Secure APIs for Applications in Microkernel-based Systems

Mohammad Hamad; Vassilis Prevelakis

doi:10.5220/0006265805530558

Secure APIs for Applications in Microkernel-based Systems

Mohammad Hamad, Vassilis Prevelakis

2017

Abstract

The Internet evolved from a collection of computers to today’s agglomeration of all sort of devices (e.g. printers, phones, coffee makers, cameras and so on) a large part of which contain security vulnerabilities. The current wide scale attacks are, in most cases, simple replays of the original Morris Worm of the mid-80s. The effects of these attacks are equally devastating because they affect huge numbers of connected devices. The reason for this lack of progress is that software developers will keep writing vulnerable software due to problems associated with the way software is designed and implemented and market realities. So in order to contain the problem we need effective control of network communications and more specifically, we need to vet all network connections made by an application on the premise that if we can prevent an attacker from reaching his victim, the attack cannot take place. This paper presents a comprehensive network security framework, including a well-defined applications programming interface (API) that allows fine-grained and flexible control of network connections. In this way, we can finally instantiate the principles of dynamic network control and protect vulnerable applications from network attacks.

Download

Paper Citation

in Harvard Style

Hamad M. and Prevelakis V. (2017). Secure APIs for Applications in Microkernel-based Systems . In Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-209-7, pages 553-558. DOI: 10.5220/0006265805530558

in Bibtex Style

@conference{icissp17,
author={Mohammad Hamad and Vassilis Prevelakis},
title={Secure APIs for Applications in Microkernel-based Systems},
booktitle={Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2017},
pages={553-558},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006265805530558},
isbn={978-989-758-209-7},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 3rd International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Secure APIs for Applications in Microkernel-based Systems
SN - 978-989-758-209-7
AU - Hamad M.
AU - Prevelakis V.
PY - 2017
SP - 553
EP - 558
DO - 10.5220/0006265805530558