Windows security sandbox framework

Author

Kyle P. Gwinnup, Eastern Washington University

Date of Award

2012

Rights

Access is available to all users

Document Type

Thesis

Degree Name

Master of Science (MS) in Computer Science

Department

Computer Science

Abstract

"Software systems are vulnerable to attack in many different ways. Systems can be poorly implemented which could allow an attacker access to the system through legitimate means such as anonymous access to a server or security controls and access lists can be configured incorrectly which would allow an attacker access to the system by exploiting a logic flaw in the systems configuration. These security vulnerabilities can be limited by implementing software systems properly or in a more restrictive manner. Sandboxing an application allows for interception of a processes system call for verification against a defined policy. A system call can be allowed or denied based on the function being called or can have parameters analyzed and verified against a defined policy. This paper presents a sandboxing framework for Microsoft Windows operating systems. The framework is written entirely in python and uses a modular design which allows for small and simple policies. Profiles can exist for processes which automatically load user policies for a sandbox process"--Document.

Comments

Typescript. Vita.

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.

Recommended Citation

Gwinnup, Kyle P., "Windows security sandbox framework" (2012). EWU Masters Thesis Collection. 68.
https://dc.ewu.edu/theses/68