Trading-off security and performance in barrier slicing for remote software entrusting

Authors:
Mariano Ceccato;Mila Dalla Preda;Jasvir Nagra;Christian Collberg;Paolo Tonella
Affiliations:
Fondazione Bruno Kessler, Trento, Italy;University of Trento, Trento, Italy;University of Trento, Trento, Italy;University of Arizona, Tucson, USA;Fondazione Bruno Kessler, Trento, Italy
Venue:
Automated Software Engineering
Year:
2009

Citing 10
Cited 0

Authentication in distributed systems: theory and practice

ACM Transactions on Computer Systems (TOCS)
Genetic Algorithms in Search, Optimization and Machine Learning

Genetic Algorithms in Search, Optimization and Machine Learning
Hiding program slices for software security

Proceedings of the international symposium on Code generation and optimization: feedback-directed and runtime optimization
Program slices: formal, psychological, and practical investigations of an automatic program abstraction method

Program slices: formal, psychological, and practical investigations of an automatic program abstraction method
Slicing, Chopping, and Path Conditions with Barriers

Software Quality Control
Hardware-Assisted Circumvention of Self-Hashing Software Tamper Resistance

IEEE Transactions on Dependable and Secure Computing
Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems

Proceedings of the twentieth ACM symposium on Operating systems principles
Establishing the genuinity of remote computer systems

SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Barrier Slicing for Remote Software Trusting

SCAM '07 Proceedings of the Seventh IEEE International Working Conference on Source Code Analysis and Manipulation
Ant colony system: a cooperative learning approach to the traveling salesman problem

IEEE Transactions on Evolutionary Computation

Quantified Score

Hi-index	0.00

Visualization

Abstract

Network applications often require that a trust relationship is established between a trusted host (e.g., the server) and an untrusted host (e.g., the client). The remote entrusting problem is the problem of ensuring the trusted host that whenever a request from an untrusted host is served, the requester is in a genuine state, unaffected by malicious modifications or attacks.Barrier slicing helps solve the remote entrusting problem. The computation of the sensitive client state is sliced and moved to the server, where it is not possible to tamper with it. However, this solution might involve unacceptable computation and communication costs for the server, especially when the slice to be moved is large. In this paper, we investigate the trade-off between security loss and performance overhead associated with moving only a portion of the barrier slice to the server and we show that this trade-off can be reduced to a multi-objective optimization problem. We describe how to make decisions in practice with reference to a case study, for which we show how to choose among the alternative options.