Software integrity protection using timed executable agents

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Software integrity protection using timed executable agents

Full text

Pdf (1.91 MB)

Source

ASIAN ACM Symposium on Information, Computer and Communications Security archive
Proceedings of the 2006 ACM Symposium on Information, computer and communications security table of contents

Taipei, Taiwan

SESSION: Software security table of contents

Pages: 189 - 200

Year of Publication: 2006

ISBN:1-59593-272-0

Authors

Juan A. Garay	Bell Labs -- Lucent Technologies, Murray Hill, NJ
Lorenz Huelsbergen	Bell Labs -- Lucent Technologies, Murray Hill, NJ

Sponsor

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 9, Downloads (12 Months): 84, Citation Count: 2

Additional Information:

abstract references cited by index terms collaborative colleagues

Tools and Actions:	Review this Article Save this Article to a Binder Display Formats: BibTex EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1128817.1128847 What is a DOI?

ABSTRACT

We present a software scheme for protecting the integrity of computing platforms using Timed Executable Agent Systems (TEAS). A trusted challenger issues an authenticated challenge to a perhaps corrupt responder. New is that the issued challenge is an executable program that can potentially compute any function on the responder. The responder must compute not only the correct value implied by the agent, but also must complete this computation within time bounds prescribed by the challenger. Software-based attestation schemes have been proposed before---new capabilities introduced in TEAS provide means to mitigate the existing shortcomings of such proposed techniques. TEAS are general and can be adapted to many applications for which system integrity is to be tested.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Alfred V. Aho , Ravi Sethi , Jeffrey D. Ullman, Compilers: principles, techniques, and tools, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 1986
	2	Boaz Barak , Oded Goldreich , Russell Impagliazzo , Steven Rudich , Amit Sahai , Salil P. Vadhan , Ke Yang, On the (Im)possibility of Obfuscating Programs, Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology, p.1-18, August 19-23, 2001
	3	Dan Boneh , Moni Naor, Timed Commitments, Proceedings of the 20th Annual International Cryptology Conference on Advances in Cryptology, p.236-254, August 20-24, 2000
	4	D. Chaum. Blind signatures for untraceable payments. In Proc. CRYPTO '82, pp. 199--203. Plenum Press, New York and London, 1983, August 1982.
	5	Christian S. Collberg , Clark Thomborson, Watermarking, tamper-proffing, and obfuscation: tools for software protection, IEEE Transactions on Software Engineering, v.28 n.8, p.735-746, August 2002 [doi>10.1109/TSE.2002.1027797 ]
	6	C. Collberg, C. Thomborson and D. Low. A Taxonomy of Obfuscating Transformations. Technical Report #148, Dept. of Computer Science, University of Auckland, 1997.
	7	K. D. Cooper, T. J. Harvey and T. Waterman. Building a Control-Flow Graph from Scheduled Assembly Code. Technical Report #TR02-399, Rice University, June 2002.
	8	Cynthia Dwork , Moni Naor, Pricing via Processing or Combatting Junk Mail, Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology, p.139-147, August 16-20, 1992
	9	O. Esparza, M. Soriano, J. Muñoz and J. Forné. Limiting the execution time in a host: a way of protecting mobile agents. In IEEE Sarnoff Symposium on "Advances in Wired and Wireless Communications," 2003.
	10	John E. Hopcroft , Jeffrey D. Ullman, Introduction To Automata Theory, Languages, And Computation, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 1990
	11	R. Kennell and L. Jamieson. Establishing the genuinity of remote computer systems. In 12th USENIX Security Symposium, pp. 295--310, 2003.
	12	Steven S. Muchnick , Neil D. Jones, Program Flow Analysis: Theory and Application, Prentice Hall Professional Technical Reference, 1981
	13	R. L. Rivest , A. Shamir , D. A. Wagner, Time-lock Puzzles and Timed-release Crypto, Massachusetts Institute of Technology, Cambridge, MA, 1996
	14	Tomas Sander , Christian F. Tschudin, Protecting Mobile Agents Against Malicious Hosts, Mobile Agents and Security, p.44-60, January 1998
	15	U. Shankar, M. Chew and J.D. Tygar. Side effects are not sufficient to authenticate software. In In 13th USNIX Security Symposium, pp. 89--101, 2004.
	16	A. Seshadri, A. Perrig, L. van Doorn and P. Khosla, SWATT: SoftWare-Based ATTestation for Embedded Devices. In IEEE Symp. on Security and Privacy, 2004.
	17	S. Smith, R. Perez, S. Weingard, and V. Austel. Validating a high-performance, programmable secure coprocessor. In 22nd National Information Systems Security Conference. October 1999.
	18	Trusted Computing Group (TCG). https://www.trustedcomputinggroup.org/, 2003.
	19	Dan Seth Wallach , Edward Felten, A new approach to mobile code security, 1999
	20	Michael Joseph Wolfe, Optimizing Supercompilers for Supercomputers, MIT Press, Cambridge, MA, 1990

CITED BY 2

	Dries Schellekens , Brecht Wyseur , Bart Preneel, Remote Attestation on Legacy Operating Systems With Trusted Platform Modules, Electronic Notes in Theoretical Computer Science (ENTCS), v.197 n.1, p.59-72, February, 2008
	Ryan Gardner , Sujata Garera , Aviel D. Rubin, On the difficulty of validating voting machine software with software, Proceedings of the USENIX/Accurate Electronic Voting Technology on USENIX/Accurate Electronic Voting Technology Workshop, p.11-11, August 06, 2007, Boston, MA