Exploring Compartmentalisation Hypotheses with SOAAP

Application compartmentalisation decomposes software into sandboxed components in order to mitigate security vulnerabilities, and has proven effective in limiting the impact of compromise. However, experience has shown that adapting existing C-language software is difficult, often leading to problems with correctness, performance, complexity, and most critically, security. Security-Oriented Analysis of Application Programs (SOAAP) is an in-progress research project into new semi-automated techniques to support compartmentalisation. SOAAP employs a variety of static and dynamic approaches, driven by source code annotations termed compartmentalisation hypotheses, to help programmers evaluate strategies for compartmentalising existing software.

[1]  Stephen Smalley,et al.  Integrating Flexible Support for Security Policies into the Linux Operating System , 2001, USENIX Annual Technical Conference, FREENIX Track.

[2]  William A. Wulf,et al.  Policy/mechanism separation in Hydra , 1975, SOSP.

[3]  Robert N. M. Watson,et al.  Capsicum: Practical Capabilities for UNIX , 2010, USENIX Security Symposium.

[4]  David A. Wagner,et al.  Joe-E: A Security-Oriented Subset of Java , 2010, NDSS.

[5]  William R. Harris,et al.  Secure Programming as a Parity Game , 2011 .

[6]  Bradford Nichols,et al.  Pthreads programming , 1996 .

[7]  Mark Handley,et al.  Wedge: Splitting Applications into Reduced-Privilege Compartments , 2008, NSDI.

[8]  David Brumley,et al.  Privtrans: Automatically Partitioning Programs for Privilege Separation , 2004, USENIX Security Symposium.

[9]  Shirley M. Radack,et al.  National Vulnerability Database: Helping Information Technology System Users and Developers Find Current Information about Cyber Security Vulnerabilities | NIST , 2005 .

[10]  Paul A. Karger,et al.  Limiting the Damage Potential of Discretionary Trojan Horses , 1987, 1987 IEEE Symposium on Security and Privacy.

[11]  Douglas Kilpatrick,et al.  Privman: A Library for Partitioning Applications , 2003, USENIX Annual Technical Conference, FREENIX Track.

[12]  Peter G. Neumann,et al.  CHERI: a research platform deconflating hardware virtualisation and protection , 2012 .

[13]  Niels Provos,et al.  Preventing Privilege Escalation , 2003, USENIX Security Symposium.

[14]  Charles Reis,et al.  Isolating web programs in modern browser architectures , 2009, EuroSys '09.

[15]  Steven Hand,et al.  Privilege separation made easy: trusting small libraries not big processes , 2008, EUROSEC '08.