Saturday, August 13, 2011
Sandboxing Offers Security for Social Computing
Sandboxing protects a system by limiting what an application can do, such as accessing files on disk or resources. Limiting the capabilities of an app to just those operations needed for viewing social computing messages will keep the rest of a system totally secure in the event that a message or an app are compromised.
The exploitation by one virus is what makes it possible for downloaded malware to corrupt an entire machine. Web browsers and their plug-ins can infected Web pages. Malicious PDF or Word document can become a conveyor of infection. Firewalls, anti-malware software and other products aren’t much help in cases of “spear-fishing” or zero-day attacks. Social computing communications, such as messages received over Face Book or Twitter, are one of the principal sources of malware, since they usually originate from personal computers from members of the families of DoD personnel.
If a DoD person, using a secure desktop, laptop or smart phone, receives a social computing message, one cannot be ever sure that the message is not also acting as a conveyor of malware. The right solution is to place all incoming traffic that originates from addresses other than .mil (from any unauthorized source) directly into a sandbox where it can be examined, but not transferred anywhere on the DoD network.
A sandbox is an isolated zone designed to run applications in a confined execution area where all functions can be tightly controlled, if not prohibited. Any installation, modification, or deletion of files and/or system information is restricted. From a software security standpoint, sandboxes provide an extremely limited code base. It prevents any decision-making on the user’s behalf except to examine the incoming message. This protection is invisible and cannot be changed by the recipient.
Sandboxes should be also used to prevent the downloading of “Applets” from diverse libraries such as Apple, Google and Amazon. Any such download would be automatically routed to a user’s sandbox until such time that network control would can test, verify and legitimize a new application.
All sandboxes must run as isolated virtual computers on separate servers that are controlled within an IaaS or PaaS cloud environment, on a private DoD cloud. Under no circumstance should DoD allow the creation of sandboxes on client desktop or laptop machines. The virtual desktop will then display the contents of a virtual desktop as a separate and isolated window, which will prohibit pasting or cutting sandbox text or data unless authorized to do so by the network control center.