{"title":"用通用软件包装器加固COTS软件","authors":"T. Fraser, L. Badger, M. Feldman","doi":"10.1109/SECPRI.1999.766713","DOIUrl":null,"url":null,"abstract":"Numerous techniques exist to augment the security functionality of commercial off-the-shelf (COTS) applications and operating systems, making them more suitable for use in mission-critical systems. Although individually useful, as a group these techniques present difficulties to system developers because they are not based on a common framework which might simplify integration and promote portability and reuse. The paper presents techniques for developing Generic Software Wrappers-protected, non-bypassable kernel-resident software extensions for augmenting security without modification of COTS source. We describe the key elements of our work: our high-level Wrapper Definition Language (WDL), and our framework for configuring, activating, and managing wrappers. We also discuss code reuse, automatic management of extensions, a framework for system-building through composition, platform-independence, and our experiences with our Solaris and FreeBSD prototypes.","PeriodicalId":204019,"journal":{"name":"Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344)","volume":"81 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1999-05-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"259","resultStr":"{\"title\":\"Hardening COTS software with generic software wrappers\",\"authors\":\"T. Fraser, L. Badger, M. Feldman\",\"doi\":\"10.1109/SECPRI.1999.766713\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Numerous techniques exist to augment the security functionality of commercial off-the-shelf (COTS) applications and operating systems, making them more suitable for use in mission-critical systems. Although individually useful, as a group these techniques present difficulties to system developers because they are not based on a common framework which might simplify integration and promote portability and reuse. The paper presents techniques for developing Generic Software Wrappers-protected, non-bypassable kernel-resident software extensions for augmenting security without modification of COTS source. We describe the key elements of our work: our high-level Wrapper Definition Language (WDL), and our framework for configuring, activating, and managing wrappers. We also discuss code reuse, automatic management of extensions, a framework for system-building through composition, platform-independence, and our experiences with our Solaris and FreeBSD prototypes.\",\"PeriodicalId\":204019,\"journal\":{\"name\":\"Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344)\",\"volume\":\"81 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1999-05-09\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"259\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SECPRI.1999.766713\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SECPRI.1999.766713","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Hardening COTS software with generic software wrappers
Numerous techniques exist to augment the security functionality of commercial off-the-shelf (COTS) applications and operating systems, making them more suitable for use in mission-critical systems. Although individually useful, as a group these techniques present difficulties to system developers because they are not based on a common framework which might simplify integration and promote portability and reuse. The paper presents techniques for developing Generic Software Wrappers-protected, non-bypassable kernel-resident software extensions for augmenting security without modification of COTS source. We describe the key elements of our work: our high-level Wrapper Definition Language (WDL), and our framework for configuring, activating, and managing wrappers. We also discuss code reuse, automatic management of extensions, a framework for system-building through composition, platform-independence, and our experiences with our Solaris and FreeBSD prototypes.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
