- Accetta, M., baron, R., Bolosky, W., Golub, D., Rashid, R., Tevanian, A., Young, M. Mach: A New Kernel Foundation for UNIX Development. 1986, 93--112.Google Scholar
- Burns, J. developing secure mobile applications for android. http://isecpartners.com/files/iSEC_Securing_Android_Apps.pdf, 2008.Google Scholar
- Campbell, K., Gordon, L., Loeb, M., Zhou, L. The economic cost of publicly announced information security breaches: empirical evidence from the stock market. J. Comp. Secur. 11, 3 (2003), 431--448. Google ScholarDigital Library
- Cheriton, D.R. The V distributed system. Commun. ACM 31 (1988), 314--333. Google ScholarDigital Library
- Cohen, F.B. defense-in-depth against computer viruses. Comp. Secur. 11, 6 (1993), 565--584. Google ScholarDigital Library
- Crawford, J. Gelsinger, P. Programming 80386. Sybex Inc. (1991).Google Scholar
- Denning, A. ActiveX Controls Inside Out. Microsoft Press (May 1997). Google ScholarDigital Library
- Directorate for Command, Control, Communications and Computer systems, U.S. Department of defense Joint staff. Information assurance through defense-in-depth. Technical report, directorate for Command, Control, Communications and Computer systems, U.S. Department of defense Joint staff, Feb. 2000.Google Scholar
- Douceur, J.R., Elson, J., Howell, J., Lorch, J.R. Leveraging legacy code to deploy desktop applications on the web. In Proceedings of the 2008 Symposium on Operating System Design and Implementation (December 2008). Google ScholarDigital Library
- Ford, B., Cox, R. Vx32: lightweight user-level sandboxing on the x86. In 2008 USENIX Annual Technical Conference (June 2008). Google ScholarDigital Library
- Goldberg, I., Wagner, D., Thomas, R., brewer, E.A. A secure enviroment for untrusted helper applications. In Proceedings of the 6th USENIX Security Symposium (1996). Google ScholarDigital Library
- Golub, D., Dean, A., Forin, R., Rashid, R. UNIX as an application program. In Proceedings of the Summer 1990 USENIX Conference (1990), 87--95.Google Scholar
- Joy, W., Cooper, E., Fabry, R., Leffler, S., McKusick, K., Mosher, D. 4.2 BSD system manual. Technical report, Computer systems research Group, university of California, Berkeley, 1983.Google Scholar
- Kaspersky, K., Chang, A. remote code execution through Intel CPU bugs. In Hack In The Box (HITB) 2008 Malaysia Conference.Google Scholar
- McCamant, S., Morrisett, G. Efficient, verifable binary sandboxing for a CISC architecture. Technical report MIT-CSAIL-TR-2005--030, 2005.Google Scholar
- McCamant, S., Morrisett, G. Evaluating SFI for a CISC architecture. In 15th USENIX Security Symposium (Aug. 2006). Google ScholarDigital Library
- Microsoft Corporation. Signing and checking code with Authenticode. http://msdn.microsoft.com/en-us/library/ms537364(VS.85).aspx.Google Scholar
- Microsoft Corporation. Structured exception handling. http://msdn.microsoft.com/en-us/library/ms680657(VS.85).aspx, 2008.Google Scholar
- Netscape Corporation. Gecko plugin API reference. http://developer.mozilla.org/en/docs/Gecko_Plugin_API_Reference.Google Scholar
- Provos, N. Improving host security with system call policies. In USENIX Security Symposium (Aug. 2003). Google ScholarDigital Library
- Reinders, J. Intel Thread Building Blocks. O'Reilly&Associates, 2007. Google ScholarDigital Library
- Savage, M. Cost of computer viruses top $10 billion already this year. ChannelWeb, Aug. 2001.Google Scholar
- Small, C. MiSFIT: A tool for constructing safe extensible C++ systems. In Proceedings of the Third USENIX Conference on Object-Oriented Technologies (June 1997). Google ScholarDigital Library
- Stroustrup, B. The C++ Programming Language: Second Edition. Addison-Wesley, 1997. Google ScholarDigital Library
- Tarreau, W. ptrace documentation. http://www.linuxhq.com/kernel/v2.4/36--rc1/Documentation/ptrace.txt, 2007.Google Scholar
- U. S. Department of defense, Computer security Center. trusted computer system evaluation criteria, Dec. 1985.Google Scholar
- Wahbe, R., Lucco, S., Anderson, T.E., Graham, S.L. Efficient software-based fault isolation. ACM SIGOPS Oper. Sys. Rev. 27, 5 (dec. 1993), 203--216. Google ScholarDigital Library
Index Terms
- Native Client: a sandbox for portable, untrusted x86 native code
Recommendations
Native Client: A Sandbox for Portable, Untrusted x86 Native Code
SP '09: Proceedings of the 2009 30th IEEE Symposium on Security and PrivacyThis paper describes the design, implementation and evaluation of Native Client, a sandbox for untrusted x86 native code. Native Client aims to give browser-based applications the computational performance of native applications without compromising ...
Comments