Protecting Software Code by Guards View Full Text


Ontology type: schema:Chapter      Open Access: True


Chapter Info

DATE

2002

AUTHORS

Hoi Chang , Mikhail J. Atallah

ABSTRACT

Protection of software code against illegitimate modifications by its users is a pressing issue to many software developers. Many software-based mechanisms for protecting program code are too weak (e.g., they have single points of failure) or too expensive to apply (e.g., they incur heavy runtime performance penalty to the protected programs). In this paper, we present and explore a methodology that we believe can protect program integrity in a more tamper-resilient and flexible manner. Our approach is based on a distributed scheme, in which protection and tamper-resistance of program code is achieved, not by a single security module, but by a network of (smaller) security units that work together in the program. These security units, or guards, can be programmed to do certain tasks (checksumming the program code is one example) and a network of them can reinforce the protection of each other by creating mutual-protection. We have implemented a system for automating the process of installing guards into Win32 executables. It is because our system operates on binaries that we are able to apply our protection mechanism to EXEs and DLLs. Experimental results show that memory space and runtime performance impacts incurred by guards can be kept very low (as explained later in the paper). More... »

PAGES

160-175

Identifiers

URI

http://scigraph.springernature.com/pub.10.1007/3-540-47870-1_10

DOI

http://dx.doi.org/10.1007/3-540-47870-1_10

DIMENSIONS

https://app.dimensions.ai/details/publication/pub.1047590996


Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
Incoming Citations Browse incoming citations for this publication using opencitations.net

JSON-LD is the canonical representation for SciGraph data.

TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

[
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0803", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Computer Software", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "Purdue University", 
          "id": "https://www.grid.ac/institutes/grid.169077.e", 
          "name": [
            "CERIAS, Purdue University, 1315 Recitation Building, West Lafayette, IN\u00a047907, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Chang", 
        "givenName": "Hoi", 
        "type": "Person"
      }, 
      {
        "affiliation": {
          "name": [
            "Arxan Technologies, Inc., 3000 Kent Ave., Suite 1D-107, W. Lafayette, IN\u00a047906, USA"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Atallah", 
        "givenName": "Mikhail J.", 
        "id": "sg:person.012653616557.06", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012653616557.06"
        ], 
        "type": "Person"
      }
    ], 
    "citation": [
      {
        "id": "https://doi.org/10.1016/s1389-1286(98)00019-x", 
        "sameAs": [
          "https://app.dimensions.ai/details/publication/pub.1041969633"
        ], 
        "type": "CreativeWork"
      }
    ], 
    "datePublished": "2002", 
    "datePublishedReg": "2002-01-01", 
    "description": "Protection of software code against illegitimate modifications by its users is a pressing issue to many software developers. Many software-based mechanisms for protecting program code are too weak (e.g., they have single points of failure) or too expensive to apply (e.g., they incur heavy runtime performance penalty to the protected programs). In this paper, we present and explore a methodology that we believe can protect program integrity in a more tamper-resilient and flexible manner. Our approach is based on a distributed scheme, in which protection and tamper-resistance of program code is achieved, not by a single security module, but by a network of (smaller) security units that work together in the program. These security units, or guards, can be programmed to do certain tasks (checksumming the program code is one example) and a network of them can reinforce the protection of each other by creating mutual-protection. We have implemented a system for automating the process of installing guards into Win32 executables. It is because our system operates on binaries that we are able to apply our protection mechanism to EXEs and DLLs. Experimental results show that memory space and runtime performance impacts incurred by guards can be kept very low (as explained later in the paper).", 
    "editor": [
      {
        "familyName": "Sander", 
        "givenName": "Tomas", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/3-540-47870-1_10", 
    "inLanguage": [
      "en"
    ], 
    "isAccessibleForFree": true, 
    "isPartOf": {
      "isbn": [
        "978-3-540-43677-5", 
        "978-3-540-47870-6"
      ], 
      "name": "Security and Privacy in Digital Rights Management", 
      "type": "Book"
    }, 
    "name": "Protecting Software Code by Guards", 
    "pagination": "160-175", 
    "productId": [
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/3-540-47870-1_10"
        ]
      }, 
      {
        "name": "readcube_id", 
        "type": "PropertyValue", 
        "value": [
          "e2b5e2eb897ad1d14ef04fa3401c1f14a812c54886aa253aa1309bca6057b348"
        ]
      }, 
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1047590996"
        ]
      }
    ], 
    "publisher": {
      "location": "Berlin, Heidelberg", 
      "name": "Springer Berlin Heidelberg", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/3-540-47870-1_10", 
      "https://app.dimensions.ai/details/publication/pub.1047590996"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2019-04-15T21:04", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-uberresearch-data-dimensions-target-20181106-alternative/cleanup/v134/2549eaecd7973599484d7c17b260dba0a4ecb94b/merge/v9/a6c9fde33151104705d4d7ff012ea9563521a3ce/jats-lookup/v90/0000000001_0000000264/records_8690_00000272.jsonl", 
    "type": "Chapter", 
    "url": "http://link.springer.com/10.1007/3-540-47870-1_10"
  }
]
 

Download the RDF metadata as:  json-ld nt turtle xml License info

HOW TO GET THIS DATA PROGRAMMATICALLY:

JSON-LD is a popular format for linked data which is fully compatible with JSON.

curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/3-540-47870-1_10'

N-Triples is a line-based linked data format ideal for batch operations.

curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/3-540-47870-1_10'

Turtle is a human-readable linked data format.

curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/3-540-47870-1_10'

RDF/XML is a standard XML format for linked data.

curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/3-540-47870-1_10'


 

This table displays all metadata directly associated to this object as RDF triples.

76 TRIPLES      23 PREDICATES      28 URIs      20 LITERALS      8 BLANK NODES

Subject Predicate Object
1 sg:pub.10.1007/3-540-47870-1_10 schema:about anzsrc-for:08
2 anzsrc-for:0803
3 schema:author Nfa2f79757ba54523b05a1f3fea1eb0bd
4 schema:citation https://doi.org/10.1016/s1389-1286(98)00019-x
5 schema:datePublished 2002
6 schema:datePublishedReg 2002-01-01
7 schema:description Protection of software code against illegitimate modifications by its users is a pressing issue to many software developers. Many software-based mechanisms for protecting program code are too weak (e.g., they have single points of failure) or too expensive to apply (e.g., they incur heavy runtime performance penalty to the protected programs). In this paper, we present and explore a methodology that we believe can protect program integrity in a more tamper-resilient and flexible manner. Our approach is based on a distributed scheme, in which protection and tamper-resistance of program code is achieved, not by a single security module, but by a network of (smaller) security units that work together in the program. These security units, or guards, can be programmed to do certain tasks (checksumming the program code is one example) and a network of them can reinforce the protection of each other by creating mutual-protection. We have implemented a system for automating the process of installing guards into Win32 executables. It is because our system operates on binaries that we are able to apply our protection mechanism to EXEs and DLLs. Experimental results show that memory space and runtime performance impacts incurred by guards can be kept very low (as explained later in the paper).
8 schema:editor N09759653db1e45088e7f3ea637c76bf5
9 schema:genre chapter
10 schema:inLanguage en
11 schema:isAccessibleForFree true
12 schema:isPartOf Nc61adc3620ed4441bec820a0c94a0c4b
13 schema:name Protecting Software Code by Guards
14 schema:pagination 160-175
15 schema:productId N3e3ae12d604040979362ccd1707a7f16
16 N61c7586f7b87474aa9516dca03c01c0c
17 Nc7c07baa15d94f5990453e05a58ab614
18 schema:publisher N0cee887d4dc0453fafae08a84ea0ef46
19 schema:sameAs https://app.dimensions.ai/details/publication/pub.1047590996
20 https://doi.org/10.1007/3-540-47870-1_10
21 schema:sdDatePublished 2019-04-15T21:04
22 schema:sdLicense https://scigraph.springernature.com/explorer/license/
23 schema:sdPublisher N10552abe30b04e3aad9c972d51bcd308
24 schema:url http://link.springer.com/10.1007/3-540-47870-1_10
25 sgo:license sg:explorer/license/
26 sgo:sdDataset chapters
27 rdf:type schema:Chapter
28 N09759653db1e45088e7f3ea637c76bf5 rdf:first Na16930db45574cbea09a36659e7b9568
29 rdf:rest rdf:nil
30 N0cee887d4dc0453fafae08a84ea0ef46 schema:location Berlin, Heidelberg
31 schema:name Springer Berlin Heidelberg
32 rdf:type schema:Organisation
33 N10552abe30b04e3aad9c972d51bcd308 schema:name Springer Nature - SN SciGraph project
34 rdf:type schema:Organization
35 N1f2d244cbfbe4136b6a42011e4adc140 schema:affiliation https://www.grid.ac/institutes/grid.169077.e
36 schema:familyName Chang
37 schema:givenName Hoi
38 rdf:type schema:Person
39 N3e3ae12d604040979362ccd1707a7f16 schema:name doi
40 schema:value 10.1007/3-540-47870-1_10
41 rdf:type schema:PropertyValue
42 N61c7586f7b87474aa9516dca03c01c0c schema:name readcube_id
43 schema:value e2b5e2eb897ad1d14ef04fa3401c1f14a812c54886aa253aa1309bca6057b348
44 rdf:type schema:PropertyValue
45 N6ab23f855c304d3088e3071f77a7ee6b schema:name Arxan Technologies, Inc., 3000 Kent Ave., Suite 1D-107, W. Lafayette, IN 47906, USA
46 rdf:type schema:Organization
47 N96f49febb2a640658ffdb2f02bb499a5 rdf:first sg:person.012653616557.06
48 rdf:rest rdf:nil
49 Na16930db45574cbea09a36659e7b9568 schema:familyName Sander
50 schema:givenName Tomas
51 rdf:type schema:Person
52 Nc61adc3620ed4441bec820a0c94a0c4b schema:isbn 978-3-540-43677-5
53 978-3-540-47870-6
54 schema:name Security and Privacy in Digital Rights Management
55 rdf:type schema:Book
56 Nc7c07baa15d94f5990453e05a58ab614 schema:name dimensions_id
57 schema:value pub.1047590996
58 rdf:type schema:PropertyValue
59 Nfa2f79757ba54523b05a1f3fea1eb0bd rdf:first N1f2d244cbfbe4136b6a42011e4adc140
60 rdf:rest N96f49febb2a640658ffdb2f02bb499a5
61 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
62 schema:name Information and Computing Sciences
63 rdf:type schema:DefinedTerm
64 anzsrc-for:0803 schema:inDefinedTermSet anzsrc-for:
65 schema:name Computer Software
66 rdf:type schema:DefinedTerm
67 sg:person.012653616557.06 schema:affiliation N6ab23f855c304d3088e3071f77a7ee6b
68 schema:familyName Atallah
69 schema:givenName Mikhail J.
70 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012653616557.06
71 rdf:type schema:Person
72 https://doi.org/10.1016/s1389-1286(98)00019-x schema:sameAs https://app.dimensions.ai/details/publication/pub.1041969633
73 rdf:type schema:CreativeWork
74 https://www.grid.ac/institutes/grid.169077.e schema:alternateName Purdue University
75 schema:name CERIAS, Purdue University, 1315 Recitation Building, West Lafayette, IN 47907, USA
76 rdf:type schema:Organization
 




Preview window. Press ESC to close (or click here)


...