Sub-Operating Systems: A New Approach to Application Security

In the current highly interconnected computing environments, users regularly use insecure software. Many popular applications, such as Netscape Navigator and Microsoft Word, are targeted by hostile applets or malicious documents, and might therefore compromise the integrity of the system. Current operating systems are unable to protect their users from these kinds of attacks, since the hostile software is running with the user\u27s privileges and permissions. We introduce the notion of the SubOS, a process-specific protection mechanism. Under SubOS, any application that might deal with incoming, possibly malicious objects, behaves like an operating system. It views those objects the same way an operating system views users - it assigns sub-user id\u27s - and restricts their accesses to the system resources

The Socket Store: An App Model for the Application-Network Interaction

A developer of mobile or desktop applications is responsible for implementing the network logic of his software. Nonetheless: i) Developers are not network specialists, while pressure for emphasis on the visible application parts places the network logic out of the coding focus. Moreover, computer networks undergo evolution at paces that developers may not follow. ii) From the network resource provider point of view, marketing novel services and involving a broad audience is also challenge for the same reason. Moreover, the objectives of end-user networking logic are neither clear nor uniform. This constitutes the central optimization of network resources an additional challenge. As a solution to these problems, we propose the Socket Store. The Store is a marketplace containing end-user network logic in modular form. The Store modules act as intelligent mediators between the end-user and the network resources. Each module has a clear, specialized objective, such as connecting two clients over the Internet while avoiding transit networks suspicious for eavesdropping. The Store is populated and peer-reviewed by network specialists, whose motive is the visibility, practical applicability and monetization potential of their work. A developer first purchases access to a given socket module. Subsequently, he incorporates it to his applications under development, obtaining state-of-the-art performance with trivial coding burden. A full Store prototype is implemented and a critical data streaming module is evaluated as a driving case

Fileteller: Paying and Getting Paid for File Storage

Fileteller is a credential-based network file storage system with provisions for paying for file storage and getting paid when others access files. Users get access to arbitrary amounts of storage anywhere in the network, and use a micropayments system to pay for both the initial creation of the file and any subsequent accesses. Wide-scale information sharing requires that a number of issues be addressed; these include distributed access, access control, payment, accounting, and delegation (so that information owners may allow others to access their stored content). In this paper we demonstrate how all these issues are addressed using a micropayment architecture based on a trust-management system. Utilizing the same mechanism for both access control and payment results in an elegant and scalable architecture

xPF: Packet Filtering for Low-Cost Network Monitoring

The ever-increasing complexity in network infrastructures is making critical the demand for network monitoring tools. While the majority of network operators rely on low-cost open-source tools based on commodity hardware and operating systems, the increasing link speeds and complexity of network monitoring applications have revealed inefficiencies in the existing software organization, which may prohibit the use of such tools in high-speed networks. Although several new architectures have been proposed to address these problems, they require significant effort in re-engineering the existing body of applications. We present an alternative approach that addresses the primary sources of inefficiency without significantly altering the software structure. Specifically, we enhance the computational model of the Berkeley packet filter (BPF) to move much of the processing associated with monitoring into the kernel, thereby removing the overhead associated with context switching between kernel and applications. The resulting packet filter, called xPF, allows new tools to be more efficiently implemented and existing tools to be easily optimized for high-speed networks. We present the design and implementation of xPF as well as several example applications that demonstrate the efficiency of our approach