Static approach to operating system security II

Researcher(s): Karl Crary

Research Area: Available and Secure Computing Systems

Abstract

A Static Approach to Operating System Security II

In today's operating systems, protection is provided by dynamic checking, buttressed by hardware-based mechanisms. Roughly speaking, an operating system monitors the activities of applications, and if an application performs a disallowed operation (such as writing outside its address space), the application is terminated. We argue that the basic protection mechanisms of the operating system can instead be provided more reliably and flexibly by static checking of applications.

Furthermore, such a static checking regime can be leveraged to go beyond basic protection and provide high confidence in the system's overall security.

Copyright (c) 2009 Carnegie Mellon CyLab Partner Login | Carnegie Mellon Home
All Rights Reserved. Privacy Policy