ABYSS: an architecture for software protection

White, Steve R.; Comerford, Liam D.

doi:10.1109/32.55090

Cited by 38 publications

(26 citation statements)

References 10 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We are not contesting this notion we are suggesting that by having a tamper-resistant device that can store applications and execute them within its bounds, can go a step further and provide a secure execution environment that individual applications can utilise for their security sensitive code. The problem with this proposal is that most of the tamper-resistant devices capable of executing applications are under centralised control (as in the smart card industry) [11,32], or they are stripped down to cryptographic services [18,20,21,52,53]. A UCTD avoids such issues while providing an open and dynamic execution environment.…”

Section: Traditional Computing Devicesmentioning

confidence: 99%

User Centric Security Model for Tamper-Resistant Devices

Akram

Markantonakis

Mayes

2011

2011 IEEE 8th International Conference on E-Business Engineering

View full text Add to dashboard Cite

Section: Traditional Computing Devicesmentioning

confidence: 99%

User Centric Security Model for Tamper-Resistant Devices

Akram

Markantonakis

Mayes

2011

2011 IEEE 8th International Conference on E-Business Engineering

View full text Add to dashboard Cite

“…One hardware solution is the use of secure coprocessors (or processors) [18,19,15]. In secure coprocessors, programs or portions of them can be run encrypted, so their code is never revealed in untrusted memory.…”

Section: Related Workmentioning

confidence: 99%

Protecting Software Code by Guards

Chang

Atallah

2002

Security and Privacy in Digital Rights Management

126

153

View full text Add to dashboard Cite

Abstract. Protection of software code against illegitimate modifications by its users is a pressing issue to many software developers. Many software-based mechanisms for protecting program code are too weak (e.g., they have single points of failure) or too expensive to apply (e.g., they incur heavy runtime performance penalty to the protected programs). In this paper, we present and explore a methodology that we believe can protect program integrity in a more tamper-resilient and flexible manner. Our approach is based on a distributed scheme, in which protection and tamper-resistance of program code is achieved, not by a single security module, but by a network of (smaller) security units that work together in the program. These security units, or guards, can be programmed to do certain tasks (checksumming the program code is one example) and a network of them can reinforce the protection of each other by creating mutual-protection. We have implemented a system for automating the process of installing guards into Win32 executables 1 . It is because our system operates on binaries that we are able to apply our protection mechanism to EXEs and DLLs. Experimental results show that memory space and runtime performance impacts incurred by guards can be kept very low (as explained later in the paper).

show abstract

“…Attribute certificates bind customer identities with certain content access rights or privileges. In the tradition of [WC87], a user's access privilege list for a given title is called his or her right-to-execute (RTE). The RTE may specify unlimited usage (such as in the purchase of a title) or limitedtime usage (such as in the rental of a title).…”

Section: Privilege Management Infrastructure (Pmi)mentioning

confidence: 99%