ABYSS : An Architecture for Software Protection - PowerPoint PPT Presentation

1 / 11
About This Presentation
Title:

ABYSS : An Architecture for Software Protection

Description:

cryptographic approach. crypto-microprocessor. Overview of ABYSS. A Basic Yorktown Security System ... cryptographic facility. S/W Partitioning. Protected parts ... – PowerPoint PPT presentation

Number of Views:38
Avg rating:3.0/5.0
Slides: 12
Provided by: knotKa
Category:

less

Transcript and Presenter's Notes

Title: ABYSS : An Architecture for Software Protection


1
ABYSS An Architecture for Software Protection
  • IEEE Transactions on Software Engineering
  • June 1990
  • Steve R. White and Liam Comerford
  • Jaewon Lee

2
Introduction
  • Traditional S/W protection method
  • writing in unusual way
  • copy protection by feature on the distribution
    diskette
  • attachment of special H/W devices
  • Problem
  • both logically and physically open system
  • unacceptable burdens on the legitimate user
  • Exploration
  • physically secure tamper-resistant modules
  • cryptographic approach
  • crypto-microprocessor

3
Overview of ABYSS
  • A Basic Yorktown Security System
  • guarantees to execute exactly as it was written
  • cannot be modified arbitrarily by the user
  • the only encryption and decryption keys must be
    kept secret
  • need physically secure device

4
Architecture of ABYSS
Unprotected Processes
Protected Processes
High Privilege Supervisor Process
Unprotected Part of Application 1
Protected Part of Application 1


Right-To- Execute Storage
Protected Part of Application N
Unprotected Part of Application N
Authorization Process
5
Protected Processors
  • Minimal, but complete, computing system
  • processor
  • real-time clock
  • random or pseudo-random number generator
  • memory
  • logically, physically, and procedurally secure
    unit
  • Supervisor process
  • ensuring the logical and procedural security of
    the protected processor
  • cryptographic facility

6
S/W Partitioning
  • Protected parts
  • encrypted
  • only decrypted when it is loaded into protected
    processor
  • physically secure while inside the protected
    processor
  • cryptographically secure while outside

7
Tokens
  • New authorization mechanism
  • queries
  • generated randomly by protected processors
  • sufficiently numerous that no collision
  • different queries generate different responses
  • responses
  • sufficiently numerous that a correct random
    guessing is improbable
  • sufficiently independent of each other
  • token data is erased from the token as it is read

8
How Tokens Work
Query Line
Query UP
?
1
2
3
n
Up Down
0
Response Line
0
Query Line
?
2
3
4
n
Up Down
0
1
1
1
?
1
0
Response Line
Response 0
0
9
Attacks on The System
  • Plaintext software
  • Cryptanalytic attacks
  • nonchosen plaintext attack
  • Physical attacks
  • On trusting the H/W manufacturer

10
New Capabilities
  • Technical enforcement of terms and conditions
  • Protection of distribution channels

11
Conclusion
  • ABYSS enables the protected execution of
    application on protected processors
  • logical, physical, and procedural security
  • S/W is separated from its Right-To-Execute
  • Doesnt require changes to S/W distribution
    methods
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "ABYSS : An Architecture for Software Protection" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!