Download The Safe-Tcl Security Model

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
Document related concepts
no text concepts found
Transcript 
The Safe-Tcl Security
Model
John K. Ousterout
Jacob Y. Levy
Brent B. Welch
Present by Yu-Chang SHEN
4 May 2001
Outline
Introduction on Safe-Tcl
Security issues
Summary
Safe-Tcl
Safe-TCL is a mechanism for executing
untrusted program written in Tcl scripts
safely and for providing mediated
access by such scripts to potentially
dangerous functionality
Padded Cell Model
Command 1
Command 1
Command 2
Command 2
Command 3
Hide
Command 4
Command 4
Command 5
Command 5
Command 6
Master Interpreter
Aliases
Hide
Safe Interpreter
Security issues
Integrity attacks
Privacy attacks
Denial of Service attacks
Prevent the attacks
Denied all operations that modify, read and
transmit the state of the host environment
• Setup security policies
• Different level of trustiness = Different level of rights
Summary
Padded Cell model in general is similar
to User/Kernel space model
Safe-Tcl using padded cell model to
prevent integrity and privacy attacks
Safe-Tcl can use security policies to
regulate permissions that an applet
have
Questions
What is the hardest part of designing
Safe-Tcl environment?
Related documents
No Slide Title
No Slide Title
Honeynet Project
Honeynet Project
Systems Security
Systems Security
APT-Tactics
APT-Tactics
Research Areas - The George Washington University
Research Areas - The George Washington University
dos_nanog
dos_nanog
Introduction - Personal Web Pages
Introduction - Personal Web Pages
Heart Attack - Coffee Regional Medical Center
Heart Attack - Coffee Regional Medical Center
Distributed Denial of Service (DDoS)
Distributed Denial of Service (DDoS)
Skating on Stilts
Skating on Stilts