A Self-healing Component Sandbox for Untrustworthy Third Party Code Execution
نویسندگان
چکیده
This paper presents an architecture and implementation of a selfhealing sandbox for the execution of third party code dynamically loaded which may potentially put in risk application stability. By executing code in a fault contained sandbox, no faults are propagated to the trusted part of the application. The sandbox is monitored by a control loop that is able to predict and avoid known types of faults. If the sandbox crashes or hangs, it can be automatically recovered to normal activity without needing to stop the main application. A comparison between an implementation of the sandbox in a domain-based isolation and operating-system based isolation analyses performance overhead, memory footprint and sandbox reboot time in both approaches. The implementation has been tested in a simulation of an RFID and sensor-based application.
منابع مشابه
NaClDroid: Native Code Isolation for Android Applications
Android apps frequently incorporate third-party libraries that contain native code; this not only facilitates rapid application development and distribution, but also provides new ways to generate revenue. As a matter of fact, one in two apps in Google Play are linked with a library providing ad network services. However, linking applications with third-party code can have severe security impli...
متن کاملTyped-based verification of Web sandboxes
Web pages routinely incorporate JavaScript code from third-party sources. However, all code in a page runs in the same security context, regardless of provenance. When Web pages incorporate third-party JavaScript without any checks, as many do, they open themselves to attack. A third-party can trivially inject malicious JavaScript into such a page, causing all manner of harm. Several such attac...
متن کاملInglorious Installers: Security in the Application Marketplace
From mobile phones to social networks, installing and running third-party applications can be risky. Installing applications often requires running unverified, untrustworthy code with the privilege of a system administrator, allowing it to compromise the security of user data and the operating system. Once installed, applications on most platforms can access anything that a user can: a web brow...
متن کاملPractical Software Diversification Using In-Place Code Randomization
The wide adoption of non-executable page protections has given rise to attacks that employ return-oriented programming (ROP) to achieve arbitrary code execution without the injection of any code. Existing defenses against ROP exploits either require source code or symbolic debugging information, or impose a significant runtime overhead, which limits their applicability for the protection of thi...
متن کاملTrust Revelation in Multiagent Interaction
We analyze untrustworthy interactions, that is, interactions in which a party may fail to carry out its obligations. Such interactions pose agents with the problem of how to estimate the trustworthiness of the other party. The efficiency of untrustworthy interactions critically depends on the amount and the nature of information about untrustworthy agents. We propose a solution to the problem o...
متن کامل