Language-Based Hypervisors

Budianto, Enrico; Chow, Richard; Ding, Jonathan; McCool, Michael

doi:10.1007/978-3-319-48965-0_52

Enrico Budianto¹⁵,
Richard Chow¹⁵,
Jonathan Ding¹⁶ &
…
Michael McCool¹⁷

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 10052))

Included in the following conference series:

International Conference on Cryptology and Network Security

2095 Accesses
1 Citations
1 Altmetric

Abstract

We describe how to build a Language-Based Hypervisor (LBH) that can run untrusted applications (or modules) inside secure containers within a single language runtime instance. The LBH allows execution of untrusted code at a fine-grained level while controlling access to APIs, data, and resources. The LBH and untrusted applications are written in the same language and run together as one process on top of a single language interpreter or runtime. We use JavaScript as an example and describe how LBH can be implemented at the language level without modification to the runtime itself.

In memoriam of Enrico, who passed away after this work, done as an intern at Intel.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic

¥17,985 /Month

Get 10 units per month
Download Article/Chapter or eBook
1 Unit = 1 Article or 1 Chapter
Cancel anytime

Buy Now

Chapter: JPY 3498; Price includes VAT (Japan)

eBook: JPY 5719; Price includes VAT (Japan)

Softcover Book: JPY 7149; Price includes VAT (Japan)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

WebC: toward a portable framework for deploying legacy code in web browsers

Article 08 April 2015

SafeScript: JavaScript Transformation for Policy Enforcement

RustyHermit: A Scalable, Rust-Based Virtual Execution Environment

References

Akhawe, D., Saxena, P., Song, D.: Privilege separation in HTML5 applications. In: Proceedings of the 21st USENIX Conference on Security Symposium, Security 2012, USENIX Association, Berkeley, CA, USA, pp. 23–23 (2012)
Google Scholar
Bhargavan, K., Delignat-Lavaud, A., Maffeis, S.: Language-based defenses against untrusted browser origins. In: Proceedings of the 22Nd USENIX Conference on Security, SEC 2013, USENIX Association, Berkeley, CA, USA, pp. 653–670 (2013)
Google Scholar
Maffeis, S., Mitchell, J.C., Taly, A.: Object capabilities and isolation of untrusted web applications. In: 2010 IEEE Symposium on Security and Privacy (SP), pp. 125–140. IEEE (2010)
Google Scholar
Maffeis, S., Taly, A.: Language-based isolation of untrusted JavaScript. In: Proceedings of the 2009 22nd IEEE Computer Security Foundations Symposium, CSF 2009, pp. 77–91. IEEE Computer Society, Washington, DC (2009)
Google Scholar

Download references

Author information

Authors and Affiliations

Intel Corporation, Santa Clara, USA
Enrico Budianto & Richard Chow
Intel Corporation, Shanghai, China
Jonathan Ding
Intel Corporation, Tokyo, Japan
Michael McCool

Authors

Enrico Budianto
View author publications
You can also search for this author in PubMed Google Scholar
Richard Chow
View author publications
You can also search for this author in PubMed Google Scholar
Jonathan Ding
View author publications
You can also search for this author in PubMed Google Scholar
Michael McCool
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Richard Chow .

Editor information

Editors and Affiliations

Università degli Studi di Milano, Crema, Italy
Sara Foresti
Università degli Studi di Salerno, Fisciano, Italy
Giuseppe Persiano

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Budianto, E., Chow, R., Ding, J., McCool, M. (2016). Language-Based Hypervisors. In: Foresti, S., Persiano, G. (eds) Cryptology and Network Security. CANS 2016. Lecture Notes in Computer Science(), vol 10052. Springer, Cham. https://doi.org/10.1007/978-3-319-48965-0_52

Download citation

DOI: https://doi.org/10.1007/978-3-319-48965-0_52
Published: 28 October 2016
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-48964-3
Online ISBN: 978-3-319-48965-0
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Language-Based Hypervisors

Abstract

Access this chapter

Subscribe and save

Buy Now

Similar content being viewed by others

WebC: toward a portable framework for deploying legacy code in web browsers

SafeScript: JavaScript Transformation for Policy Enforcement

RustyHermit: A Scalable, Rust-Based Virtual Execution Environment

References

Author information

Authors and Affiliations

Corresponding author

Editor information

Editors and Affiliations

Rights and permissions

Copyright information

About this paper

Cite this paper

Download citation

Publish with us

Subscribe and save

Buy Now

Navigation

Language-Based Hypervisors

Abstract

Access this chapter

Subscribe and save

Buy Now

Similar content being viewed by others

WebC: toward a portable framework for deploying legacy code in web browsers

SafeScript: JavaScript Transformation for Policy Enforcement

RustyHermit: A Scalable, Rust-Based Virtual Execution Environment

References

Author information

Authors and Affiliations

Corresponding author

Editor information

Editors and Affiliations

Rights and permissions

Copyright information

About this paper

Cite this paper

Download citation

Share this paper

Publish with us

Search

Navigation