HP Labs Technical Reports
Click here for full text:
Operating System Support for the Sandbox Method and Its Application on Mobile Code Security
Zhong, Qun; Edwards, Nigel; Rees, Owen
Keyword(s): mobile code security; sandbox; compartmented mode workstation; reference monitor
Abstract: This paper discusses the problems arising when developing secure applications from both the security and the system engineering points of view. This paper demonstrates how Mandatory Access Control and the related privilege management mechanism can solve these problems by providing the non-bypassable security reference monitors to sandbox unsafe applications and by shifting the responsibilities of managing the security from the end-user to the security administrator. It introduces one of the available operating systems that provide these security features. It also describes how to use these features to solve the problems of implementing and using mobile code security through the example of a secure browser architecture we have implemented.
Back to Index