HP Labs Technical Reports

Click here for full text: PDF

Providing Secure Environments for Untrusted Network Applications: with Case Studies Using VirtualVault and Trusted Sendmail Proxy

Zhong, Qun


Keyword(s): internet/intranet security; secure environment; untrusted application; sandbox; compartmented mode workstation

Abstract: Bugs in network application programs can be exploited to compromise the system on which the application is running. When running these applications in an unsafe environment such as the Internet, the security concerns raised are a significant barrier to electronic commerce. In addition, these application programs such as web servers, mailservers, etc., are usually too big and complex to be bug free; trying to build security directly into these applications has been proven very difficult. The purpose of the paper is to demonstrate that Compartmented Mode Workstation is a suitable platform to provide a secure environment that can contain most existing network applications. We describe how to wrap these applications to reduce the potential for a security breach without the need to rewrite the application completely. By minimizing the effort of transferring unsafe application services to be reasonably secure, we are able to accelerate the process of electronic commerce.

12 Pages

Back to Index

[Research] [News] [Tech Reports] [Palo Alto] [Bristol] [Japan] [Israel] [Site Map] [Home] [Hewlett-Packard]