Bannet, 2005 - Google Patents
Soft boundaries for statically enforceable protection domainsBannet, 2005
- Document ID
- 5037803309639584693
- Author
- Bannet J
- Publication year
External Links
Snippet
As safe languages, such as Java, find themselves leveraged to run larger, multi-task applications, many of the security concerns historically solved by hardware enforced protection domains are again sneaking their way into code. Previous schemes to enforce …
- 230000004224 protection 0 title abstract description 56
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/46—Multiprogramming arrangements
- G06F9/468—Specific access rights for resources, e.g. using capability register
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/44—Arrangements for executing specific programmes
- G06F9/4421—Execution paradigms
- G06F9/4428—Object-oriented
- G06F9/443—Object-oriented method invocation or resolution
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/46—Multiprogramming arrangements
- G06F9/54—Interprogramme communication; Intertask communication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for programme control, e.g. control unit
- G06F9/06—Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
- G06F9/44—Arrangements for executing specific programmes
- G06F9/455—Emulation; Software simulation, i.e. virtualisation or emulation of application or operating system execution engines
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material
- G06F21/12—Protecting executable software
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2145—Inheriting rights or properties, e.g., propagation of permissions or restrictions within a hierarchy
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/70—Software maintenance or management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Krohn et al. | Information flow control for standard OS abstractions | |
| Balasubramanian et al. | System programming in rust: Beyond safety | |
| Mettler et al. | Joe-E: A Security-Oriented Subset of Java. | |
| Ghormley et al. | SLIC: An Extensibility System for Commodity Operating Systems. | |
| Cho | A Framework for Alternate Queueing: Towards Traffic Management by PC-UNIX Based Routers. | |
| Cugola et al. | Analyzing mobile code languages | |
| Cheng et al. | Abstractions for usable information flow control in Aeolus | |
| Hunt et al. | Sealing OS processes to improve dependability and safety | |
| Engler | The Exokernel operating system architecture | |
| Arden et al. | Sharing mobile code securely with information flow control | |
| Findlay et al. | Bpfbox: Simple precise process confinement with ebpf | |
| Wallach | A new approach to mobile code security | |
| Stefan et al. | Flexible dynamic information flow control in the presence of exceptions | |
| Clarke et al. | Saving the world from bad beans: Deployment-time confinement checking | |
| Cappos et al. | Retaining sandbox containment despite bugs in privileged memory-safe code | |
| Hosek et al. | Safeweb: A middleware for securing ruby-based web applications | |
| Austin et al. | Multiple facets for dynamic information flow with exceptions | |
| Porter et al. | Practical fine-grained information flow control using laminar | |
| Hashii et al. | Supporting reconfigurable security policies for mobile programs | |
| Watson | New approaches to operating system security extensibility | |
| Sterbenz | An evaluation of the java security model | |
| Bannet | Soft boundaries for statically enforceable protection domains | |
| De Nicola et al. | Confining data and processes in global computing applications | |
| Espenlaub | Design of the SPEEDOS operating system kernel | |
| Askar et al. | MALintent: Coverage Guided Intent Fuzzing Framework for Android |