Gesellschaft für Informatik e.V.

Lecture Notes in Informatics

Software Engineering 2008, Fachtagung des GI-Fachbereichs Softwaretechnik, 18. - 22.02.2008 in Muenchen P-121, 112-126 (2008).

Gesellschaft fuer Informatik, Bonn


Korbinian Herrmann (ed.), Bernd Bruegge (ed.)

Copyright © Gesellschaft fuer Informatik, Bonn


Eliminating trust from application programs by way of software architecture

Michael Franz


In many of today's application programs, security functionality is inseparably intertwined with the actual mission-purpose logic. As a result, the trusted code base is unnecessarily large and audit costs are high. We present a software architecture in which applications can be completely untrusted, even when they manipulate secrets. Key to our approach is the use of a trusted multi-level security virtual machine, inside of which all secrets remain locked at all times. In an experimental prototype, we were able to bring down the run-time overhead much lower than expected, by using aggressive dynamic compilation and static analysis techniques.

Full Text: PDF

Gesellschaft fuer Informatik, Bonn
ISBN 978-3-88579-215-4

Last changed 04.10.2013 18:16:14