BreakApp swMATH ID: 35853 Software Authors: Nikos Vasilakis, Ben Karel, Nick Roessler, Nathan Dautenhahn, André DeHon, Jonathan M. Smith Description: Breakapp: Automated, flexible application compartmentalization. Developers today make pervasive use of third-party modules to reduce costs and accelerate release cycles, at a risk to safety and security. BreakApp exploits module boundaries to automate security-oriented compartmentalization of legacy applications and enforce security policies, enhancing reliability and security. It transparently spawns modules in protected compartments while preserving their original behavior. Optional high-level policies decouple security assumptions made during development from requirements imposed for module composition and use. These policies allow fine-tuning trade-offs such as security and performance based on changing threat models or load patterns. Experimental results demonstrate feasibility by enabling simplified security hardening of existing systems with low performance overhead. Homepage: http://ic.ese.upenn.edu/pdf/breakapp_ndss2018.pdf Source Code: https://github.com/nvasilakis/breakapp Related Software: Retire.js; ConflictJS; Synode; Node.js; npm; Codejail; ESLint; Caja; Pivot; Joe-E; Pyronia; EnclaveDom; Sandcrust; Privman; Closure Library; NodeSentry; Deno; Privtrans; Salus; JSand Cited in: 0 Documents