Native Client is a sandbox for untrusted x86 native code. It aims to give browser-based
applications the computational performance of native applications without compromising …

Xax is a browser plugin model that enables developers to leverage existing tools, libraries,
and entire programs to deliver feature-rich applications on the web. Xax employs a novel …

For more than twenty years, serious C programmers have relied on one book for practical, in-
depth knowledge of the programming interfaces that drive the UNIX and Linux kernels: W …

Abstract Software Fault Isolation (SFI) is an effective approach to sandboxing binary code of
questionable provenance, an interesting use case for native plugins in a Web browser. We …

Modern commodity operating systems are large and complex systems developed over many
years by large teams of programmers, containing hundreds of thousands of lines of code …

This paper presents a new approach called model-carrying code (MCC) for safe execution
of untrusted code. At the heart of MCC is the idea that untrusted code comes equipped with …

Despite decades of research in extensible operating system technology, extensions such as
device drivers remain a significant cause of system failures. In Windows XP, for example …

Binary code from untrusted sources remains one of the primary vehicles for malicious
software attacks. This paper presents Reins, a new, more general, and lighter-weight binary …

Web browsers have evolved from a single-principal platform on which one site is browsed at
a time into a multi-principal platform on which data and code from mutually distrusting sites …

A trusted open platform Page 1 0018-9162/03/$17.00 © 2003 IEEE July 2003 55 COVER
FEATURE Published by the IEEE Computer Society A Trusted Open Platform Computers are …