A Flexible Containment Mechanism for Executing Untrusted Code

Authors:
David S. Peterson;Matt Bishop;Raju Pandey
Affiliations:
-;-;-
Venue:
Proceedings of the 11th USENIX Security Symposium
Year:
2002

Citing 12
Cited 21

Safe kernel extensions without run-time checking

OSDI '96 Proceedings of the second USENIX symposium on Operating systems design and implementation
Programming semantics for multiprogrammed computations

Communications of the ACM
A Scheduling Scheme for Controlling Allocation of CPU Resources for Mobile Programs

Autonomous Agents and Multi-Agent Systems
Using kernel hypervisors to secure applications

ACSAC '97 Proceedings of the 13th Annual Computer Security Applications Conference
MAPbox: using parameterized behavior classes to confine untrusted applications

SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
User-level resource-constrained sandboxing

WSS'00 Proceedings of the 4th conference on USENIX Windows Systems Symposium - Volume 4
WindowBox: a simple security model for the connected desktop

WSS'00 Proceedings of the 4th conference on USENIX Windows Systems Symposium - Volume 4
Going beyond the sandbox: an overview of the new security architecture in the javaTM development Kit 1.2

USITS'97 Proceedings of the USENIX Symposium on Internet Technologies and Systems on USENIX Symposium on Internet Technologies and Systems
TRON: process-specific file protection for the UNIX operating system

TCON'95 Proceedings of the USENIX 1995 Technical Conference Proceedings
A secure environment for untrusted helper applications confining the Wily Hacker

SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
Confining root programs with domain and type enforcement (DTE)

SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
A tool for constructing safe extensible C++ systems

COOTS'97 Proceedings of the 3rd conference on USENIX Conference on Object-Oriented Technologies (COOTS) - Volume 3

Countering code-injection attacks with instruction-set randomization

Proceedings of the 10th ACM conference on Computer and communications security
Speculative Security Checks in Sandboxing Systems

IPDPS '05 Proceedings of the 19th IEEE International Parallel and Distributed Processing Symposium (IPDPS'05) - Workshop 17 - Volume 18
Secure Bit: Transparent, Hardware Buffer-Overflow Protection

IEEE Transactions on Dependable and Secure Computing
Guarding security sensitive content using confined mobile agents

Proceedings of the 2007 ACM symposium on Applied computing
Preventing privilege escalation

SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Improving host security with system call policies

SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Privtrans: automatically partitioning programs for privilege separation

SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Analysis of Computer Intrusions Using Sequences of Function Calls

IEEE Transactions on Dependable and Secure Computing
Some thoughts on security after ten years of qmail 1.0

Proceedings of the 2007 ACM workshop on Computer security architecture
Improving multi-tier security using redundant authentication

Proceedings of the 2007 ACM workshop on Computer security architecture
Switchblade: enforcing dynamic personalized system call models

Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008
Memory performance attacks: denial of memory service in multi-core systems

SS'07 Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium
Dynamic Binary Instrumentation-Based Framework for Malware Defense

DIMVA '08 Proceedings of the 5th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Flexible and efficient sandboxing based on fine-grained protection domains

ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
A sandbox with a dynamic policy based on execution contexts of applications

ASIAN'07 Proceedings of the 12th Asian computing science conference on Advances in computer science: computer and network security
PRISM: platform for remote sensing using smartphones

Proceedings of the 8th international conference on Mobile systems, applications, and services
Convergence of desktop and web applications on a multi-service OS

HotSec'09 Proceedings of the 4th USENIX conference on Hot topics in security
xBook: redesigning privacy control in social networking platforms

SSYM'09 Proceedings of the 18th conference on USENIX security symposium
Reduction of interorganization web services peers incidents by deployment of asynchronous computing environment profile unification methodology (ACEPUM)

TELE-INFO'06 Proceedings of the 5th WSEAS international conference on Telecommunications and informatics
A mechanism for secure, fine-grained dynamic provisioning of applications on small devices

CASSIS'04 Proceedings of the 2004 international conference on Construction and Analysis of Safe, Secure, and Interoperable Smart Devices
Process firewalls: protecting processes during resource access

Proceedings of the 8th ACM European Conference on Computer Systems

Quantified Score

Hi-index	0.01

A Flexible Containment Mechanism for Executing Untrusted Code

Quantified Score

Visualization

Abstract