Efficient software-based fault isolation
SOSP '93 Proceedings of the fourteenth ACM symposium on Operating systems principles
Sharing and protection in a single-address-space operating system
ACM Transactions on Computer Systems (TOCS) - Special issue on computer architecture
Extensibility safety and performance in the SPIN operating system
SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Ownership types for flexible alias protection
Proceedings of the 13th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
ACM Transactions on Programming Languages and Systems (TOPLAS)
Proceedings of the seventeenth ACM symposium on Operating systems principles
Operating system support for persistent systems: past, present and future
Software—Practice & Experience - Persistent object systems
Featherweight Java: a minimal core calculus for Java and GJ
ACM Transactions on Programming Languages and Systems (TOPLAS)
Region-based memory management in cyclone
PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
Ownership types for safe programming: preventing data races and deadlocks
OOPSLA '02 Proceedings of the 17th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Ownership types for safe region-based memory management in real-time Java
PLDI '03 Proceedings of the ACM SIGPLAN 2003 conference on Programming language design and implementation
Protection in the Hydra Operating System
SOSP '75 Proceedings of the fifth ACM symposium on Operating systems principles
Efficient Kernel Support of Fine-Grained Protection Domains for Mobile Code
ICDCS '99 Proceedings of the 19th IEEE International Conference on Distributed Computing Systems
Kill-safe synchronization abstractions
Proceedings of the ACM SIGPLAN 2004 conference on Programming language design and implementation
HPCA '05 Proceedings of the 11th International Symposium on High-Performance Computer Architecture
Improving the reliability of commodity operating systems
ACM Transactions on Computer Systems (TOCS)
Mondrix: memory isolation for linux using mondriaan memory protection
Proceedings of the twentieth ACM symposium on Operating systems principles
HeapMon: a helper-thread approach to programmable, automatic, and low-overhead memory bug detection
IBM Journal of Research and Development
The DaCapo benchmarks: java benchmarking development and analysis
Proceedings of the 21st annual ACM SIGPLAN conference on Object-oriented programming systems, languages, and applications
Heap protection for Java virtual machines
PPPJ '06 Proceedings of the 4th international symposium on Principles and practice of programming in Java
Deconstructing process isolation
Proceedings of the 2006 workshop on Memory system performance and correctness
Memory Protection through Dynamic Access Control
Proceedings of the 39th Annual IEEE/ACM International Symposium on Microarchitecture
ATEC '03 Proceedings of the annual conference on USENIX Annual Technical Conference
Enhancing server availability and security through failure-oblivious computing
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
XFI: software guards for system address spaces
OSDI '06 Proceedings of the 7th USENIX Symposium on Operating Systems Design and Implementation - Volume 7
The jastadd extensible java compiler
Proceedings of the 22nd annual ACM SIGPLAN conference on Object-oriented programming systems and applications
An analysis of browser domain-isolation bugs and a light-weight transparent defense mechanism
Proceedings of the 14th ACM conference on Computer and communications security
MemTracker: Efficient and Programmable Support for Memory Access Monitoring and Debugging
HPCA '07 Proceedings of the 2007 IEEE 13th International Symposium on High Performance Computer Architecture
Hardbound: architectural support for spatial safety of the C programming language
Proceedings of the 13th international conference on Architectural support for programming languages and operating systems
Java security: from hotjava to netscape and beyond
SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
Scoped types and aspects for real-time java
ECOOP'06 Proceedings of the 20th European conference on Object-Oriented Programming
Parallel closures: a new twist on an old idea
HotPar'12 Proceedings of the 4th USENIX conference on Hot Topics in Parallelism
TOOLS'12 Proceedings of the 50th international conference on Objects, Models, Components, Patterns
Domains: safe sharing among actors
Proceedings of the 2nd edition on Programming systems, languages and applications based on actors, agents, and decentralized control abstractions
Hi-index | 0.00 |
The need for programs to execute subcomponents in isolation from each other or with lower privileges is prevalent among today's systems. We introduce ribbons: a shared memory programming model that allows for more implicit sharing of memory than processes but is more restrictive than threads. Ribbons structure the heap into protection domains. Privileges between these protection domains are carefully controlled in order to confine computation. We propose RibbonJ, a backwards-compatible extension of Java, to easily create or port programs to use the ribbons model. We study the progress and isolation properties of a subset of the language. Building on JikesRVM we implement ribbons by leveraging existing memory protection mechanisms in modern hardware and operating systems, avoiding the overhead of inline security checks and read or write barriers. We evaluate efficiency via microbenchmarks and the DaCapo suite, observing minor overhead. Additionally, we refactor Apache Tomcat to use ribbons for application isolation, discuss the refactoring's design and complexity, and evaluate performance using the SPECweb2009 benchmark.