Abstract
We have developed a general approach to enable secure circulation of software in an open network environment such as the Internet. By software circulation, we mean a generalized conventional software distribution concept in which software can be transferred even in an iterative manner such as through redistribution or using mobile agents. To clarify the problem that arises when software is circulated in an open network environment, we first considered a simple model for unsecure software circulation and then developed a model for secure software circulation (SSC). In the SSC model, we extended the sandbox concept to include its own file system and to have the ability to be transferred via a network. In this sense, our approach is characterized by an encapsulated, transferable file system. We describe how the SoftwarePot system was designed to implement the SSC model, and discuss the implications of experimental results that we obtained during the implementation.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
A. Acharya and M. Raje. MAPbox: Using Parameterized Behavior Classes to Confine Untrusted Applications. In Proceedings of the 9th USENIX Security Symposium, Denver, August 2000.
A. Alexandrov, M. Ibel, K. E. Schauser, and C. J. Scheiman. UFO: A Personal Global File System Based on User-Level Extensions to the Operating System. ACM Transactions on Computer Systems, 16(3):207–233, August 1998.
L. Cardelli and A. D. Gordon. Mobile ambients. Theoretical Computer Science, 204/1, Jul. 2000. Special issue on Coordination.
C. Cowan, S. Beattie, G. K.-Hartman, C. Pu, P. Wagle, and V. Gligor. SubDomain: Parsimonious Server Security. In Proceedings of the 14th Systems Administration Conference (LISA 2000), New Orleans, December 2000.
I. Goldberg, D. Wagner, R. Thomas, and E. A. Brewer. A Secure Environment for Untrusted Helper Applications: Confining the Wily Hacker. In Proceedings of the 6th USENIX Security Symposium, San Jose, July 1996.
D. Hendricks. A filesystem for software development. In USENIX-Summer’90, pages 333–340, Jun. 1990.
K. Ishii, Y. Shinjo, K. Nishio, J. Sun, and K. Itano. The Implementation of an Operating System Based on the Parallel World Model by Tracing System Calls. InProceedings of the IEICE/IPSJ CPSY OS’ 99, Okinawa, May 1999. In Japanese.
N. Islam, R. Anand, T. Jaeger, and J. R. Rao. A Flexible Security System for Using Internet Content. IEEE Software, 14(5):52–59, 1997.
K. Kato and Y. Oyama. Softwarepot: An encapsulated transferable file system for secure software circulation. Technical Report ISE-TR-02-185, Institute of Information Sciences and Electronics, University of Tsukuba, Jan. 2002.
D. G. Korn and E. Krell. A New Dimension for the Unix File System. Software-Practice and Experience, 20(S1):19–34, 1990.
J. Y. Levy, L. Demailly, J. K. Ousterhout, and B. B. Welch. The Safe-Tcl Security Model. In Proceedings of the USENIX Annual Technical Conference (NO 98), New Orleans, June 1998.
V. Prevelakis and D. Spinellis. Sandboxing Applications. In Proceedings of 2001 USENIX Annual Technical Conference, FREENIX Track, Boston, June 2001.
William Stallings. Cryptography and Network Security-Principles and Practice. Prentice-Hall, 2nd edition, 1999.
L. D. Stein. SBOX: Put CGI Scripts in a Box. In Proceedings of the USENIX Annual Technical Conference, Monterey, June 1999.
R. Wahbe, S. Lucco, T. E. Anderson, and S. L. Graham. Efficient Software-Based Fault Isolation. In Proceedings of the 14th ACM Symposium on Operating System Principles (SOSP’ 93), pages 203–216, Asheville, December 1993.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Kato, K., Oyama, Y. (2003). SoftwarePot: An Encapsulated Transferable File System for Secure Software Circulation. In: Okada, M., Pierce, B.C., Scedrov, A., Tokuda, H., Yonezawa, A. (eds) Software Security — Theories and Systems. ISSS 2002. Lecture Notes in Computer Science, vol 2609. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36532-X_8
Download citation
DOI: https://doi.org/10.1007/3-540-36532-X_8
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-00708-1
Online ISBN: 978-3-540-36532-7
eBook Packages: Springer Book Archive