Bennet S. Yee, D. Sehr, Gregory Dardyk, J. B. Chen, R. Muth, Tavis Ormandy, S. Okasaka, Neha Narula, Nicholas Fullagar
{"title":"Native Client: A Sandbox for Portable, Untrusted x86 Native Code","authors":"Bennet S. Yee, D. Sehr, Gregory Dardyk, J. B. Chen, R. Muth, Tavis Ormandy, S. Okasaka, Neha Narula, Nicholas Fullagar","doi":"10.1145/1629175.1629203","DOIUrl":null,"url":null,"abstract":"This paper describes the design, implementation and evaluation of Native Client, a sandbox for untrusted x86 native code. Native Client aims to give browser-based applications the computational performance of native applications without compromising safety. Native Client uses software fault isolation and a secure runtime to direct system interaction and side effects through interfaces managed by Native Client. Native Client provides operating system portability for binary code while supporting performance-oriented features generally absent from web application programming environments, such as thread support, instruction set extensions such as SSE, and use of compiler intrinsics and hand-coded assembler. We combine these properties in an open architecture that encourages community review and 3rd-party tools.","PeriodicalId":161757,"journal":{"name":"2009 30th IEEE Symposium on Security and Privacy","volume":"7 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"727","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 30th IEEE Symposium on Security and Privacy","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1629175.1629203","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 727
Abstract
This paper describes the design, implementation and evaluation of Native Client, a sandbox for untrusted x86 native code. Native Client aims to give browser-based applications the computational performance of native applications without compromising safety. Native Client uses software fault isolation and a secure runtime to direct system interaction and side effects through interfaces managed by Native Client. Native Client provides operating system portability for binary code while supporting performance-oriented features generally absent from web application programming environments, such as thread support, instruction set extensions such as SSE, and use of compiler intrinsics and hand-coded assembler. We combine these properties in an open architecture that encourages community review and 3rd-party tools.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
