Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
The Safe-Tcl Security Model John K. Ousterout Jacob Y. Levy Brent B. Welch Present by Yu-Chang SHEN 4 May 2001 Outline Introduction on Safe-Tcl Security issues Summary Safe-Tcl Safe-TCL is a mechanism for executing untrusted program written in Tcl scripts safely and for providing mediated access by such scripts to potentially dangerous functionality Padded Cell Model Command 1 Command 1 Command 2 Command 2 Command 3 Hide Command 4 Command 4 Command 5 Command 5 Command 6 Master Interpreter Aliases Hide Safe Interpreter Security issues Integrity attacks Privacy attacks Denial of Service attacks Prevent the attacks Denied all operations that modify, read and transmit the state of the host environment • Setup security policies • Different level of trustiness = Different level of rights Summary Padded Cell model in general is similar to User/Kernel space model Safe-Tcl using padded cell model to prevent integrity and privacy attacks Safe-Tcl can use security policies to regulate permissions that an applet have Questions What is the hardest part of designing Safe-Tcl environment?