At 11:02 PM -0700 9/16/02, David Wagner wrote: >AARG!Anonymous wrote: >>David Wagner writes: >>> Standard process separation, sandboxes, jails, virtual machines, or other >>> forms of restricted execution environments would suffice to solve this >>> problem. >> >>Nothing done purely in software will be as effective as what can be done >>when you have secure hardware as the foundation. > >I wasn't thinking of pure software solutions. I was thinking of a >combination of existing hardware + new software: use the MMU to provide >separate address spaces, and use a secure VM or OS kernel to limit what >those processes can do. As far as I can see, this can provide just as >much protection against viruses for your bank account as Palladium can.
The KeyKOS work <http://www.cis.upenn.edu/%7EKeyKOS/> shows an approach to using existing hardware protection (in the case of KeyKOS, the protection available in the IBM 370 hardware) to building a system that is very resistant to Trojan horses and Virii. A very closely related open source OS is Eros <http://www.eros-os.org/>. Use of these technologies is illustrated by "A Security Analysis of the Combex DarpaBrowser Architecure" by David Wagner & Dean Tribble <http://www.combex.com/papers/darpa-review/index.html> and a presentation at the O'Reilly Emerging Technology Conference, "The E Development Platform: Exploiting Virus-Ridden Software" <http://conferences.oreillynet.com/cs/et2002/view/e_sess/2223>. Cheers - Bil ------------------------------------------------------------------------- Bill Frantz | The principal effect of| Periwinkle -- Consulting (408)356-8506 | DMCA/SDMI is to prevent| 16345 Englewood Ave. [EMAIL PROTECTED] | fair use. | Los Gatos, CA 95032, USA --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]