Mediating connectors: a non-bypassable process wrapping technology

Author

Balzer, Robert M. ; Goldman, Neil M.

Author_Institution

Inf. Sci. Inst., Univ. of Southern California, CA, USA

Volume

2

fYear

2000

fDate

6/22/1905 12:00:00 AM

Firstpage

361

Abstract

We have developed a technology for mediating all shared library calls. These mediators can be used to instrument these interfaces, monitor their behavior, integrate legacy components together, or encapsulate potentially harmful or unreliable components. They can be dynamically installed and removed during execution or installed before execution begins. Since modern commercial operating systems promote packaging third party functionality as shared libraries and are themselves composed of shared libraries the ability to mediate these interfaces provides access to the broad range of services available on that platform. We have hardened this mediation technology to prevent its bypass or removal by malicious code and applied it to increase the security and integrity of processes. An implementation of this technology is available for Windows NT

Keywords

operating systems (computers); security of data; software libraries; Windows NT; legacy components; malicious code; mediating connectors; mediation technology; nonbypassable process wrapping technology; security; shared library calls; third party functionality; unreliable components; Application software; Connectors; Contracts; Instruments; Mediation; Monitoring; Operating systems; Security; Software libraries; Wrapping;

fLanguage

English

Publisher

ieee

Conference_Titel

DARPA Information Survivability Conference and Exposition, 2000. DISCEX '00. Proceedings

Conference_Location

Hilton Head, SC

Print_ISBN

0-7695-0490-6

Type

conf

DOI

10.1109/DISCEX.2000.821533

Filename

821533