Title :
Hardening COTS software with generic software wrappers
Author :
Fraser, Timothy ; Badger, Lee ; Feldman, Mark
Author_Institution :
TIS Labs., Network Assoc. Inc., Glenwood, MD, USA
Abstract :
Numerous techniques exist to augment the security functionality of commercial off-the-shelf (COTS) applications and operating systems, making them more suitable for use in mission-critical systems. Although individually useful, as a group these techniques present difficulties to system developers because they are not based on a common framework which might simplify integration and promote portability and reuse. The paper presents techniques for developing Generic Software Wrappers-protected, non-bypassable kernel-resident software extensions for augmenting security without modification of COTS source. We describe the key elements of our work: our high-level Wrapper Definition Language (WDL), and our framework for configuring, activating, and managing wrappers. We also discuss code reuse, automatic management of extensions, a framework for system-building through composition, platform-independence, and our experiences with our Solaris and FreeBSD prototypes
Keywords :
high level languages; network operating systems; safety-critical software; security of data; software portability; software reusability; COTS software; COTS source; FreeBSD prototypes; Solaris; automatic management; code reuse; commercial off-the-shelf applications; generic software wrappers; high-level Wrapper Definition Language; mission-critical systems; non-bypassable kernel-resident software extensions; operating systems; platform-independence; security functionality; system developers; Access control; Application software; Contracts; Costs; Data security; Intrusion detection; Mission critical systems; Operating systems; Protection; Prototypes;
Conference_Titel :
Security and Privacy, 1999. Proceedings of the 1999 IEEE Symposium on
Conference_Location :
Oakland, CA
Print_ISBN :
0-7695-0176-1
DOI :
10.1109/SECPRI.1999.766713
