Flexible Policy-Directed Code Safety

نویسندگان

David E. Evans

Andrew Twyman

چکیده

This work introduces a new approach to code safety. We present Naccio, a system architecture that allows a large class of safety policies to be expressed in a general and platform-independent way. Policies are defined in terms of abstract resource manipulations. We describe mechanisms that can be used to efficiently and conveniently enforce these safety policies by transforming programs. We are developing implementations of Naccio that enforce policies on JavaVM classes and Win32 executables. We report on results using the JavaVM

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

A Gradual Approach to a More Trustworthy, Yet Scalable, Proof-Carrying Code

Proof-carrying code (PCC) allows a code producer to associate to a program a machine-checkable proof of its safety. In the original approach to PCC, the safety policy includes proof rules which determine how various actions are to be proved safe. These proof rules have been considered part of the trusted code base (TCB) of the PCC system. We wish to remove the proof rules from the TCB by provid...

متن کامل

Flexible Code Safety for Win 32 by Andrew

With the growth of the global Internet, users have begun to download and run programs for more different purposes and from more varied sources than ever before. These programs should not be allowed to cause harm to a user's system or data, either as a result of malicious code created by an adversary or buggy code that could cause accidentally. Users may have different ideas of what constitutes ...

متن کامل

3 Policy - Directed Code Safety

Executing code can be dangerous. This thesis describes a scheme for protecting the user by constraining the behavior of an executing program. We introduce Naccio, a general architecture for constraining the behavior of program executions. Naccio consists of languages for defining safety policies in a platform-independent way and a system architecture for enforcing those policies on executions b...

متن کامل

A Sound Framework for Untrusted Verification-Condition Generators

We propose a framework called configurable proofcarrying code, which allows the untrusted producer of mobile code to provide the bulk of the code verifier used by a code receiver to check the safety of the received code. The resulting system is both more flexible and also more trustworthy than a standard proof-carrying code system, because only a small part of the verifier needs to be trusted, ...

متن کامل

Prototyping Proof Carrying Code

We introduce a generic framework for proof carrying code, developed and mechanically verified in Isabelle/HOL. The framework defines and proves sound a verification condition generator with minimal assumptions on the underlying programming language, safety policy, and safety logic. We demonstrate its usability for prototyping proof carrying code systems by instantiating it to a simple assembly ...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}

با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره شماره

صفحات -

تاریخ انتشار 1999

Flexible Policy-Directed Code Safety

نویسندگان

چکیده

منابع مشابه

A Gradual Approach to a More Trustworthy, Yet Scalable, Proof-Carrying Code

Flexible Code Safety for Win 32 by Andrew

3 Policy - Directed Code Safety

A Sound Framework for Untrusted Verification-Condition Generators

Prototyping Proof Carrying Code

عنوان ژورنال:

اشتراک گذاری