Capexec: Towards transparently-sandboxed services (extended version)
MS Jadidi, M Zaborski, B Kidney… - arXiv preprint arXiv …, 2019 - arxiv.org
… services is in the service manager that starts those services. As a first step towards this vision,
we propose CapExec… a single service within a sandbox based on a service declaration file …
we propose CapExec… a single service within a sandbox based on a service declaration file …
CapExec: Towards Transparently-Sandboxed Services
MS Jadidi, M Zaborski, B Kidney… - … on Network and Service …, 2019 - ieeexplore.ieee.org
… services is in the service manager that starts those services. As a first step towards this vision,
we propose CapExec… a single service within a sandbox based on a service declaration file …
we propose CapExec… a single service within a sandbox based on a service declaration file …
[PDF][PDF] CapExec: Towards Transparently-Sandboxed Services (Short Version)
MS Jadidi, M Zaborski, B Kidney, J Anderson - dl.ifip.org
… services is in the service manager that starts those services. As a first step towards this vision,
we propose CapExec… a single service within a sandbox based on a service declaration file …
we propose CapExec… a single service within a sandbox based on a service declaration file …
CapExec: Towards Transparently-Sandboxed Services (Extended Version)
M Soleimani Jadidi, M Zaborski, B Kidney… - arXiv e …, 2019 - ui.adsabs.harvard.edu
… services is in the service manager that starts those services. As a first step towards this vision,
we propose CapExec… a single service within a sandbox based on a service declaration file …
we propose CapExec… a single service within a sandbox based on a service declaration file …
Bpfbox: Simple precise process confinement with ebpf
… and systems administrators, under the hood it must deal with the full complexity of securing
a service on a Linux host. … We believe bpfbox is a step towards such a unified solution. …
a service on a Linux host. … We believe bpfbox is a step towards such a unified solution. …
Cloud Security Using Fine-Grained Efficient Information Flow Tracking
… control to cloud service consumers (CSCs) over their data. Moreover, eIFT enables enhanced
visibility to assess data conveyances by third-party services toward avoiding security risks (…
visibility to assess data conveyances by third-party services toward avoiding security risks (…
ESX: A Self-generated Control Policy for Remote Access with SSH based on eBPF
Y Zhong, P Chen, HX Zhang - IEEE Access, 2024 - ieeexplore.ieee.org
… To mitigate these issues, we introduce Extend Security boX (ESX), a novel solution that
combines a lightweight system call restriction system with machine learning method. ESX utilizes …
combines a lightweight system call restriction system with machine learning method. ESX utilizes …