Although weaknesses have been demonstrated in some security techniques (encryption, protocols, mobile code such as Java, etc.), current security technology is quite strong in many areas. Despite this, information security has proved difficult to achieve in large modern software systems. Many problems have been reported in which supposedly secure systems have been penetrated and, in some cases, significant damage done. One problem considered is a buffer-overrun attack. The idea called a >wrapper< which is a layer of software that logically surrounds a software artifact and enhances the functionality of the artifact in some way, is then discussed. Most proposals for the use of wrappers assume that their presence is transparent to the artifact being wrapped. In other words, the artifact sees its operating environment as unchanged and the artifact does not have to be modified in i order to permit it to be wrapped. Wrappers have been proposed as an approach to dealing with deficiencies in existing systems, deficiencies in security for example. The use of shells as a feasible solution to the problem of security is also considered.
展开▼
