Enforcing user-space privilege separation with declarative architectures

Ben Niu, Gang Tan

Research output: Chapter in Book/Report/Conference proceedingConference contribution

5 Scopus citations


Applying privilege separation in software development is an effective strategy for limiting the damage of an attack on a software system. In this approach, a software system is separated into a set of communicating protection domains of least privilege. In a privilege-separated system, even if one protection domain is hijacked by an attacker, the rest of the system may still function. uPro is a tool that provides efficient and flexible enforcement of privilege separation. It adopts software-based fault isolation to implement protection domains in the user-space so that inter-domain communication is efficient. It provides a declarative language to describe an application's security architecture, facilitating developers to identify different architecture alternatives. The evaluation shows that real applications can be ported to uPro with enhanced security, acceptable performance, and declarative architectures.

Original languageEnglish (US)
Title of host publicationSTC'12 - Proceedings of the Workshop on Scalable Trusted Computing
Number of pages12
StatePublished - 2012
Event7th ACM Workshop on Scalable Trusted Computing, STC 2012 - Raleigh, NC, United States
Duration: Oct 15 2012Oct 15 2012

Publication series

NameProceedings of the ACM Conference on Computer and Communications Security
ISSN (Print)1543-7221


Other7th ACM Workshop on Scalable Trusted Computing, STC 2012
Country/TerritoryUnited States
CityRaleigh, NC

All Science Journal Classification (ASJC) codes

  • Software
  • Computer Networks and Communications


Dive into the research topics of 'Enforcing user-space privilege separation with declarative architectures'. Together they form a unique fingerprint.

Cite this