kau.se
EnglishSvenskaNorsk
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • apa.csl
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Comparing Security in eBPF and WebAssembly
University of Namur, Belgium.ORCID iD: 0000-0002-4970-3730
Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013).ORCID iD: 0009-0005-3850-855X
Karlstad University, Faculty of Health, Science and Technology (starting 2013), Department of Mathematics and Computer Science (from 2013).ORCID iD: 0000-0001-6459-8409
University of Namur, Belgium.ORCID iD: 0000-0001-5275-9308
2023 (English)Conference paper, Published paper (Refereed)
Abstract [en]

This paper examines the security of eBPF and WebAssembly (Wasm), two technologies that have gained widespread adoption in recent years, despite being designed for very different use cases and environments. While eBPF is a technology primarily used within operating system kernels such as Linux, Wasm is a binary instruction format designed for a stack-based virtual machine with use cases extending beyond the web. Recognizing the growth and expanding ambitions of eBPF, Wasm may provide instructive insights, given its design around securely executing arbitrary untrusted programs in complex and hostile environments such as web browsers and clouds. We analyze the security goals, community evolution, memory models, and execution models of both technologies, and conduct a comparative security assessment, exploring memory safety, control flow integrity, API access, and side-channels. Our results show that eBPF has a history of focusing on performance first and security second, while Wasm puts more emphasis on security at the cost of some runtime overheads. Considering language-based restrictions for eBPF and a security model for API access are fruitful directions for future work. © 2023 Owner/Author(s).
Place, publisher, year, edition, pages
New York, United States: ACM Publications, 2023. p. 35-41
Keywords [en]
Access control; Computer operating systems; API access; Complex environments; Control-flow integrities; EBPF; Memory safety; Operating system kernel; Security comparison; Side-channel; Threat modeling; Webassembly; Web browsers
National Category
Other Engineering and Technologies
Research subject
Computer Science; Computer Science
Identifiers
URN: urn:nbn:se:kau:diva-104200DOI: 10.1145/3609021.3609306ISI: 001302566100006Scopus ID: 2-s2.0-85169019212OAI: oai:DiVA.org:kau-104200DiVA, id: diva2:1956322
Conference
ACM SIGCOMM 2023
Available from: 2025-05-06 Created: 2025-05-06 Last updated: 2025-05-22Bibliographically approved

Open Access in DiVA

fulltext(798 kB)0 downloads
File information
File name FULLTEXT01.pdfFile size 798 kBChecksum SHA-512
ef0ddb3a021625c90143854ee8cafbf6740a2c86f008678256b3d725f44085998cec6923a5c3e14251473795678b5cbc007e6cc3bdd0559669300c6bf12ffb9e
Type fulltextMimetype application/pdf

Other links

Publisher's full textScopus

Authority records

Gbadamosi, BolajiPulls, Tobias

Search in DiVA

By author/editor
Dejaeghere, JulesGbadamosi, BolajiPulls, TobiasRochet, Florentin
By organisation
Department of Mathematics and Computer Science (from 2013)
Other Engineering and Technologies

Search outside of DiVA

GoogleGoogle Scholar
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

doi
urn-nbn

Altmetric score

doi
urn-nbn
Total: 1 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • apa.csl
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.46.0
|
WCAG
|
Karlstad University
|
University Library
|
Researchers support