[go: up one dir, main page]

Zhong, 1997 - Google Patents

Providing secure environments for untrusted network applications-with case studies using VirtualVault and Trusted Sendmail Proxy

Zhong, 1997

View PDF
Document ID
17297471940660952974
Author
Zhong Q
Publication year
Publication venue
Proceedings of IEEE 6th Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises

External Links

Snippet

Bugs in network application programs can be exploited to compromise the system on which the application is running. When running these applications in an unsafe environment such as the Internet, the security concerns raised are a significant barrier to electronic commerce …
Continue reading at swh.princeton.edu (PDF) (other versions)

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for programme control, e.g. control unit
    • G06F9/06Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
    • G06F9/46Multiprogramming arrangements
    • G06F9/54Interprogramme communication; Intertask communication
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for programme control, e.g. control unit
    • G06F9/06Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
    • G06F9/46Multiprogramming arrangements
    • G06F9/468Specific access rights for resources, e.g. using capability register
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2119Authenticating web pages, e.g. with suspicious links
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for programme control, e.g. control unit
    • G06F9/06Arrangements for programme control, e.g. control unit using stored programme, i.e. using internal store of processing equipment to receive and retain programme
    • G06F9/44Arrangements for executing specific programmes
    • G06F9/455Emulation; Software simulation, i.e. virtualisation or emulation of application or operating system execution engines
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • G06F21/6263Protecting personal data, e.g. for financial or medical purposes during internet communication, e.g. revealing personal data from cookies
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRICAL DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/07Indexing scheme relating to G06F21/10, protecting distributed programs or content
    • G06F2221/0722Content
    • G06F2221/0737Traceability

Similar Documents

Publication Publication Date Title
US6684329B1 (en) System and method for increasing the resiliency of firewall systems
Loscocco et al. The inevitability of failure: The flawed assumption of security in modern computing environments
US6584508B1 (en) Advanced data guard having independently wrapped components
Rubin et al. Mobile code security
Walker et al. Confining root programs with domain and type enforcement (DTE)
Nguyen-Tuong et al. Automatically hardening web applications using precise tainting
US5896499A (en) Embedded security processor
EP0787397B1 (en) System and method for providing secure internetwork services
US20150047021A1 (en) Systems and Methods for Providing Real Time Access Monitoring of a Removable Media Device
Zhong et al. Security control for COTS components
Balfanz et al. Windowbox: A simple security model for the connected desktop
Zhong Providing secure environments for untrusted network applications-with case studies using VirtualVault and Trusted Sendmail Proxy
Fenzi et al. Linux security HOWTO
Hogan Protection imperfect: The security of some computing environments
Oostendorp et al. Domain and type enforcement firewalls
Blanc et al. Piga-hips: Protection of a shared hpc cluster
Balfanz et al. A Java filter
Thomsen Type Enforcement: the new security model
Stefanek Information security best practices: 205 basic rules
Hopwood A comparison between java and activeX security
Kahn Safe Use of X Window System Protocol Across a Firewall.
Lam et al. Secure Mobile Code Execution Service.
Epstein et al. Using operating system wrappers to increase the resiliency of commercial firewalls
Zhong et al. Security risk control of COTS-based applications
Sebes et al. The Triad System: the Design of a Distributed, Real-Time, Trusted System