UserFS provides egalitarian OS protection mechanisms in Linux. UserFS allows any user--not just the system administrator--to allocate Unix user IDs, to use chroot, and to set up f...
The protection mechanisms of current mainstream operating systems are inadequate to support confidentiality and integrity requirements for end systems. Mandatory access control (M...
In Linux, applications like su and login currently run as root in order to access authentication information and set or alter the identity of the process. In such cases, if the ap...
Complexity in commodity operating systems makes compromises inevitable. Consequently, a great deal of work has examined how to protect security-critical portions of applications f...
A large class of security attacks exploit software implementation vulnerabilities such as unchecked buffers. This paper proposes Transparent Runtime Randomization (TRR), a general...