Jailing, sandboxing, interpretation in computer security

Jailing: Jailing is a method of computer security where one process is assigned to monitor another process. The process which is motioning is referred to as jailer and the process which is being monitored is a prisoner. Whenever a prisoner creates a system call, jailer is notified about it. Then, if the system call is legit the jailer allows it to be executed. However, if the jailer finds out any suspicious malware activity, the system call is blocked and the prisoner process is terminated.

Sandboxing: Sandboxing is a method in computer security which is used mainly for protecting the system from unknown applets. In this method, virtual address space is divided to equal size regions. These regions are called as sandboxes. A sandbox is created in such a way that all of its addresses share some part of string of high order bits. Then, every applet is assigned to two sandboxes, one sandbox is for holding the data and the other sandbox is for holding the code. This way, it is made sure that the applet cannot access to a code which is outside its code sandbox and it can’t access any code which is outside of the data sandbox. Hence, sandboxing makes sure that the applet is not modifying its code by itself. This keeps the applet under check and it cannot install any malicious software in the computer.

Interpretation: Interpretation is another method in computer security for protecting the system from untrusted applets. In this method, applet is restricted in a way so that they cannot control the hardware. Instead of compiling an applet, it is interpreted by using a Java interpreter. The main purpose of the interpreter is to check the code in the applet for any malicious codes.

Leave a Reply