Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
SOSP
2007
ACM
2007
ACM
Information flow control for standard OS abstractions
ion Flow Control for Standard OS Abstractions Maxwell Krohn Alexander Yip Micah Brodsky Natan Cliffer M. Frans Kaashoek Eddie Kohler† Robert Morris MIT CSAIL †UCLA http://flume.csail.mit.edu/ Decentralized Information Flow Control (DIFC) [24] is an approach to security that allows application writers to control how data flows between the pieces of an application and the outside world. As applied to privacy, DIFC allows untrusted software to compute with private data while trusted security code controls the release of that data. As applied to integrity, DIFC allows trusted code to protect untrusted software from unexpected malicious inputs. In either case, only bugs in the trusted code, which tends to be small and isolated, can lead to security violations. We present Flume, a new DIFC model and system that applies at the granularity of operating system processes and standard OS abstractions (e.g., pipes and file descriptors). Flume eases DIFC’s use in existing applications and...
Real-time Traffic| Added | 17 Mar 2010 |
| Updated | 17 Mar 2010 |
| Type | Conference |
| Year | 2007 |
| Where | SOSP |
| Authors | Maxwell N. Krohn, Alexander Yip, Micah Z. Brodsky, Natan Cliffer, M. Frans Kaashoek, Eddie Kohler, Robert Morris |
Comments (0)
Researcher Info
|
