Malicious Code ISTSG: An interim report

5/11/00


Click here to start


Table of Contents

Malicious Code ISTSG: An interim report

Why?

Who?

How? The approach

Deliverable

Initial meeting 10/15/99

San Antonio workshop 1/13-1/14

DISCLAIMER

PPT Slide

PPT Slide

Analogies and related problems

Ancient history

1999 was a banner year

PPT Slide

PPT Slide

Recasting the problem

Why malicious code?

Two key questions

Technology: state of the art

Technology: state of the practice

Where we stand (lang/compiler)

Principle of least privilege

“Do” principle of least privilege

Security enforcement pipeline

Architecture of enforcement mechanisms

Poster child technologies

Proof-Carrying Code

PCC

Short term technologies

Long term technologies

The policy problem

Take home lessons

Stuff to work on

State of play

 Author: Gary McGraw

Home Page: http://www.rstcorp.com/irc/