Panel: which access control technique will provide the greatest overall benefit
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Which operating system access control technique will provide the greatest overall benefit to users?
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
SKETHIC: Secure Kernel Extension against Trojan Horses with Information-Carrying Codes
ACISP '01 Proceedings of the 6th Australasian Conference on Information Security and Privacy
Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
A Flexible Containment Mechanism for Executing Untrusted Code
Proceedings of the 11th USENIX Security Symposium
Countering code-injection attacks with instruction-set randomization
Proceedings of the 10th ACM conference on Computer and communications security
SubDomain: Parsimonious Server Security
LISA '00 Proceedings of the 14th USENIX conference on System administration
Sub-operating systems: a new approach to application security
EW 10 Proceedings of the 10th workshop on ACM SIGOPS European workshop
The flask security architecture: system support for diverse security policies
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Flexible and efficient sandboxing based on fine-grained protection domains
ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
| Hi-index | 0.00 |
The paper describes an approach for selectively controlling COTS components to provide robustutess and security. Using the concept of a loadable module, "kernel hypervisors" have been implemented on a Linux kernel. These kernel hypervisors provide unbypassable security wrappers for application specific security requirements and can be used to provide replication services as well. A framework has been developed based on a master kernel hypervisor whose job is to coordinate installation and removal of individual client kernel hypervisors and to provide a means for management of these clients. The framework allows client kernel hypervisors to be stacked so that a variety of application specific policies can be implemented, each by means of its own kernel hypervisor. The hypervisors run in the kernel, but since they are loadable modules, they do not require that the kernel be modified. Kernel hypervisors have a number of potential applications, including protecting user systems from malicious active content downloaded via a Web browser and wrapping servers and firewall services for limiting possible compromises.