Skip to main content
SpringerLink
Log in
Book cover

International Symposium on Software Security

ISSS 2002: Software Security — Theories and Systems pp 112–132Cite as

SoftwarePot: An Encapsulated Transferable File System for Secure Software Circulation

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2609))

Abstract

We have developed a general approach to enable secure circulation of software in an open network environment such as the Internet. By software circulation, we mean a generalized conventional software distribution concept in which software can be transferred even in an iterative manner such as through redistribution or using mobile agents. To clarify the problem that arises when software is circulated in an open network environment, we first considered a simple model for unsecure software circulation and then developed a model for secure software circulation (SSC). In the SSC model, we extended the sandbox concept to include its own file system and to have the ability to be transferred via a network. In this sense, our approach is characterized by an encapsulated, transferable file system. We describe how the SoftwarePot system was designed to implement the SSC model, and discuss the implications of experimental results that we obtained during the implementation.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. A. Acharya and M. Raje. MAPbox: Using Parameterized Behavior Classes to Confine Untrusted Applications. In Proceedings of the 9th USENIX Security Symposium, Denver, August 2000.

    Google Scholar 

  2. A. Alexandrov, M. Ibel, K. E. Schauser, and C. J. Scheiman. UFO: A Personal Global File System Based on User-Level Extensions to the Operating System. ACM Transactions on Computer Systems, 16(3):207–233, August 1998.

    Article  Google Scholar 

  3. L. Cardelli and A. D. Gordon. Mobile ambients. Theoretical Computer Science, 204/1, Jul. 2000. Special issue on Coordination.

    Google Scholar 

  4. C. Cowan, S. Beattie, G. K.-Hartman, C. Pu, P. Wagle, and V. Gligor. SubDomain: Parsimonious Server Security. In Proceedings of the 14th Systems Administration Conference (LISA 2000), New Orleans, December 2000.

    Google Scholar 

  5. I. Goldberg, D. Wagner, R. Thomas, and E. A. Brewer. A Secure Environment for Untrusted Helper Applications: Confining the Wily Hacker. In Proceedings of the 6th USENIX Security Symposium, San Jose, July 1996.

    Google Scholar 

  6. D. Hendricks. A filesystem for software development. In USENIX-Summer’90, pages 333–340, Jun. 1990.

    Google Scholar 

  7. K. Ishii, Y. Shinjo, K. Nishio, J. Sun, and K. Itano. The Implementation of an Operating System Based on the Parallel World Model by Tracing System Calls. InProceedings of the IEICE/IPSJ CPSY OS’ 99, Okinawa, May 1999. In Japanese.

    Google Scholar 

  8. N. Islam, R. Anand, T. Jaeger, and J. R. Rao. A Flexible Security System for Using Internet Content. IEEE Software, 14(5):52–59, 1997.

    Article  Google Scholar 

  9. K. Kato and Y. Oyama. Softwarepot: An encapsulated transferable file system for secure software circulation. Technical Report ISE-TR-02-185, Institute of Information Sciences and Electronics, University of Tsukuba, Jan. 2002.

    Google Scholar 

  10. D. G. Korn and E. Krell. A New Dimension for the Unix File System. Software-Practice and Experience, 20(S1):19–34, 1990.

    Article  Google Scholar 

  11. J. Y. Levy, L. Demailly, J. K. Ousterhout, and B. B. Welch. The Safe-Tcl Security Model. In Proceedings of the USENIX Annual Technical Conference (NO 98), New Orleans, June 1998.

    Google Scholar 

  12. V. Prevelakis and D. Spinellis. Sandboxing Applications. In Proceedings of 2001 USENIX Annual Technical Conference, FREENIX Track, Boston, June 2001.

    Google Scholar 

  13. William Stallings. Cryptography and Network Security-Principles and Practice. Prentice-Hall, 2nd edition, 1999.

    Google Scholar 

  14. L. D. Stein. SBOX: Put CGI Scripts in a Box. In Proceedings of the USENIX Annual Technical Conference, Monterey, June 1999.

    Google Scholar 

  15. R. Wahbe, S. Lucco, T. E. Anderson, and S. L. Graham. Efficient Software-Based Fault Isolation. In Proceedings of the 14th ACM Symposium on Operating System Principles (SOSP’ 93), pages 203–216, Asheville, December 1993.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute of Information Sciences and Electronics, University of Tsukuba, Tennoudai 1-1-1, 305-8573, Tsukuba, Ibaraki, Japan

    Kazuhiko Kato

  2. Japan Science and Technology Corporation, Japan

    Kazuhiko Kato & Yoshihiro Oyama

Authors
  1. Kazuhiko Kato
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yoshihiro Oyama
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Keio University, 2-15-45 Mita, Minatoku, 108-8345, Tokyo, Japan

    Mitsuhiro Okada

  2. University of Pennsylvania, 200 South 33rd St., 19104, Philadelphia, PA, USA

    Benjamin C. Pierce

  3. University of Pennsylvania, 209 South 33rd St., 19104-6395, Philadelphia, PA, USA

    Andre Scedrov

  4. Keio University, 5322 Endoh, 252-8520, Fujisawa, Japan

    Hideyuki Tokuda

  5. University of Tokyo, 7-3-1 Hongo, Bunkyo-ku, 113, Tokyo, Japan

    Akinori Yonezawa

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kato, K., Oyama, Y. (2003). SoftwarePot: An Encapsulated Transferable File System for Secure Software Circulation. In: Okada, M., Pierce, B.C., Scedrov, A., Tokuda, H., Yonezawa, A. (eds) Software Security — Theories and Systems. ISSS 2002. Lecture Notes in Computer Science, vol 2609. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-36532-X_8

Download citation

  • DOI: https://doi.org/10.1007/3-540-36532-X_8

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-00708-1

  • Online ISBN: 978-3-540-36532-7

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation