AN IMPROVED MODEL FOR SECURE CRYPTOGRAPHIC INTEGRITY VERIFICATION OF LOCAL CODE

Christian Payne

2007

Abstract

Trusted fingerprinting is a new model for cryptographic integrity verification of executables and related objects to protect users against illicit modifications to system programs and attacks by malicious code. In addition to a number of other novel features, trusted fingerprinting improves upon previous designs by managing the privileges assigned to processes based upon their verification status. It also provides greater flexibility as, in addition to globally verified programs, each user can independently flag for verification software relevant to their individual security requirements. Trusted fingerprinting also allows for automatic updates to fingerprints of objects where these modifications are made by trusted code.

References

  1. Beattie, S. M., Black, A. P., Cowan, C., Pu, C., and Yang, L. P. (2000). CryptoMark: Locking the stable door ahead of the Trojan horse. White paper, WireX Communications Inc.
  2. Dowd, M., McDonald, J., and Schuh, J. (2007). The Art of Software Security Assessment. Addison-Wesley.
  3. Gong, L., Mueller, M., Prafullchandra, H., and Schemers, R. (1997). Going beyond the sandbox: An overview of the new security architecture in the Java Development Kit 1.2. In Proceedings of the USENIX Symposium on Internet Technologies and Systems.
  4. Gordon, L. A., Loeb, M. P., Lucyshyn, W., and Richardson, R. (2006). Eleventh annual CSI/FBI computer crime and security survey. Technical report, Computer Security Institute (CSI). http://GoCSI.com.
  5. Kalafut, A., Acharya, A., and Gupta, M. (2006). A study of malware in peer-to-peer networks. In Proceedings of the 6th ACM SIGCOMM on Internet Measurement. ACM Press.
  6. Kim, G. H. and Spafford, E. H. (1994a). The design and implementation of Tripwire: A file system integrity checker. In Proceedings of the 2nd ACM Conference on Computers and Communication Security.
  7. Kim, G. H. and Spafford, E. H. (1994b). Experiences with Tripwire: Using integrity checkers for intrusion detection. Technical Report CSD-TR-93-071, COAST Laboratory, Purdue University, West Lafayette, IN 47907-1398.
  8. Microsoft Corporation (2006). Introduction to code signing. Online: http://msdn.microsoft.com/workshop/ security/authcode/intro_authenticode.asp.
  9. Patil, S., Kashyap, A., Sivathanu, G., and Zadok, E. (2004). I3FS: An in-kernel integrity checker and intrusion detection file system. In Proceedings of the 18th USENIX Large Installation System Administration Conference (LISA 2004).
  10. Payne, C. (2003). Cryptographic protection for operating systems. Research Working Paper Series IT/03/03, School of Information Technology, Murdoch University, Perth, Western Australia.
  11. Payne, C. (2004). Enhanced security models for operating systems: A cryptographic approach. In Proceedings of the 28th Annual International Computer Software and Applications Conference: COMPSAC 2004, pages 230-235. IEEE Computer Society.
  12. Reid, J. F. and Caelli, W. J. (2005). DRM, trusted computing and operating system architecture. In Proceedings of the 2005 Australasian Workshop on Grid Computing and e-research, volume 44, pages 127-136.
  13. Sailer, R., Zhang, X., Jaeger, T., and van Doorn, L. (2004). Design and implementation of a TCG-based integrity measurement architecture. In Proceedings of the 13th USENIX Security Symposium, pages 223-238.
  14. US-CERT (2006). Quarterly trends and analysis report, volume 1, issue 2. Technical report, United States Computer Emergency Readiness Team. http://www. us-cert.gov.
Download


Paper Citation


in Harvard Style

Payne C. (2007). AN IMPROVED MODEL FOR SECURE CRYPTOGRAPHIC INTEGRITY VERIFICATION OF LOCAL CODE . In Proceedings of the Second International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2007) ISBN 978-989-8111-12-8, pages 80-84. DOI: 10.5220/0002124300800084


in Bibtex Style

@conference{secrypt07,
author={Christian Payne},
title={AN IMPROVED MODEL FOR SECURE CRYPTOGRAPHIC INTEGRITY VERIFICATION OF LOCAL CODE},
booktitle={Proceedings of the Second International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2007)},
year={2007},
pages={80-84},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002124300800084},
isbn={978-989-8111-12-8},
}


in EndNote Style

TY - CONF
JO - Proceedings of the Second International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2007)
TI - AN IMPROVED MODEL FOR SECURE CRYPTOGRAPHIC INTEGRITY VERIFICATION OF LOCAL CODE
SN - 978-989-8111-12-8
AU - Payne C.
PY - 2007
SP - 80
EP - 84
DO - 10.5220/0002124300800084