论文信息 - The Safe-Tcl Security Model

The Safe-Tcl Security Model

Safe-Tcl is a mechanism for controlling the execution of programs written in the Tcl scripting language. It allows untrusted scripts (applets) to be executed while preventing damage to the environment or leakage of private information. Safe-Tcl uses a padded cell approach: each applet is isolated in a safe interpreter where it cannot interact directly with the rest of the application. The execution environment of an applet is controlled by a trusted script running in a master interpreter. Safe-Tcl supports applets using multiple security policies within an application. These policies determine what an applet can do, based on the degree to which the applet is trusted. Safe-Tcl separates security management into well-defined phases that are geared towards the party responsible for each aspect of security.

[1] B. Lampson,et al. Authentication in distributed systems: theory and practice , 1991, TOCS.

[2] Robert Wahbe,et al. Efficient software-based fault isolation , 1994, SOSP '93.

[3] John K. Ousterhout,et al. Tcl and the Tk Toolkit , 1994 .

[4] Ronald L. Rivest,et al. The MD5 Message-Digest Algorithm , 1992, RFC.

[5] Butler W. Lampson,et al. Authentication in distributed systems , 1993 .

[6] Ken Arnold,et al. The Java Programming Language , 1996 .

[7] Butler W. Lampson,et al. A note on the confinement problem , 1973, CACM.

[8] David Alan Hanson,et al. Data security , 1979, ACM-SE 17.

[9] Martín Abadi,et al. Authentication in distributed systems: theory and practice , 1991, SOSP '91.

[10] Nathaniel S. Borenstein,et al. EMail With A Mind of Its Own: The Safe-Tcl Language for Enabled Mail , 1994, ULPAA.

[11] Peter Pipe,et al. Practical Programming , 1966 .

[12] Brent B Welch,et al. Practical Programming in Tcl and Tk , 1999 .

[13] Frank Yellin,et al. Low Level Security in Java , 1995, WWW.

[14] Hemma Prafullchandra,et al. Going Beyond the Sandbox: An Overview of the New Security Architecture in the Java Development Kit 1.2 , 1997, USENIX Symposium on Internet Technologies and Systems.