Library Isolation in Desktop Operating Systems
To detect and eliminate backdoors from login systems.
We have met the objective of this project through the development of a framework to ensure that the authentication process is not affected by backdoors. The key component of said framework being NaPu, a native sandbox to ensure pure functions which protects the complex and backdoor-prone part of a login module. Components secured by this approach are guaranteed to not have backdoors that can be used practically. To overcome the limitations of existing native sandbox solutions, we developed a new library isolation mechanism known as Codejail that supports isolation of libraries that have tight memory interactions with the main program.