded systems using run-time checks
Proceedings of the 2005 international conference on Compilers, architectures and synthesis for embedded systems
Diamond: A Storage Architecture for Early Discard in Interactive Search
FAST '04 Proceedings of the 3rd USENIX Conference on File and Storage Technologies
Proceedings of the 12th ACM conference on Computer and communications security
Preventing format-string attacks via automatic and efficient dynamic checking
Proceedings of the 12th ACM conference on Computer and communications security
Sensor network software update management: a survey
International Journal of Network Management
Computability classes for enforcement mechanisms
ACM Transactions on Programming Languages and Systems (TOPLAS)
Sdlib: a sensor network data and communications library for rapid and robust application development
Proceedings of the 5th international conference on Information processing in sensor networks
Dependable software needs pervasive debugging
EW 10 Proceedings of the 10th workshop on ACM SIGOPS European workshop
Nooks: an architecture for reliable device drivers
EW 10 Proceedings of the 10th workshop on ACM SIGOPS European workshop
Sub-operating systems: a new approach to application security
EW 10 Proceedings of the 10th workshop on ACM SIGOPS European workshop
THINK: a secure distributed systems architecture
EW 10 Proceedings of the 10th workshop on ACM SIGOPS European workshop
Towards trusted systems from the ground up
EW 10 Proceedings of the 10th workshop on ACM SIGOPS European workshop
SAFECode: enforcing alias analysis for weakly typed languages
Proceedings of the 2006 ACM SIGPLAN conference on Programming language design and implementation
Dynamically extending the Corral with native code for high-speed packet processing
Computer Networks: The International Journal of Computer and Telecommunications Networking - Active networks
Deconstructing process isolation
Proceedings of the 2006 workshop on Memory system performance and correctness
Architectural support for software-based protection
Proceedings of the 1st workshop on Architectural and system support for improving software dependability
t-kernel: providing reliable OS support to wireless sensor networks
Proceedings of the 4th international conference on Embedded networked sensor systems
ACM Transactions on Computer Systems (TOCS)
JavaScript instrumentation for browser security
Proceedings of the 34th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages
RETOS: resilient, expandable, and threaded operating system for wireless sensor networks
Proceedings of the 6th international conference on Information processing in sensor networks
Harbor: software-based memory protection for sensor nodes
Proceedings of the 6th international conference on Information processing in sensor networks
U-Net/SLE: A Java-based user-customizable virtual network interface
Scientific Programming
Running BSD kernels as user processes by partial emulation and rewriting of machine instructions
BSDC'03 Proceedings of the BSD Conference 2003 on BSD Conference
VXA: a virtual architecture for durable compressed archives
FAST'05 Proceedings of the 4th conference on USENIX Conference on File and Storage Technologies - Volume 4
Cosy: develop in user-land, run in kernel-mode
HOTOS'03 Proceedings of the 9th conference on Hot Topics in Operating Systems - Volume 9
Broad new OS research: challenges and opportunities
HOTOS'05 Proceedings of the 10th conference on Hot Topics in Operating Systems - Volume 10
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Enhancing server availability and security through failure-oblivious computing
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Detecting malicious java code using virtual machine auditing
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
On gray-box program tracking for anomaly detection
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Active names: flexible location and transport of wide-area resources
USITS'99 Proceedings of the 2nd conference on USENIX Symposium on Internet Technologies and Systems - Volume 2
User-level resource-constrained sandboxing
WSS'00 Proceedings of the 4th conference on USENIX Windows Systems Symposium - Volume 4
Kernel plugins: when a VM is too much
VM'04 Proceedings of the 3rd conference on Virtual Machine Research And Technology Symposium - Volume 3
Evaluating SFI for a CISC architecture
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
A secure environment for untrusted helper applications confining the Wily Hacker
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
Software write detection for a distributed shared memory
OSDI '94 Proceedings of the 1st USENIX conference on Operating Systems Design and Implementation
Software prefetching and caching for translation lookaside buffers
OSDI '94 Proceedings of the 1st USENIX conference on Operating Systems Design and Implementation
Dynamic function placement for data-intensive cluster computing
ATEC '00 Proceedings of the annual conference on USENIX Annual Technical Conference
Incorporating application semantics and control into compilation
DSL'97 Proceedings of the Conference on Domain-Specific Languages on Conference on Domain-Specific Languages (DSL), 1997
Frigate: an object-oriented file system for ordinary users
COOTS'97 Proceedings of the 3rd conference on USENIX Conference on Object-Oriented Technologies (COOTS) - Volume 3
A tool for constructing safe extensible C++ systems
COOTS'97 Proceedings of the 3rd conference on USENIX Conference on Object-Oriented Technologies (COOTS) - Volume 3
SLIC: an extensibility system for commodity operating systems
ATEC '98 Proceedings of the annual conference on USENIX Annual Technical Conference
Implementing multiple protection domains in java
ATEC '98 Proceedings of the annual conference on USENIX Annual Technical Conference
ATEC '98 Proceedings of the annual conference on USENIX Annual Technical Conference
A comparison of OS extension technologies
ATEC '96 Proceedings of the 1996 annual conference on USENIX Annual Technical Conference
An extensible protocol architecture for application-specific networking
ATEC '96 Proceedings of the 1996 annual conference on USENIX Annual Technical Conference
FLIPC: a low latency messaging system for distributed real time environments
ATEC '96 Proceedings of the 1996 annual conference on USENIX Annual Technical Conference
Multiple trace composition and its uses
TCLTK '98 Proceedings of the 3rd Annual USENIX Workshop on Tcl/Tk - Volume 3
Protected shared libraries: a new approach to modularity and sharing
ATEC '97 Proceedings of the annual conference on USENIX Annual Technical Conference
Sealing OS processes to improve dependability and safety
Proceedings of the 2nd ACM SIGOPS/EuroSys European Conference on Computer Systems 2007
BrowserShield: Vulnerability-driven filtering of dynamic HTML
ACM Transactions on the Web (TWEB)
Towards an active network architecture
ACM SIGCOMM Computer Communication Review
Management in telecom environments that are based on active networks
Journal of High Speed Networks
Protection and communication abstractions for web browsers in MashupOS
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
Secure virtual architecture: a safe execution environment for commodity operating systems
Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles
SafeDrive: safe and recoverable extensions using language-based techniques
OSDI '06 Proceedings of the 7th symposium on Operating systems design and implementation
BrowserShield: vulnerability-driven filtering of dynamic HTML
OSDI '06 Proceedings of the 7th symposium on Operating systems design and implementation
XFI: software guards for system address spaces
OSDI '06 Proceedings of the 7th symposium on Operating systems design and implementation
Securing software by enforcing data-flow integrity
OSDI '06 Proceedings of the 7th symposium on Operating systems design and implementation
Utilizing Binary Rewriting for Improving End-Host Security
IEEE Transactions on Parallel and Distributed Systems
Automated detection of persistent kernel control-flow attacks
Proceedings of the 14th ACM conference on Computer and communications security
Samurai: protecting critical data in unsafe languages
Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008
Microdrivers: a new architecture for device drivers
HOTOS'07 Proceedings of the 11th USENIX workshop on Hot topics in operating systems
Sprockets: safe extensions for distributed file systems
ATC'07 2007 USENIX Annual Technical Conference on Proceedings of the USENIX Annual Technical Conference
SAMProc: middleware for self-adaptive mobile processes in heterogeneous ubiquitous environments
Proceedings of the 4th on Middleware doctoral symposium
Flashproxy: transparently enabling rich web content via remote execution
Proceedings of the 6th international conference on Mobile systems, applications, and services
Securing dynamic itineraries for mobile agent applications
Journal of Network and Computer Applications
Extensible Web Browser Security
DIMVA '07 Proceedings of the 4th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
A New Approach to Memory Partitioning in On-Board Spacecraft Software
Ada-Europe '08 Proceedings of the 13th Ada-Europe international conference on Reliable Software Technologies
SOMA: mutual approval for included content in web pages
Proceedings of the 15th ACM conference on Computer and communications security
AOCI: Weaving Components in a Distributed Environment
OTM '08 Proceedings of the OTM 2008 Confederated International Conferences, CoopIS, DOA, GADA, IS, and ODBASE 2008. Part I on On the Move to Meaningful Internet Systems:
JavaScript Instrumentation in Practice
APLAS '08 Proceedings of the 6th Asian Symposium on Programming Languages and Systems
Insecure context switching: inoculating regular expressions for survivability
WOOT'08 Proceedings of the 2nd conference on USENIX Workshop on offensive technologies
An empirical security study of the native code in the JDK
SS'08 Proceedings of the 17th conference on Security symposium
Proceedings of the 14th international conference on Architectural support for programming languages and operating systems
Filtering False Positives Based on Server-Side Behaviors
IEICE - Transactions on Information and Systems
Lightweight self-protecting JavaScript
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
An overview of programming language based security
Proceedings of the 47th Annual Southeast Regional Conference
Towards Dynamic Component Isolation in a Service Oriented Platform
CBSE '09 Proceedings of the 12th International Symposium on Component-Based Software Engineering
Proceedings of the 2008 workshop on New security paradigms
Robustly secure computer systems: a new security paradigm of system discontinuity
NSPW '07 Proceedings of the 2007 Workshop on New Security Paradigms
Control-flow integrity principles, implementations, and applications
ACM Transactions on Information and System Security (TISSEC)
OSGi4C: enabling OSGi for the cloud
Proceedings of the Fourth International ICST Conference on COMmunication System softWAre and middlewaRE
Native Client: a sandbox for portable, untrusted x86 native code
Communications of the ACM - Amir Pnueli: Ahead of His Time
Fast byte-granularity software fault isolation
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
Lightweight module isolation for sensor nodes
Proceedings of the First Workshop on Virtualization in Mobile Computing
Secure in-VM monitoring using hardware virtualization
Proceedings of the 16th ACM conference on Computer and communications security
A transformational approach to binary translation of delayed branches with applications to SPARC® and PA-RISC instructions sets
Reverse engineering of binary device drivers with RevNIC
Proceedings of the 5th European conference on Computer systems
SoftwarePot: an encapsulated transferable file system for secure software circulation
ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
Flexible and efficient sandboxing based on fine-grained protection domains
ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
Outdoor distributed computing with split smart messages
Proceedings of the 12th Monterey conference on Reliable systems on unreliable networked platforms
Computer security from a programming language and static analysis perspective
ESOP'03 Proceedings of the 12th European conference on Programming
Stabilizing trust and reputation for self-stabilizing efficient hosts in spite of Byzantine guests
SSS'07 Proceedings of the 9h international conference on Stabilization, safety, and security of distributed systems
Promoting the development of secure mobile agent applications
Journal of Systems and Software
Stabilizing trust and reputation for self-stabilizing efficient hosts in spite of byzantine guests
ACM SIGOPS Operating Systems Review
MemMON: run-time off-chip detection for memory access violation in embedded systems
Proceedings of the 2010 Symposium on Information and Communication Technology
Advanced mobile agent security models for code integrity and malicious availability check
Journal of Network and Computer Applications
Leveraging legacy code to deploy desktop applications on the web
OSDI'08 Proceedings of the 8th USENIX conference on Operating systems design and implementation
Memory safety for low-level software/hardware interactions
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Testing closed-source binary device drivers with DDT
USENIXATC'10 Proceedings of the 2010 USENIX conference on USENIX annual technical conference
Robusta: taming the native beast of the JVM
Proceedings of the 17th ACM conference on Computer and communications security
Retaining sandbox containment despite bugs in privileged memory-safe code
Proceedings of the 17th ACM conference on Computer and communications security
PoliMakE: a policy making engine for secure embedded software execution on chip-multiprocessors
WESS '10 Proceedings of the 5th Workshop on Embedded Systems Security
In the track of the agent protection: a solution based on cryptographic hardware
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
Interceptor: middleware-level application segregation and scheduling for P2P systems
IPDPS'06 Proceedings of the 20th international conference on Parallel and distributed processing
Adapting software fault isolation to contemporary CPU architectures
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Improved device driver reliability through hardware verification reuse
Proceedings of the sixteenth international conference on Architectural support for programming languages and operating systems
Fine-grained user-space security through virtualization
Proceedings of the 7th ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Nexus authorization logic (NAL): Design rationale and applications
ACM Transactions on Information and System Security (TISSEC)
Diamond: a storage architecture for early discard in interactive search
FAST'04 Proceedings of the 3rd USENIX conference on File and storage technologies
Language-independent sandboxing of just-in-time compilation and self-modifying code
Proceedings of the 32nd ACM SIGPLAN conference on Programming language design and implementation
Quarantine: fault tolerance for concurrent servers with data-driven selective isolation
HotPar'11 Proceedings of the 3rd USENIX conference on Hot topic in parallelism
Policy-centric protection of OS kernel from vulnerable loadable kernel modules
ISPEC'11 Proceedings of the 7th international conference on Information security practice and experience
A gray-box DPDA-based intrusion detection technique using system-call monitoring
Proceedings of the 8th Annual Collaboration, Electronic messaging, Anti-Abuse and Spam Conference
ARMor: fully verified software fault isolation
EMSOFT '11 Proceedings of the ninth ACM international conference on Embedded software
Software fault isolation with API integrity and multi-principal modules
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Logical attestation: an authorization architecture for trustworthy computing
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Fay: extensible distributed tracing from kernels to clusters
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Combining control-flow integrity and static analysis for efficient and validated data sandboxing
Proceedings of the 18th ACM conference on Computer and communications security
Ribbons: a partially shared memory programming model
Proceedings of the 2011 ACM international conference on Object oriented programming systems languages and applications
Security requirements model for grid data management systems
CRITIS'06 Proceedings of the First international conference on Critical Information Infrastructures Security
Proceedings of the 18th ACM conference on Computer and communications security
GIVS: integrity validation for grid security
ICCS'05 Proceedings of the 5th international conference on Computational Science - Volume Part III
A theory of secure control flow
ICFEM'05 Proceedings of the 7th international conference on Formal Methods and Software Engineering
Enforcing non-safety security policies with program monitors
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Isolating commodity hosted hypervisors with HyperLock
Proceedings of the 7th ACM european conference on Computer Systems
Enforcing stateful authorization and information flow policies in fine
ESOP'10 Proceedings of the 19th European conference on Programming Languages and Systems
Runtime countermeasures for code injection attacks against C and C++ programs
ACM Computing Surveys (CSUR)
SP 800-19. Mobile Agent Security
SP 800-19. Mobile Agent Security
RockSalt: better, faster, stronger SFI for the x86
Proceedings of the 33rd ACM SIGPLAN conference on Programming Language Design and Implementation
Countermeasures for mobile agent security
Computer Communications
TreeHouse: JavaScript sandboxes to helpWeb developers help themselves
USENIX ATC'12 Proceedings of the 2012 USENIX conference on Annual Technical Conference
Recent developments in low-level software security
WISTP'12 Proceedings of the 6th IFIP WG 11.2 international conference on Information Security Theory and Practice: security, privacy and trust in computing systems and ambient intelligent ecosystems
Binary stirring: self-randomizing instruction addresses of legacy x86 binary code
Proceedings of the 2012 ACM conference on Computer and communications security
Enforcing user-space privilege separation with declarative architectures
Proceedings of the seventh ACM workshop on Scalable trusted computing
Bringing Virtualization to the x86 Architecture with the Original VMware Workstation
ACM Transactions on Computer Systems (TOCS)
Fay: Extensible Distributed Tracing from Kernels to Clusters
ACM Transactions on Computer Systems (TOCS)
Securing untrusted code via compiler-agnostic binary rewriting
Proceedings of the 28th Annual Computer Security Applications Conference
Scalable formal machine models
CPP'12 Proceedings of the Second international conference on Certified Programs and Proofs
Artificial immune system based mobile agent platform protection
Computer Standards & Interfaces
On layout randomization for arrays and functions
POST'13 Proceedings of the Second international conference on Principles of Security and Trust
Hypnos: understanding and treating sleep conflicts in smartphones
Proceedings of the 8th ACM European Conference on Computer Systems
PSiOS: bring your own privacy & security to iOS devices
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
Efficient user-space information flow control
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
Enforcing system-wide control flow integrity for exploit detection and diagnosis
Proceedings of the 8th ACM SIGSAC symposium on Information, computer and communications security
CPM: Masking Code Pointers to Prevent Code Injection Attacks
ACM Transactions on Information and System Security (TISSEC)
Security bugs in embedded interpreters
Proceedings of the 4th Asia-Pacific Workshop on Systems
JNICodejail: native code isolation for Java programs
Proceedings of the 2013 International Conference on Principles and Practices of Programming on the Java Platform: Virtual Machines, Languages, and Tools
Monitor integrity protection with space efficiency and separate compilation
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
ShadowReplica: efficient parallelization of dynamic data flow tracking
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Content-based isolation: rethinking isolation policy design on client systems
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Protecting sensitive web content from client-side vulnerabilities with CRYPTONS
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
A versatile code execution isolation framework with security first
Proceedings of the 2013 ACM workshop on Cloud computing security workshop
NVM heaps for accelerating browser-based applications
Proceedings of the 1st Workshop on Interactions of NVM/FLASH with Operating Systems and Workloads
Strato: a retargetable framework for low-level inlined-reference monitors
SEC'13 Proceedings of the 22nd USENIX conference on Security
Bringing java's wild native world under control
ACM Transactions on Information and System Security (TISSEC)
Guardrail: a high fidelity approach to protecting hardware devices from buggy drivers
Proceedings of the 19th international conference on Architectural support for programming languages and operating systems
Control-flow integrity principles, implementations, and applications
ACM Transactions on Information and System Security (TISSEC)
New hands-on labs on browser security (abstract only)
Proceedings of the 45th ACM technical symposium on Computer science education
Compac: enforce component-level access control in android
Proceedings of the 4th ACM conference on Data and application security and privacy
International Journal of Critical Computer-Based Systems
A platform for secure static binary instrumentation
Proceedings of the 10th ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
| Hi-index | 0.01 |
One way to provide fault isolation among cooperating software modules is to place each in its own address space. However, for tightly-coupled modules, this solution incurs prohibitive context switch overhead. In this paper, we present a software approach to implementing fault isolation within a single address space.Our approach has two parts. First, we load the code and data for a distrusted module into its own fault do main, a logically separate portion of the application's address space. Second, we modify the object code of a distrusted module to prevent it from writing or jumping to an address outside its fault domain. Both these software operations are portable and programming language independent.Our approach poses a tradeoff relative to hardware fault isolation: substantially faster communication between fault domains, at a cost of slightly increased execution time for distrusted modules. We demonstrate that for frequently communicating modules, implementing fault isolation in software rather than hardware can substantially improve end-to-end application performance.