AbstractWe introduce a method, Lightweight Privilege Separation, enabling safe execution of unreliable software. Our method introduces no new software vulnerabilities and is fairly easy to implement. Furthermore, we show by experiments that the execution overhead is in the order of milliseconds per execution of the unreliable process at hand. We compare our method with earlier attempts of privilege separation such as OpenSSH. The paper concludes with a discussion on generalizations of our approach in the form of abstract machines and their interpreters
Modern computer systems are built on a foundation of software components from a variety of vendors. ...
I, Andrea Bittau, confirm that the work presented in this thesis is my own. Where information has be...
Abstract—The standard loader (ld.so) is a common target of attacks. The loader is a trusted componen...
AbstractWe introduce a method, Lightweight Privilege Separation, enabling safe execution of unreliab...
Many operating system services require special privileges to execute their tasks. A programming erro...
In this paper, we present an approach for realizing a safe execution environment (SEE) that enables ...
In this paper, we present an approach for realizing a safe execution environment (SEE) that enables ...
Abstract. This paper is about ensuring security in unreliable systems. We study systems which are su...
This paper is about ensuring security in unreliable systems. We studysystems which are subject to tr...
ii Protecting running applications is a hard problem. Many applications are written in a low-level l...
Many attacks on modern software begin when the application processes untrusted data. Often attackers...
Several recent operating systems provide system calls that allow an application to explicitly manage...
Traditionally, reference monitors have been used both to specify a policy of secure behaviors of an ...
Supporting security principles, like least privilege, in a software architecture is challenging due ...
A fundamental issue in the use of message-passing systems is the creation of repeatable and portable...
Modern computer systems are built on a foundation of software components from a variety of vendors. ...
I, Andrea Bittau, confirm that the work presented in this thesis is my own. Where information has be...
Abstract—The standard loader (ld.so) is a common target of attacks. The loader is a trusted componen...
AbstractWe introduce a method, Lightweight Privilege Separation, enabling safe execution of unreliab...
Many operating system services require special privileges to execute their tasks. A programming erro...
In this paper, we present an approach for realizing a safe execution environment (SEE) that enables ...
In this paper, we present an approach for realizing a safe execution environment (SEE) that enables ...
Abstract. This paper is about ensuring security in unreliable systems. We study systems which are su...
This paper is about ensuring security in unreliable systems. We studysystems which are subject to tr...
ii Protecting running applications is a hard problem. Many applications are written in a low-level l...
Many attacks on modern software begin when the application processes untrusted data. Often attackers...
Several recent operating systems provide system calls that allow an application to explicitly manage...
Traditionally, reference monitors have been used both to specify a policy of secure behaviors of an ...
Supporting security principles, like least privilege, in a software architecture is challenging due ...
A fundamental issue in the use of message-passing systems is the creation of repeatable and portable...
Modern computer systems are built on a foundation of software components from a variety of vendors. ...
I, Andrea Bittau, confirm that the work presented in this thesis is my own. Where information has be...
Abstract—The standard loader (ld.so) is a common target of attacks. The loader is a trusted componen...