Access Restriction

Author Shu, Rui ♦ Wang, Peipei ♦ Gorski, Sigmund Albert ♦ Andow, Benjamin ♦ Nadkarni, Adwait ♦ Deshotels, Luke ♦ Gionta, Jason ♦ Enck, William ♦ Gu, Xiaohui
Source ACM Digital Library
Content type Text
Publisher Association for Computing Machinery (ACM)
File Format PDF
Copyright Year ©2016
Language English
Subject Domain (in DDC) Computer science, information & general works ♦ Data processing & computer science
Subject Keyword Security isolation ♦ Access control ♦ Resilient architectures
Abstract Security isolation is a foundation of computing systems that enables resilience to different forms of attacks. This article seeks to understand existing security isolation techniques by systematically classifying different approaches and analyzing their properties. We provide a hierarchical classification structure for grouping different security isolation techniques. At the top level, we consider two principal aspects: mechanism and policy. Each aspect is broken down into salient dimensions that describe key properties. We break the mechanism into two dimensions, enforcement location and isolation granularity, and break the policy aspect down into three dimensions: policy generation, policy configurability, and policy lifetime. We apply our classification to a set of representative articles that cover a breadth of security isolation techniques and discuss tradeoffs among different design choices and limitations of existing approaches.
Description Author Affiliation: North Carolina State University, Raleigh, NC (Shu, Rui; Wang, Peipei; Gorski III, Sigmund A; Andow, Benjamin; Nadkarni, Adwait; Deshotels, Luke; Gionta, Jason; Enck, William; Gu, Xiaohui)
ISSN 03600300
Age Range 18 to 22 years ♦ above 22 year
Educational Use Research
Education Level UG and PG
Learning Resource Type Article
Publisher Date 2016-10-12
Publisher Place New York
e-ISSN 15577341
Journal ACM Computing Surveys (CSUR)
Volume Number 49
Issue Number 3
Page Count 37
Starting Page 1
Ending Page 37

Open content in new tab

   Open content in new tab
Source: ACM Digital Library