research-article

Free access

Native Client: a sandbox for portable, untrusted x86 native code

Authors:

Nicholas FullagarAuthors Info & Claims

Communications of the ACM, Volume 53, Issue 1

Pages 91 - 99

https://doi.org/10.1145/1629175.1629203

Published: 01 January 2010 Publication History

All formats PDF

References

[1]

Accetta, M., baron, R., Bolosky, W., Golub, D., Rashid, R., Tevanian, A., Young, M. Mach: A New Kernel Foundation for UNIX Development. 1986, 93--112.

Google Scholar

[2]

Burns, J. developing secure mobile applications for android. http://isecpartners.com/files/iSEC_Securing_Android_Apps.pdf, 2008.

Google Scholar

[3]

Campbell, K., Gordon, L., Loeb, M., Zhou, L. The economic cost of publicly announced information security breaches: empirical evidence from the stock market. J. Comp. Secur. 11, 3 (2003), 431--448.

Digital Library

Google Scholar

[4]

Cheriton, D.R. The V distributed system. Commun. ACM 31 (1988), 314--333.

Digital Library

Google Scholar

[5]

Cohen, F.B. defense-in-depth against computer viruses. Comp. Secur. 11, 6 (1993), 565--584.

Digital Library

Google Scholar

[6]

Crawford, J. Gelsinger, P. Programming 80386. Sybex Inc. (1991).

Google Scholar

[7]

Denning, A. ActiveX Controls Inside Out. Microsoft Press (May 1997).

Digital Library

Google Scholar

[8]

Directorate for Command, Control, Communications and Computer systems, U.S. Department of defense Joint staff. Information assurance through defense-in-depth. Technical report, directorate for Command, Control, Communications and Computer systems, U.S. Department of defense Joint staff, Feb. 2000.

Google Scholar

[9]

Douceur, J.R., Elson, J., Howell, J., Lorch, J.R. Leveraging legacy code to deploy desktop applications on the web. In Proceedings of the 2008 Symposium on Operating System Design and Implementation (December 2008).

Digital Library

Google Scholar

[10]

Ford, B., Cox, R. Vx32: lightweight user-level sandboxing on the x86. In 2008 USENIX Annual Technical Conference (June 2008).

Digital Library

Google Scholar

[11]

Goldberg, I., Wagner, D., Thomas, R., brewer, E.A. A secure enviroment for untrusted helper applications. In Proceedings of the 6th USENIX Security Symposium (1996).

Digital Library

Google Scholar

[12]

Golub, D., Dean, A., Forin, R., Rashid, R. UNIX as an application program. In Proceedings of the Summer 1990 USENIX Conference (1990), 87--95.

Google Scholar

[13]

Joy, W., Cooper, E., Fabry, R., Leffler, S., McKusick, K., Mosher, D. 4.2 BSD system manual. Technical report, Computer systems research Group, university of California, Berkeley, 1983.

Google Scholar

[14]

Kaspersky, K., Chang, A. remote code execution through Intel CPU bugs. In Hack In The Box (HITB) 2008 Malaysia Conference.

Google Scholar

[15]

McCamant, S., Morrisett, G. Efficient, verifable binary sandboxing for a CISC architecture. Technical report MIT-CSAIL-TR-2005--030, 2005.

Google Scholar

[16]

McCamant, S., Morrisett, G. Evaluating SFI for a CISC architecture. In 15th USENIX Security Symposium (Aug. 2006).

Digital Library

Google Scholar

[17]

Microsoft Corporation. Signing and checking code with Authenticode. http://msdn.microsoft.com/en-us/library/ms537364(VS.85).aspx.

Google Scholar

[18]

Microsoft Corporation. Structured exception handling. http://msdn.microsoft.com/en-us/library/ms680657(VS.85).aspx, 2008.

Google Scholar

[19]

Netscape Corporation. Gecko plugin API reference. http://developer.mozilla.org/en/docs/Gecko_Plugin_API_Reference.

Google Scholar

[20]

Provos, N. Improving host security with system call policies. In USENIX Security Symposium (Aug. 2003).

Digital Library

Google Scholar

[21]

Reinders, J. Intel Thread Building Blocks. O'Reilly&Associates, 2007.

Digital Library

Google Scholar

[22]

Savage, M. Cost of computer viruses top $10 billion already this year. ChannelWeb, Aug. 2001.

Google Scholar

[23]

Small, C. MiSFIT: A tool for constructing safe extensible C++ systems. In Proceedings of the Third USENIX Conference on Object-Oriented Technologies (June 1997).

Digital Library

Google Scholar

[24]

Stroustrup, B. The C++ Programming Language: Second Edition. Addison-Wesley, 1997.

Digital Library

Google Scholar

[25]

Tarreau, W. ptrace documentation. http://www.linuxhq.com/kernel/v2.4/36--rc1/Documentation/ptrace.txt, 2007.

Google Scholar

[26]

U. S. Department of defense, Computer security Center. trusted computer system evaluation criteria, Dec. 1985.

Google Scholar

[27]

Wahbe, R., Lucco, S., Anderson, T.E., Graham, S.L. Efficient software-based fault isolation. ACM SIGOPS Oper. Sys. Rev. 27, 5 (dec. 1993), 203--216.

Digital Library

Google Scholar

Cited By

View all

Sha MCai YWang SPhan LLi FTan K(2024)Object-oriented Unified Encrypted Memory Management for Heterogeneous Memory ArchitecturesProceedings of the ACM on Management of Data10.1145/36549582:3(1-29)Online publication date: 30-May-2024
https://dl.acm.org/doi/10.1145/3654958
Yedidia ZTsafrir DMusuvathi MGupta RAbu-Ghazaleh N(2024)Lightweight Fault Isolation: Practical, Efficient, and Secure Software SandboxingProceedings of the 29th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 210.1145/3620665.3640408(649-665)Online publication date: 27-Apr-2024
https://dl.acm.org/doi/10.1145/3620665.3640408
Simić MDedeić JStojkov MProkić I(2024)A Hierarchical Namespace Approach for Multi-Tenancy in Distributed CloudsIEEE Access10.1109/ACCESS.2024.336903112(32597-32617)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3369031
Show More Cited By

Index Terms

Native Client: a sandbox for portable, untrusted x86 native code
1. Software and its engineering
  1. Software notations and tools
    1. Compilers

Recommendations

Native Client: A Sandbox for Portable, Untrusted x86 Native Code
SP '09: Proceedings of the 2009 30th IEEE Symposium on Security and Privacy

This paper describes the design, implementation and evaluation of Native Client, a sandbox for untrusted x86 native code. Native Client aims to give browser-based applications the computational performance of native applications without compromising ...
React Native for Mobile Development: Harness the Power of React Native to Create Stunning iOS and Android Applications
Benchmark Dalvik and Native Code for Android System
IBICA '11: Proceedings of the 2011 Second International Conference on Innovations in Bio-inspired Computing and Applications

Google's Android Native Development Kit (NDK) is a toolset that lets you embed components to use of native code in your Android applications. It makes possible for developers to easily compile in C/C++ for the Android development platform. Generally, ...

Comments

Information & Contributors

Information

Published In

Communications of the ACM Volume 53, Issue 1

Amir Pnueli: Ahead of His Time

January 2010

142 pages

ISSN:0001-0782

EISSN:1557-7317

DOI:10.1145/1629175

Issue’s Table of Contents

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 January 2010

Published in CACM Volume 53, Issue 1

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article
Popular
Refereed

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

72
Total Citations
View Citations
6,696
Total Downloads

Downloads (Last 12 months)582
Downloads (Last 6 weeks)64

Reflects downloads up to 01 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Sha MCai YWang SPhan LLi FTan K(2024)Object-oriented Unified Encrypted Memory Management for Heterogeneous Memory ArchitecturesProceedings of the ACM on Management of Data10.1145/36549582:3(1-29)Online publication date: 30-May-2024
https://dl.acm.org/doi/10.1145/3654958
Yedidia ZTsafrir DMusuvathi MGupta RAbu-Ghazaleh N(2024)Lightweight Fault Isolation: Practical, Efficient, and Secure Software SandboxingProceedings of the 29th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 210.1145/3620665.3640408(649-665)Online publication date: 27-Apr-2024
https://dl.acm.org/doi/10.1145/3620665.3640408
Simić MDedeić JStojkov MProkić I(2024)A Hierarchical Namespace Approach for Multi-Tenancy in Distributed CloudsIEEE Access10.1109/ACCESS.2024.336903112(32597-32617)Online publication date: 2024
https://doi.org/10.1109/ACCESS.2024.3369031
She CLi JChen LShi G(2024)SCFIComputers and Security10.1016/j.cose.2024.103800140:COnline publication date: 1-May-2024
https://dl.acm.org/doi/10.1016/j.cose.2024.103800
Ahad AWang GKim CJana SLin ZKwon YAamodt TSwift MJerger N(2023)FreePart: Hardening Data Processing Software via Framework-based Partitioning and IsolationProceedings of the 28th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 410.1145/3623278.3624760(169-188)Online publication date: 25-Mar-2023
https://dl.acm.org/doi/10.1145/3623278.3624760
Yavarzadeh HTaram MNarayan SStefan DTullsen D(2023)Half&Half: Demystifying Intel’s Directional Branch Predictors for Fast, Secure Partitioned Execution2023 IEEE Symposium on Security and Privacy (SP)10.1109/SP46215.2023.10179415(1220-1237)Online publication date: May-2023
https://doi.org/10.1109/SP46215.2023.10179415
Yavarzadeh HTaram MNarayan SStefan DTullsen D(2023)Half&Half: Demystifying Intel’s Directional Branch Predictors for Fast, Secure Partitioned Execution2023 IEEE Symposium on Security and Privacy (SP)10.1109/SP46215.2023.10179309(1220-1237)Online publication date: May-2023
https://doi.org/10.1109/SP46215.2023.10179309
Gülmez MNyman TBaumann CMühlberg J(2023)Rewind & Discard: Improving Software Resilience using Isolated Domains2023 53rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)10.1109/DSN58367.2023.00046(402-416)Online publication date: Jun-2023
https://doi.org/10.1109/DSN58367.2023.00046
Titzer B(2022)A fast in-place interpreter for WebAssemblyProceedings of the ACM on Programming Languages10.1145/35633116:OOPSLA2(646-672)Online publication date: 31-Oct-2022
https://dl.acm.org/doi/10.1145/3563311
Gravani SHedayati MCriswell JScott MBilge LDumitras T(2021)Fast Intra-kernel Isolation and Security with IskiOSProceedings of the 24th International Symposium on Research in Attacks, Intrusions and Defenses10.1145/3471621.3471849(119-134)Online publication date: 6-Oct-2021
https://dl.acm.org/doi/10.1145/3471621.3471849
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Digital Edition

View this article in digital edition.

Digital Edition

Magazine Site

View this article on the magazine site (external)

Magazine Site

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

References

Cited By

Index Terms

Recommendations