Copenhagen Programming Language Seminar
XFI is a comprehensive protection system that offers both flexible access control and fundamental integrity guarantees, at any privilege level and even for legacy code in commodity systems. For this purpose, XFI combines static analysis with inline software guards and a two-stack execution model. We have implemented XFI for Windows on the x86 architecture using binary rewriting and a simple, stand-alone verifier; the implementation's correctness depends on the verifier,but not on the rewriter. Our experiments confirm that XFI offers pervasive protection with only modest enforcement overheads. We have applied XFI to software such as device drivers and multimedia codecs; the resulting modules function safely within both kernel and user-mode address spaces. This is joint work with Martin Abadi, Michael Vrable,Mihai Budiu, and George Necula.
Martin Elsman. Administrative host:
Camilla Jensen. All are welcome.
The Copenhagen Programming Language Seminar (COPLAS) is a collaboration between DIKU, ITU and KVL.
COPLAS is sponsored by FIRST Graduate School.
To receive information about COPLAS talks by email, send a message to email@example.com with the word 'subscribe' as subject or in the body.
For more information about COPLAS, see http://www.coplas.org