Balancing Disruption and Deployability in the CHERI Instruction-Set Architecture (ISA)
New Solutions for Cybersecurity
MetadataShow full item record
Watson, R., Neumann, P., & Moore, S. (2017). Balancing Disruption and Deployability in the CHERI Instruction-Set Architecture (ISA). In Shrobe, H. MIT Press, New Solutions for Cybersecurity. [Book chapter]. https://doi.org/10.17863/CAM.13286
For over two-and-a-half decades, dating to the first widespread commercial deployment of the Internet, commodity processor architectures have failed to provide robust and secure foundations for communication and commerce. This is in large part due to the omission of architectural features allowing efficient implementation of the Principle of Least Privilege, which dictates that software runs only with the rights it requires to operate [19, 20]. Without this support, the impact of inevitable vulnerabilities is multiplied as successful attackers gain easy access to unnecessary rights – and often, all rights – in software systems.
External link: https://mitpress.mit.edu/books/new-solutions-cybersecurity
This record's DOI: https://doi.org/10.17863/CAM.13286