Microsoft's Midori to sandbox apps for increased security

David Worthington
August 5, 2008 —  (Page 1 of 2)
Security is a watchword for Midori, the operating system that Microsoft is incubating in hopes of freeing itself from its legacy Windows software architecture.

SD Times has viewed internal Microsoft documents that detail Midori’s security proposition. The highlights include memory safety and type safety, and a least-privileged mode. As well, hardware support may enable a secure boot mechanism and a remote chain of trust on top of secure booting.

Midori’s memory safety and type safety features will eliminate the potential for buffer overruns, perform heap deletes more frequently to avoid stack and heap corruption, and possibly offer some guarantees around fine-grained locking to prevent data race conditions, the documents indicate.

Applications and system services in Midori will run with the least authority necessary for their purposes. A standard declarative policy will be used for configuring component isolation, elevating code privileges, evaluating code identity and managing system state.

“From a software architecture standpoint,” wrote Yankee Group program manager Andrew Jaquith in an e-mail, Midori’s approach “is a very good one. The big idea here is to enumerate, and then enshrine in policy, all of the things a program can and cannot do. By combining declarative security policies with runtime enforcement mechanisms, Midori should be able to effectively ‘sandbox’ applications in a fairly bulletproof way.”

Jaquith noted that what Microsoft is doing is a form of mandatory access control, a concept that intelligence agencies adopted many years ago.

Microsoft is trying to keep up with the Joneses, Jaquith noted, pointing out that Apple’s Mac OS X Leopard, Novell’s AppArmor (which ships with Ubuntu) and SELinux (which ships with Red Hat Enterprise Linux) all provide implementations of mandatory access control.

Another Midori design objective is to reduce the risk of cross-process elevation attacks by using application manifests and eliminating dynamic code loading, in order to regulate what execution is possible in a process.

Related Search Term(s): security, Microsoft

Pages 1 2 

Share this link:


09/29/2011 04:40:40 AM EST

hi.... i am arti midori is a good operating system.


Cigital Develops Ready-to-Use Tools for Securing the Smart Grid
Cigital Inc. announced the release of the Guide to Developing a Cyber Security and Risk Mitigation Plan Read More...

News on Monday  more>>
Android Developer News  more>>
SharePoint Tech Report  more>>
Big Data TechReport  more>>



Download Current Issue

Need Back Issues?

Want to subscribe?