Clean Application Compartmentalization with SOAAP

@inproceedings{Gudka2015CleanAC,
  title={Clean Application Compartmentalization with SOAAP},
  author={Khilan Gudka and Robert N. M. Watson and Jonathan Anderson and David Chisnall and Brooks Davis and Ben Laurie and Ilias Marinos and Peter G. Neumann and Alex Richardson},
  booktitle={CCS '15},
  year={2015}
}
  • Khilan Gudka, Robert N. M. Watson, +6 authors Alex Richardson
  • Published in CCS '15 2015
  • Computer Science
  • Application compartmentalization, a vulnerability mitigation technique employed in programs such as OpenSSH and the Chromium web browser, decomposes software into isolated components to limit privileges leaked or otherwise available to attackers. However, compartmentalizing applications -- and maintaining that compartmentalization -- is hindered by ad hoc methodologies and significantly increased programming effort. In practice, programmers stumble through (rather than overtly reason about… CONTINUE READING

    Create an AI-powered research feed to stay up to date with new papers like this posted to ArXiv

    Citations

    Publications citing this paper.
    SHOWING 1-10 OF 30 CITATIONS

    Program-mandering: Quantitative Privilege Separation

    VIEW 5 EXCERPTS
    CITES BACKGROUND & METHODS
    HIGHLY INFLUENCED

    The Quest for Formally Secure Compartmentalizing Compilation

    VIEW 8 EXCERPTS
    CITES METHODS & BACKGROUND
    HIGHLY INFLUENCED

    When Good Components Go Bad: Formally Secure Compilation Despite Dynamic Compromise

    VIEW 4 EXCERPTS
    CITES BACKGROUND
    HIGHLY INFLUENCED

    Beyond Good and Evil: Formalizing the Security Guarantees of Compartmentalizing Compilation

    VIEW 6 EXCERPTS
    CITES METHODS & BACKGROUND
    HIGHLY INFLUENCED

    References

    Publications referenced by this paper.
    SHOWING 1-7 OF 7 REFERENCES

    ThinLTO: A Fine-Grained Demand-Driven Infrastructure

    • X.D.L. Teresa Johnson
    • EuroLLVM
    • 2015
    VIEW 9 EXCERPTS
    HIGHLY INFLUENTIAL

    LLVM: a compilation framework for lifelong program analysis & transformation

    VIEW 19 EXCERPTS
    HIGHLY INFLUENTIAL

    Privman: A Library for Partitioning Applications

    VIEW 5 EXCERPTS
    HIGHLY INFLUENTIAL

    The spring nucleus: a microkernel for objects

    VIEW 4 EXCERPTS
    HIGHLY INFLUENTIAL

    Preventing Privilege Escalation

    VIEW 5 EXCERPTS
    HIGHLY INFLUENTIAL