{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,25]],"date-time":"2026-04-25T08:33:08Z","timestamp":1777105988621,"version":"3.51.4"},"publisher-location":"New York, NY, USA","reference-count":27,"publisher":"ACM","license":[{"start":{"date-parts":[[2011,10,23]],"date-time":"2011-10-23T00:00:00Z","timestamp":1319328000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100002855","name":"Ministry of Science and Technology of the People's Republic of China","doi-asserted-by":"publisher","award":["2007CB807901"],"award-info":[{"award-number":["2007CB807901"]}],"id":[{"id":"10.13039\/501100002855","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61033001"],"award-info":[{"award-number":["61033001"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000185","name":"Defense Advanced Research Projects Agency","doi-asserted-by":"publisher","award":["N66001-10-2-4089"],"award-info":[{"award-number":["N66001-10-2-4089"]}],"id":[{"id":"10.13039\/100000185","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100000144","name":"Division of Computer and Network Systems","doi-asserted-by":"publisher","award":["CNS-1053143"],"award-info":[{"award-number":["CNS-1053143"]}],"id":[{"id":"10.13039\/100000144","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2011,10,23]]},"DOI":"10.1145\/2043556.2043568","type":"proceedings-article","created":{"date-parts":[[2011,10,25]],"date-time":"2011-10-25T12:23:06Z","timestamp":1319545386000},"page":"115-128","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":76,"title":["Software fault isolation with API integrity and multi-principal modules"],"prefix":"10.1145","author":[{"given":"Yandong","family":"Mao","sequence":"first","affiliation":[{"name":"MIT CSAIL"}]},{"given":"Haogang","family":"Chen","sequence":"additional","affiliation":[{"name":"MIT CSAIL"}]},{"given":"Dong","family":"Zhou","sequence":"additional","affiliation":[{"name":"Tsinghua University IIIS"}]},{"given":"Xi","family":"Wang","sequence":"additional","affiliation":[{"name":"MIT CSAIL"}]},{"given":"Nickolai","family":"Zeldovich","sequence":"additional","affiliation":[{"name":"MIT CSAIL"}]},{"given":"M. Frans","family":"Kaashoek","sequence":"additional","affiliation":[{"name":"MIT CSAIL"}]}],"member":"320","published-online":{"date-parts":[[2011,10,23]]},"reference":[{"key":"e_1_3_2_1_1_1","unstructured":"Common vulnerabilities and exposures. From http:\/\/cve.mitre.org\/cgi-bin\/cvekey.cgi? keyword=linux+kernel+2010.  Common vulnerabilities and exposures. From http:\/\/cve.mitre.org\/cgi-bin\/cvekey.cgi? keyword=linux+kernel+2010."},{"key":"e_1_3_2_1_2_1","volume-title":"Proceedings of the 12th Workshop on Hot Topics in Operating Systems, Monte Verita. Switzerland","author":"Arnold J.","year":"2009","unstructured":"J. Arnold , T. Abbott , W. Daher , G. Price , N. Elhage , G. Thomas , and A. Kaseorg . Security impact ratings considered harmful . In Proceedings of the 12th Workshop on Hot Topics in Operating Systems, Monte Verita. Switzerland , May 2009 . J. Arnold, T. Abbott, W. Daher, G. Price, N. Elhage, G. Thomas, and A. Kaseorg. Security impact ratings considered harmful. In Proceedings of the 12th Workshop on Hot Topics in Operating Systems, Monte Verita. Switzerland, May 2009."},{"key":"e_1_3_2_1_3_1","first-page":"117","volume-title":"Proceedings of the 2010 USENIX Annual Technical Conference","author":"Boyd-Wickizer S.","year":"2010","unstructured":"S. Boyd-Wickizer and N. Zeldovich . Tolerating malicious device drivers in Linux . In Proceedings of the 2010 USENIX Annual Technical Conference , pages 117 -- 130 , Boston, MA , June 2010 . S. Boyd-Wickizer and N. Zeldovich. Tolerating malicious device drivers in Linux. In Proceedings of the 2010 USENIX Annual Technical Conference, pages 117--130, Boston, MA, June 2010."},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1145\/1629575.1629581"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/2103799.2103805"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1346281.1346284"},{"key":"e_1_3_2_1_7_1","volume-title":"Proceedings of the 8th Symposium on Operating Systems Design and Implementation","author":"David F. M.","year":"2008","unstructured":"F. M. David , E. M. Chan , J. C. Carlyle , and R. H. Campbell . CuriOS: Improving reliability through operating system structure . In Proceedings of the 8th Symposium on Operating Systems Design and Implementation , San Diego, CA , December 2008 . F. M. David, E. M. Chan, J. C. Carlyle, and R. H. Campbell. CuriOS: Improving reliability through operating system structure. In Proceedings of the 8th Symposium on Operating Systems Design and Implementation, San Diego, CA, December 2008."},{"key":"e_1_3_2_1_8_1","unstructured":"N. Elhage. CVE-2010-4258: Turning denial-of-service into privilege escalation. http:\/\/blog.nelhage.com\/2010\/12\/cve-2010-4258-from-dos-to-privesc\/ December 2010.  N. Elhage. CVE-2010-4258: Turning denial-of-service into privilege escalation. http:\/\/blog.nelhage.com\/2010\/12\/cve-2010-4258-from-dos-to-privesc\/ December 2010."},{"key":"e_1_3_2_1_9_1","volume-title":"Proceedings of the 7th Symposium on Operating Systems Design and Implementation","author":"Erlingsson U.","year":"2006","unstructured":"U. Erlingsson , M. Abadi , M. Vrable , M. Budiu , and G. C. Necula . XFI: Software guards for system address spaces . In Proceedings of the 7th Symposium on Operating Systems Design and Implementation , Seattle, WA , November 2006 . U. Erlingsson, M. Abadi, M. Vrable, M. Budiu, and G. C. Necula. XFI: Software guards for system address spaces. In Proceedings of the 7th Symposium on Operating Systems Design and Implementation, Seattle, WA, November 2006."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1145\/1346281.1346303"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSN.2009.5270357"},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/1950365.1950398"},{"key":"e_1_3_2_1_14_1","unstructured":"R. Jones. Netperf: A network performance benchmark version 2.45. http:\/\/www.netperf.org.  R. Jones. Netperf: A network performance benchmark version 2.45. http:\/\/www.netperf.org."},{"key":"e_1_3_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1145\/1629575.1629596"},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/1508244.1508251"},{"key":"e_1_3_2_1_17_1","unstructured":"J. Oberheide. Linux kernel CAN SLUB overflow. http:\/\/jon.oberheide.org\/blog\/2010\/09\/10\/linux-kernel-can-slub-overflow\/ September 2010.  J. Oberheide. Linux kernel CAN SLUB overflow. http:\/\/jon.oberheide.org\/blog\/2010\/09\/10\/linux-kernel-can-slub-overflow\/ September 2010."},{"key":"e_1_3_2_1_18_1","volume-title":"December","author":"Rosenberg D.","year":"2010","unstructured":"D. Rosenberg . Econet privilege escalation exploit. http:\/\/thread.gmane.org\/gmane.comp.security.full-disclosure\/76457 , December 2010 . D. Rosenberg. Econet privilege escalation exploit. http:\/\/thread.gmane.org\/gmane.comp.security.full-disclosure\/76457, December 2010."},{"key":"e_1_3_2_1_19_1","unstructured":"D. Rosenberg. RDS privilege escalation exploit. http:\/\/www.vsecurity.com\/download\/tools\/linux-rds-exploit.c October 2010.  D. Rosenberg. RDS privilege escalation exploit. http:\/\/www.vsecurity.com\/download\/tools\/linux-rds-exploit.c October 2010."},{"key":"e_1_3_2_1_20_1","doi-asserted-by":"publisher","DOI":"10.1145\/1519065.1519095"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/1629575.1629583"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/1294261.1294294"},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1109\/4434.708254"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1145\/1047915.1047919"},{"key":"e_1_3_2_1_25_1","first-page":"279","volume-title":"Proceedings of the 7th Symposium on Operating Systems Design and Implementation","author":"Ta-Min R.","year":"2006","unstructured":"R. Ta-Min , L. Litty , and D. Lie . Splitting interfaces: Making trust between applications and operating systems configurable . In Proceedings of the 7th Symposium on Operating Systems Design and Implementation , pages 279 -- 292 , Seattle, WA , November 2006 . R. Ta-Min, L. Litty, and D. Lie. Splitting interfaces: Making trust between applications and operating systems configurable. In Proceedings of the 7th Symposium on Operating Systems Design and Implementation, pages 279--292, Seattle, WA, November 2006."},{"key":"e_1_3_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1145\/168619.168635"},{"key":"e_1_3_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/1095810.1095814"},{"key":"e_1_3_2_1_28_1","first-page":"225","volume-title":"Proceedings of the 8th Symposium on Operating Systems Design and Implementation","author":"Zeldovich N.","year":"2008","unstructured":"N. Zeldovich , H. Kannan , M. Dalton , and C. Kozyrakis . Hardware enforcement of application security policies . In Proceedings of the 8th Symposium on Operating Systems Design and Implementation , pages 225 -- 240 , San Diego, CA , December 2008 . N. Zeldovich, H. Kannan, M. Dalton, and C. Kozyrakis. Hardware enforcement of application security policies. In Proceedings of the 8th Symposium on Operating Systems Design and Implementation, pages 225--240, San Diego, CA, December 2008."}],"event":{"name":"SOSP '11: ACM SIGOPS 23nd Symposium on Operating Systems Principles","location":"Cascais Portugal","acronym":"SOSP '11","sponsor":["INESC Systems and Computer Engineering Institute","SIGOPS ACM Special Interest Group on Operating Systems"]},"container-title":["Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2043556.2043568","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2043556.2043568","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T09:54:18Z","timestamp":1750240458000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2043556.2043568"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2011,10,23]]},"references-count":27,"alternative-id":["10.1145\/2043556.2043568","10.1145\/2043556"],"URL":"https:\/\/doi.org\/10.1145\/2043556.2043568","relation":{},"subject":[],"published":{"date-parts":[[2011,10,23]]},"assertion":[{"value":"2011-10-23","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}