• Refine Query
  • Source
  • Publication year
  • to
  • Language
  • 1
  • Tagged with
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • 1
  • About
  • The Global ETD Search service is a free service for researchers to find electronic theses and dissertations. This service is provided by the Networked Digital Library of Theses and Dissertations.
    Our metadata is collected from universities around the world. If you manage a university/consortium/country archive and want to be added, details can be found on the NDLTD website.
1

Intra-process Fault Isolation Using WebAssembly / Felisolering inom process med hjälp av WebAssembly

Mårtensson Tolentino, Kevin January 2024 (has links)
Software Fault Isolation (SFI) is a form of software sandboxing that refers to the technique of isolating faults such as failures and vulnerabilities to a specific area in a software system. Together with other software sandboxing techniques, SFI remains a widely used practice in many types of software, ranging from web browsers to cloud infrastructure. Therefore, there are often different requirements on throughput, latency, and resource usage that have to be met. To this end, we have evaluated the usage of WebAssembly, a virtual instruction set architecture which has a design that makes it a suitable compilation target for enforcing SFI. Our findings show that WebAssembly compared to native x86-64 code performs favorably on memory-intensive workloads, but poorly on numerically intensive workloads. However, its main strength was found to be in communication between the host environment and the sandboxed environment. We found that communication across the sandbox boundary using WebAssembly-based sandboxing was up to several orders of magnitude faster than inter-process communication methods commonly used in process-based sandboxing. Additionally, we discuss the security model of WebAssembly and how it compares to other sandboxing methods.

Page generated in 0.0664 seconds