Using Pit to improve security in low-level programs
Abstract Pit (Pedersen on http://pit.devpit.org, 2008; Pedersen and Reza in ISOLA ’06: proceedings of the second international symposium on leveraging applications of formal methods, verification and validation (ISOLA 2006), pp. 111–118, 2006) is a new language for low-level programming, designed to...
Ausführliche Beschreibung
Autor*in: |
Pedersen, Leif [verfasserIn] |
---|
Format: |
Artikel |
---|---|
Sprache: |
Englisch |
Erschienen: |
2009 |
---|
Schlagwörter: |
---|
Anmerkung: |
© Springer Science+Business Media, LLC 2009 |
---|
Übergeordnetes Werk: |
Enthalten in: The journal of supercomputing - Springer US, 1987, 53(2009), 3 vom: 07. Juli, Seite 394-410 |
---|---|
Übergeordnetes Werk: |
volume:53 ; year:2009 ; number:3 ; day:07 ; month:07 ; pages:394-410 |
Links: |
---|
DOI / URN: |
10.1007/s11227-009-0301-x |
---|
Katalog-ID: |
OLC2033936910 |
---|
LEADER | 01000caa a22002652 4500 | ||
---|---|---|---|
001 | OLC2033936910 | ||
003 | DE-627 | ||
005 | 20230504053659.0 | ||
007 | tu | ||
008 | 200819s2009 xx ||||| 00| ||eng c | ||
024 | 7 | |a 10.1007/s11227-009-0301-x |2 doi | |
035 | |a (DE-627)OLC2033936910 | ||
035 | |a (DE-He213)s11227-009-0301-x-p | ||
040 | |a DE-627 |b ger |c DE-627 |e rakwb | ||
041 | |a eng | ||
082 | 0 | 4 | |a 004 |a 620 |q VZ |
100 | 1 | |a Pedersen, Leif |e verfasserin |4 aut | |
245 | 1 | 0 | |a Using Pit to improve security in low-level programs |
264 | 1 | |c 2009 | |
336 | |a Text |b txt |2 rdacontent | ||
337 | |a ohne Hilfsmittel zu benutzen |b n |2 rdamedia | ||
338 | |a Band |b nc |2 rdacarrier | ||
500 | |a © Springer Science+Business Media, LLC 2009 | ||
520 | |a Abstract Pit (Pedersen on http://pit.devpit.org, 2008; Pedersen and Reza in ISOLA ’06: proceedings of the second international symposium on leveraging applications of formal methods, verification and validation (ISOLA 2006), pp. 111–118, 2006) is a new language for low-level programming, designed to be a self-hosting alternative to C. The novelty is that it supports automated memory management without excluding manual memory management, and without hindering key features associated with low-level programming, such as raw pointers, inline assembly code, and precise control over execution. This paper presents Pit as a language, and then examines how Pit’s approach to memory allocation can be used to significantly increase the security of low-level programs. Automatic memory allocation is a useful tool of abstraction in many situations. Since Pit provides this tool without hindering low-level programming, it allows automated memory management to be used in programs where it previously could not be used, such as kernels. Specifically, this tool of abstraction can assist the programmer significantly in writing low-level code with fewer security problems caused by buffer overrun or integer overflow bugs by reducing the number of opportunities for such bugs in areas of code that do not need the precision of manual memory allocation. Existing solutions, such as Cyclone (Jim et al. in ATEC ’02: proceedings of the general track: USENIX annual technical conference, pp. 275–288, 2002), add various ways of checking bounds, but have two major disadvantages: they require extra work from the programmer, and they detect but do not fix memory allocation bugs. Pit’s approach simplifies what the programmer writes, making the code more understandable. | ||
650 | 4 | |a Low level programming languages | |
650 | 4 | |a Buffer overrun | |
650 | 4 | |a Security | |
650 | 4 | |a Compiler construction | |
700 | 1 | |a Reza, Hassan |4 aut | |
773 | 0 | 8 | |i Enthalten in |t The journal of supercomputing |d Springer US, 1987 |g 53(2009), 3 vom: 07. Juli, Seite 394-410 |w (DE-627)13046466X |w (DE-600)740510-8 |w (DE-576)018667775 |x 0920-8542 |7 nnns |
773 | 1 | 8 | |g volume:53 |g year:2009 |g number:3 |g day:07 |g month:07 |g pages:394-410 |
856 | 4 | 1 | |u https://doi.org/10.1007/s11227-009-0301-x |z lizenzpflichtig |3 Volltext |
912 | |a GBV_USEFLAG_A | ||
912 | |a SYSFLAG_A | ||
912 | |a GBV_OLC | ||
912 | |a SSG-OLC-TEC | ||
912 | |a SSG-OLC-MAT | ||
912 | |a GBV_ILN_70 | ||
912 | |a GBV_ILN_2010 | ||
951 | |a AR | ||
952 | |d 53 |j 2009 |e 3 |b 07 |c 07 |h 394-410 |
author_variant |
l p lp h r hr |
---|---|
matchkey_str |
article:09208542:2009----::snptomrvscrtilw |
hierarchy_sort_str |
2009 |
publishDate |
2009 |
allfields |
10.1007/s11227-009-0301-x doi (DE-627)OLC2033936910 (DE-He213)s11227-009-0301-x-p DE-627 ger DE-627 rakwb eng 004 620 VZ Pedersen, Leif verfasserin aut Using Pit to improve security in low-level programs 2009 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier © Springer Science+Business Media, LLC 2009 Abstract Pit (Pedersen on http://pit.devpit.org, 2008; Pedersen and Reza in ISOLA ’06: proceedings of the second international symposium on leveraging applications of formal methods, verification and validation (ISOLA 2006), pp. 111–118, 2006) is a new language for low-level programming, designed to be a self-hosting alternative to C. The novelty is that it supports automated memory management without excluding manual memory management, and without hindering key features associated with low-level programming, such as raw pointers, inline assembly code, and precise control over execution. This paper presents Pit as a language, and then examines how Pit’s approach to memory allocation can be used to significantly increase the security of low-level programs. Automatic memory allocation is a useful tool of abstraction in many situations. Since Pit provides this tool without hindering low-level programming, it allows automated memory management to be used in programs where it previously could not be used, such as kernels. Specifically, this tool of abstraction can assist the programmer significantly in writing low-level code with fewer security problems caused by buffer overrun or integer overflow bugs by reducing the number of opportunities for such bugs in areas of code that do not need the precision of manual memory allocation. Existing solutions, such as Cyclone (Jim et al. in ATEC ’02: proceedings of the general track: USENIX annual technical conference, pp. 275–288, 2002), add various ways of checking bounds, but have two major disadvantages: they require extra work from the programmer, and they detect but do not fix memory allocation bugs. Pit’s approach simplifies what the programmer writes, making the code more understandable. Low level programming languages Buffer overrun Security Compiler construction Reza, Hassan aut Enthalten in The journal of supercomputing Springer US, 1987 53(2009), 3 vom: 07. Juli, Seite 394-410 (DE-627)13046466X (DE-600)740510-8 (DE-576)018667775 0920-8542 nnns volume:53 year:2009 number:3 day:07 month:07 pages:394-410 https://doi.org/10.1007/s11227-009-0301-x lizenzpflichtig Volltext GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-TEC SSG-OLC-MAT GBV_ILN_70 GBV_ILN_2010 AR 53 2009 3 07 07 394-410 |
spelling |
10.1007/s11227-009-0301-x doi (DE-627)OLC2033936910 (DE-He213)s11227-009-0301-x-p DE-627 ger DE-627 rakwb eng 004 620 VZ Pedersen, Leif verfasserin aut Using Pit to improve security in low-level programs 2009 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier © Springer Science+Business Media, LLC 2009 Abstract Pit (Pedersen on http://pit.devpit.org, 2008; Pedersen and Reza in ISOLA ’06: proceedings of the second international symposium on leveraging applications of formal methods, verification and validation (ISOLA 2006), pp. 111–118, 2006) is a new language for low-level programming, designed to be a self-hosting alternative to C. The novelty is that it supports automated memory management without excluding manual memory management, and without hindering key features associated with low-level programming, such as raw pointers, inline assembly code, and precise control over execution. This paper presents Pit as a language, and then examines how Pit’s approach to memory allocation can be used to significantly increase the security of low-level programs. Automatic memory allocation is a useful tool of abstraction in many situations. Since Pit provides this tool without hindering low-level programming, it allows automated memory management to be used in programs where it previously could not be used, such as kernels. Specifically, this tool of abstraction can assist the programmer significantly in writing low-level code with fewer security problems caused by buffer overrun or integer overflow bugs by reducing the number of opportunities for such bugs in areas of code that do not need the precision of manual memory allocation. Existing solutions, such as Cyclone (Jim et al. in ATEC ’02: proceedings of the general track: USENIX annual technical conference, pp. 275–288, 2002), add various ways of checking bounds, but have two major disadvantages: they require extra work from the programmer, and they detect but do not fix memory allocation bugs. Pit’s approach simplifies what the programmer writes, making the code more understandable. Low level programming languages Buffer overrun Security Compiler construction Reza, Hassan aut Enthalten in The journal of supercomputing Springer US, 1987 53(2009), 3 vom: 07. Juli, Seite 394-410 (DE-627)13046466X (DE-600)740510-8 (DE-576)018667775 0920-8542 nnns volume:53 year:2009 number:3 day:07 month:07 pages:394-410 https://doi.org/10.1007/s11227-009-0301-x lizenzpflichtig Volltext GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-TEC SSG-OLC-MAT GBV_ILN_70 GBV_ILN_2010 AR 53 2009 3 07 07 394-410 |
allfields_unstemmed |
10.1007/s11227-009-0301-x doi (DE-627)OLC2033936910 (DE-He213)s11227-009-0301-x-p DE-627 ger DE-627 rakwb eng 004 620 VZ Pedersen, Leif verfasserin aut Using Pit to improve security in low-level programs 2009 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier © Springer Science+Business Media, LLC 2009 Abstract Pit (Pedersen on http://pit.devpit.org, 2008; Pedersen and Reza in ISOLA ’06: proceedings of the second international symposium on leveraging applications of formal methods, verification and validation (ISOLA 2006), pp. 111–118, 2006) is a new language for low-level programming, designed to be a self-hosting alternative to C. The novelty is that it supports automated memory management without excluding manual memory management, and without hindering key features associated with low-level programming, such as raw pointers, inline assembly code, and precise control over execution. This paper presents Pit as a language, and then examines how Pit’s approach to memory allocation can be used to significantly increase the security of low-level programs. Automatic memory allocation is a useful tool of abstraction in many situations. Since Pit provides this tool without hindering low-level programming, it allows automated memory management to be used in programs where it previously could not be used, such as kernels. Specifically, this tool of abstraction can assist the programmer significantly in writing low-level code with fewer security problems caused by buffer overrun or integer overflow bugs by reducing the number of opportunities for such bugs in areas of code that do not need the precision of manual memory allocation. Existing solutions, such as Cyclone (Jim et al. in ATEC ’02: proceedings of the general track: USENIX annual technical conference, pp. 275–288, 2002), add various ways of checking bounds, but have two major disadvantages: they require extra work from the programmer, and they detect but do not fix memory allocation bugs. Pit’s approach simplifies what the programmer writes, making the code more understandable. Low level programming languages Buffer overrun Security Compiler construction Reza, Hassan aut Enthalten in The journal of supercomputing Springer US, 1987 53(2009), 3 vom: 07. Juli, Seite 394-410 (DE-627)13046466X (DE-600)740510-8 (DE-576)018667775 0920-8542 nnns volume:53 year:2009 number:3 day:07 month:07 pages:394-410 https://doi.org/10.1007/s11227-009-0301-x lizenzpflichtig Volltext GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-TEC SSG-OLC-MAT GBV_ILN_70 GBV_ILN_2010 AR 53 2009 3 07 07 394-410 |
allfieldsGer |
10.1007/s11227-009-0301-x doi (DE-627)OLC2033936910 (DE-He213)s11227-009-0301-x-p DE-627 ger DE-627 rakwb eng 004 620 VZ Pedersen, Leif verfasserin aut Using Pit to improve security in low-level programs 2009 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier © Springer Science+Business Media, LLC 2009 Abstract Pit (Pedersen on http://pit.devpit.org, 2008; Pedersen and Reza in ISOLA ’06: proceedings of the second international symposium on leveraging applications of formal methods, verification and validation (ISOLA 2006), pp. 111–118, 2006) is a new language for low-level programming, designed to be a self-hosting alternative to C. The novelty is that it supports automated memory management without excluding manual memory management, and without hindering key features associated with low-level programming, such as raw pointers, inline assembly code, and precise control over execution. This paper presents Pit as a language, and then examines how Pit’s approach to memory allocation can be used to significantly increase the security of low-level programs. Automatic memory allocation is a useful tool of abstraction in many situations. Since Pit provides this tool without hindering low-level programming, it allows automated memory management to be used in programs where it previously could not be used, such as kernels. Specifically, this tool of abstraction can assist the programmer significantly in writing low-level code with fewer security problems caused by buffer overrun or integer overflow bugs by reducing the number of opportunities for such bugs in areas of code that do not need the precision of manual memory allocation. Existing solutions, such as Cyclone (Jim et al. in ATEC ’02: proceedings of the general track: USENIX annual technical conference, pp. 275–288, 2002), add various ways of checking bounds, but have two major disadvantages: they require extra work from the programmer, and they detect but do not fix memory allocation bugs. Pit’s approach simplifies what the programmer writes, making the code more understandable. Low level programming languages Buffer overrun Security Compiler construction Reza, Hassan aut Enthalten in The journal of supercomputing Springer US, 1987 53(2009), 3 vom: 07. Juli, Seite 394-410 (DE-627)13046466X (DE-600)740510-8 (DE-576)018667775 0920-8542 nnns volume:53 year:2009 number:3 day:07 month:07 pages:394-410 https://doi.org/10.1007/s11227-009-0301-x lizenzpflichtig Volltext GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-TEC SSG-OLC-MAT GBV_ILN_70 GBV_ILN_2010 AR 53 2009 3 07 07 394-410 |
allfieldsSound |
10.1007/s11227-009-0301-x doi (DE-627)OLC2033936910 (DE-He213)s11227-009-0301-x-p DE-627 ger DE-627 rakwb eng 004 620 VZ Pedersen, Leif verfasserin aut Using Pit to improve security in low-level programs 2009 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier © Springer Science+Business Media, LLC 2009 Abstract Pit (Pedersen on http://pit.devpit.org, 2008; Pedersen and Reza in ISOLA ’06: proceedings of the second international symposium on leveraging applications of formal methods, verification and validation (ISOLA 2006), pp. 111–118, 2006) is a new language for low-level programming, designed to be a self-hosting alternative to C. The novelty is that it supports automated memory management without excluding manual memory management, and without hindering key features associated with low-level programming, such as raw pointers, inline assembly code, and precise control over execution. This paper presents Pit as a language, and then examines how Pit’s approach to memory allocation can be used to significantly increase the security of low-level programs. Automatic memory allocation is a useful tool of abstraction in many situations. Since Pit provides this tool without hindering low-level programming, it allows automated memory management to be used in programs where it previously could not be used, such as kernels. Specifically, this tool of abstraction can assist the programmer significantly in writing low-level code with fewer security problems caused by buffer overrun or integer overflow bugs by reducing the number of opportunities for such bugs in areas of code that do not need the precision of manual memory allocation. Existing solutions, such as Cyclone (Jim et al. in ATEC ’02: proceedings of the general track: USENIX annual technical conference, pp. 275–288, 2002), add various ways of checking bounds, but have two major disadvantages: they require extra work from the programmer, and they detect but do not fix memory allocation bugs. Pit’s approach simplifies what the programmer writes, making the code more understandable. Low level programming languages Buffer overrun Security Compiler construction Reza, Hassan aut Enthalten in The journal of supercomputing Springer US, 1987 53(2009), 3 vom: 07. Juli, Seite 394-410 (DE-627)13046466X (DE-600)740510-8 (DE-576)018667775 0920-8542 nnns volume:53 year:2009 number:3 day:07 month:07 pages:394-410 https://doi.org/10.1007/s11227-009-0301-x lizenzpflichtig Volltext GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-TEC SSG-OLC-MAT GBV_ILN_70 GBV_ILN_2010 AR 53 2009 3 07 07 394-410 |
language |
English |
source |
Enthalten in The journal of supercomputing 53(2009), 3 vom: 07. Juli, Seite 394-410 volume:53 year:2009 number:3 day:07 month:07 pages:394-410 |
sourceStr |
Enthalten in The journal of supercomputing 53(2009), 3 vom: 07. Juli, Seite 394-410 volume:53 year:2009 number:3 day:07 month:07 pages:394-410 |
format_phy_str_mv |
Article |
institution |
findex.gbv.de |
topic_facet |
Low level programming languages Buffer overrun Security Compiler construction |
dewey-raw |
004 |
isfreeaccess_bool |
false |
container_title |
The journal of supercomputing |
authorswithroles_txt_mv |
Pedersen, Leif @@aut@@ Reza, Hassan @@aut@@ |
publishDateDaySort_date |
2009-07-07T00:00:00Z |
hierarchy_top_id |
13046466X |
dewey-sort |
14 |
id |
OLC2033936910 |
language_de |
englisch |
fullrecord |
<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01000caa a22002652 4500</leader><controlfield tag="001">OLC2033936910</controlfield><controlfield tag="003">DE-627</controlfield><controlfield tag="005">20230504053659.0</controlfield><controlfield tag="007">tu</controlfield><controlfield tag="008">200819s2009 xx ||||| 00| ||eng c</controlfield><datafield tag="024" ind1="7" ind2=" "><subfield code="a">10.1007/s11227-009-0301-x</subfield><subfield code="2">doi</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-627)OLC2033936910</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-He213)s11227-009-0301-x-p</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-627</subfield><subfield code="b">ger</subfield><subfield code="c">DE-627</subfield><subfield code="e">rakwb</subfield></datafield><datafield tag="041" ind1=" " ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="082" ind1="0" ind2="4"><subfield code="a">004</subfield><subfield code="a">620</subfield><subfield code="q">VZ</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Pedersen, Leif</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Using Pit to improve security in low-level programs</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="c">2009</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">Text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">ohne Hilfsmittel zu benutzen</subfield><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">Band</subfield><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">© Springer Science+Business Media, LLC 2009</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">Abstract Pit (Pedersen on http://pit.devpit.org, 2008; Pedersen and Reza in ISOLA ’06: proceedings of the second international symposium on leveraging applications of formal methods, verification and validation (ISOLA 2006), pp. 111–118, 2006) is a new language for low-level programming, designed to be a self-hosting alternative to C. The novelty is that it supports automated memory management without excluding manual memory management, and without hindering key features associated with low-level programming, such as raw pointers, inline assembly code, and precise control over execution. This paper presents Pit as a language, and then examines how Pit’s approach to memory allocation can be used to significantly increase the security of low-level programs. Automatic memory allocation is a useful tool of abstraction in many situations. Since Pit provides this tool without hindering low-level programming, it allows automated memory management to be used in programs where it previously could not be used, such as kernels. Specifically, this tool of abstraction can assist the programmer significantly in writing low-level code with fewer security problems caused by buffer overrun or integer overflow bugs by reducing the number of opportunities for such bugs in areas of code that do not need the precision of manual memory allocation. Existing solutions, such as Cyclone (Jim et al. in ATEC ’02: proceedings of the general track: USENIX annual technical conference, pp. 275–288, 2002), add various ways of checking bounds, but have two major disadvantages: they require extra work from the programmer, and they detect but do not fix memory allocation bugs. Pit’s approach simplifies what the programmer writes, making the code more understandable.</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Low level programming languages</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Buffer overrun</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Security</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Compiler construction</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Reza, Hassan</subfield><subfield code="4">aut</subfield></datafield><datafield tag="773" ind1="0" ind2="8"><subfield code="i">Enthalten in</subfield><subfield code="t">The journal of supercomputing</subfield><subfield code="d">Springer US, 1987</subfield><subfield code="g">53(2009), 3 vom: 07. Juli, Seite 394-410</subfield><subfield code="w">(DE-627)13046466X</subfield><subfield code="w">(DE-600)740510-8</subfield><subfield code="w">(DE-576)018667775</subfield><subfield code="x">0920-8542</subfield><subfield code="7">nnns</subfield></datafield><datafield tag="773" ind1="1" ind2="8"><subfield code="g">volume:53</subfield><subfield code="g">year:2009</subfield><subfield code="g">number:3</subfield><subfield code="g">day:07</subfield><subfield code="g">month:07</subfield><subfield code="g">pages:394-410</subfield></datafield><datafield tag="856" ind1="4" ind2="1"><subfield code="u">https://doi.org/10.1007/s11227-009-0301-x</subfield><subfield code="z">lizenzpflichtig</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_USEFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SYSFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_OLC</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SSG-OLC-TEC</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SSG-OLC-MAT</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_70</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_2010</subfield></datafield><datafield tag="951" ind1=" " ind2=" "><subfield code="a">AR</subfield></datafield><datafield tag="952" ind1=" " ind2=" "><subfield code="d">53</subfield><subfield code="j">2009</subfield><subfield code="e">3</subfield><subfield code="b">07</subfield><subfield code="c">07</subfield><subfield code="h">394-410</subfield></datafield></record></collection>
|
author |
Pedersen, Leif |
spellingShingle |
Pedersen, Leif ddc 004 misc Low level programming languages misc Buffer overrun misc Security misc Compiler construction Using Pit to improve security in low-level programs |
authorStr |
Pedersen, Leif |
ppnlink_with_tag_str_mv |
@@773@@(DE-627)13046466X |
format |
Article |
dewey-ones |
004 - Data processing & computer science 620 - Engineering & allied operations |
delete_txt_mv |
keep |
author_role |
aut aut |
collection |
OLC |
remote_str |
false |
illustrated |
Not Illustrated |
issn |
0920-8542 |
topic_title |
004 620 VZ Using Pit to improve security in low-level programs Low level programming languages Buffer overrun Security Compiler construction |
topic |
ddc 004 misc Low level programming languages misc Buffer overrun misc Security misc Compiler construction |
topic_unstemmed |
ddc 004 misc Low level programming languages misc Buffer overrun misc Security misc Compiler construction |
topic_browse |
ddc 004 misc Low level programming languages misc Buffer overrun misc Security misc Compiler construction |
format_facet |
Aufsätze Gedruckte Aufsätze |
format_main_str_mv |
Text Zeitschrift/Artikel |
carriertype_str_mv |
nc |
hierarchy_parent_title |
The journal of supercomputing |
hierarchy_parent_id |
13046466X |
dewey-tens |
000 - Computer science, knowledge & systems 620 - Engineering |
hierarchy_top_title |
The journal of supercomputing |
isfreeaccess_txt |
false |
familylinks_str_mv |
(DE-627)13046466X (DE-600)740510-8 (DE-576)018667775 |
title |
Using Pit to improve security in low-level programs |
ctrlnum |
(DE-627)OLC2033936910 (DE-He213)s11227-009-0301-x-p |
title_full |
Using Pit to improve security in low-level programs |
author_sort |
Pedersen, Leif |
journal |
The journal of supercomputing |
journalStr |
The journal of supercomputing |
lang_code |
eng |
isOA_bool |
false |
dewey-hundreds |
000 - Computer science, information & general works 600 - Technology |
recordtype |
marc |
publishDateSort |
2009 |
contenttype_str_mv |
txt |
container_start_page |
394 |
author_browse |
Pedersen, Leif Reza, Hassan |
container_volume |
53 |
class |
004 620 VZ |
format_se |
Aufsätze |
author-letter |
Pedersen, Leif |
doi_str_mv |
10.1007/s11227-009-0301-x |
dewey-full |
004 620 |
title_sort |
using pit to improve security in low-level programs |
title_auth |
Using Pit to improve security in low-level programs |
abstract |
Abstract Pit (Pedersen on http://pit.devpit.org, 2008; Pedersen and Reza in ISOLA ’06: proceedings of the second international symposium on leveraging applications of formal methods, verification and validation (ISOLA 2006), pp. 111–118, 2006) is a new language for low-level programming, designed to be a self-hosting alternative to C. The novelty is that it supports automated memory management without excluding manual memory management, and without hindering key features associated with low-level programming, such as raw pointers, inline assembly code, and precise control over execution. This paper presents Pit as a language, and then examines how Pit’s approach to memory allocation can be used to significantly increase the security of low-level programs. Automatic memory allocation is a useful tool of abstraction in many situations. Since Pit provides this tool without hindering low-level programming, it allows automated memory management to be used in programs where it previously could not be used, such as kernels. Specifically, this tool of abstraction can assist the programmer significantly in writing low-level code with fewer security problems caused by buffer overrun or integer overflow bugs by reducing the number of opportunities for such bugs in areas of code that do not need the precision of manual memory allocation. Existing solutions, such as Cyclone (Jim et al. in ATEC ’02: proceedings of the general track: USENIX annual technical conference, pp. 275–288, 2002), add various ways of checking bounds, but have two major disadvantages: they require extra work from the programmer, and they detect but do not fix memory allocation bugs. Pit’s approach simplifies what the programmer writes, making the code more understandable. © Springer Science+Business Media, LLC 2009 |
abstractGer |
Abstract Pit (Pedersen on http://pit.devpit.org, 2008; Pedersen and Reza in ISOLA ’06: proceedings of the second international symposium on leveraging applications of formal methods, verification and validation (ISOLA 2006), pp. 111–118, 2006) is a new language for low-level programming, designed to be a self-hosting alternative to C. The novelty is that it supports automated memory management without excluding manual memory management, and without hindering key features associated with low-level programming, such as raw pointers, inline assembly code, and precise control over execution. This paper presents Pit as a language, and then examines how Pit’s approach to memory allocation can be used to significantly increase the security of low-level programs. Automatic memory allocation is a useful tool of abstraction in many situations. Since Pit provides this tool without hindering low-level programming, it allows automated memory management to be used in programs where it previously could not be used, such as kernels. Specifically, this tool of abstraction can assist the programmer significantly in writing low-level code with fewer security problems caused by buffer overrun or integer overflow bugs by reducing the number of opportunities for such bugs in areas of code that do not need the precision of manual memory allocation. Existing solutions, such as Cyclone (Jim et al. in ATEC ’02: proceedings of the general track: USENIX annual technical conference, pp. 275–288, 2002), add various ways of checking bounds, but have two major disadvantages: they require extra work from the programmer, and they detect but do not fix memory allocation bugs. Pit’s approach simplifies what the programmer writes, making the code more understandable. © Springer Science+Business Media, LLC 2009 |
abstract_unstemmed |
Abstract Pit (Pedersen on http://pit.devpit.org, 2008; Pedersen and Reza in ISOLA ’06: proceedings of the second international symposium on leveraging applications of formal methods, verification and validation (ISOLA 2006), pp. 111–118, 2006) is a new language for low-level programming, designed to be a self-hosting alternative to C. The novelty is that it supports automated memory management without excluding manual memory management, and without hindering key features associated with low-level programming, such as raw pointers, inline assembly code, and precise control over execution. This paper presents Pit as a language, and then examines how Pit’s approach to memory allocation can be used to significantly increase the security of low-level programs. Automatic memory allocation is a useful tool of abstraction in many situations. Since Pit provides this tool without hindering low-level programming, it allows automated memory management to be used in programs where it previously could not be used, such as kernels. Specifically, this tool of abstraction can assist the programmer significantly in writing low-level code with fewer security problems caused by buffer overrun or integer overflow bugs by reducing the number of opportunities for such bugs in areas of code that do not need the precision of manual memory allocation. Existing solutions, such as Cyclone (Jim et al. in ATEC ’02: proceedings of the general track: USENIX annual technical conference, pp. 275–288, 2002), add various ways of checking bounds, but have two major disadvantages: they require extra work from the programmer, and they detect but do not fix memory allocation bugs. Pit’s approach simplifies what the programmer writes, making the code more understandable. © Springer Science+Business Media, LLC 2009 |
collection_details |
GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-TEC SSG-OLC-MAT GBV_ILN_70 GBV_ILN_2010 |
container_issue |
3 |
title_short |
Using Pit to improve security in low-level programs |
url |
https://doi.org/10.1007/s11227-009-0301-x |
remote_bool |
false |
author2 |
Reza, Hassan |
author2Str |
Reza, Hassan |
ppnlink |
13046466X |
mediatype_str_mv |
n |
isOA_txt |
false |
hochschulschrift_bool |
false |
doi_str |
10.1007/s11227-009-0301-x |
up_date |
2024-07-03T18:58:25.769Z |
_version_ |
1803585433919029249 |
fullrecord_marcxml |
<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01000caa a22002652 4500</leader><controlfield tag="001">OLC2033936910</controlfield><controlfield tag="003">DE-627</controlfield><controlfield tag="005">20230504053659.0</controlfield><controlfield tag="007">tu</controlfield><controlfield tag="008">200819s2009 xx ||||| 00| ||eng c</controlfield><datafield tag="024" ind1="7" ind2=" "><subfield code="a">10.1007/s11227-009-0301-x</subfield><subfield code="2">doi</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-627)OLC2033936910</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-He213)s11227-009-0301-x-p</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-627</subfield><subfield code="b">ger</subfield><subfield code="c">DE-627</subfield><subfield code="e">rakwb</subfield></datafield><datafield tag="041" ind1=" " ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="082" ind1="0" ind2="4"><subfield code="a">004</subfield><subfield code="a">620</subfield><subfield code="q">VZ</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Pedersen, Leif</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Using Pit to improve security in low-level programs</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="c">2009</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">Text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">ohne Hilfsmittel zu benutzen</subfield><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">Band</subfield><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">© Springer Science+Business Media, LLC 2009</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">Abstract Pit (Pedersen on http://pit.devpit.org, 2008; Pedersen and Reza in ISOLA ’06: proceedings of the second international symposium on leveraging applications of formal methods, verification and validation (ISOLA 2006), pp. 111–118, 2006) is a new language for low-level programming, designed to be a self-hosting alternative to C. The novelty is that it supports automated memory management without excluding manual memory management, and without hindering key features associated with low-level programming, such as raw pointers, inline assembly code, and precise control over execution. This paper presents Pit as a language, and then examines how Pit’s approach to memory allocation can be used to significantly increase the security of low-level programs. Automatic memory allocation is a useful tool of abstraction in many situations. Since Pit provides this tool without hindering low-level programming, it allows automated memory management to be used in programs where it previously could not be used, such as kernels. Specifically, this tool of abstraction can assist the programmer significantly in writing low-level code with fewer security problems caused by buffer overrun or integer overflow bugs by reducing the number of opportunities for such bugs in areas of code that do not need the precision of manual memory allocation. Existing solutions, such as Cyclone (Jim et al. in ATEC ’02: proceedings of the general track: USENIX annual technical conference, pp. 275–288, 2002), add various ways of checking bounds, but have two major disadvantages: they require extra work from the programmer, and they detect but do not fix memory allocation bugs. Pit’s approach simplifies what the programmer writes, making the code more understandable.</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Low level programming languages</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Buffer overrun</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Security</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Compiler construction</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Reza, Hassan</subfield><subfield code="4">aut</subfield></datafield><datafield tag="773" ind1="0" ind2="8"><subfield code="i">Enthalten in</subfield><subfield code="t">The journal of supercomputing</subfield><subfield code="d">Springer US, 1987</subfield><subfield code="g">53(2009), 3 vom: 07. Juli, Seite 394-410</subfield><subfield code="w">(DE-627)13046466X</subfield><subfield code="w">(DE-600)740510-8</subfield><subfield code="w">(DE-576)018667775</subfield><subfield code="x">0920-8542</subfield><subfield code="7">nnns</subfield></datafield><datafield tag="773" ind1="1" ind2="8"><subfield code="g">volume:53</subfield><subfield code="g">year:2009</subfield><subfield code="g">number:3</subfield><subfield code="g">day:07</subfield><subfield code="g">month:07</subfield><subfield code="g">pages:394-410</subfield></datafield><datafield tag="856" ind1="4" ind2="1"><subfield code="u">https://doi.org/10.1007/s11227-009-0301-x</subfield><subfield code="z">lizenzpflichtig</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_USEFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SYSFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_OLC</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SSG-OLC-TEC</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SSG-OLC-MAT</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_70</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_2010</subfield></datafield><datafield tag="951" ind1=" " ind2=" "><subfield code="a">AR</subfield></datafield><datafield tag="952" ind1=" " ind2=" "><subfield code="d">53</subfield><subfield code="j">2009</subfield><subfield code="e">3</subfield><subfield code="b">07</subfield><subfield code="c">07</subfield><subfield code="h">394-410</subfield></datafield></record></collection>
|
score |
7.4002705 |