Providing secure environments for untrusted network applications-with case studies using VirtualVault and Trusted Sendmail Proxy

Proceedings of IEEE 6th Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises Pub Date : 1997-06-18 DOI:10.1109/ENABL.1997.630826

Qun Zhong

{"title":"Providing secure environments for untrusted network applications-with case studies using VirtualVault and Trusted Sendmail Proxy","authors":"Qun Zhong","doi":"10.1109/ENABL.1997.630826","DOIUrl":null,"url":null,"abstract":"Bugs in network application programs can be exploited to compromise the system on which the application is running. When running these applications in an unsafe environment such as the Internet, the security concerns raised are a significant barrier to electronic commerce. In addition, these application programs (such as Web servers, mailservers, etc.) are usually too big and complex to be bug-free; trying to build security directly into these applications has proven to be very difficult. This paper demonstrates that a compartmented-mode workstation is a suitable platform to provide a secure environment that can contain most existing network applications. We describe how to wrap these applications in order to reduce the potential for a security breach without the need to rewrite the application completely. By minimizing the effort of transferring unsafe application services so that they are reasonably secure, we are able to accelerate the process of electronic commerce.","PeriodicalId":334410,"journal":{"name":"Proceedings of IEEE 6th Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises","volume":"13 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1997-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of IEEE 6th Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ENABL.1997.630826","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 4

Abstract

Bugs in network application programs can be exploited to compromise the system on which the application is running. When running these applications in an unsafe environment such as the Internet, the security concerns raised are a significant barrier to electronic commerce. In addition, these application programs (such as Web servers, mailservers, etc.) are usually too big and complex to be bug-free; trying to build security directly into these applications has proven to be very difficult. This paper demonstrates that a compartmented-mode workstation is a suitable platform to provide a secure environment that can contain most existing network applications. We describe how to wrap these applications in order to reduce the potential for a security breach without the need to rewrite the application completely. By minimizing the effort of transferring unsafe application services so that they are reasonably secure, we are able to accelerate the process of electronic commerce.

查看原文本刊更多论文

为不受信任的网络应用程序提供安全环境—通过使用VirtualVault和可信Sendmail Proxy的案例研究

网络应用程序中的错误可以被利用来危害运行该应用程序的系统。当在Internet等不安全的环境中运行这些应用程序时，所引起的安全问题是电子商务的一个重大障碍。此外，这些应用程序(如Web服务器、邮件服务器等)通常太大、太复杂，无法避免bug;事实证明，试图将安全性直接构建到这些应用程序中是非常困难的。本文论证了隔离模式工作站是一个提供安全环境的合适平台，可以包含大多数现有的网络应用程序。我们描述了如何包装这些应用程序，以便在不需要完全重写应用程序的情况下减少安全漏洞的可能性。通过尽量减少传输不安全应用程序服务的工作量，使它们相当安全，我们能够加快电子商务的进程。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of IEEE 6th Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises

自引率

0.00%

发文量