Naccio Department of Computer Science
University of Virginia

Policy-Directed Code Safety

David Evans
MIT Lab for Computer Science

As it becomes harder to avoid running untrusted code, the problem of limiting what programs can do is becoming increasingly important. This talk introduces Naccio, a general architecture for code safety. My work addresses some of the weaknesses of traditional code safety systems: they are closely tied to a single platform, they are limited in what policies can be enforced, and they express policies in ad hoc ways.

Naccio demonstrates that it is possible to solve these problems without sacrificing performance or convenience. I will introduce languages for defining policies as constraints on abstract resources, and specifying a platform in terms of how it manipulates those resources. I will describe Naccio implementations that enforce policies on JavaVM programs and Win32 executables, and report on results using the JavaVM prototype.


Naccio Home Page
David Evans
University of Virginia, Computer Science