The Case for Abstracting Security Policies
My first ever academic paper, written with the expert guidance of Alan Mycroft and my PhD colleagues Dave Scott and Richard Sharp! We worked on a system call policy language to help constrain application access to privileged resources, and implemented this on OpenBSD using systrace. The paper describing the declarative language was presented at SAM 2003 in Las Vegas.
"Untrusted code" is just as much a social problem as it is a technical problem. Looking for a complete solution is unrealistic: it is analogous to looking for a solution to crime in general. With this in mind, we do not claim that our proposed framework is a panacea. However, although a number of security problems remain (e.g. covert channel leakage), we claim that our system offers the potential to raise the security level of existing general purpose operating systems significantly.