Towards a theory of software protection and simulation by oblivious RAMs
STOC '87 Proceedings of the nineteenth annual ACM symposium on Theory of computing
ACM Transactions on Computer Systems (TOCS)
Towards a theory of software protection
Proceedings on Advances in cryptology---CRYPTO '86
Efficient computation on oblivious RAMs
STOC '90 Proceedings of the twenty-second annual ACM symposium on Theory of computing
Does licensing require new access control techniques?
Communications of the ACM
Software protection and simulation on oblivious RAMs
Journal of the ACM (JACM)
Digital signets: self-enforcing protection of digital information (preliminary version)
STOC '96 Proceedings of the twenty-eighth annual ACM symposium on Theory of computing
Cipher Instruction Search Attack on the Bus-Encryption Security Microcontroller DS5002FP
IEEE Transactions on Computers
An efficient software protection scheme
Sec '01 Proceedings of the 16th international conference on Information security: Trusted information: the new decade challenge
Hardware assisted control flow obfuscation for embedded processors
Proceedings of the 2004 international conference on Compilers, architecture, and synthesis for embedded systems
Optimal assignment of mobile agents for software authorization and protection
Computer Communications
Proceedings of ACM SIGPLAN on Program Protection and Reverse Engineering Workshop 2014
| Hi-index | 0.02 |
The increasing decentralization of computing resources and the proliferation of personal and small business computers create new problems in computer security. One such problem is the protection of externally supplied software, i.e., software supplied by other than the users/owners of these small computers. In the case of personal and small business computers, proprietary software serves as the primary example. In distributed systems comprised of autonomously managed nodes, members of the user community may act as vendors of external software in a less formal context. In these contexts dual security requirements arise: vendors require encapsulation of their software to prevent release and to detect modification of information, whereas users require confinement of external software in order to control its access to computer resources. The protection mechanisms developed to support mutually suspicious subsystems in centralized systems are not directly applicable here because of differences in the computing environment, e.g., the need to protect external subsystems from physical attacks mounted by owners of these small computers. This thesis employs two tools to achieve the security requirements of vendors of external software: tamper-resistant modules (TRMs) and cryptographic techniques. The former provide physical security, i.e., while the TRM is intact it prevents the release or modification of information contained within and breaking into a TRM results in destruction (erasure) of the sensitive information inside. Packaging all of the sensitive components of a computer system (processor and storage) in a single TRM is often impractical, but selected portions of a system can be protected effectively in this fashion. Cryptographic techniques are employed in two ways in this application: to secure communication among TRMs and to protect information held in physically unprotected storage outside a TRM. These tools address the problem of encapsulating external software but do not provide the confinement required by users. External software can be confined in two ways: through the use of a secure operating system in conjunction with a TRM supplied by a third-party or by providing separate processors for vendors and users and employing some simple hardware to implement access control for the user. Designing small computer systems incorporating these security features requires careful analysis of a number of options in making tradeoffs among performance, cost, flexibility and security.