Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Safe-Tcl Security Model John K. Ousterout Jacob Y. Levy Brent B. Welch Present by Yu-Chang SHEN 4 May 2001.

Published byDarnell Caleb Modified over 9 years ago

Similar presentations

Presentation on theme: "The Safe-Tcl Security Model John K. Ousterout Jacob Y. Levy Brent B. Welch Present by Yu-Chang SHEN 4 May 2001."— Presentation transcript:

1 The Safe-Tcl Security Model John K. Ousterout Jacob Y. Levy Brent B. Welch Present by Yu-Chang SHEN 4 May 2001

2 Outline Introduction on Safe-Tcl Security issues Summary

3 Safe-Tcl Safe-TCL is a mechanism for executing untrusted program written in Tcl scripts safely and for providing mediated access by such scripts to potentially dangerous functionality

4 Aliases Padded Cell Model Master Interpreter Command 1 Command 3 Command 4 Command 5 Command 6 Command 2 Safe Interpreter Command 1 Command 2 Hide Command 4 Command 5

5 Security issues Integrity attacks Privacy attacks Denial of Service attacks

6 Prevent the attacks Denied all operations that modify, read and transmit the state of the host environment Setup security policies Different level of trustiness = Different level of rights

7 Summary Padded Cell model in general is similar to User/Kernel space model Safe-Tcl using padded cell model to prevent integrity and privacy attacks Safe-Tcl can use security policies to regulate permissions that an applet have

8 Questions What is the hardest part of designing Safe-Tcl environment?

Download ppt "The Safe-Tcl Security Model John K. Ousterout Jacob Y. Levy Brent B. Welch Present by Yu-Chang SHEN 4 May 2001."

Similar presentations

Operating System Security

Operating System Security
With Microsoft Access 2010© 2011 Pearson Education, Inc. Publishing as Prentice Hall1 PowerPoint Presentation to Accompany GO! with Microsoft ® Access.

With Microsoft Access 2010© 2011 Pearson Education, Inc. Publishing as Prentice Hall1 PowerPoint Presentation to Accompany GO! with Microsoft ® Access.
Mobile Code Security Aviel D. Rubin, Daniel E. Geer, Jr. MOBILE CODE SECURITY, IEEE Internet Computing, 1998 Minkyu Lee 2007. 04. 23.

Mobile Code Security Aviel D. Rubin, Daniel E. Geer, Jr. MOBILE CODE SECURITY, IEEE Internet Computing, 1998 Minkyu Lee
An Evaluation of the Google Chrome Extension Security Architecture

An Evaluation of the Google Chrome Extension Security Architecture
1 Chapter 5 Security Threats to Electronic Commerce.

1 Chapter 5 Security Threats to Electronic Commerce.
1 Network Security Ola Flygt Växjö University +46 470 70 86 49.

1 Network Security Ola Flygt Växjö University
Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)

Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
1 Extensible Security Architectures for Java Authors: Dan S.Wallch, Dirk Balfanz Presented by Moonjoo Kim.

1 Extensible Security Architectures for Java Authors: Dan S.Wallch, Dirk Balfanz Presented by Moonjoo Kim.
CSE331: Introduction to Networks and Security Lecture 28 Fall 2002.

CSE331: Introduction to Networks and Security Lecture 28 Fall 2002.
CGIWrap CGIWrap is a gateway program that allows general users to use CGI scripts and HTML forms without compromising the security of the http server.

CGIWrap CGIWrap is a gateway program that allows general users to use CGI scripts and HTML forms without compromising the security of the http server.
(Breather)‏ Principles of Secure Design by Matt Bishop (augmented by Michael Rothstein)‏

(Breather)‏ Principles of Secure Design by Matt Bishop (augmented by Michael Rothstein)‏
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS 4600 - © Abdou Illia.

January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS © Abdou Illia.
1 CSE 380 Computer Operating Systems Instructor: Insup Lee and Dianna Xu University of Pennsylvania Fall 2003 Lecture Note: Protection Mechanisms.

1 CSE 380 Computer Operating Systems Instructor: Insup Lee and Dianna Xu University of Pennsylvania Fall 2003 Lecture Note: Protection Mechanisms.
Tcl Agent : A flexible and secure mobile-agent system Paper by Robert S. Gray Dartmouth College Presented by Vipul Sawhney University of Pennsylvania.

Tcl Agent : A flexible and secure mobile-agent system Paper by Robert S. Gray Dartmouth College Presented by Vipul Sawhney University of Pennsylvania.
Henric Johnson1 Network Security /. 2 Outline Attacks, services and mechanisms Security attacks Security services Methods of Defense A model for Internetwork.

Henric Johnson1 Network Security /. 2 Outline Attacks, services and mechanisms Security attacks Security services Methods of Defense A model for Internetwork.
Bazara Barry1 Security on Networks and Information Systems Bazara I. A. Barry Department of Computer Science – University of Khartoum www.itrc.sd/staff/bazara.html.

Bazara Barry1 Security on Networks and Information Systems Bazara I. A. Barry Department of Computer Science – University of Khartoum
Programming Languages for Mobile Code Anna Philippou University of Pennsylvania.

Programming Languages for Mobile Code Anna Philippou University of Pennsylvania.
1 RAKSHA: A FLEXIBLE ARCHITECTURE FOR SOFTWARE SECURITY Computer Systems Laboratory Stanford University Hari Kannan, Michael Dalton, Christos Kozyrakis.

1 RAKSHA: A FLEXIBLE ARCHITECTURE FOR SOFTWARE SECURITY Computer Systems Laboratory Stanford University Hari Kannan, Michael Dalton, Christos Kozyrakis.

Similar presentations

Ads by Google