Efficient software-based fault isolation
SOSP '93 Proceedings of the fourteenth ACM symposium on Operating systems principles
From system F to typed assembly language
ACM Transactions on Programming Languages and Systems (TOPLAS)
MiSFIT: Constructing Safe Extensible Systems
IEEE Concurrency
A Safety-Oriented Platform for Web Applications
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
The BSD packet filter: a new architecture for user-level packet capture
USENIX'93 Proceedings of the USENIX Winter 1993 Conference Proceedings on USENIX Winter 1993 Conference Proceedings
Evaluating SFI for a CISC architecture
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
A secure environment for untrusted helper applications confining the Wily Hacker
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
XFI: software guards for system address spaces
OSDI '06 Proceedings of the 7th symposium on Operating systems design and implementation
Wedge: splitting applications into reduced-privilege compartments
NSDI'08 Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation
Vx32: lightweight user-level sandboxing on the x86
ATC'08 USENIX 2008 Annual Technical Conference on Annual Technical Conference
Native Client: A Sandbox for Portable, Untrusted x86 Native Code
SP '09 Proceedings of the 2009 30th IEEE Symposium on Security and Privacy
Multi-tenant SOA Middleware for Cloud Computing
CLOUD '10 Proceedings of the 2010 IEEE 3rd International Conference on Cloud Computing
Leveraging legacy code to deploy desktop applications on the web
OSDI'08 Proceedings of the 8th USENIX conference on Operating systems design and implementation
The multi-principal OS construction of the gazelle web browser
SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Capsicum: practical capabilities for UNIX
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Language-independent sandboxing of just-in-time compilation and self-modifying code
Proceedings of the 32nd ACM SIGPLAN conference on Programming language design and implementation
ARMor: fully verified software fault isolation
EMSOFT '11 Proceedings of the ninth ACM international conference on Embedded software
RockSalt: better, faster, stronger SFI for the x86
Proceedings of the 33rd ACM SIGPLAN conference on Programming Language Design and Implementation
Enforcing user-space privilege separation with declarative architectures
Proceedings of the seventh ACM workshop on Scalable trusted computing
Securing untrusted code via compiler-agnostic binary rewriting
Proceedings of the 28th Annual Computer Security Applications Conference
Hi-index | 0.00 |
In PaaS architectures, code execution needs to be isolated to protect tenants from unauthorized access to their data by other tenants and to protect the host system from any type of intrusion by other tenants. In this paper we propose a simple and lightweight framework that provides such code execution isolation units. All design decisions taken for our framework follow well-established design principles for protection mechanisms, such that in our design we put security first. Our framework uses the process barrier and the seccomp filter mechanism to restrict access to memory and to the system call interface. For access to additional resources a request delegation scheme is used. We evaluate our implementation on a small PaaS example architecture. For plain computations, the applied techniques do not introduce any overhead. In general, setup time for isolation units is negligible and the framework achieves acceptable throughput for broad network access. Our work brings tight and versatile isolation units to current unmodified Linux operating systems.