Hardening COTS software with generic software wrappers

Numerous techniques exist to augment the security functionality of commercial off-the-shelf (COTS) applications and operating systems, making them more suitable for use in mission-critical systems. Although individually useful, as a group these techniques present difficulties to system developers be...

Full description

Saved in:
Bibliographic Details
Main Authors: Fraser, T., Badger, L., Feldman, M.
Format: Conference Proceeding
Language:English
Subjects:
Access control
Application software
Contracts
Costs
Data security
Intrusion detection
Mission critical systems
Operating systems
Protection
Prototypes
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Numerous techniques exist to augment the security functionality of commercial off-the-shelf (COTS) applications and operating systems, making them more suitable for use in mission-critical systems. Although individually useful, as a group these techniques present difficulties to system developers because they are not based on a common framework which might simplify integration and promote portability and reuse. The paper presents techniques for developing Generic Software Wrappers-protected, non-bypassable kernel-resident software extensions for augmenting security without modification of COTS source. We describe the key elements of our work: our high-level Wrapper Definition Language (WDL), and our framework for configuring, activating, and managing wrappers. We also discuss code reuse, automatic management of extensions, a framework for system-building through composition, platform-independence, and our experiences with our Solaris and FreeBSD prototypes.
ISSN:1081-6011
2375-1207
DOI:10.1109/SECPRI.1999.766713