To protect data flows within an application end-to-end (from source to sink), we need to create library function sandboxes for those functions that need to operate on sensitive in-memory data objects. To implement this feature, we leverage the existing memory domain mechanism to place sensitive data objects into memory domains. Then in the interpreter, whenever it's about to execute a sandboxed function, it adjusts the access privileges to the appropriate memory domains before entering the sandbox.
masomel
commented
5 years ago
To protect data flows within an application end-to-end (from source to sink), we need to create library function sandboxes for those functions that need to operate on sensitive in-memory data objects. To implement this feature, we leverage the existing memory domain mechanism to place sensitive data objects into memory domains. Then in the interpreter, whenever it's about to execute a sandboxed function, it adjusts the access privileges to the appropriate memory domains before entering the sandbox.