Technical Reports (CIS)
Document Type
Technical Report
Date of this Version
January 2001
Abstract
In the current highly interconnected computing environments, users regularly use insecure software. Many popular applications, such as Netscape Navigator and Microsoft Word, are targeted by hostile applets or malicious documents, and might therefore compromise the integrity of the system. Current operating systems are unable to protect their users from these kinds of attacks, since the hostile software is running with the user's privileges and permissions. We introduce the notion of the SubOS, a process-specific protection mechanism. Under SubOS, any application that might deal with incoming, possibly malicious objects, behaves like an operating system. It views those objects the same way an operating system views users - it assigns sub-user id's - and restricts their accesses to the system resources.
Keywords
secure systems, capabilities, process-specific protection
Date Posted: 20 June 2007
Comments
University of Pennsylvania Department of Computer and Information Science Technical Report No. MS-CIS-01-06.