Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security 2015
DOI: 10.1145/2810103.2813611
|View full text |Cite
|
Sign up to set email alerts
|

Clean Application Compartmentalization with SOAAP

Abstract: Application compartmentalization, a vulnerability mitigation technique employed in programs such as OpenSSH and the Chromium web browser, decomposes software into isolated components to limit privileges leaked or otherwise available to attackers. However, compartmentalizing applications -and maintaining that compartmentalization -is hindered by ad hoc methodologies and significantly increased programming effort. In practice, programmers stumble through (rather than overtly reason about) compartmentalization sp… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1

Citation Types

0
55
0

Year Published

2016
2016
2022
2022

Publication Types

Select...
4
2
1

Relationship

0
7

Authors

Journals

citations
Cited by 60 publications
(65 citation statements)
references
References 20 publications
0
55
0
Order By: Relevance
“…Unfortunately, compartmentalizing existing apps is, in general, a hard problem [65], since components might share a state, and requires app developers to adopt distributed app development to build logical apps consisting of different processes connected via message passing. Ideally, app developers should be supported in this task of compartmentalizing their apps, for instance through new tools and frameworks [26]. Android apps are not different in this regard.…”
Section: B Security Evaluation Of Kontalkmentioning
confidence: 99%
“…Unfortunately, compartmentalizing existing apps is, in general, a hard problem [65], since components might share a state, and requires app developers to adopt distributed app development to build logical apps consisting of different processes connected via message passing. Ideally, app developers should be supported in this task of compartmentalizing their apps, for instance through new tools and frameworks [26]. Android apps are not different in this regard.…”
Section: B Security Evaluation Of Kontalkmentioning
confidence: 99%
“…In addition to developing a high-performance compartmentalization mode, we have also explored how software static analysis can assist programmers in reasoning about decomposing software in order to accomplish mitigation objectives [4].…”
Section: Software Compartmentalizationmentioning
confidence: 99%
“…Although others have presented details of TEEs [13,14,[23][24][25], tools for automatically partitioning applications [26] and tools for evaluating compartmentalisation schemes [27], to the best of our knowledge, we are the first to present a systematisation of partitioning schemes.…”
Section: Introductionmentioning
confidence: 99%