file.pdf (457.28 kB)
Download file

MiniBox: A Two-Way Sandbox for x86 Native Code (CMU-CyLab-14-001)

Download (457.28 kB)
journal contribution
posted on 21.02.2014, 00:00 authored by Yanlin Li, Adrian Perrig, Jonathan M. McCune, James Newsome, Brandon Baker, Will Drewry

This paper presents MiniBox, the first two-way sandbox for x86 native code. MiniBox not only isolates the memory space between OS protection modules and an application, but also provides a minimized and secure communication interface between OS protection modules and the application. MiniBox is cross-platform and can be applied in Platform-as-a-Service (PaaS) cloud computing to provide two-way protection between a customer’s application and the cloud platform OS. We implement a prototype of MiniBox on both Intel and AMD multi-core systems and port several applications toMiniBox. Evaluation results show thatMiniBox is efficient and practical.

History

Date

21/02/2014

Usage metrics

Exports