A Secure Environment for Untrusted Helper Applications Connning the Wily Hacker
نویسندگان
چکیده
Many popular programs, such as Netscape, use un-trusted helper applications to process data from the network. Unfortunately, the unauthenticated network data they interpret could well have been created by an adversary, and the helper applications are usually too complex to be bug-free. This raises sig-niicant security concerns. Therefore, it is desirable to create a secure environment to contain untrusted helper applications. We propose to reduce the risk of a security breach by restricting the program's access to the operating system. In particular, we intercept and lter dangerous system calls via the Solaris process tracing facility. This enabled us to build a simple, clean, user-mode implementation of a secure environment for untrusted helper applications. Our implementation has negligible performance impact, and can protect pre-existing applications.
منابع مشابه
A Secure Environment for Untrusted Helper Applications (Confining the Wily Hacker)
Many popular programs, such as Netscape, use untrusted helper applications to process data from the network. Unfortunately, the unauthenticated network data they interpret could well have been created by an adversary, and the helper applications are usually too complex to be bug-free. This raises signi cant security concerns. Therefore, it is desirable to create a secure environment to contain ...
متن کاملA Secure Environment for Untrusted Helper Applications
Many popular programs, such as Netscape, use untrusted helper applications to process data from the network. Unfortunately, the unauthenticated network data they interpret could well have been created by an adversary, and the helper applications are usually too complex to be bug-free. This raises signi cant security concerns. Therefore, it is desirable to create a secure environment to contain ...
متن کاملFighting the Wily Hacker: Modeling Information Security Issues for On-line Financial Institutions using the SEAS Environment
متن کامل
Research Directions for Network Intrusion Recovery
One of the most significant unsolved problems for network managers and system administrators is how to repair a network infrastructure after discovering evidence of an extensive compromise. The technical issues are compounded by a breathtaking variety of human factors. We highlight lessons learned from three real, significant, and recent intrusion incidents. We do so as a way to expose the diff...
متن کاملHow to Securely Outsource Cryptographic Computations
We address the problem of using untrusted (potentially malicious) cryptographic helpers. We provide a formal security definition for securely outsourcing computations from a computationally limited device to an untrusted helper. In our model, the adversarial environment writes the software for the helper, but then does not have direct communication with it once the device starts relying on it. ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 1996