HP Labs Technical Reports

Click here for full text: PDF

Operating System Support for the Sandbox Method and Its Application on Mobile Code Security

Zhong, Qun; Edwards, Nigel; Rees, Owen


Keyword(s): mobile code security; sandbox; compartmented mode workstation; reference monitor

Abstract: This paper discusses the problems arising when developing secure applications from both the security and the system engineering points of view. This paper demonstrates how Mandatory Access Control and the related privilege management mechanism can solve these problems by providing the non-bypassable security reference monitors to sandbox unsafe applications and by shifting the responsibilities of managing the security from the end-user to the security administrator. It introduces one of the available operating systems that provide these security features. It also describes how to use these features to solve the problems of implementing and using mobile code security through the example of a secure browser architecture we have implemented.

11 Pages

Back to Index

[Research] [News] [Tech Reports] [Palo Alto] [Bristol] [Japan] [Israel] [Site Map] [Home] [Hewlett-Packard]