SASI enforcement of security policies: a retrospective

@article{Erlingsson2000SASIEO,
  title={SASI enforcement of security policies: a retrospective},
  author={{\'U}lfar Erlingsson and Fred B. Schneider},
  journal={Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00},
  year={2000},
  volume={2},
  pages={287-295 vol.2}
}
SASI (Security Automata SFI Implementation) enforces security policies by modifying object code for a target system before that system is executed. The approach has been prototyped for two rather different machine architectures: Intel x86 and Java JVML. Details of these prototypes and some generalizations about the SASI approach are discussed. 

Similar Papers

Citations

Publications citing this paper.
SHOWING 1-10 OF 305 CITATIONS

Formal Enforcement of Security Policies : An Algebraic Approach

VIEW 6 EXCERPTS
CITES BACKGROUND
HIGHLY INFLUENCED

A Systematic Survey of Self-Protecting Software Systems

VIEW 8 EXCERPTS
CITES BACKGROUND & METHODS
HIGHLY INFLUENCED

Separating access control policy, enforcement, and functionality in extensible systems

  • ACM Trans. Comput. Syst.
  • 2001
VIEW 6 EXCERPTS
CITES METHODS & RESULTS
HIGHLY INFLUENCED

A PEP-PDP Architecture to Monitor and Enforce Security Policies in Java Applications

  • 2013 International Conference on Availability, Reliability and Security
  • 2013
VIEW 5 EXCERPTS
CITES BACKGROUND
HIGHLY INFLUENCED

A Proof Carrying Code Framework for Inlined Reference Monitors in Java Bytecode

VIEW 4 EXCERPTS
CITES METHODS & BACKGROUND
HIGHLY INFLUENCED

BrowserShield: Vulnerability-driven filtering of dynamic HTML

VIEW 14 EXCERPTS
CITES BACKGROUND, METHODS & RESULTS
HIGHLY INFLUENCED

FILTER CITATIONS BY YEAR

1999
2019

CITATION STATISTICS

  • 40 Highly Influenced Citations

  • Averaged 6 Citations per year from 2017 through 2019

References

Publications referenced by this paper.
SHOWING 1-10 OF 13 REFERENCES

Policy-directed code safety

VIEW 5 EXCERPTS
HIGHLY INFLUENTIAL

A tool for constructing safe extensible C++ systems

C. Small
  • InProc. 3rd Conference on Object-Oriented Technologies and Systems
  • 1997
VIEW 4 EXCERPTS
HIGHLY INFLUENTIAL

History-Based Access Control for Mobile Code

  • ACM Conference on Computer and Communications Security
  • 1998
VIEW 2 EXCERPTS

A Comparison of OS Extension Technologies

  • USENIX Annual Technical Conference
  • 1996
VIEW 1 EXCERPT