SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
Extensible security architectures for Java
Proceedings of the sixteenth ACM symposium on Operating systems principles
Operating System Structures to Support Security and Reliable Software
ACM Computing Surveys (CSUR)
Protection and the control of information sharing in multics
Communications of the ACM
A Flexible Containment Mechanism for Executing Untrusted Code
Proceedings of the 11th USENIX Security Symposium
Janus: an Approach for Confinement of Untrusted Applications
Janus: an Approach for Confinement of Untrusted Applications
Statically detecting likely buffer overflow vulnerabilities
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Detecting format string vulnerabilities with type qualifiers
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Improving host security with system call policies
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
USITS'97 Proceedings of the USENIX Symposium on Internet Technologies and Systems on USENIX Symposium on Internet Technologies and Systems
Confining root programs with domain and type enforcement (DTE)
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
A domain and type enforcement UNIX prototype
SSYM'95 Proceedings of the 5th conference on USENIX UNIX Security Symposium - Volume 5
strlcpy and strlcat: consistent, safe, string copy and concatenation
ATEC '99 Proceedings of the annual conference on USENIX Annual Technical Conference
Gray-box extraction of execution graphs for anomaly detection
Proceedings of the 11th ACM conference on Computer and communications security
Identity Boxing: A New Technique for Consistent Global Identity
SC '05 Proceedings of the 2005 ACM/IEEE conference on Supercomputing
PRIMA: policy-reduced integrity measurement architecture
Proceedings of the eleventh ACM symposium on Access control models and technologies
Refactoring programs to secure information flows
Proceedings of the 2006 workshop on Programming languages and analysis for security
Reducing TCB complexity for security-sensitive applications: three case studies
Proceedings of the 1st ACM SIGOPS/EuroSys European Conference on Computer Systems 2006
REX: secure, extensible remote execution
ATEC '04 Proceedings of the annual conference on USENIX Annual Technical Conference
Make least privilege a right (not a privilege)
HOTOS'05 Proceedings of the 10th conference on Hot Topics in Operating Systems - Volume 10
Privtrans: automatically partitioning programs for privilege separation
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
On gray-box program tracking for anomaly detection
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Melange: creating a "functional" internet
Proceedings of the 2nd ACM SIGOPS/EuroSys European Conference on Computer Systems 2007
A critique of the GNU hurd multi-server operating system
ACM SIGOPS Operating Systems Review
Improving multi-tier security using redundant authentication
Proceedings of the 2007 ACM workshop on Computer security architecture
Improving Xen security through disaggregation
Proceedings of the fourth ACM SIGPLAN/SIGOPS international conference on Virtual execution environments
Flicker: an execution infrastructure for tcb minimization
Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008
Privilege separation made easy: trusting small libraries not big processes
Proceedings of the 1st European Workshop on System Security
Wedge: splitting applications into reduced-privilege compartments
NSDI'08 Proceedings of the 5th USENIX Symposium on Networked Systems Design and Implementation
Plan 9 authentication in Linux
ACM SIGOPS Operating Systems Review - Research and developments in the Linux kernel
Flexible security configuration for virtual machines
Proceedings of the 2nd ACM workshop on Computer security architectures
NetAuth: supporting user-based network services
SS'08 Proceedings of the 17th conference on Security symposium
Real-world buffer overflow protection for userspace & kernelspace
SS'08 Proceedings of the 17th conference on Security symposium
Enforcing security for desktop clients using authority aspects
Proceedings of the 8th ACM international conference on Aspect-oriented software development
Robustly secure computer systems: a new security paradigm of system discontinuity
NSPW '07 Proceedings of the 2007 Workshop on New Security Paradigms
Towards System Integrity Protection with Graph-Based Policy Analysis
Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
Session resumption for the secure shell protocol
IM'09 Proceedings of the 11th IFIP/IEEE international conference on Symposium on Integrated Network Management
Self Adaptive High Interaction Honeypots Driven by Game Theory
SSS '09 Proceedings of the 11th International Symposium on Stabilization, Safety, and Security of Distributed Systems
Fine-grained privilege separation for web applications
Proceedings of the 19th international conference on World wide web
Towards automated privilege separation
ICISS'07 Proceedings of the 3rd international conference on Information systems security
An SSH-based toolkit for user-based network services
LISA'09 Proceedings of the 23rd conference on Large installation system administration
Using hypervisors to secure commodity operating systems
Proceedings of the fifth ACM workshop on Scalable trusted computing
DR@FT: efficient remote attestation framework for dynamic systems
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
Making Linux protection mechanisms egalitarian with UserFS
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Capsicum: practical capabilities for UNIX
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Structuring protocol implementations to protect sensitive data
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Diesel: applying privilege separation to database access
Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security
On the challenge of delivering high-performance, dependable, model-checked internet servers
HotDep'05 Proceedings of the First conference on Hot topics in system dependability
A gray-box DPDA-based intrusion detection technique using system-call monitoring
Proceedings of the 8th Annual Collaboration, Electronic messaging, Anti-Abuse and Spam Conference
Heliza: talking dirty to the attackers
Journal in Computer Virology
Breaking up is hard to do: security and functionality in a commodity hypervisor
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Combining Discretionary Policy with Mandatory Information Flow in Operating Systems
ACM Transactions on Information and System Security (TISSEC)
Trust extension as a mechanism for secure code execution on commodity computers
Trust extension as a mechanism for secure code execution on commodity computers
Proceedings of the 18th ACM conference on Computer and communications security
A taste of Capsicum: practical capabilities for UNIX
Communications of the ACM
SPLAT: a tool for model-checking and dynamically-enforcing abstractions
SPIN'05 Proceedings of the 12th international conference on Model Checking Software
A linux kernel cryptographic framework: decoupling cryptographic keys from applications
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Gibraltar: exposing hardware devices to web pages using AJAX
WebApps'12 Proceedings of the 3rd USENIX conference on Web Application Development
An evaluation of the Google Chrome extension security architecture
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Establishing browser security guarantees through formal shim verification
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Privilege separation in HTML5 applications
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Adaptive defenses for commodity software through virtual application partitioning
Proceedings of the 2012 ACM conference on Computer and communications security
Enforcing user-space privilege separation with declarative architectures
Proceedings of the seventh ACM workshop on Scalable trusted computing
Integrity walls: finding attack surfaces from mandatory access control policies
Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security
Transforming commodity security policies to enforce Clark-Wilson integrity
Proceedings of the 28th Annual Computer Security Applications Conference
Unikernels: library operating systems for the cloud
Proceedings of the eighteenth international conference on Architectural support for programming languages and operating systems
Process firewalls: protecting processes during resource access
Proceedings of the 8th ACM European Conference on Computer Systems
Towards reducing the attack surface of software backdoors
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
CPS: stateful policy enforcement for control system device usage
Proceedings of the 29th Annual Computer Security Applications Conference
DR BACA: dynamic role based access control for Android
Proceedings of the 29th Annual Computer Security Applications Conference
Securing OAuth implementations in smart phones
Proceedings of the 4th ACM conference on Data and application security and privacy
| Hi-index | 0.02 |
We introduce a system that eliminates the need to run programs in privileged process contexts. Using our system, programs run unprivileged but may execute certain operations with elevated privileges as determined by a configurable policy eliminating the need for suid or sgid binaries. We present the design and analysis of the "Systrace" facility which supports fine grained process confinement, intrusion detection, auditing and privilege elevation. It also facilitates the often difficult process of policy generation. With Systrace, it is possible to generate policies automatically in a training session or generate them interactively during program execution. The policies describe the desired behavior of services or user applications on a system call level and are enforced to prevent operations that are not explicitly permitted. We show that Systrace is efficient and does not impose significant performance penalties.