ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
A technique for self-certifying tamper resistant software
Full text PdfPdf (187 KB)
Source
Conference on Computer and Communications Security archive
Proceedings of the 2007 ACM workshop on Quality of protection table of contents
Alexandria, Virginia, USA
SESSION: Software security table of contents
Pages: 12 - 14  
Year of Publication: 2007
ISBN:978-1-59593-885-5
Authors
Hongxia Jin  IBM Almaden Research Center, San Jose, CA
Ginger Myles  IBM Almaden Research Center, San Jose, CA
Sponsors
SIGSAC: ACM Special Interest Group on Security, Audit, and Control
ACM: Association for Computing Machinery
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 5,   Downloads (12 Months): 41,   Citation Count: 0
Additional Information:

abstract   references   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1314257.1314262
What is a DOI?

ABSTRACT

Until recently the use of software tamper resistance was rather limited. However, as the music and movie industries have increased their reliance on content protection systems, the importance placed on and the use of tamper resistance has also increased. Unfortunately, the nature of tamper resistance can make it difficult for developers to determine if a protection mechanism isactually robust and which attacks it can protect against. To address this issue we have designed a tool for self-certifying the strength of a tamper resistance implementation that is based on a hybrid attack-defense graph. This approachto tamper resistance evaluation is advantageous in that it enables certification without leaking confidential implementation details and it assists developers in designing more robust implementations.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
Advanced Access Content System, http://www.aacsla.com/home
 
2
Kyle Ingols , Richard Lippmann , Keith Piwowarski, Practical Attack Graph Generation for Network Defense, Proceedings of the 22nd Annual Computer Security Applications Conference on Annual Computer Security Applications Conference, p.121-130, December 11-15, 2006  [doi>10.1109/ACSAC.2006.39]
 
3
G. Myles and H.Jin, "Self-validating Branch-Based Software Watermarking", Springer, 7th International Information Hiding Workshop, pp.342--356, 2005.
 
4
B. Schneier, "Attack trees", Dr. Dobb's Journal, July, 2001

INDEX TERMS

Primary Classification:
  K. Computing Milieux
  K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS
      K.6.5 Security and Protection (D.4.6, K.4.2)
          Subjects: Unauthorized access (e.g., hacking, phreaking)


General Terms:
Design, Management, Measurement, Security


Keywords:
attack tree, content protection, security measurement, software tamper resistance

Collaborative Colleagues:
Hongxia Jin: colleagues
Ginger Myles: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player