• DocumentCode
    1956804
  • Title

    Exploring Compartmentalisation Hypotheses with SOAAP

  • Author

    Gudka, K. ; Watson, R.N.M. ; Hand, Steve ; Laurie, Ben ; Madhavapeddy, A.

  • Author_Institution
    Univ. of Cambridge, Cambridge, UK
  • fYear
    2012
  • fDate
    10-14 Sept. 2012
  • Firstpage
    23
  • Lastpage
    30
  • Abstract
    Application compartmentalisation decomposes software into sandboxed components in order to mitigate security vulnerabilities, and has proven effective in limiting the impact of compromise. However, experience has shown that adapting existing C-language software is difficult, often leading to problems with correctness, performance, complexity, and most critically, security. Security-Oriented Analysis of Application Programs (SOAAP) is an in-progress research project into new semi-automated techniques to support compartmentalisation. SOAAP employs a variety of static and dynamic approaches, driven by source code annotations termed compartmentalisation hypotheses, to help programmers evaluate strategies for compartmentalising existing software.
  • Keywords
    application program interfaces; security of data; software engineering; C-language software; SOAAP; compartmentalisation hypothesis; security vulnerability; security-oriented analysis of application program; software complexity; software correctness; software decomposition; software performance; software security; source code annotation; Privilege separation; capability system; compartmentalisation; object capabilities; program analysis; sandbox;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Self-Adaptive and Self-Organizing Systems Workshops (SASOW), 2012 IEEE Sixth International Conference on
  • Conference_Location
    Lyon
  • Print_ISBN
    978-1-4673-5153-9
  • Type

    conf

  • DOI
    10.1109/SASOW.2012.14
  • Filename
    6498375
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1956804