{"title":"Automated Software Protection through Program Externalization on Memory-Limited Secure Devices","authors":"S. Chaumette, Olivier Ly, Renaud Tabary","doi":"10.1109/EUC.2010.122","DOIUrl":null,"url":null,"abstract":"In this paper we propose a hardware assisted software protection scheme that relies on the use of a resource-limited secure token ({\\em e.g.} a smart card). The protection consists in externalizing the execution of the sensitive pieces of code of the application to be protected to the token block by block, while the unsensitive code is still executed inside the untrusted computer. We define a generic process: the protection is enforced automatically. Our method relies on static analysis techniques that are used to infer the parts of code to be externalized together with run-time externalization protocol. We have developed a software environment implementing this technology for Java applications.","PeriodicalId":265175,"journal":{"name":"2010 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2010-12-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 IEEE/IFIP International Conference on Embedded and Ubiquitous Computing","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/EUC.2010.122","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
In this paper we propose a hardware assisted software protection scheme that relies on the use of a resource-limited secure token ({\em e.g.} a smart card). The protection consists in externalizing the execution of the sensitive pieces of code of the application to be protected to the token block by block, while the unsensitive code is still executed inside the untrusted computer. We define a generic process: the protection is enforced automatically. Our method relies on static analysis techniques that are used to infer the parts of code to be externalized together with run-time externalization protocol. We have developed a software environment implementing this technology for Java applications.