论文部分内容阅读
For security, most web applications are developed in some type-safe language, such as Java Script or Java. However, there is a huge amount of legacy codes developed in unsafe languages, which provide rich functionality and are more efficient than their type-safe counterparts. To allow browsers to incorporate type-safe components in a secure way, previous approaches use the software-based fault isolation(SFI) to isolate untrusted legacy code. The SFI approach performs machine-code transformation for security, but the downside is the loss of architecture independence. We propose Web C, a system that allows legacy code transmitted over the web via the Low Level Virtual Machine(LLVM) bitcode format. The untrusted bitcode is transformed by Web C into code in the Web C security language, which enforces both memory isolation and control-flow integrity. Compared with previous approaches, Web C is more portable, provides stronger security, and allows more flexible memory management. Experimental results show that the average runtime overhead of Web C is modest.
For security, most web applications are developed in some type-safe language, such as Java Script or Java. However, there is a huge amount of legacy codes developed in unsafe languages, which provide rich functionality and are more efficient than their type-safe counterparts. To allow browsers to incorporate type-safe components in a secure way, previous approaches use the software-based fault isolation (SFI) to isolate untrusted legacy code. The SFI approach to machine-code transformation for security, but the downside is the loss of architecture independence. We propose Web C, a system that allows legacy code transmitted over the web via the Low Level Virtual Machine (LLVM) bitcode format. The untrusted bitcode is transformed by Web C into code in the Web C security language, which Compared with prior approaches, Web C is more portable, provides stronger security, and allows more flexible memory management. Experimenta l results show that the average runtime overhead of Web C is modest.