Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
USS
2008
2008
Towards Application Security on Untrusted Operating Systems
Complexity in commodity operating systems makes compromises inevitable. Consequently, a great deal of work has examined how to protect security-critical portions of applications from the OS through mechanisms such as microkernels, virtual machine monitors, and new processor architectures. Unfortunately, most work has focused on CPU and memory isolation and neglected OS semantics. Thus, while much is known about how to prevent OS and application processes from modifying each other, far less is understood about how different OS components can undermine application security if they turn malicious. We consider this problem in the context of our work on Overshadow, a virtual-machine-based system for retrofitting protection in commodity operating systems. We explore how malicious behavior in each major OS subsystem can undermine application security, and present potential mitigations. While our discussion is presented in terms of Overshadow and Linux, many of the problems and solutions are ...
Real-time TrafficCommodity Operating Systems | Operating System | OS Components | Systems Makes Compromises | USS 2008 |
| Added | 02 Oct 2010 |
| Updated | 02 Oct 2010 |
| Type | Conference |
| Year | 2008 |
| Where | USS |
| Authors | Dan R. K. Ports, Tal Garfinkel |
Comments (0)
Researcher Info
|
