Efficient software-based fault isolation
SOSP '93 Proceedings of the fourteenth ACM symposium on Operating systems principles
Firewalls and Internet security: repelling the wily hacker
Firewalls and Internet security: repelling the wily hacker
Applying military grade security to the Internet
Selected papers of the 8th joint European conference on Networking
High security Web servers and gateways
Selected papers from the sixth international conference on World Wide Web
A secure environment for untrusted helper applications confining the Wily Hacker
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
Improving the granularity of access control in Windows NT
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Improving the granularity of access control for Windows 2000
ACM Transactions on Information and System Security (TISSEC)
Security Control for COTS Components
Computer
WindowBox: a simple security model for the connected desktop
WSS'00 Proceedings of the 4th conference on USENIX Windows Systems Symposium - Volume 4
| Hi-index | 0.00 |
Abstract: Bugs in network application programs can be exploited to compromise the system on which the application is running. When running these applications in an unsafe environment such as the Internet, the security concerns raised are a significant barrier to electronic commerce. In addition, these application programs (such as Web servers, mailservers, etc.) are usually too big and complex to be bug-free; trying to build security directly into these applications has proven to be very difficult. This paper demonstrates that a compartmented-mode workstation is a suitable platform to provide a secure environment that can contain most existing network applications. We describe how to wrap these applications in order to reduce the potential for a security breach without the need to rewrite the application completely. By minimizing the effort of transferring unsafe application services so that they are reasonably secure, we are able to accelerate the process of electronic commerce.