Title :
Hardening COTS software with generic software wrappers
Author :
Fraser, Timothy ; Badger, Lee ; Feldman, Mark
Author_Institution :
Network Associates Inc., Glenwood, MD, USA
fDate :
6/22/1905 12:00:00 AM
Abstract :
Numerous techniques exist to augment the security functionality of Commercial Off-The-Shelf (COTS) applications and operating systems, making them more suitable for use in mission-critical systems. Although individually useful, as a group these techniques present difficulties to system developers because they are not based on a common framework which might simplify integration and promote portability and reuse. This paper presents techniques for developing Generic Software Wrappers-protected, non-bypassable kernel-resident software extensions for augmenting security without modification of COTS source. We describe the key elements of our work: our high-level Wrapper Definition Language (WDL), and our framework for configuring, activating, and managing wrappers. We also discuss code reuse, automatic management of extensions, a framework for system-building through composition, platform-independence, and our experiences with our Solaris and FreeBSD prototypes
Keywords :
operating system kernels; security of data; FreeBSD; Solaris; code reuse; generic software wrappers; high-level Wrapper Definition Language; mission-critical systems; nonbypassable kernel-resident software extensions; platform-independence; portability; security functionality; system-building; Access control; Application software; Data security; Intrusion detection; Mission critical systems; Operating systems; Permission; Privacy; Protection; Prototypes;
Conference_Titel :
DARPA Information Survivability Conference and Exposition, 2000. DISCEX '00. Proceedings
Conference_Location :
Hilton Head, SC
Print_ISBN :
0-7695-0490-6
DOI :
10.1109/DISCEX.2000.821530
