Many operating system services require special privileges to execute their tasks. A programming error in a privileged service may open the door to system compromise in form of unauthorized acquisition of privileges. In the worst case, a remote attacker may obtain superuser privileges. In this paper, we discuss the methodology and design of privilege separation, a generic approach that lets parts of an application run without special privileges. Programming errors occurring in these now unprivileged parts of the application can no longer be abused to gain unauthorized privileges. Privilege separation is orthogonal to capability or role-based security systems and may be used to enhance the security of such systems even further. As a concrete ...
Consumer devices are increasingly being used to perform security and privacy critical tasks. The sof...
In a bid to limit the harm caused by ubiquitous remotely exploitable software vulnerabilities, the c...
In a bid to limit the harm caused by ubiquitous remotely exploitable software vulnerabilities, the c...
Many operating system services require special privileges to execute their tasks. A programming erro...
AbstractWe introduce a method, Lightweight Privilege Separation, enabling safe execution of unreliab...
One particularly difficult challenge in the computer security landscape is preventing privilege esca...
In operating systems, privilege is used to control the most important resources and functions, so ad...
I, Andrea Bittau, confirm that the work presented in this thesis is my own. Where information has be...
Hackers leverage software vulnerabilities to disclose, tamper with, or destroy sensitive data. To p...
Though system security would benefit if programmers routinely followed the principle of least privil...
Privilege based security policies for programs are effective as a first line of defense against atta...
Modern applications often involve processing of sensitive information. However, the lack of privileg...
Any multi-user, multi-tasking operating system, such as the LINIX SVR4 Operating System, must provid...
Abstract—Virtual machine security issues have been the focus of attention. The permissions of tradit...
Traditionally, reference monitors have been used both to specify a policy of secure behaviors of an ...
Consumer devices are increasingly being used to perform security and privacy critical tasks. The sof...
In a bid to limit the harm caused by ubiquitous remotely exploitable software vulnerabilities, the c...
In a bid to limit the harm caused by ubiquitous remotely exploitable software vulnerabilities, the c...
Many operating system services require special privileges to execute their tasks. A programming erro...
AbstractWe introduce a method, Lightweight Privilege Separation, enabling safe execution of unreliab...
One particularly difficult challenge in the computer security landscape is preventing privilege esca...
In operating systems, privilege is used to control the most important resources and functions, so ad...
I, Andrea Bittau, confirm that the work presented in this thesis is my own. Where information has be...
Hackers leverage software vulnerabilities to disclose, tamper with, or destroy sensitive data. To p...
Though system security would benefit if programmers routinely followed the principle of least privil...
Privilege based security policies for programs are effective as a first line of defense against atta...
Modern applications often involve processing of sensitive information. However, the lack of privileg...
Any multi-user, multi-tasking operating system, such as the LINIX SVR4 Operating System, must provid...
Abstract—Virtual machine security issues have been the focus of attention. The permissions of tradit...
Traditionally, reference monitors have been used both to specify a policy of secure behaviors of an ...
Consumer devices are increasingly being used to perform security and privacy critical tasks. The sof...
In a bid to limit the harm caused by ubiquitous remotely exploitable software vulnerabilities, the c...
In a bid to limit the harm caused by ubiquitous remotely exploitable software vulnerabilities, the c...