Presentation is loading. Please wait.

Presentation is loading. Please wait.

Tamper Resistant Software An Implementation By David Aucsmith, IAL “This paper describes a technology for the construction of tamper resistant software.”

Published byDestiny Bowne Modified over 9 years ago

Similar presentations

Presentation on theme: "Tamper Resistant Software An Implementation By David Aucsmith, IAL “This paper describes a technology for the construction of tamper resistant software.”"— Presentation transcript:

1 Tamper Resistant Software An Implementation By David Aucsmith, IAL “This paper describes a technology for the construction of tamper resistant software.” Presented by Weimin Yang 28 March 2001

2 Contents  Overview  Threat Model  Design Principles  Tamper Resistant Software Architecture –Integrity Verification Kernel –Interlocking Trust

3 Overview  Definition: “Tamper resistant software is software which is resistant to observation and modification.”  Approach to develop tamper resistant software: –Classify threat model –Develop design principles –Implement a set of tools

4 Threat Model (I)  Attack originates outside of the PC. –Bounded by communication protocol –Standard “hacker attack”. –Best defended by correctly designed and implemented protocols and proper administration.

5 Threat Model (II)  Attack originates as software running on the platform. –Bounded by operating system and BIOS –Try to attack classes of software –Virus or Trojan horse attack

6 Threat Model (III)  The perpetrator has complete control of the platform. –Limited by technical expertise and financial resources. –Raise a technological bar to providing poor return on their investment.

7 Technological Bars To model(III) a.) Use standard debuggers and system diagnostic tools b.) Use special debuggers such as softIce c.) Use processor emulator and bus logic analyzers

8 Design Principles  Software to be tamper resistant must be immune from observation and modification, this require it contains secret component and ensure the recovery of that secret is difficult.

9 Integrity Verification Kernel  “A small, armored segment of code which is designed to be included in a larger program and performs the following two functions:” 1. Verifies the integrity of code segments or programs. 2. Utilizes five defenses: –Interleaved tasks –Distributed secrets –Obfuscated code –Installation unique modifications –Non-deterministic behavior

10 Installation unique modifications  IVK is constructed at installation time. –Each instance of program contains different IVK. –To defend class attack.

11 Interlocking Trust  Integrity Verification Kernels  System Integrity Program –A program monitors the integrity of the security components of the computer system. –Contains eIVK which has a known entry point –Created at installation time  Integrity Verification Protocol –Used to establish a distributed trust environment.

12 System overview Program1Program 2 Integrity Program IVK eIVKIVK 1a 1b 1c 2a 2b 2c

13 Conclusion  Based on analysis of threat model, author invent an Integrity Verification Kernel which hide secretes both in space and time. Further more, using interlocking mechanism make the secretes more difficult to be discovered.

14 Why Installation unique modifications can be used to defend class attack? - Attacker may analysis a given program successfully but still can’t predict any other program looks like.

15

Download ppt "Tamper Resistant Software An Implementation By David Aucsmith, IAL “This paper describes a technology for the construction of tamper resistant software.”"

Similar presentations

Compliance and Robustness Rules for Windows Media DRM Implementations Microsoft Corporation.

Compliance and Robustness Rules for Windows Media DRM Implementations Microsoft Corporation.
Trusted System Elements and Examples CS461/ECE422 Fall 2011.

Trusted System Elements and Examples CS461/ECE422 Fall 2011.
Operating System Security

Operating System Security
Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.

Cryptography and Network Security 2 nd Edition by William Stallings Note: Lecture slides by Lawrie Brown and Henric Johnson, Modified by Andrew Yang.
1 SOFTWARE TESTING Przygotował: Marcin Lubawski. 2 Testing Process AnalyseDesignMaintainBuildTestInstal Software testing strategies Verification Validation.

1 SOFTWARE TESTING Przygotował: Marcin Lubawski. 2 Testing Process AnalyseDesignMaintainBuildTestInstal Software testing strategies Verification Validation.
Dynamic Self-Checking Techniques for Improved Tamper Resistance Bill Horne, Lesley Matheson, Casey Sheehan, Robert E. Tarjan STAR Lab, InterTrust Technologies.

Dynamic Self-Checking Techniques for Improved Tamper Resistance Bill Horne, Lesley Matheson, Casey Sheehan, Robert E. Tarjan STAR Lab, InterTrust Technologies.
Chapter 6 Security Kernels.

Chapter 6 Security Kernels.
1 Detection of Injected, Dynamically Generated, and Obfuscated Malicious Code (DOME) Subha Ramanathan & Arun Krishnamurthy Nov 15, 2005.

1 Detection of Injected, Dynamically Generated, and Obfuscated Malicious Code (DOME) Subha Ramanathan & Arun Krishnamurthy Nov 15, 2005.
1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.

1 Computer Security Instructor: Dr. Bo Sun. 2 Course Objectives Understand basic issues, concepts, principles, and mechanisms in computer network security.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Chap 1: Overview Concepts of CIA: confidentiality, integrity, and availability Confidentiality: concealment of information –The need arises from sensitive.

Chap 1: Overview Concepts of CIA: confidentiality, integrity, and availability Confidentiality: concealment of information –The need arises from sensitive.
New Direction for Software Protection in Embedded Systems Department of EECS University of Michigan Feb 22, 2007 Kang G. Shin.

New Direction for Software Protection in Embedded Systems Department of EECS University of Michigan Feb 22, 2007 Kang G. Shin.
Title of Selected Paper: Design and Implementation of Secure Embedded Systems Based on Trustzone Authors: Yan-ling Xu, Wei Pan, Xin-guo Zhang Presented.

Title of Selected Paper: Design and Implementation of Secure Embedded Systems Based on Trustzone Authors: Yan-ling Xu, Wei Pan, Xin-guo Zhang Presented.
IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.

IT 221: Introduction to Information Security Principles Lecture 1: Introduction to IT Security For Educational Purposes Only Revised: August 28, 2002.
Chapter 1 – Introduction

Chapter 1 – Introduction
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
1 An Overview of Computer Security computer security.

1 An Overview of Computer Security computer security.
Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Demo of Some Security Tools Jeffy Mwakalinga.
Chapter 1 Introduction. Chapter Overview Overview of Operating Systems Secure Operating Systems Basic Concepts in Information Security Design of a Secure.

Chapter 1 Introduction. Chapter Overview Overview of Operating Systems Secure Operating Systems Basic Concepts in Information Security Design of a Secure.
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 9 Performing Vulnerability Assessments.

Similar presentations

Ads by Google