OS Support for Application Installation, Execution, and Management in an Untrustworthy World
PI: Steven Gribble
Modern computer users face many security threats and manageability obstacles. Today's software is increasingly complex, buggy, and prone to vulnerability. In addition to familiar threats such as worms and viruses, users must contend with new, more subtle attacks, such as the spread of spyware. Unfortunately, operating systems do little to help users address the security and vulnerability challenges of the networked environment. For example, it is difficult to determine what programs are running on a system, or what code is responsible for generating visible activity (such as network traffic, file system activity, or windowing activity). This research focuses on the construction of a new application and operating system architecture based on lightweight virtual machines, with each application being both installed and isolated in its own VM. Installing and removing applications becomes simple, as a VM provides a clean container in which all of the application dependencies and resources can be embedded. Tracking an application and associating activity with its source becomes possible, since activity is easily observable through and traceable to the narrow VM interface. This architecture provides stronger security properties, since malicious applications are isolated from benign programs and data, and a vulnerability within an application no longer puts other applications at risk. The impact of this work will be to provide users with trustworthy infrastructure that they can depend on, and to mitigate damage to users in the case of successful attacks.
