CryptoNET: Software Protection and Secure Execution Environment

摘要

The software modules are key component of information technology. Most of software owners and users are concerned about the protection of software modules against reverse engineering, illegal tempering, program-based attacks, BORE (Break Once Run Everywhere) attack and unauthorized use of software. Some efforts have been made to protect software modules using cryptographic techniques like digitally signed Java Applet which is verified by Java Virtual Machine (JVM) before execution.rnHowever today, software modules are not protected using strong encryption techniques and extended cryptographic functions, because existing execution environments do not support to process and execute protected software modules. Normally, such environment should act as a middleware platform between software modules and operating system. This paper describes protection of software modules which is based on strong encryption techniques, for example public key encryption and digital signature. These protected software modules are encapsulated in our designed XML file which describes a general syntax of protected software modules. In addition, our designed system also securely distributes software modules to authorized user. Secure software distribution system is based on well established standards and protocols like FIPS-196 based extended strong authentication protocol and SAML based authorization security policies. We also designed secure execution environment which is capable to execute signed and encrypted software modules, supports standard security services and network security protocols. These are: transparent handling of certificates, use of FIPS-201 compliant smart cards, single-sign-on protocol, strong authentication protocol, and secure asynchronous sessions.