This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Security Control for COTS Components
June 1998 (vol. 31 no. 6)
pp. 67-73
Using COTS components poses serious threats to system security. The authors analyze the risks and describe how their sandbox method can confine the damage potential of COTS components. The sandbox model was originally developed for fault tolerance. Rather than eliminating actual failures, it provides a restricted environment to confine application behavior. The approach confines the damage caused if an application accidentally or maliciously misbehaves. The authors' sandbox method differs from Java's, in that it is built with OS support rather than with support from a particular language. In this article, they describe the Sendmail version of their sandbox method. Their approach requires B-level security features not found on most conventional OSs. Typically developed for government or military use, B-level-certified OSs have more sophisticated security features. The authors explain that their method does not eliminate security problems but rather mitigates the damage caused by compromised applications and thus prevents most common security breaches. Untrusted COTS components can thus be safely plugged into a system without major reengineering, provided there is a suitable security platform.
Citation:
Qun Zhong, Nigel Edwards, "Security Control for COTS Components," Computer, vol. 31, no. 6, pp. 67-73, June 1998, doi:10.1109/2.683010
Usage of this product signifies your acceptance of the Terms of Use.