Breakapp: Automated, flexible application compartmentalization. Developers today make pervasive use of third-party modules to reduce costs and accelerate release cycles, at a risk to safety and security. BreakApp exploits module boundaries to automate security-oriented compartmentalization of legacy applications and enforce security policies, enhancing reliability and security. It transparently spawns modules in protected compartments while preserving their original behavior. Optional high-level policies decouple security assumptions made during development from requirements imposed for module composition and use. These policies allow fine-tuning trade-offs such as security and performance based on changing threat models or load patterns. Experimental results demonstrate feasibility by enabling simplified security hardening of existing systems with low performance overhead.

Keywords for this software

Anything in here will be replaced on browsers that support the canvas element