This work introduces a new approach to code safety. We present Naccio, a system architecture that allows a large class of safety policies to be expressed in a general and platform-independent way. Policies are defined in terms of abstract resource manipulations. We describe mechanisms that can be used to efficiently and conveniently enforce these safety policies by transforming programs. We are developing implementations of Naccio that enforce policies on JavaVM classes and Win32 executables. Wereport on results using the Java VM prototype.
展开▼
机译:这项工作介绍了一种新的代码安全方法。我们提供Naccio,一个系统架构,允许以一般和平台的方式表达大类安全政策。在抽象资源操纵方面定义了政策。我们介绍了通过转换程序进行有效和方便地强制执行这些安全策略的机制。我们正在开发Naccio的实现,该实现将对Javavm类和Win32可执行文件执行策略。使用Java VM Prototype在结果上进行结果。
展开▼