Anaglym: A Graphics Engine Providing Secure Execution of Applications

Similar documents
Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 3 Protecting Systems

Visual HTML5. Human Information Interaction for Knowledge Extraction, Interaction, Utilization, Decision making HI-I-KEIUD

Chapter 2. Operating-System Structures

Department of Electrical Engineering and Computer Science MASSACHUSETTS INSTITUTE OF TECHNOLOGY Fall Quiz I Solutions

Chapter 2: Operating-System Structures

Chapter 2: Operating-System Structures. Operating System Concepts 9 th Edition

Input Validation For Free Text Fields

Java GUI Testing Tools

<Insert Picture Here> JavaFX 2.0

Principles of Computer Game Design and Implementation. Lecture 3

Ricardo Rocha. Department of Computer Science Faculty of Sciences University of Porto

DESIGN AND IMPLEMENTATION OF SAGE DISPLAY CONTROLLER PROJECT

Department of Electrical Engineering and Computer Science MASSACHUSETTS INSTITUTE OF TECHNOLOGY Fall Quiz I

Visualizer Workbench

MOBILE DEFEND. Powering Robust Mobile Security Solutions

Oracle Fusion Middleware

Software Development. Integrated Software Environment

JavaScript Specialist v2.0 Exam 1D0-735

iplots extreme Next-generation interactive graphics for analysis of large data Simon Urbanek AT&T Labs Statistics Research


Sparklet Embedded GUI Library User Manual

Documentation on File Management for website

Telling a Story Visually. Copyright 2012, Oracle. All rights reserved.

Security Task Manager User Guide

Prevx 3.0 v Product Overview - Core Functionality. April, includes overviews of. MyPrevx, Prevx 3.0 Enterprise,

ANTIVIRUS SITE PROTECTION (by SiteGuarding.com)

with TestComplete 12 Desktop, Web, and Mobile Testing Tutorials

ABUSING TEXT EDITORS VIA THIRD-PARTY PLUGINS

ENDPOINT SECURITY WHITE PAPER. Endpoint Security and the Case For Automated Sandboxing

UNIT 2. OPERATING SYSTEM STRUCTURES

ANTIVIRUS SITE PROTECTION (by SiteGuarding.com)

Cannot Uninstall Mcafee Agent Because Other

Version Release Date: September 5, Release Client Version: Release Overview 7 Resolved Issues 8 Known Issues 8

Requirements from the Application Software Extended Package for Web Browsers

Minecraft Due: Mar. 1, 2015

CSCE 813 Internet Security Case Study II: XSS

Introduction to the Graphics Module Framework

The security challenge in a mobile world

DreamFactory Security Guide

Copyright

But before understanding the Selenium WebDriver concept, we need to know about the Selenium first.


Lesson 5: Multimedia on the Web

Game Development for

OPERATING SYSTEMS. Prescribed Text Book Operating System Principles, Seventh Edition By Abraham Silberschatz, Peter Baer Galvin and Greg Gagne

Chapter 2: System Structures

GoLive will first ask you if your new site will be for one individual or a work group; select for a Single User, and click Next.

Introduction to Automation. What is automation testing Advantages of Automation Testing How to learn any automation tool Types of Automation tools

Chapter 2: System Structures. Operating System Concepts 9 th Edition

Software Specification of MERTIS: Modifiable, Extensible Real-Time Interactive Simulation System

CS420: Operating Systems. OS Services & System Calls

CHAPTER 7 WEB SERVERS AND WEB BROWSERS

CHAPTER 2: SYSTEM STRUCTURES. By I-Chen Lin Textbook: Operating System Concepts 9th Ed.

Holy Family Catholic Primary School Computing Progression Map Year 1

Dynamic Database Schemas and Multi-Paradigm Persistence Transformations

Manual Internet Explorer 9 For Xp Full Version Offline Installer

Language-Based Protection

Moodle Plugin for CopySafe Web -- Installation for Moodle 3.5 and later --

Design for Testability of Web Applications Manager s Perspective

This section of the release notes is reserved for notable changes and new features since the prior version.

7.2.4 on Media content; on XSS) sws2 1

A Review Paper on Network Security Attacks and Defences

Computer Graphics - Treasure Hunter

Minecraft Due: March. 6, 2018

0. Introduction On-demand. Manual Backups Full Backup Custom Backup Store Your Data Only Exclude Folders.

2: Introducing image synthesis. Some orientation how did we get here? Graphics system architecture Overview of OpenGL / GLU / GLUT

A manual for understanding and using the Impex Control Center. SYSCTL AB - version 1.5

In this third unit about jobs in the Information Technology field we will speak about software development

Qt for Device Creation

Client Computing Security Standard (CCSS)

Chapter 2: Operating-System Structures. Operating System Concepts 9 th Edit9on

CS50 Quiz Review. November 13, 2017

8/19/2018. Web Development & Design Foundations with HTML5. Learning Objectives (1 of 2) Learning Objectives (2 of 2) Helper Applications & Plug-Ins

What will I learn today?

General Certificate of Education Ordinary Level Computer Security System/ Social Effects of Information System

bs^ir^qfkd=obcib`qflk= prfqb=clo=u

EPHP a tool for learning the basics of PHP development. Nick Whitelegg School of Media Arts and Technology Southampton Solent University

VOICE AND TOUCH BASED INPUT

G-WAN. Complete install process for Ubuntu (both for the 32 and the 64 OS versions).

PostScript: Danger Ahead?!

Chapter 2: Operating-System Structures. Operating System Concepts 9 th Edit9on

nacelle Documentation

Shrinath Shanbhag Senior Software Engineer Microsoft Corporation


John Hsu Nate Koenig ROSCon 2012

Chapter 2: Operating-System Structures. Operating System Concepts Essentials 8 th Edition

CSCE 120: Learning To Code

This project is funded in part by the National Science Foundation. Copyright 2002 Michigan State University Board of Trustees

CS 1653: Applied Cryptography and Network Security Fall Term Project, Phase 2

A script is a computer program that automates the sort of task that a user might otherwise do interactively at the keyboard.

PRACTICAL NETWORK DEFENSE VERSION 1

Binh Nguyen Thanh. 3D Visualization. 3D Model Visualization in Samsung 3D TV Using 3D Glasses

8.3 cloud roadmap. Dr. Andrei Borshchev, CEO Nikolay Churkov, Head of Software Development. The AnyLogic Company Conference 2018 Baltimore

Furl Furled Furling. Social on-line book marking for the masses. Jim Wenzloff Blog:

Tabular Presentation of the Application Software Extended Package for Web Browsers

Nextcloud 13: How to Get Started and Why You Should

Architectural Styles II

Chapter 2: Operating-System

INTERNET SAFETY IS IMPORTANT

PRODUCT DESCRIPTION. Version 0.01 (Alpha) By F. Scott Deaver Chief Technical Officer/Founder/Inventor February 27, 2017

Transcription:

Grand Valley State University ScholarWorks@GVSU Masters Projects Graduate Research and Creative Practice 12-2009 Anaglym: A Graphics Engine Providing Secure Execution of Applications Josh Holtrop Grand Valley State University, holtrop@gmail.com Follow this and additional works at: http://scholarworks.gvsu.edu/gradprojects Part of the Computer and Systems Architecture Commons Recommended Citation Holtrop, Josh, "Anaglym: A Graphics Engine Providing Secure Execution of Applications" (2009). Masters Projects. Paper 4. This Dissertation/Thesis is brought to you for free and open access by the Graduate Research and Creative Practice at ScholarWorks@GVSU. It has been accepted for inclusion in Masters Projects by an authorized administrator of ScholarWorks@GVSU. For more information, please contact scholarworks@gvsu.edu.

Anaglym: A Graphics Engine Providing Secure Execution of Applications 2009-12-17 Josh Holtrop Grand Valley State University There are many uses for graphics-intensive applications in our world today. One of the most prevalent uses is that of video games. Other uses include physics demos and simulations, various forms of computer-aided design, virtual walk-throughs of threedimensional environments, and more. These types of programs benefit immensely from, and sometimes even require hardware-accelerated graphics cards. With the invention of the Internet and the increasing number of web sites available, developing and distributing software applications has become cheaper and easier. Various sites have been created that are dedicated to distributing games or other types of graphical applications. FTP servers house public repositories of content available for both upload and download to their users. With such ease of transport available for software came ease of distribution of malware such as viruses and spyware. This type of malware can be detrimental to unsuspecting users who simply download an application because they are interested in it. In some cases, the user may be unaware that what they downloaded came with additional hidden functionality. This is a big security risk, as software running directly on the user's computer can scan his or her personal files or monitor keystrokes entered to capture passwords, credit card numbers, or social security numbers. To combat this security risk, various technologies were created that allow running of web-based applications in a virtual machine. Java applets have security levels so that Java code can be safely executed within a web browser. Adobe Flash allows running hosted applications within a sandbox as well. The web browser itself usually supports JavaScript which also executes web-based code in a virtual machine. Each of these technologies sandbox the hosted application by prohibiting it from interacting with the host environment in dangerous ways. For example, the hosted code is normally unable to open, read, or write arbitrary files from the host file system. The code cannot spawn child processes to carry out certain actions either. Most of the time, the virtual machines impose memory limits and can also limit the amount of CPU consumed by the hosted code so that the applications being executed do not interfere with the normal execution of the user's native operating environment. In general, these technologies for secure execution of web-based content do not allow any type of access to the hardware in the physical machine. This includes display adapters that may provide support for hardware-accelerated graphics rendering. Therefore, it is not possible with traditional technologies such as these to provide real-

time, interactive 3D graphical applications. To provide access to graphics APIs such as OpenGL and DirectX, some modern scripting languages such as Perl and Python provide their own API which wraps the native API provided by the graphics card vendor for performing graphics operations. These languages often execute their code in a virtual machine similar to technologies like Java applets and Flash applications. These languages are not suitable for executing web-based content, however, because they are not focused on security by default. They are built to be general-purpose programming languages and as such they expose potentially dangerous functionality to the script being executed. There has been some effort to provide Java applications and applets with the ability to utilize hardware-accelerated graphics cards. Java is still a general-purpose programming language, however, so it was not designed from the ground up to be secure enough to operate in a web-based environment where any arbitrary code may be encountered. The Lua programming language was designed to be an embedded scripting language rather than a stand-alone, general-purpose programming language. As such, it is suitable for environments where the set of functions available to a hosted application must be strictly controlled. The Anaglym graphics engine uses the Lua programming language as the high-level language in which to interpret Anaglym applications. Applications running inside Anaglym are Lua scripts that have a particular environment exposed to them. By default, when Lua is embedded inside a C or C++ host application, no Lua functions are available to the hosted script. Lua functions must be exported by the host environment to be callable by a Lua script. There are a few standard libraries of Lua functions that are available with the default Lua engine. These libraries are simply collections of related functions or objects. The Anaglym engine exports three of these standard libraries to Lua scripts being interpreted in its environment. These three libraries are the math, string, and table libraries. These libraries are included because they only contain safe functionality. The string library contains functions dealing with common operations on Lua strings, one of the Lua data types. The math library contains common math functions such as trigonometric functions and constants such as pi. The table library includes helper functions for dealing with Lua tables, another of Lua's data types. The Anaglym engine allows hosted Lua scripts to make use of hardware-accelerated graphics libraries available in the host system. However, it does not simply expose the API of the graphics library to the Lua scripts directly. Instead, the Anaglym engine

includes a 3D graphics engine with concepts of solid objects, collision detection, and physics operations. To provide physics and collision detection functionality, the Anaglym engine relies on ODE, the Open Dynamics Engine. ODE is an open-source package that provides an API to create and maintain worlds of solid objects that can be collided together and interacted with according to physics rules. ODE maintains attributes of the solid objects such as their position, rotation, velocity, torque, and masses. However, ODE does not provide any functionality for drawing the objects it knows about to the screen in any manner. All of the functionality for drawing objects utilizing hardware-accelerated graphics operations is provided by the core Anaglym engine. The engine allows loading objects from model files or by creating them programmatically using Lua functions. Once created, various attributes about the objects can be controlled through the interface exported from the Anaglym engine to the Lua environment. There are various events that the engine captures such as mouse movements, button presses, keyboard input, and screen update events. Anaglym exposes these events to the hosted script by invoking Lua callback functions that have been registered as event handlers for a particular event. When a script is initially loaded, functions with names corresponding to known engine events (with _event appended) are automatically registered as callback functions for those events so that the script developer does not have to specifically register them as such. The Anaglym engine attempts to do as much for the user as possible. By default, physics processing and drawing objects to the screen are enabled. This means that a Lua script executing in the Anaglym engine can perform one operation to create a box object, for example, and it will immediately appear on the screen, be affected by gravity, and interact with any other previously created Anaglym engine objects. Various utility functions are exported from the engine to the Lua environment to make development of applications utilizing the Anaglym engine easier. For example, there is a clone() function available that allows Lua to make a copy of an engine object in a single call rather than recreating it in whatever manner was used to create the first one. There are functions available to add forces and torques to objects, change their masses, colors, or textures, and to remove all objects from the world. Anaglym applications can make use of the engine functions provided for them in this manner instead of having to repeat many low-level interface calls. Since Anaglym provides this high-level interface for interacting with its engine, applications can be developed much more quickly and debugged more easily. This allows more rapid prototyping to take place. Another feature useful to Anaglym script developers that the engine provides is the ability to dynamically reload the executing script. The Lua environment accepts blocks

of Lua code known as chunks. Lua is indifferent as to where these chunks originate. They could be files loaded in or strings of code dynamically generated by the host application. They are simply loaded into the current Lua environment and executed as Lua code. What this means is that a script can be loaded which defines certain functions, and then later loaded again. If the same functions are defined, they simply overwrite the previous function definitions. The Anaglym engine captures presses of the F5 key and reloads the currently executing script into the same Lua environment that was previously executing. This benefits a script developer as he or she can make modifications to callback functions present in the script and reload it without having to exit the Anaglym engine and start the script over from scratch. When engine functions such as loading a texture or model file are invoked, the files accessed are limited to those within the directories containing the script being executed and the library folder for the engine. The library folder contains a set of common textures and model files that all Anaglym scripts can make use of. In this way, file access is strictly controlled by the engine to not allow access to arbitrary files in the user's file system. Since no functions are exported to the Lua environment which allow reading or writing files, or spawning processes, or other such potentially dangerous operations, the hosted script is effectively sandboxed from the host environment of the machine. The only other way that a hosted script could potentially adversely affect the machine is by performing some sort of denial-of-service attack, whether maliciously or without intent. The Lua script could enter some sort of infinite loop, where all of the engine's processing time went into executing the Lua code and it never got around to processing timer or input events. The Anaglym engine uses the hook function feature of the Lua virtual machine to guard against Lua code misbehaving in this manner. The engine registers a callback hook function with the Lua environment. The hook function is called after a certain number of Lua instructions have been executed. The number of instructions between hook function invocations is set relatively high so that the hook function is only invoked every few seconds. This incurs only a very minor performance penalty. If the hook function is called and it has been longer than a certain amount of time since the last engine event was processed, then the engine knows that the Lua script has been blocking event processing and it can take action. In this way, the engine offers a fully secure environment in which to execute applications. The application does not necessarily need to be trusted. It can be downloaded from a web site and executed without worry that it may adversely affect the environment. Because the Anaglym engine offers access to hardware-accelerated graphics in a completely secure environment and utilizes a high-level language that allows for rapid development of applications, it has a unique offering. The engine is geared toward

game developers who need more graphics power than a simple web-based Flash environment would give or creators of 3D content who want a way to quickly develop and distribute virtual environments, etc... Since it provides security for the end-user, he or she can execute content from any source without worrying about what effect it might have on their operating environment.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback