research-article

ABYSS: An Architecture for Software Protection

Authors:

Steve R. White,

Liam ComerfordAuthors Info & Claims

IEEE Transactions on Software Engineering, Volume 16, Issue 6

Pages 619 - 629

https://doi.org/10.1109/32.55090

Published: 01 June 1990 Publication History

Publisher Site

Abstract

ABYSS (a basic Yorktown security system) is an architecture for protecting the execution of application software. It supports a uniform security service across the range of computing systems. The use of ABYSS in solving the software protection problem, especially in the lower end of the market, is discussed. Both current and planned software distribution channels are supportable by the architecture, and the system is nearly transparent to legitimate users. A novel use-once authorization mechanism, called a token, is introduced as a solution to the problem of providing authorizations without direct communication. Software vendors may use the system to obtain technical enforcement of virtually any terms and conditions of the sale of their software, including such things as rental software. Software may be transferred between systems, and backed up to guard against loss in case of failure. The problem of protecting software on these systems is discussed, and guidelines to its solution are offered.

References

[1]

{1} J. Voelker and P. Wallich, "How disks are 'padlocked'," IEEE Spectrum, p. 32, June 1986.

Crossref

Google Scholar

[2]

{2} S. T. Kent, "Protecting externally supplied software in small computers," Ph.D. dissertation, Lab. Comput. Sci., Massachusetts Inst. Technol., Cambridge, MA, Sept. 1980.

Google Scholar

[3]

{3} R. M. Best, "Microprocessor for executing enciphered programs," U.S. Patent No. 4 168 396, issued Sept. 18, 1979.

Google Scholar

[4]

{4} R. M. Best, "Preventing software piracy with crypto-microprocessors," in Proc. IEEE Spring COMPCON 80, San Francisco, CA, Feb. 25-28, 1980, p. 466.

Google Scholar

[5]

{5} R. M. Best, "Crypto microprocessor for executing enciphered programs," U.S. Patent No. 4 278 837, issued July 14, 1981.

Google Scholar

[6]

{6} R. M. Best, "Cryptographic decoder for computer programs," U.S. Patent No. 4 433 207, issued Feb. 21, 1984.

Google Scholar

[7]

{7} R. M. Best, "Crypto microprocessor that executes enciphered programs," U.S. Patent No. 4 465 901, issued Aug. 14, 1984.

Google Scholar

[8]

{8} O. Goldreich, "Towards a theory of software protection," in Proc. Crypto '86, Santa Barbara, CA, 1986, p. 35-1.

Digital Library

Google Scholar

[9]

{9} G. B. Purdy, G. J. Simmons, and J. A. Studier, "A software protection scheme," in Proc. 1982 Symp. Security and Privacy, Oakland, CA, Apr. 26-28, 1982, p. 99.

Google Scholar

[10]

{10} A. Herzberg, and G. Karmi, "On software protection," in Proc. Fourth JCIT, Apr. 1984, p. 388.

Google Scholar

[11]

{11} M. G. Arnold and Mark D. Winkel, "Computer systems to inhibit unauthorized copying, unauthorized usage, and automated cracking of protected software," U.S. Patent No. 4 558 176, issued Dec. 10, 1985.

Google Scholar

[12]

{12} D. Everett, "Padlock," Comput. Bull., ser. 3, no. 1, pt. 1, p. 16, Mar. 1985.

Google Scholar

[13]

{13} G. J. Simmons, "How to (selectively) broadcast a secret," in Proc. 1985 Symp. Security and Privacy, Oakland, CA, Apr. 22-24, 1985, p. 108.

Crossref

Google Scholar

[14]

{14} A. Herzberg and S. S. Pinter, "Public protection of software," in Advances in Cryptology: Proc. Crypto 85, H. C. Williams, Ed., 1986, p. 158.

Digital Library

Google Scholar

[15]

{15} R. Mori and S. Tashiro, "The concept of a software services system (SSS)," Trans. Inst. Electron. Inf. Commun. Eng. D (Japan), vol. J70D, no. 1, p. 79, Jan. 1987.

Google Scholar

[16]

{16} S. R. White and L. Comerford, "ABYSS: A trusted architecture for software protection," in Proc. 1987 Symp. Security and Privacy, Oakland, CA, Apr. 27-29, 1987, p. 38.

Google Scholar

[17]

{17} V. J. Cina, Jr., S. R. White, and L. Comerford, "ABYSS: A basic Yorktown security system: PC software asset protection concepts," IBM Res. Rep. RC 12401, Dec. 18, 1986.

Google Scholar

[18]

{18} S. H. Weingart, "Physical security for the µABYSS system," in Proc. 1987 Symp. Security and Privacy, Oakland, CA, Apr. 27-29, 1987, p. 52.

Google Scholar

[19]

{19} D. Chaum, "Design concepts for tamper responding systems," in Advances in Cryptology: Proc. Crypto 83. D. Chaum, Ed. New York: Plenum, 1984, pp. 387.

Google Scholar

[20]

{20} W. L. Price, "Physical security of transaction devices," Nat. Physical Lab., NPL Tech. Memo DITC 4/86, Jan. 1986.

Google Scholar

[21]

{21} D. E. R. Denning, Cryptography and Data Security. Reading, MA: Addison-Wesley, 1983, p. 192.

Digital Library

Google Scholar

[22]

{22} C. H. Bennet, G. Brassard, S. Breidbart, and S. Wiesner, "Quantum cryptography, or unforgeable subway tokens," in Advances in Cryptology, Proc. Crypto 82, Chaum, Rivest, and Sherman, Eds. New York: Plenum, 1983, p. 267.

Google Scholar

[23]

{23} S. Goldwasser, S. Micali, and C. Rackoff, "The knowledge complextty of interactive proof systems," in Proc. 17th ACM Symp. Theory of Computing, 1985, p. 291.

Digital Library

Google Scholar

[24]

{24} B. Strohm, L. Comerford, and S. R. White, "ABYSS tokens," IBM Res. Rep. RC 12402, Dec. 18, 1986.

Google Scholar

[25]

{25} M. Gasser, Building A Secure Computer System. New York: Van Nostrand Reinhold, 1988.

Digital Library

Google Scholar

[26]

{26} R. R. Jeuneman, S. M. Matyas, and C. H. Meyers, "Message authentication with manipulation detection codes," in Proc. 1983 Symp. Security and Privacy, p. 33.

Digital Library

Google Scholar

[27]

{27} P. W. Purdom, Jr. and C. A. Brown, The Analysis of Algorithms . New York: Holt, Rinehart and Winston, 1985.

Digital Library

Google Scholar

Cited By

View all

Sivanandam SSelvi Selvaraj SSrinivasan AChandrasekaran P(2016)Stronger public key encryption system withstanding RAM scraper like attacksSecurity and Communication Networks10.1002/sec.14549:12(1650-1662)Online publication date: 1-Aug-2016
https://dl.acm.org/doi/10.1002/sec.1454
Nimgaonkar SGomathisankaran MMohanty S(2013)MEM-DnP--A Novel Energy Efficient Approach for Memory Integrity Detection and Protection in Embedded SystemsCircuits, Systems, and Signal Processing10.1007/s00034-013-9621-432:6(2581-2604)Online publication date: 1-Dec-2013
https://dl.acm.org/doi/10.1007/s00034-013-9621-4
Geneiatakis DPortokalidis GKemerlis VKeromytis AYu TDanezis GGligor V(2012)Adaptive defenses for commodity software through virtual application partitioningProceedings of the 2012 ACM conference on Computer and communications security10.1145/2382196.2382214(133-144)Online publication date: 16-Oct-2012
https://dl.acm.org/doi/10.1145/2382196.2382214
Show More Cited By

Index Terms

ABYSS: An Architecture for Software Protection
1. Security and privacy

Recommendations

Modeling software maintenance requests: a case study
ICSM '97: Proceedings of the International Conference on Software Maintenance

Software maintenance costs often total twice the original development cost in the lifetime of application software. Modeling the changes of software maintenance activities might improve software maintenance planning. Current studies model software ...
A structured approach to program optimization

Software engineering should provide software engineers with methodologies and tools suitable for use in that small number of applications where efficiency is really important. In order to do that, the optimization process should be a clearly visible ...
An Exploratory Study of Software Evolution and Quality: Before, during and after a Transfer
ICGSE '12: Proceedings of the 2012 IEEE Seventh International Conference on Global Software Engineering

In the light of globalization it is not uncommon that different teams from different locations get involved in the development of a software product during its evolution. However, empirical evidence that demonstrates the effect of changing team members ...

Reviews

Reviewer: Stanley A. Kurzban

Because microcomputers' usefulness depends on the programs written for them and programmers' motivation depends on protection of their proprietary interests, software protection is very important. Legal protection such as copyright may suffice for some media, but sad experience has shown that it may afford inadequate protection for microcomputer software. Many physical schemes for protecting such software have been devised but, as the authors make clear, none of them is secure in the presence of normally available means for reproducing the contents of media on which programs are distributed. The authors' solution involves a second processor. In A Basic Yorktown Security System (ABYSS), a microcomputer contains a protected processor in which critical segments of each protected program run in a way that cannot be observed from outside. There is much more to the architecture, involving cryptographic protocols that permit backup, relocation, and restrictions on the use of software, but the protected processor is the heart of the scheme. The paper is well written and covers all technical aspects of the subject thoroughly, aptly, and understandably. Whether the authors' invention is worth implementing depends on the circumstances. The decision is not a simple matter of pricing a processor, but also involves details of the processor such as what its architecture should be and how it should be attached and packaged; the programming needed for supervisory functions; and the cost of designing and developing protected segments of programs.

Access critical reviews of Computing literature here

Become a reviewer for Computing Reviews.

Comments

Information & Contributors

Information

Published In

cover image IEEE Transactions on Software Engineering

IEEE Transactions on Software Engineering Volume 16, Issue 6

June 1990

113 pages

ISSN:0098-5589

Editor:
Victor R. Basili
Univ. of Maryland, College Park

Issue’s Table of Contents

Publisher

IEEE Press

Publication History

Published: 01 June 1990

Author Tags

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

10
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 13 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Sivanandam SSelvi Selvaraj SSrinivasan AChandrasekaran P(2016)Stronger public key encryption system withstanding RAM scraper like attacksSecurity and Communication Networks10.1002/sec.14549:12(1650-1662)Online publication date: 1-Aug-2016
https://dl.acm.org/doi/10.1002/sec.1454
Nimgaonkar SGomathisankaran MMohanty S(2013)MEM-DnP--A Novel Energy Efficient Approach for Memory Integrity Detection and Protection in Embedded SystemsCircuits, Systems, and Signal Processing10.1007/s00034-013-9621-432:6(2581-2604)Online publication date: 1-Dec-2013
https://dl.acm.org/doi/10.1007/s00034-013-9621-4
Geneiatakis DPortokalidis GKemerlis VKeromytis AYu TDanezis GGligor V(2012)Adaptive defenses for commodity software through virtual application partitioningProceedings of the 2012 ACM conference on Computer and communications security10.1145/2382196.2382214(133-144)Online publication date: 16-Oct-2012
https://dl.acm.org/doi/10.1145/2382196.2382214
Chakraborty RNarasimhan SBhunia S(2011)Embedded software security through key-based control flow obfuscationProceedings of the First international conference on Security aspects in information technology10.5555/2062981.2062988(30-44)Online publication date: 19-Oct-2011
https://dl.acm.org/doi/10.5555/2062981.2062988
Maña AMuñoz A(2007)Trusted code execution in JavaCardProceedings of the 4th international conference on Trust, Privacy and Security in Digital Business10.5555/2392055.2392092(269-279)Online publication date: 4-Sep-2007
https://dl.acm.org/doi/10.5555/2392055.2392092
Gomathisankaran MTyagi A(2006)Architecture Support for 3D ObfuscationIEEE Transactions on Computers10.1109/TC.2006.6855:5(497-507)Online publication date: 1-May-2006
https://dl.acm.org/doi/10.1109/TC.2006.68
Gomathisankaran MTyagi A(2005)Arc3DProceedings of the First international conference on High Performance Embedded Architectures and Compilers10.1007/11587514_13(184-199)Online publication date: 17-Nov-2005
https://dl.acm.org/doi/10.1007/11587514_13
Maña ALopez JOrtega JPimentel ETroya J(2004)A framework for secure execution of softwareInternational Journal of Information Security10.5555/2995523.29955873:2(99-112)Online publication date: 1-Nov-2004
https://dl.acm.org/doi/10.5555/2995523.2995587
Eschenauer LGligor VJajodia SSandhu R(2002)A key-management scheme for distributed sensor networksProceedings of the 9th ACM conference on Computer and communications security10.1145/586110.586117(41-47)Online publication date: 18-Nov-2002
https://dl.acm.org/doi/10.1145/586110.586117
Chang HAtallah M(2001)Protecting Software Code by GuardsRevised Papers from the ACM CCS-8 Workshop on Security and Privacy in Digital Rights Management10.5555/647777.734775(160-175)Online publication date: 5-Nov-2001
https://dl.acm.org/doi/10.5555/647777.734775

Abstract

References

Cited By

Index Terms

Recommendations

Modeling software maintenance requests: a case study

A structured approach to program optimization

An Exploratory Study of Software Evolution and Quality: Before, during and after a Transfer

Reviews

Access critical reviews of Computing literature here

Comments

Information

Published In

Publisher

Publication History

Author Tags

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Figures

Other

Share

Share this Publication link

Share on social media

Affiliations