addm/security/combined hardware-virtual isolation:
2.9: 3.31: intro:
. certain attributes of data are essential to security;
eg, by retagging arbitrary data so that it is
usable as a pointer to code,
we can treat malware data as instructions to follow .
. generally all data can be tagged
just as it is done by xml .
. there are 2 possible ways to enforce
process isolation and ROM attributes:
# HW (hardware) mem'mgt,
# VM (virtual machine) mem'mgt .
. hardware mem'mgt can enforce VM mem'mgt:
the VM's run-time exec never needs to change;
so, HW mem'mgt can see that code as const;
also, any file that the VM is trying to interpret
can be treated by the HW mem'mgt as
something that only the VM process can modify .
. finally, the VM has its own process space
and this should keep other processes
from corrupting its work space .
Showing posts with label vm. Show all posts
Showing posts with label vm. Show all posts
2013-03-31
vmm (virtual machine monitoring)
2.5: addx/vmm/virtual dom0:
. just as addm is a VM (virtual machine),
addx is a VM monitor (vmm);
so it should do things like Vmware does,
only with some enhancements and extensions; eg,
. just as addm is a VM (virtual machine),
addx is a VM monitor (vmm);
so it should do things like Vmware does,
only with some enhancements and extensions; eg,
2009-12-29
addm less needed than adda
10.22: addm/purpose in relation to adda:
. adda2c (a translator from my lang' to c)
is much less work than addm (a virtual machine)
and much more needed since it is my ticket out of
the long road to mastering c or obj'c .
. when the basic functionality is in place using c,
then there'll be time for
features that require addm:
a virtual machine that lets me program at the assembly level
where I can easily support continuations,
automated programming, and an interactive translator .
. addm requires 2 projects:
the vm itself needs to be designed,
and then adda needs a backend that translates
parse.trees (etree) to addm.code .
11.10: addm/required for adde to be an IDE:
. another reason for needing vm is the ide;
. when adda is just translating to c,
then you must use c tools to debug .
parrot.platform
10.14: pos.addm/platform"parrot:
. parrot has a seemingly cool idea like .net
where you can mix libraries and lang's
because they are talking parrot's lang,
and doing so easily with high-level tools .
. however, one thing that .net has over parrot
is the idea of security through managed code:
none of the library comes from unsafe c (or needs to);
the common lang is high-level,
and all code can be auto'ly inspected for safety issues .
. adda uses the same approach
by applying cap'based security rules to code
and only then converting that code
to some platform`lang .
Subscribe to:
Posts (Atom)
