Abstract
Software isolation mechanisms aim to execute potentially malicious software by preventing it from attacking other software running in the same environment, or from compromising the essential security mechanisms of the operating system and hardware. The lecture described and compared several approaches to software isolation : virtual memory, capacitated architectures, software fault isolation (by machine code transformation) and isolation via the programming language and its software interfaces (APIs, Application Programming Interfaces). We have studied how this last approach is implemented in the Java language (by means of a capability-based API and call stack inspection) and, more painfully, in the Javascript language (by fine-tuning the static scope of bindings).
