The lecture by Sartakov A. Vasily for Summer Systems School'12. Brief introduction to VMI and FMA technologies. SSS'12 - Education event, organized by ksys labs[1] in 2012, for students interested in system software development and information security. 1. http://ksyslabs.org/

1. Process Virtualization and Sandboxing
Concepts to isolate processes in user space:
Process Virtualization
Sandboxing
четверг, 26 июля 12 г.

2. Byte Code Translation
Process virtual machines using Just-In-Time (JIT)
Compilation to translate VM specific byte code to machine
code at run-time:
The .Net Common Language Runtime (CLR)
The Java Virtual Machine and the Dalvik VM
четверг, 26 июля 12 г.

3. Android Dalvik VM
Android middleware contains an inter-component communication (ICC)
reference monitor to enforce policies.
четверг, 26 июля 12 г.

4. Sandboxing Untrusted Native Code
Inter-Module Commu- nications (IMC)
Simple RPC facility (SRPC)
Netscape Plugin Application
Programming Interface (NPAPI)
NaCl container.
Native Client uses software fault Native Client provides operating system portability
isolation and a secure runtime for binary code while supporting
to direct system interaction and performanceoriented features generally absent
side effects through interfaces from web application programming environments,
managed by Native Client such as thread support, instruction set extensions
such as SSE, and use of compiler intrinsics and
hand-coded assembler.
Native Client: A Sandbox for Portable, Untrusted x86 Native Code
Bennet Yee, David Sehr, Gregory Dardyk, J. Bradley Chen, Robert Muth, Tavis
Ormandy, Shiki Okasaka, Neha Narula, and Nicholas Fullagar Google Inc.
четверг, 26 июля 12 г.