Protecting Externally Supplied Software in Small Computers.
Abstract
The increasing decentralization of computing resources and the proliferation of personal and small business computers create new problems in computer security. One such problem is the protection of externally supplied software, i.e., software supplied by other than the users/owners of these small computers. In the case of personal and small business computers, proprietary software serves as the primary example. In distributed systems comprised of autonomously managed nodes, members of the user community may act as vendors of external software in a less formal context. In these contexts dual security requirements arise: vendors require encapsulation of their software to prevent release and to detect modification of information, whereas users require confinement of external software in order to control its access to computer resources. The protection mechanisms developed to support mutually suspicious subsystems in centralized systems are not directly applicable here because of differences in the computing environment, e.g., the need to protect external subsystems from physical attacks mounted by owners of these small computers. This thesis employs two tools to achieve the security requirements of vendors of external software: tamper-resistance models (TRMs) and cryptographic techniques. External software can be confined in two ways: through the use of a secure operating system in conjunction with a TRM supplied by a third-party or by providing separate processors for vendors and users and employing some simple hardware to implement access control for the user.
Document Details
- Document Type
- Technical Report
- Publication Date
- Sep 01, 1980
- Accession Number
- ADA104678
Entities
People
- Stephen Thomas Kent
Organizations
- Massachusetts Institute of Technology