A structural view of the Cedar programming environment
ACM Transactions on Programming Languages and Systems (TOPLAS)
Lisp lore: a guide to programming the Lisp machine
Lisp lore: a guide to programming the Lisp machine
Garbage collection in an uncooperative environment
Software—Practice & Experience
Project Oberon: the design of an operating system and compiler
Project Oberon: the design of an operating system and compiler
SIGMOD '93 Proceedings of the 1993 ACM SIGMOD international conference on Management of data
Sharing and protection in a single-address-space operating system
ACM Transactions on Computer Systems (TOCS) - Special issue on computer architecture
The security of static typing with dynamic linking
Proceedings of the 4th ACM conference on Computer and communications security
Java security: Web browsers and beyond
Internet besieged
The Mungi single-address-space operating system
Software—Practice & Experience - Special issue on multiprocessor operating systems
JRes: a resource accounting interface for Java
Proceedings of the 13th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
What is Java binary compatibility?
Proceedings of the 13th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
History-based access control for mobile code
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
PLAN: a packet language for active networks
ICFP '98 Proceedings of the third ACM SIGPLAN international conference on Functional programming
Resource containers: a new facility for resource management in server systems
OSDI '99 Proceedings of the third symposium on Operating systems design and implementation
Securing Java: getting down to business with mobile code
Securing Java: getting down to business with mobile code
Inside Java 2 platform security architecture, API design, and implementation
Inside Java 2 platform security architecture, API design, and implementation
A type system for Java bytecode subroutines
ACM Transactions on Programming Languages and Systems (TOPLAS)
Programming languages as operating systems (or revenge of the son of the lisp machine)
Proceedings of the fourth ACM SIGPLAN international conference on Functional programming
Design and implementation of a distributed virtual machine for networked computers
Proceedings of the seventeenth ACM symposium on Operating systems principles
SASI enforcement of security policies: a retrospective
Proceedings of the 1999 workshop on New security paradigms
Pilot: an operating system for a personal computer
Communications of the ACM
A nonrecursive list compacting algorithm
Communications of the ACM
SAFKASI: a security mechanism for language-based systems
ACM Transactions on Software Engineering and Methodology (TOSEM)
Recursive functions of symbolic expressions and their computation by machine, Part I
Communications of the ACM
Multitasking without comprimise: a virtual machine evolution
OOPSLA '01 Proceedings of the 16th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Termination in language-based systems
ACM Transactions on Information and System Security (TISSEC)
Region-based memory management in cyclone
PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
Java Virtual Machine Specification
Java Virtual Machine Specification
The Java Language Specification
The Java Language Specification
Smalltalk-80: The Language
Formal Syntax and Semantics of Java
Formal Syntax and Semantics of Java
Uniprocessor Garbage Collection Techniques
IWMM '92 Proceedings of the International Workshop on Memory Management
Design and Implementation of an Object-Oriented 64-bit Single Address Space Microkernel
USENIX Microkernels and Other Kernel Architectures Symposium
Mark-and-Sweep Garbage Collection in Multilevel Secure Object-Oriented Database Systems
ESORICS '94 Proceedings of the Third European Symposium on Research in Computer Security
Generation Scavenging: A non-disruptive high performance storage reclamation algorithm
SDE 1 Proceedings of the first ACM SIGSOFT/SIGPLAN software engineering symposium on Practical software development environments
HOTOS '99 Proceedings of the The Seventh Workshop on Hot Topics in Operating Systems
Design and Implementation of the J-SEAL2 Mobile Agent Kernel
SAINT '01 Proceedings of the 2001 Symposium on Applications and the Internet (SAINT 2001)
Collecting Garbage in Multilevel Secure Object Stores
SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
IBM Systems Journal
Luna: a flexible Java protection system
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
History of programming languages I
Processes in KaffeOS: isolation, resource management, and sharing in java
OSDI'00 Proceedings of the 4th conference on Symposium on Operating System Design & Implementation - Volume 4
A secure javaTM virtual machine
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Implementing multiple protection domains in java
ATEC '98 Proceedings of the annual conference on USENIX Annual Technical Conference
Memory accounting without partitions
Proceedings of the 4th international symposium on Memory management
The KaffeOS Java runtime system
ACM Transactions on Programming Languages and Systems (TOPLAS)
A compiler-based infrastructure for software-protection
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
A2-VM: a cooperative Java VM with support for resource-awareness and cluster-wide thread scheduling
OTM'11 Proceedings of the 2011th Confederated international conference on On the move to meaningful internet systems - Volume Part I
| Hi-index | 0.00 |
Language run-time systems are often called upon tosafely execute mutually distrustful tasks within the sameruntime, protecting them from other tasks' bugs or otherwisehostile behavior. Well-studied access controls exist insystems such as Java to prevent unauthorized reading orwriting of data, but techniques to measure and control resourceusage are less prevalent. In particular, most languagerun-time systems include no facility to account forand regulate heap memory usage on a per-task basis. Thisoversight can be exploited by a misbehaving task, whichmight allocate and hold live enough memory to cause adenial-of-service attack, crashing or slowing down othertasks. In addition, tasks can legitimately share referencesto the same objects, and traditional approaches that chargememory to its allocator fail to properly account for thissharing. We present a method for modifying the garbagecollector, already present in most modern language run-timesystems, to measure the amount of live memory reachablefrom each task as it performs its regular duties. Oursystem naturally distinguishes memory shared across tasksfrom memory reachable from only a single task without requiringincompatible changes to the semantics of the programminglanguage. Our prototype implementation imposesnegligible performance overheads in a variety ofbenchmarks, yet provides enough information for the expressionof rich policies to express the limits on a task'smemory usage.