Security in Computing (3rd Edition)

Info icon This preview shows pages 1–2. Sign up to view the full content.

View Full Document Right Arrow Icon
CS 161 Computer Security Fall 2005 Joseph/Tygar/Vazirani/Wagner Notes 30 1 Isolation The topic for today is isolation . A program is isolated if it cannot affect other programs on the system. Thus, isolation refers to an inability to causally influence other programs on the system. Isolation is related to some topics we have seen before, such as access control. One difference is that access control is a mechanism for enforcing some security policy (a means to an end), whereas isolation is a security goal (the end itself). Isolation is also related to previous lectures on virtual memory and memory protection. The difference is that virtual memory seeks to provide only memory isolation between processes (each process receives a disjoint address spaces and cannot affect other processes through memory reads and writes). Memory protection does not prevent other kinds of influence, such as opening an IPC connection from one process to another. When we want to isolate a process, we want to isolate against all influences, so memory protection alone is not enough. What are the applications of isolation? Here are a few. • I run across a cool piece of software that will draw dancing pigs on the screen, and I want to download it and try it, but I don’t know whether I can trust the developer. It would be great to be able to run it in an isolated environment, where it cannot harm the rest of my machine even if it contains malicious code or bugs. This is often known as the sandboxing problem. We want to give the downloaded software its own little sandbox where it can do whatever it wants, as long as it doesn’t escape the sandbox. If it tries to do anything disruptive, the effect will be limited to its sandbox, so the worst that can happen is it will disrupt itself. • I want to display a MS Word file that someone emailed me, but I don’t want it to be able to infect my machine with a macro virus. It would be great if I could run an sandboxed instance of MS Word to view just this document, with no fear that it will trash my other Word documents. • I’m designing a complicated software application. Following the principle of least privilege, I want to decompose the application into multiple pieces. Each piece should be isolated from the others, so that if one piece is penetrated, the integrity of the others will be preserved. Soon I will start to show you a number of different ways to try to enforce a policy of isolation, but first let’s explore the software decomposition issue a bit more to understand some of the requirements. 2 Decomposing Software for Security I’ve talked before about the relevance of modularity to application security, but let me now show you how to select a decomposition of your system into modules that will be helpful for security.
Image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 2
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern