Evaluating SFI for a CISC Architecture

  title={Evaluating SFI for a CISC Architecture},
  author={Stephen McCamant and J. Gregory Morrisett},
  booktitle={USENIX Security Symposium},
Executing untrusted code while preserving security requires that the code be prevented from modifying memory or executing instructions except as explicitly allowed. Software-based fault isolation (SFI) or “sandboxing” enforces such a policy by rewriting the untrusted code at the instruction level. However, the original sandboxing technique of Wahbe et al. is applicable only to RISC architectures, and most other previous work is either insecure, or has been not described in enough detail to give… CONTINUE READING
Highly Influential
This paper has highly influenced 33 other papers. REVIEW HIGHLY INFLUENTIAL CITATIONS
Highly Cited
This paper has 190 citations. REVIEW CITATIONS
129 Citations
36 References
Similar Papers


Publications citing this paper.

190 Citations

Citations per Year
Semantic Scholar estimates that this publication has 190 citations based on the available data.

See our FAQ for additional information.


Publications referenced by this paper.
Showing 1-10 of 36 references

Venkatakrishnan . SELF : a transparent security extension for ELF binaries

  • Daniel C. DuVarney, Sandeep Bhatkar, N. V.
  • Proceedings of the 2003 New Security Paradigms…
  • 2006

Levy . Improving the reliability of commodity operating systems

  • Michael M. Swift, Brian N. Bershad, M. Henry
  • 2003

Similar Papers

Loading similar papers…