Presentation is loading. Please wait.

Presentation is loading. Please wait.

ABYSS : An Architecture for Software Protection

Published byPaula Gordon Modified over 6 years ago

Similar presentations

Presentation on theme: "ABYSS : An Architecture for Software Protection"— Presentation transcript:

1 ABYSS : An Architecture for Software Protection
IEEE Transactions on Software Engineering June 1990 Steve R. White and Liam Comerford Jaewon Lee

2 Introduction Traditional S/W protection method Problem Exploration
writing in unusual way copy protection by feature on the distribution diskette attachment of special H/W devices Problem both logically and physically open system unacceptable burdens on the legitimate user Exploration physically secure tamper-resistant modules cryptographic approach crypto-microprocessor

3 Overview of ABYSS A Basic Yorktown Security System
guarantees to execute exactly as it was written cannot be modified arbitrarily by the user the only encryption and decryption keys must be kept secret need physically secure device

4 Architecture of ABYSS Unprotected Processes Protected Processes … …
Part of Application 1 High Privilege Supervisor Process Protected Part of Application 1 Right-To- Execute Storage Protected Part of Application N Unprotected Part of Application N Authorization Process

5 Protected Processors Minimal, but complete, computing system
real-time clock random or pseudo-random number generator memory logically, physically, and procedurally secure unit Supervisor process ensuring the logical and procedural security of the protected processor cryptographic facility

6 S/W Partitioning Protected parts encrypted
only decrypted when it is loaded into protected processor physically secure while inside the protected processor cryptographically secure while outside

7 Tokens New authorization mechanism queries responses
generated randomly by protected processors sufficiently numerous that no collision different queries generate different responses responses sufficiently numerous that a correct random guessing is improbable sufficiently independent of each other token data is erased from the token as it is read

8 How Tokens Work   Query Line Query = UP Up Down 1  Response Line 1
2 3 n Up Down 1 Response Line 1 Query Line 2 3 4 n Up Down 1 1 1 1 Response Line Response = 0 1

9 Attacks on The System Plaintext software Cryptanalytic attacks
nonchosen plaintext attack Physical attacks On trusting the H/W manufacturer

10 New Capabilities Technical enforcement of terms and conditions
Protection of distribution channels

11 Conclusion ABYSS enables the protected execution of application on protected processors logical, physical, and procedural security S/W is separated from its Right-To-Execute Doesn’t require changes to S/W distribution methods

Download ppt "ABYSS : An Architecture for Software Protection"

Similar presentations

Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.

Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.
Operating System Security

Operating System Security
Cloakware Corporation, 260 Hearst Way, Suite 311, Kanata, Ontario, Canada K2L 3H1 Spencer Cheng Trusting DRM Software Presentation.

Cloakware Corporation, 260 Hearst Way, Suite 311, Kanata, Ontario, Canada K2L 3H1 Spencer Cheng Trusting DRM Software Presentation.
Hardware Cryptographic Coprocessor Peter R. Wihl Security in Software.

Hardware Cryptographic Coprocessor Peter R. Wihl Security in Software.
Trusted Design In FPGAs Steve Trimberger Xilinx Research Labs.

Trusted Design In FPGAs Steve Trimberger Xilinx Research Labs.
Accountability in Hosted Virtual Networks Eric Keller, Ruby B. Lee, Jennifer Rexford Princeton University VISA 2009.

Accountability in Hosted Virtual Networks Eric Keller, Ruby B. Lee, Jennifer Rexford Princeton University VISA 2009.
Differential Power Analysis of Smartcards How secure is your private information? Author: Ryan Junee Supervisor: Matt Barrie.

Differential Power Analysis of Smartcards How secure is your private information? Author: Ryan Junee Supervisor: Matt Barrie.
Superdistribution --- The Concept and the Architecture Ryoichi Mori and Masaji Kawahara presented by Ping Xu 1. Introduction to Superdistribution 2. Protect.

Superdistribution --- The Concept and the Architecture Ryoichi Mori and Masaji Kawahara presented by Ping Xu 1. Introduction to Superdistribution 2. Protect.
Achieving Better Privacy Protection in WSNs Using Trusted Computing Yanjiang YANG, Robert DENG, Jianying ZHOU, Ying QIU.

Achieving Better Privacy Protection in WSNs Using Trusted Computing Yanjiang YANG, Robert DENG, Jianying ZHOU, Ying QIU.
1 An Overview of Computer Security computer security.

1 An Overview of Computer Security computer security.
Securing Data Storage Protecting Data at Rest Advanced Systems Group Dell Computer Asia Ltd.

Securing Data Storage Protecting Data at Rest Advanced Systems Group Dell Computer Asia Ltd.
Data Management I DBMS Relational Systems. Overview u Introduction u DBMS –components –types u Relational Model –characteristics –implementation u Physical.

Data Management I DBMS Relational Systems. Overview u Introduction u DBMS –components –types u Relational Model –characteristics –implementation u Physical.
EEC-681/781 Distributed Computing Systems Lecture 3 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University

EEC-681/781 Distributed Computing Systems Lecture 3 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
Figure 1.1 Interaction between applications and the operating system.

Figure 1.1 Interaction between applications and the operating system.
Patterns for Secure Boot and Secure Storage in Computer Systems By: Hans L¨ohr, Ahmad-Reza Sadeghi, Marcel Winandy Horst G¨ortz Institute for IT Security,

Patterns for Secure Boot and Secure Storage in Computer Systems By: Hans L¨ohr, Ahmad-Reza Sadeghi, Marcel Winandy Horst G¨ortz Institute for IT Security,
G53SEC 1 Reference Monitors Enforcement of Access Control.

G53SEC 1 Reference Monitors Enforcement of Access Control.
Architecture for Protecting Critical Secrets in Microprocessors Ruby Lee Peter Kwan Patrick McGregor Jeffrey Dwoskin Zhenghong Wang Princeton Architecture.

Architecture for Protecting Critical Secrets in Microprocessors Ruby Lee Peter Kwan Patrick McGregor Jeffrey Dwoskin Zhenghong Wang Princeton Architecture.
Three fundamental concepts in computer security: Reference Monitors: An access control concept that refers to an abstract machine that mediates all accesses.

Three fundamental concepts in computer security: Reference Monitors: An access control concept that refers to an abstract machine that mediates all accesses.
1 Architectural Support for Copy and Tamper Resistant Software David Lie, Chandu Thekkath, Mark Mitchell, Patrick Lincoln, Dan Boneh, John Mitchell and.

1 Architectural Support for Copy and Tamper Resistant Software David Lie, Chandu Thekkath, Mark Mitchell, Patrick Lincoln, Dan Boneh, John Mitchell and.
Trusted Computing Or How I Learned to Stop Worrying and Love the MPAA.

Trusted Computing Or How I Learned to Stop Worrying and Love the MPAA.

Similar presentations

Ads by Google