Remote trusting aims at verifying the ``healthy'' execution of a program running on an untrusted client that communicates with a trusted server via network connection. After giving a formal definition of the remote trusting problem and a test to determine whether an attack against a given remote trusting scheme is successful or not, we propose a protection against malicious modification of the client code, based on the replication of a portion of the client on the server. To minimize the size of the code that is replicated, we propose to use barrier slicing. We show the feasibility of our approach on a case study. Our results indicate that a barrier slice is significantly smaller than the corresponding backward slice while providing the same level of protection.
Barrier Slicing for Remote Software Trusting
M. Ceccato;DALLA PREDA, Mila;
2007-01-01
Abstract
Remote trusting aims at verifying the ``healthy'' execution of a program running on an untrusted client that communicates with a trusted server via network connection. After giving a formal definition of the remote trusting problem and a test to determine whether an attack against a given remote trusting scheme is successful or not, we propose a protection against malicious modification of the client code, based on the replication of a portion of the client on the server. To minimize the size of the code that is replicated, we propose to use barrier slicing. We show the feasibility of our approach on a case study. Our results indicate that a barrier slice is significantly smaller than the corresponding backward slice while providing the same level of protection.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.