Naccio Department of Computer Science
University of Virginia

Policy-Directed Code Safety
Naccio Project

Last update: 1 October 2000

The goal of the Naccio Project is to develop a general architecture for defining and enforcing code safety policies. We are building tools that take untrusted programs and specification files describing the execution platform and desired safety policy, and produce a new program that behaves like the original program but is guaranteed to satisfy the safety policy.


David Evans and Andrew Twyman. Flexible Policy-Directed Code Safety. In 1999 IEEE Symposium on Security and Privacy, Oakland, California, May 9-12, 1999. (abstract; PDF, gzipped postscript, 14 pages)
David Evans. Policy-Directed Code Safety. MIT PhD Thesis. October 19, 1999. (abstract; PDF, postscript - 137 pages).
Andrew Twyman. Flexible Code Safety for Win32. MIT MEng Thesis. May 21, 1999. (abstract; PDF, postscript (91 pages).

Talk Slides

David Evans, Flexible Policy-Directed Code Safety, 10 May 1999
Talk presented at 1999 IEEE Symposium on Security and Privacy, Oakland, California.
David Evans, Policy-Directed Code Safety, March-April 1999
Seminar talk describing Naccio. (Might not work on some browsers.)

Versions of this talk were delivered at AT&T Research, Compaq SRC, IBM Yorktown, Lucent Bell Labs, Microsoft Research, UC Davis, UCLA, University of Maryland and University of Virginia. Abstract

Andrew Tywman, Flexible Code Safety for Win32, 26 April 1999
Short talk for MIT Masterworks describing Naccio/Win32. This talk was awarded a Masterworks prize. (Might not work on some browsers.)
David Evans, Code Safety Through Transformation, October 1, 1998
Short talk introducing Naccio for internal MIT audience. Somewhat obsolete.

Research Summary

Safety Policies
Describing Resources
Expressing Safety Policies
Platform Interfaces
Generating Policies
Transforming Applications


Give me your tired, your poor,
Your muddled classes yearning to run free...

See Naccio in action, and try to win invaluable prizes and untold fame and fortune by hacking it.

Outside Documents

A French presentation about Naccio by Nabil Sahil and Nafaa Jabeur.

Combating the plague of insecurity, Peter Coffee, ZDNet E-week Column, March 2000.

Frequently Asked Questions (and a few infrequently asked ones)

Browse Library

Safety Policies
Resource Descriptions
Java API Platform Interface


David Evans
Andrew Twyman

Naccio Home Page
David Evans
University of Virginia, Computer Science