Trusted distribution of software over the Internet
نویسنده
چکیده
This paper ooers a solution to a problem of software distribution on the Internet. The problem is that malicious software can be posted to the public with no accountability. When this software is run, it inherits the privileges of the user who runs it. Unfortunately, it is very common for users to execute software obtained on the Internet with no assurance that it is genuine. The solution ooered here utilizes a trusted third party that signs certiicates to identify the author of a program and to secure its integrity. A detailed design is provided. Finally, Bellcore's Trusted Software Integrity (Betsi) System, an implementation of the design, is presented.
منابع مشابه
Trusted Distribution of Software over the Internet Appeared in the Internet Society 1995 Symposium on Network and Distributed System Security
This paper ooers a solution to a problem of software distribution on the Internet. The problem is that malicious software can be posted to the public with no accountability. When this software is run, it inherits the privileges of the user who runs it. Unfortunately, it is very common for users to execute software obtained on the Internet with no assurance that it is genuine. The solution ooere...
متن کاملe-EMV: Emulating EMV for Internet payments using Trusted Computing technology
The introduction of Static Data Authentication (SDA) compliant EMV cards with their improved cardholder verification and card authentication capabilities has resulted in a dramatic reduction in the levels of fraud seen at Point of Sale (POS) terminals. However, with this POS-based reduction has come a corresponding increase in the level of fraud associated with Internet-based Card Not Present (...
متن کاملThree Party Authenticated Key Distribution using Quantum Cryptography
Cryptography is the science of writing in secret message and is an ancient art. In data and telecommunications, cryptography is necessary when communicating over any untrusted medium, which includes just about any network, particularly over the Internet. Over the last two decades an interesting field of the cryptography has raised from non classical atomic theory, Quantum Physics. This field is...
متن کاملIn Law We Trust? Trusted Computing and Legal Responsibility for Internet Security
This paper analyses potential legal responses and consequences to the anticipated roll out of Trusted Computing (TC). It is argued that TC constitutes such a dramatic shift in power away from users to the software providers, that it is necessary for the legal system to respond. A possible response is to mirror the shift in power by a shift in legal responsibility, creating new legal liabilities...
متن کاملAn Implementation of a Trusted and Secure DRM Architecture
Content providers and distributors need to have secured and trusted systems for the distribution of multimedia content with Digital Rights Management (DRM) to ensure the revenues derived from their works. This paper discusses the security mechanisms applied to the implementation of a DRM architecture, regarding the certification and verification of user tools integrity during their whole life c...
متن کامل