Remember Me
Or use your Academic/Social account:


Or use your Academic/Social account:


You have just completed your registration at OpenAire.

Before you can login to the site, you will need to activate your account. An e-mail will be sent to you with the proper instructions.


Please note that this site is currently undergoing Beta testing.
Any new content you create is not guaranteed to be present to the final version of the site upon release.

Thank you for your patience,
OpenAire Dev Team.

Close This Message


Verify Password:
Verify E-mail:
*All Fields Are Required.
Please Verify You Are Human:
fbtwitterlinkedinvimeoflicker grey 14rssslideshare1
Falcarin, Paolo; Scandariato, Riccardo; Baldi, Mario (2006)
Languages: English
Types: Unknown
Given a client/server application, how can the server entrust the integrity of the remote client, albeit the latter is running on an un-trusted machine? To address this research problem, we propose a novel approach based on the client-side generation of an execution signature, which is remotely checked by the server, wherein signature generation is locked to the entrusted software by means of code integrity checking. Our approach exploits the features of dynamic aspect-oriented programming (AOP) to extend the power of code integrity checkers in several ways. This paper both presents our approach and describes a prototype implementation for a messaging application.
  • The results below are discovered through our pilot algorithms. Let us know how we are doing!

    • [1] M. Baldi, Y. Ofek, and M. Yung, "Idiosyncratic Signatures for Authenticated Execution of Management Code" Proc. of DSOM 2003, 2003
    • [2] H. Chang and M. Atallah, "Protecting software code by guards" Proc. of ACM Workshop on Security and Privacy in Digital Rights Management, 2002
    • [3] B. Horne, L. Matheson, C. Sheehan, and R. E. Tarjan, "Dynamic Self-Checking Techniques for Improved Tamper Resistance" Proc. of ACM Workshop on Security and Privacy in Digital Rights Management, 2001
    • [4] Y. Chen, R. Venkatesan, M. Cary, R. Pang, S. Sinha, and M. Jakubowski, "Oblivious hashing: Silent Verification of Code Execution" Proc. of 5th International Workshop on Information Hiding (IHW 2002), 7-9 October, 2002
    • [5] C. Collberg, C. Thomborson, and D. Low, "Watermarking, Tamper-Proofing, and Obfuscation - Tools for Software Protection" IEEE Transactions on Software Engineering, 28, 2002.
    • [6] B. Barak, O. Goldreich, R. Impagliazzo, S. Rudich, A. Sahai, S. P. Vadhan, and K. Yang, "On the (Im)possibility of Obfuscating Programs" Proc. of CRYPTO 2001, 2001
    • [7] D. Aucsmith, "Tamper resistant software: An implementation" in Information Hiding, Lecture Notes in Computer Science 1174, R. J. Anderson, Ed.: SpringerVerlag, 1996.
    • [8] TCG, The Trusted Computing Group, available at: https://www.trustedcomputinggroup.org (last access 30th May, 2005),
    • [9] R. Sailer, X. Zhang, T. Jaeger, and L. VanDoorn, "Design and Implementation of a TCG-based Integrity Measurement Architecture" Proc. of 13th USENIX Security Symposium, 2004, pp. 223-238.
    • [10] J. Daemen and V. Rijmen, "The Block Cipher Rijndael" in Smart Card Research and Applications, LNCS 1820, Springer-Verlag, 2000.
    • [11] G. Kiczales, J. Lamping, A. Mendhekar, C. Maeda, C. V. Lopes, J. Loingtier, and J. Irwan. Aspect-oriented programming. Proc. of ECOOP 97, June 1997.
    • [12] A. Popovici, G. Alonso, and T. Gross, "Just in Time Aspects: Efficient Dynamic Weaving for Java" Proc. of 2nd International Conference on Aspect-Oriented Software Development, 2003
    • [13] BCEL, Byte Code Engineering Library, available at: http://jakarta.apache.org/bcel/
    • [14] M. Jakobsson, K. Reiter, "Discouraging Software Piracy Using Software Aging". ACM Workshop on Security and Privacy in Digital Rights Management, Philadelphia, USA, November 2001.
  • No related research data.
  • No similar publications.

Share - Bookmark

Cite this article