DocumentCode
2965429
Title
Data Sandboxing: A Technique for Enforcing Confidentiality Policies
Author
Khatiwala, Tejas ; Swaminathan, Raj ; Venkatakrishnan, V.N.
Author_Institution
University of Illinois, Chicago, USA
fYear
2006
fDate
Dec. 2006
Firstpage
223
Lastpage
234
Abstract
When an application reads private / sensitive infor- mation and subsequently communicates on an output channel such as a public file or a network connection, how can we ensure that the data written is free of private information? In this paper, we address this question in a practical setting through the use of a technique that we call "data sandboxing" . Essentially, data sandboxing is implemented using the popular technique of system call interposition to mediate output channels used by a pro- gram. To distinguish between private and public data, the program is partitioned into two: one that contains all the instructions that handle sensitive data and the other containing the rest of the instructions. This parti- tioning is performed based on techniques from program slicing. When run together, these two programs collec- tively replace the original program. To address confi- dentiality, these programs are sandboxed with different system call interposition based policies. We discuss the design and implementation of a tool that enforces con- fidentiality policies on C programs using this technique. We also report our experiences in using our tool over several programs that handle confidential data.
Keywords
Application software; Computer science; Computer security; Costs; File servers; Kernel; Monitoring; Operating systems; Protection; Runtime;
fLanguage
English
Publisher
ieee
Conference_Titel
Computer Security Applications Conference, 2006. ACSAC '06. 22nd Annual
Conference_Location
Miami Beach, FL, USA
ISSN
1063-9527
Print_ISBN
0-7695-2716-7
Type
conf
DOI
10.1109/ACSAC.2006.22
Filename
4041169
Link To Document