Using Pit to improve security in low-level programs

Abstract Pit (Pedersen on http://pit.devpit.org, 2008; Pedersen and Reza in ISOLA ’06: proceedings of the second international symposium on leveraging applications of formal methods, verification and validation (ISOLA 2006), pp. 111–118, 2006) is a new language for low-level programming, designed to...
Ausführliche Beschreibung

Gespeichert in:

Autor*in:	Pedersen, Leif [verfasserIn] Reza, Hassan

Format:	Artikel
Sprache:	Englisch

Erschienen:	2009

Schlagwörter:	Low level programming languages Buffer overrun Security Compiler construction

Anmerkung:	© Springer Science+Business Media, LLC 2009

Übergeordnetes Werk:	Enthalten in: The journal of supercomputing - Springer US, 1987, 53(2009), 3 vom: 07. Juli, Seite 394-410
Übergeordnetes Werk:	volume:53 ; year:2009 ; number:3 ; day:07 ; month:07 ; pages:394-410

Links:	Volltext

DOI / URN:	10.1007/s11227-009-0301-x

Katalog-ID:	OLC2033936910

Internformat


LEADER	01000caa a22002652 4500
001	OLC2033936910
003	DE-627
005	20230504053659.0
007	tu
008	200819s2009 xx \|\|\|\|\| 00\| \|\|eng c
024	7		\|a 10.1007/s11227-009-0301-x \|2 doi
035			\|a (DE-627)OLC2033936910
035			\|a (DE-He213)s11227-009-0301-x-p
040			\|a DE-627 \|b ger \|c DE-627 \|e rakwb
041			\|a eng
082	0	4	\|a 004 \|a 620 \|q VZ
100	1		\|a Pedersen, Leif \|e verfasserin \|4 aut
245	1	0	\|a Using Pit to improve security in low-level programs
264		1	\|c 2009
336			\|a Text \|b txt \|2 rdacontent
337			\|a ohne Hilfsmittel zu benutzen \|b n \|2 rdamedia
338			\|a Band \|b nc \|2 rdacarrier
500			\|a © Springer Science+Business Media, LLC 2009
520			\|a Abstract Pit (Pedersen on http://pit.devpit.org, 2008; Pedersen and Reza in ISOLA ’06: proceedings of the second international symposium on leveraging applications of formal methods, verification and validation (ISOLA 2006), pp. 111–118, 2006) is a new language for low-level programming, designed to be a self-hosting alternative to C. The novelty is that it supports automated memory management without excluding manual memory management, and without hindering key features associated with low-level programming, such as raw pointers, inline assembly code, and precise control over execution. This paper presents Pit as a language, and then examines how Pit’s approach to memory allocation can be used to significantly increase the security of low-level programs. Automatic memory allocation is a useful tool of abstraction in many situations. Since Pit provides this tool without hindering low-level programming, it allows automated memory management to be used in programs where it previously could not be used, such as kernels. Specifically, this tool of abstraction can assist the programmer significantly in writing low-level code with fewer security problems caused by buffer overrun or integer overflow bugs by reducing the number of opportunities for such bugs in areas of code that do not need the precision of manual memory allocation. Existing solutions, such as Cyclone (Jim et al. in ATEC ’02: proceedings of the general track: USENIX annual technical conference, pp. 275–288, 2002), add various ways of checking bounds, but have two major disadvantages: they require extra work from the programmer, and they detect but do not fix memory allocation bugs. Pit’s approach simplifies what the programmer writes, making the code more understandable.
650		4	\|a Low level programming languages
650		4	\|a Buffer overrun
650		4	\|a Security
650		4	\|a Compiler construction
700	1		\|a Reza, Hassan \|4 aut
773	0	8	\|i Enthalten in \|t The journal of supercomputing \|d Springer US, 1987 \|g 53(2009), 3 vom: 07. Juli, Seite 394-410 \|w (DE-627)13046466X \|w (DE-600)740510-8 \|w (DE-576)018667775 \|x 0920-8542 \|7 nnns
773	1	8	\|g volume:53 \|g year:2009 \|g number:3 \|g day:07 \|g month:07 \|g pages:394-410
856	4	1	\|u https://doi.org/10.1007/s11227-009-0301-x \|z lizenzpflichtig \|3 Volltext
912			\|a GBV_USEFLAG_A
912			\|a SYSFLAG_A
912			\|a GBV_OLC
912			\|a SSG-OLC-TEC
912			\|a SSG-OLC-MAT
912			\|a GBV_ILN_70
912			\|a GBV_ILN_2010
951			\|a AR
952			\|d 53 \|j 2009 \|e 3 \|b 07 \|c 07 \|h 394-410

Indexfelder

author_variant	l p lp h r hr
matchkey_str	article:09208542:2009----::snptomrvscrtilw
hierarchy_sort_str	2009
publishDate	2009
allfields	10.1007/s11227-009-0301-x doi (DE-627)OLC2033936910 (DE-He213)s11227-009-0301-x-p DE-627 ger DE-627 rakwb eng 004 620 VZ Pedersen, Leif verfasserin aut Using Pit to improve security in low-level programs 2009 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier © Springer Science+Business Media, LLC 2009 Abstract Pit (Pedersen on http://pit.devpit.org, 2008; Pedersen and Reza in ISOLA ’06: proceedings of the second international symposium on leveraging applications of formal methods, verification and validation (ISOLA 2006), pp. 111–118, 2006) is a new language for low-level programming, designed to be a self-hosting alternative to C. The novelty is that it supports automated memory management without excluding manual memory management, and without hindering key features associated with low-level programming, such as raw pointers, inline assembly code, and precise control over execution. This paper presents Pit as a language, and then examines how Pit’s approach to memory allocation can be used to significantly increase the security of low-level programs. Automatic memory allocation is a useful tool of abstraction in many situations. Since Pit provides this tool without hindering low-level programming, it allows automated memory management to be used in programs where it previously could not be used, such as kernels. Specifically, this tool of abstraction can assist the programmer significantly in writing low-level code with fewer security problems caused by buffer overrun or integer overflow bugs by reducing the number of opportunities for such bugs in areas of code that do not need the precision of manual memory allocation. Existing solutions, such as Cyclone (Jim et al. in ATEC ’02: proceedings of the general track: USENIX annual technical conference, pp. 275–288, 2002), add various ways of checking bounds, but have two major disadvantages: they require extra work from the programmer, and they detect but do not fix memory allocation bugs. Pit’s approach simplifies what the programmer writes, making the code more understandable. Low level programming languages Buffer overrun Security Compiler construction Reza, Hassan aut Enthalten in The journal of supercomputing Springer US, 1987 53(2009), 3 vom: 07. Juli, Seite 394-410 (DE-627)13046466X (DE-600)740510-8 (DE-576)018667775 0920-8542 nnns volume:53 year:2009 number:3 day:07 month:07 pages:394-410 https://doi.org/10.1007/s11227-009-0301-x lizenzpflichtig Volltext GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-TEC SSG-OLC-MAT GBV_ILN_70 GBV_ILN_2010 AR 53 2009 3 07 07 394-410
spelling	10.1007/s11227-009-0301-x doi (DE-627)OLC2033936910 (DE-He213)s11227-009-0301-x-p DE-627 ger DE-627 rakwb eng 004 620 VZ Pedersen, Leif verfasserin aut Using Pit to improve security in low-level programs 2009 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier © Springer Science+Business Media, LLC 2009 Abstract Pit (Pedersen on http://pit.devpit.org, 2008; Pedersen and Reza in ISOLA ’06: proceedings of the second international symposium on leveraging applications of formal methods, verification and validation (ISOLA 2006), pp. 111–118, 2006) is a new language for low-level programming, designed to be a self-hosting alternative to C. The novelty is that it supports automated memory management without excluding manual memory management, and without hindering key features associated with low-level programming, such as raw pointers, inline assembly code, and precise control over execution. This paper presents Pit as a language, and then examines how Pit’s approach to memory allocation can be used to significantly increase the security of low-level programs. Automatic memory allocation is a useful tool of abstraction in many situations. Since Pit provides this tool without hindering low-level programming, it allows automated memory management to be used in programs where it previously could not be used, such as kernels. Specifically, this tool of abstraction can assist the programmer significantly in writing low-level code with fewer security problems caused by buffer overrun or integer overflow bugs by reducing the number of opportunities for such bugs in areas of code that do not need the precision of manual memory allocation. Existing solutions, such as Cyclone (Jim et al. in ATEC ’02: proceedings of the general track: USENIX annual technical conference, pp. 275–288, 2002), add various ways of checking bounds, but have two major disadvantages: they require extra work from the programmer, and they detect but do not fix memory allocation bugs. Pit’s approach simplifies what the programmer writes, making the code more understandable. Low level programming languages Buffer overrun Security Compiler construction Reza, Hassan aut Enthalten in The journal of supercomputing Springer US, 1987 53(2009), 3 vom: 07. Juli, Seite 394-410 (DE-627)13046466X (DE-600)740510-8 (DE-576)018667775 0920-8542 nnns volume:53 year:2009 number:3 day:07 month:07 pages:394-410 https://doi.org/10.1007/s11227-009-0301-x lizenzpflichtig Volltext GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-TEC SSG-OLC-MAT GBV_ILN_70 GBV_ILN_2010 AR 53 2009 3 07 07 394-410
allfields_unstemmed	10.1007/s11227-009-0301-x doi (DE-627)OLC2033936910 (DE-He213)s11227-009-0301-x-p DE-627 ger DE-627 rakwb eng 004 620 VZ Pedersen, Leif verfasserin aut Using Pit to improve security in low-level programs 2009 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier © Springer Science+Business Media, LLC 2009 Abstract Pit (Pedersen on http://pit.devpit.org, 2008; Pedersen and Reza in ISOLA ’06: proceedings of the second international symposium on leveraging applications of formal methods, verification and validation (ISOLA 2006), pp. 111–118, 2006) is a new language for low-level programming, designed to be a self-hosting alternative to C. The novelty is that it supports automated memory management without excluding manual memory management, and without hindering key features associated with low-level programming, such as raw pointers, inline assembly code, and precise control over execution. This paper presents Pit as a language, and then examines how Pit’s approach to memory allocation can be used to significantly increase the security of low-level programs. Automatic memory allocation is a useful tool of abstraction in many situations. Since Pit provides this tool without hindering low-level programming, it allows automated memory management to be used in programs where it previously could not be used, such as kernels. Specifically, this tool of abstraction can assist the programmer significantly in writing low-level code with fewer security problems caused by buffer overrun or integer overflow bugs by reducing the number of opportunities for such bugs in areas of code that do not need the precision of manual memory allocation. Existing solutions, such as Cyclone (Jim et al. in ATEC ’02: proceedings of the general track: USENIX annual technical conference, pp. 275–288, 2002), add various ways of checking bounds, but have two major disadvantages: they require extra work from the programmer, and they detect but do not fix memory allocation bugs. Pit’s approach simplifies what the programmer writes, making the code more understandable. Low level programming languages Buffer overrun Security Compiler construction Reza, Hassan aut Enthalten in The journal of supercomputing Springer US, 1987 53(2009), 3 vom: 07. Juli, Seite 394-410 (DE-627)13046466X (DE-600)740510-8 (DE-576)018667775 0920-8542 nnns volume:53 year:2009 number:3 day:07 month:07 pages:394-410 https://doi.org/10.1007/s11227-009-0301-x lizenzpflichtig Volltext GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-TEC SSG-OLC-MAT GBV_ILN_70 GBV_ILN_2010 AR 53 2009 3 07 07 394-410
allfieldsGer	10.1007/s11227-009-0301-x doi (DE-627)OLC2033936910 (DE-He213)s11227-009-0301-x-p DE-627 ger DE-627 rakwb eng 004 620 VZ Pedersen, Leif verfasserin aut Using Pit to improve security in low-level programs 2009 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier © Springer Science+Business Media, LLC 2009 Abstract Pit (Pedersen on http://pit.devpit.org, 2008; Pedersen and Reza in ISOLA ’06: proceedings of the second international symposium on leveraging applications of formal methods, verification and validation (ISOLA 2006), pp. 111–118, 2006) is a new language for low-level programming, designed to be a self-hosting alternative to C. The novelty is that it supports automated memory management without excluding manual memory management, and without hindering key features associated with low-level programming, such as raw pointers, inline assembly code, and precise control over execution. This paper presents Pit as a language, and then examines how Pit’s approach to memory allocation can be used to significantly increase the security of low-level programs. Automatic memory allocation is a useful tool of abstraction in many situations. Since Pit provides this tool without hindering low-level programming, it allows automated memory management to be used in programs where it previously could not be used, such as kernels. Specifically, this tool of abstraction can assist the programmer significantly in writing low-level code with fewer security problems caused by buffer overrun or integer overflow bugs by reducing the number of opportunities for such bugs in areas of code that do not need the precision of manual memory allocation. Existing solutions, such as Cyclone (Jim et al. in ATEC ’02: proceedings of the general track: USENIX annual technical conference, pp. 275–288, 2002), add various ways of checking bounds, but have two major disadvantages: they require extra work from the programmer, and they detect but do not fix memory allocation bugs. Pit’s approach simplifies what the programmer writes, making the code more understandable. Low level programming languages Buffer overrun Security Compiler construction Reza, Hassan aut Enthalten in The journal of supercomputing Springer US, 1987 53(2009), 3 vom: 07. Juli, Seite 394-410 (DE-627)13046466X (DE-600)740510-8 (DE-576)018667775 0920-8542 nnns volume:53 year:2009 number:3 day:07 month:07 pages:394-410 https://doi.org/10.1007/s11227-009-0301-x lizenzpflichtig Volltext GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-TEC SSG-OLC-MAT GBV_ILN_70 GBV_ILN_2010 AR 53 2009 3 07 07 394-410
allfieldsSound	10.1007/s11227-009-0301-x doi (DE-627)OLC2033936910 (DE-He213)s11227-009-0301-x-p DE-627 ger DE-627 rakwb eng 004 620 VZ Pedersen, Leif verfasserin aut Using Pit to improve security in low-level programs 2009 Text txt rdacontent ohne Hilfsmittel zu benutzen n rdamedia Band nc rdacarrier © Springer Science+Business Media, LLC 2009 Abstract Pit (Pedersen on http://pit.devpit.org, 2008; Pedersen and Reza in ISOLA ’06: proceedings of the second international symposium on leveraging applications of formal methods, verification and validation (ISOLA 2006), pp. 111–118, 2006) is a new language for low-level programming, designed to be a self-hosting alternative to C. The novelty is that it supports automated memory management without excluding manual memory management, and without hindering key features associated with low-level programming, such as raw pointers, inline assembly code, and precise control over execution. This paper presents Pit as a language, and then examines how Pit’s approach to memory allocation can be used to significantly increase the security of low-level programs. Automatic memory allocation is a useful tool of abstraction in many situations. Since Pit provides this tool without hindering low-level programming, it allows automated memory management to be used in programs where it previously could not be used, such as kernels. Specifically, this tool of abstraction can assist the programmer significantly in writing low-level code with fewer security problems caused by buffer overrun or integer overflow bugs by reducing the number of opportunities for such bugs in areas of code that do not need the precision of manual memory allocation. Existing solutions, such as Cyclone (Jim et al. in ATEC ’02: proceedings of the general track: USENIX annual technical conference, pp. 275–288, 2002), add various ways of checking bounds, but have two major disadvantages: they require extra work from the programmer, and they detect but do not fix memory allocation bugs. Pit’s approach simplifies what the programmer writes, making the code more understandable. Low level programming languages Buffer overrun Security Compiler construction Reza, Hassan aut Enthalten in The journal of supercomputing Springer US, 1987 53(2009), 3 vom: 07. Juli, Seite 394-410 (DE-627)13046466X (DE-600)740510-8 (DE-576)018667775 0920-8542 nnns volume:53 year:2009 number:3 day:07 month:07 pages:394-410 https://doi.org/10.1007/s11227-009-0301-x lizenzpflichtig Volltext GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-TEC SSG-OLC-MAT GBV_ILN_70 GBV_ILN_2010 AR 53 2009 3 07 07 394-410
language	English
source	Enthalten in The journal of supercomputing 53(2009), 3 vom: 07. Juli, Seite 394-410 volume:53 year:2009 number:3 day:07 month:07 pages:394-410
sourceStr	Enthalten in The journal of supercomputing 53(2009), 3 vom: 07. Juli, Seite 394-410 volume:53 year:2009 number:3 day:07 month:07 pages:394-410
format_phy_str_mv	Article
institution	findex.gbv.de
topic_facet	Low level programming languages Buffer overrun Security Compiler construction
dewey-raw	004
isfreeaccess_bool	false
container_title	The journal of supercomputing
authorswithroles_txt_mv	Pedersen, Leif @@aut@@ Reza, Hassan @@aut@@
publishDateDaySort_date	2009-07-07T00:00:00Z
hierarchy_top_id	13046466X
dewey-sort	14
id	OLC2033936910
language_de	englisch
fullrecord	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01000caa a22002652 4500</leader><controlfield tag="001">OLC2033936910</controlfield><controlfield tag="003">DE-627</controlfield><controlfield tag="005">20230504053659.0</controlfield><controlfield tag="007">tu</controlfield><controlfield tag="008">200819s2009 xx \|\|\|\|\| 00\| \|\|eng c</controlfield><datafield tag="024" ind1="7" ind2=" "><subfield code="a">10.1007/s11227-009-0301-x</subfield><subfield code="2">doi</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-627)OLC2033936910</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-He213)s11227-009-0301-x-p</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-627</subfield><subfield code="b">ger</subfield><subfield code="c">DE-627</subfield><subfield code="e">rakwb</subfield></datafield><datafield tag="041" ind1=" " ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="082" ind1="0" ind2="4"><subfield code="a">004</subfield><subfield code="a">620</subfield><subfield code="q">VZ</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Pedersen, Leif</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Using Pit to improve security in low-level programs</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="c">2009</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">Text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">ohne Hilfsmittel zu benutzen</subfield><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">Band</subfield><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">© Springer Science+Business Media, LLC 2009</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">Abstract Pit (Pedersen on http://pit.devpit.org, 2008; Pedersen and Reza in ISOLA ’06: proceedings of the second international symposium on leveraging applications of formal methods, verification and validation (ISOLA 2006), pp. 111–118, 2006) is a new language for low-level programming, designed to be a self-hosting alternative to C. The novelty is that it supports automated memory management without excluding manual memory management, and without hindering key features associated with low-level programming, such as raw pointers, inline assembly code, and precise control over execution. This paper presents Pit as a language, and then examines how Pit’s approach to memory allocation can be used to significantly increase the security of low-level programs. Automatic memory allocation is a useful tool of abstraction in many situations. Since Pit provides this tool without hindering low-level programming, it allows automated memory management to be used in programs where it previously could not be used, such as kernels. Specifically, this tool of abstraction can assist the programmer significantly in writing low-level code with fewer security problems caused by buffer overrun or integer overflow bugs by reducing the number of opportunities for such bugs in areas of code that do not need the precision of manual memory allocation. Existing solutions, such as Cyclone (Jim et al. in ATEC ’02: proceedings of the general track: USENIX annual technical conference, pp. 275–288, 2002), add various ways of checking bounds, but have two major disadvantages: they require extra work from the programmer, and they detect but do not fix memory allocation bugs. Pit’s approach simplifies what the programmer writes, making the code more understandable.</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Low level programming languages</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Buffer overrun</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Security</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Compiler construction</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Reza, Hassan</subfield><subfield code="4">aut</subfield></datafield><datafield tag="773" ind1="0" ind2="8"><subfield code="i">Enthalten in</subfield><subfield code="t">The journal of supercomputing</subfield><subfield code="d">Springer US, 1987</subfield><subfield code="g">53(2009), 3 vom: 07. Juli, Seite 394-410</subfield><subfield code="w">(DE-627)13046466X</subfield><subfield code="w">(DE-600)740510-8</subfield><subfield code="w">(DE-576)018667775</subfield><subfield code="x">0920-8542</subfield><subfield code="7">nnns</subfield></datafield><datafield tag="773" ind1="1" ind2="8"><subfield code="g">volume:53</subfield><subfield code="g">year:2009</subfield><subfield code="g">number:3</subfield><subfield code="g">day:07</subfield><subfield code="g">month:07</subfield><subfield code="g">pages:394-410</subfield></datafield><datafield tag="856" ind1="4" ind2="1"><subfield code="u">https://doi.org/10.1007/s11227-009-0301-x</subfield><subfield code="z">lizenzpflichtig</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_USEFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SYSFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_OLC</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SSG-OLC-TEC</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SSG-OLC-MAT</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_70</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_2010</subfield></datafield><datafield tag="951" ind1=" " ind2=" "><subfield code="a">AR</subfield></datafield><datafield tag="952" ind1=" " ind2=" "><subfield code="d">53</subfield><subfield code="j">2009</subfield><subfield code="e">3</subfield><subfield code="b">07</subfield><subfield code="c">07</subfield><subfield code="h">394-410</subfield></datafield></record></collection>
author	Pedersen, Leif
spellingShingle	Pedersen, Leif ddc 004 misc Low level programming languages misc Buffer overrun misc Security misc Compiler construction Using Pit to improve security in low-level programs
authorStr	Pedersen, Leif
ppnlink_with_tag_str_mv	@@773@@(DE-627)13046466X
format	Article
dewey-ones	004 - Data processing & computer science 620 - Engineering & allied operations
delete_txt_mv	keep
author_role	aut aut
collection	OLC
remote_str	false
illustrated	Not Illustrated
issn	0920-8542
topic_title	004 620 VZ Using Pit to improve security in low-level programs Low level programming languages Buffer overrun Security Compiler construction
topic	ddc 004 misc Low level programming languages misc Buffer overrun misc Security misc Compiler construction
topic_unstemmed	ddc 004 misc Low level programming languages misc Buffer overrun misc Security misc Compiler construction
topic_browse	ddc 004 misc Low level programming languages misc Buffer overrun misc Security misc Compiler construction
format_facet	Aufsätze Gedruckte Aufsätze
format_main_str_mv	Text Zeitschrift/Artikel
carriertype_str_mv	nc
hierarchy_parent_title	The journal of supercomputing
hierarchy_parent_id	13046466X
dewey-tens	000 - Computer science, knowledge & systems 620 - Engineering
hierarchy_top_title	The journal of supercomputing
isfreeaccess_txt	false
familylinks_str_mv	(DE-627)13046466X (DE-600)740510-8 (DE-576)018667775
title	Using Pit to improve security in low-level programs
ctrlnum	(DE-627)OLC2033936910 (DE-He213)s11227-009-0301-x-p
title_full	Using Pit to improve security in low-level programs
author_sort	Pedersen, Leif
journal	The journal of supercomputing
journalStr	The journal of supercomputing
lang_code	eng
isOA_bool	false
dewey-hundreds	000 - Computer science, information & general works 600 - Technology
recordtype	marc
publishDateSort	2009
contenttype_str_mv	txt
container_start_page	394
author_browse	Pedersen, Leif Reza, Hassan
container_volume	53
class	004 620 VZ
format_se	Aufsätze
author-letter	Pedersen, Leif
doi_str_mv	10.1007/s11227-009-0301-x
dewey-full	004 620
title_sort	using pit to improve security in low-level programs
title_auth	Using Pit to improve security in low-level programs
abstract	Abstract Pit (Pedersen on http://pit.devpit.org, 2008; Pedersen and Reza in ISOLA ’06: proceedings of the second international symposium on leveraging applications of formal methods, verification and validation (ISOLA 2006), pp. 111–118, 2006) is a new language for low-level programming, designed to be a self-hosting alternative to C. The novelty is that it supports automated memory management without excluding manual memory management, and without hindering key features associated with low-level programming, such as raw pointers, inline assembly code, and precise control over execution. This paper presents Pit as a language, and then examines how Pit’s approach to memory allocation can be used to significantly increase the security of low-level programs. Automatic memory allocation is a useful tool of abstraction in many situations. Since Pit provides this tool without hindering low-level programming, it allows automated memory management to be used in programs where it previously could not be used, such as kernels. Specifically, this tool of abstraction can assist the programmer significantly in writing low-level code with fewer security problems caused by buffer overrun or integer overflow bugs by reducing the number of opportunities for such bugs in areas of code that do not need the precision of manual memory allocation. Existing solutions, such as Cyclone (Jim et al. in ATEC ’02: proceedings of the general track: USENIX annual technical conference, pp. 275–288, 2002), add various ways of checking bounds, but have two major disadvantages: they require extra work from the programmer, and they detect but do not fix memory allocation bugs. Pit’s approach simplifies what the programmer writes, making the code more understandable. © Springer Science+Business Media, LLC 2009
abstractGer	Abstract Pit (Pedersen on http://pit.devpit.org, 2008; Pedersen and Reza in ISOLA ’06: proceedings of the second international symposium on leveraging applications of formal methods, verification and validation (ISOLA 2006), pp. 111–118, 2006) is a new language for low-level programming, designed to be a self-hosting alternative to C. The novelty is that it supports automated memory management without excluding manual memory management, and without hindering key features associated with low-level programming, such as raw pointers, inline assembly code, and precise control over execution. This paper presents Pit as a language, and then examines how Pit’s approach to memory allocation can be used to significantly increase the security of low-level programs. Automatic memory allocation is a useful tool of abstraction in many situations. Since Pit provides this tool without hindering low-level programming, it allows automated memory management to be used in programs where it previously could not be used, such as kernels. Specifically, this tool of abstraction can assist the programmer significantly in writing low-level code with fewer security problems caused by buffer overrun or integer overflow bugs by reducing the number of opportunities for such bugs in areas of code that do not need the precision of manual memory allocation. Existing solutions, such as Cyclone (Jim et al. in ATEC ’02: proceedings of the general track: USENIX annual technical conference, pp. 275–288, 2002), add various ways of checking bounds, but have two major disadvantages: they require extra work from the programmer, and they detect but do not fix memory allocation bugs. Pit’s approach simplifies what the programmer writes, making the code more understandable. © Springer Science+Business Media, LLC 2009
abstract_unstemmed	Abstract Pit (Pedersen on http://pit.devpit.org, 2008; Pedersen and Reza in ISOLA ’06: proceedings of the second international symposium on leveraging applications of formal methods, verification and validation (ISOLA 2006), pp. 111–118, 2006) is a new language for low-level programming, designed to be a self-hosting alternative to C. The novelty is that it supports automated memory management without excluding manual memory management, and without hindering key features associated with low-level programming, such as raw pointers, inline assembly code, and precise control over execution. This paper presents Pit as a language, and then examines how Pit’s approach to memory allocation can be used to significantly increase the security of low-level programs. Automatic memory allocation is a useful tool of abstraction in many situations. Since Pit provides this tool without hindering low-level programming, it allows automated memory management to be used in programs where it previously could not be used, such as kernels. Specifically, this tool of abstraction can assist the programmer significantly in writing low-level code with fewer security problems caused by buffer overrun or integer overflow bugs by reducing the number of opportunities for such bugs in areas of code that do not need the precision of manual memory allocation. Existing solutions, such as Cyclone (Jim et al. in ATEC ’02: proceedings of the general track: USENIX annual technical conference, pp. 275–288, 2002), add various ways of checking bounds, but have two major disadvantages: they require extra work from the programmer, and they detect but do not fix memory allocation bugs. Pit’s approach simplifies what the programmer writes, making the code more understandable. © Springer Science+Business Media, LLC 2009
collection_details	GBV_USEFLAG_A SYSFLAG_A GBV_OLC SSG-OLC-TEC SSG-OLC-MAT GBV_ILN_70 GBV_ILN_2010
container_issue	3
title_short	Using Pit to improve security in low-level programs
url	https://doi.org/10.1007/s11227-009-0301-x
remote_bool	false
author2	Reza, Hassan
author2Str	Reza, Hassan
ppnlink	13046466X
mediatype_str_mv	n
isOA_txt	false
hochschulschrift_bool	false
doi_str	10.1007/s11227-009-0301-x
up_date	2024-07-03T18:58:25.769Z
_version_	1803585433919029249
fullrecord_marcxml	<?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>01000caa a22002652 4500</leader><controlfield tag="001">OLC2033936910</controlfield><controlfield tag="003">DE-627</controlfield><controlfield tag="005">20230504053659.0</controlfield><controlfield tag="007">tu</controlfield><controlfield tag="008">200819s2009 xx \|\|\|\|\| 00\| \|\|eng c</controlfield><datafield tag="024" ind1="7" ind2=" "><subfield code="a">10.1007/s11227-009-0301-x</subfield><subfield code="2">doi</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-627)OLC2033936910</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(DE-He213)s11227-009-0301-x-p</subfield></datafield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">DE-627</subfield><subfield code="b">ger</subfield><subfield code="c">DE-627</subfield><subfield code="e">rakwb</subfield></datafield><datafield tag="041" ind1=" " ind2=" "><subfield code="a">eng</subfield></datafield><datafield tag="082" ind1="0" ind2="4"><subfield code="a">004</subfield><subfield code="a">620</subfield><subfield code="q">VZ</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Pedersen, Leif</subfield><subfield code="e">verfasserin</subfield><subfield code="4">aut</subfield></datafield><datafield tag="245" ind1="1" ind2="0"><subfield code="a">Using Pit to improve security in low-level programs</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="c">2009</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">Text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">ohne Hilfsmittel zu benutzen</subfield><subfield code="b">n</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">Band</subfield><subfield code="b">nc</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">© Springer Science+Business Media, LLC 2009</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">Abstract Pit (Pedersen on http://pit.devpit.org, 2008; Pedersen and Reza in ISOLA ’06: proceedings of the second international symposium on leveraging applications of formal methods, verification and validation (ISOLA 2006), pp. 111–118, 2006) is a new language for low-level programming, designed to be a self-hosting alternative to C. The novelty is that it supports automated memory management without excluding manual memory management, and without hindering key features associated with low-level programming, such as raw pointers, inline assembly code, and precise control over execution. This paper presents Pit as a language, and then examines how Pit’s approach to memory allocation can be used to significantly increase the security of low-level programs. Automatic memory allocation is a useful tool of abstraction in many situations. Since Pit provides this tool without hindering low-level programming, it allows automated memory management to be used in programs where it previously could not be used, such as kernels. Specifically, this tool of abstraction can assist the programmer significantly in writing low-level code with fewer security problems caused by buffer overrun or integer overflow bugs by reducing the number of opportunities for such bugs in areas of code that do not need the precision of manual memory allocation. Existing solutions, such as Cyclone (Jim et al. in ATEC ’02: proceedings of the general track: USENIX annual technical conference, pp. 275–288, 2002), add various ways of checking bounds, but have two major disadvantages: they require extra work from the programmer, and they detect but do not fix memory allocation bugs. Pit’s approach simplifies what the programmer writes, making the code more understandable.</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Low level programming languages</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Buffer overrun</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Security</subfield></datafield><datafield tag="650" ind1=" " ind2="4"><subfield code="a">Compiler construction</subfield></datafield><datafield tag="700" ind1="1" ind2=" "><subfield code="a">Reza, Hassan</subfield><subfield code="4">aut</subfield></datafield><datafield tag="773" ind1="0" ind2="8"><subfield code="i">Enthalten in</subfield><subfield code="t">The journal of supercomputing</subfield><subfield code="d">Springer US, 1987</subfield><subfield code="g">53(2009), 3 vom: 07. Juli, Seite 394-410</subfield><subfield code="w">(DE-627)13046466X</subfield><subfield code="w">(DE-600)740510-8</subfield><subfield code="w">(DE-576)018667775</subfield><subfield code="x">0920-8542</subfield><subfield code="7">nnns</subfield></datafield><datafield tag="773" ind1="1" ind2="8"><subfield code="g">volume:53</subfield><subfield code="g">year:2009</subfield><subfield code="g">number:3</subfield><subfield code="g">day:07</subfield><subfield code="g">month:07</subfield><subfield code="g">pages:394-410</subfield></datafield><datafield tag="856" ind1="4" ind2="1"><subfield code="u">https://doi.org/10.1007/s11227-009-0301-x</subfield><subfield code="z">lizenzpflichtig</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_USEFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SYSFLAG_A</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_OLC</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SSG-OLC-TEC</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">SSG-OLC-MAT</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_70</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">GBV_ILN_2010</subfield></datafield><datafield tag="951" ind1=" " ind2=" "><subfield code="a">AR</subfield></datafield><datafield tag="952" ind1=" " ind2=" "><subfield code="d">53</subfield><subfield code="j">2009</subfield><subfield code="e">3</subfield><subfield code="b">07</subfield><subfield code="c">07</subfield><subfield code="h">394-410</subfield></datafield></record></collection>
score	7.4002705

Nicht das Richtige dabei?

Schreiben Sie uns!

Using Pit to improve security in low-level programs

Nicht das Richtige dabei?

Zugang & Verfügbarkeit

Vorhandene Bände

Nicht das Richtige dabei?