使用面向方面编程的远程信任

20th International Conference on Advanced Information Networking and Applications - Volume 1 (AINA'06) Pub Date : 2006-04-18 DOI:10.1109/AINA.2006.286

P. Falcarin, R. Scandariato, M. Baldi

{"title":"使用面向方面编程的远程信任","authors":"P. Falcarin, R. Scandariato, M. Baldi","doi":"10.1109/AINA.2006.286","DOIUrl":null,"url":null,"abstract":"Given a client/server application, how can the server entrust the integrity of the remote client, albeit the latter is running on an un-trusted machine? To address this research problem, we propose a novel approach based on the client-side generation of an execution signature, which is remotely checked by the server, wherein signature generation is locked to the entrusted software by means of code integrity checking. Our approach exploits the features of dynamic aspect-oriented programming (AOP) to extend the power of code integrity checkers in several ways. This paper both presents our approach and describes a prototype implementation for a messaging application.","PeriodicalId":185969,"journal":{"name":"20th International Conference on Advanced Information Networking and Applications - Volume 1 (AINA'06)","volume":"24 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2006-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"11","resultStr":"{\"title\":\"Remote trust with aspect-oriented programming\",\"authors\":\"P. Falcarin, R. Scandariato, M. Baldi\",\"doi\":\"10.1109/AINA.2006.286\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Given a client/server application, how can the server entrust the integrity of the remote client, albeit the latter is running on an un-trusted machine? To address this research problem, we propose a novel approach based on the client-side generation of an execution signature, which is remotely checked by the server, wherein signature generation is locked to the entrusted software by means of code integrity checking. Our approach exploits the features of dynamic aspect-oriented programming (AOP) to extend the power of code integrity checkers in several ways. This paper both presents our approach and describes a prototype implementation for a messaging application.\",\"PeriodicalId\":185969,\"journal\":{\"name\":\"20th International Conference on Advanced Information Networking and Applications - Volume 1 (AINA'06)\",\"volume\":\"24 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2006-04-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"11\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"20th International Conference on Advanced Information Networking and Applications - Volume 1 (AINA'06)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/AINA.2006.286\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"20th International Conference on Advanced Information Networking and Applications - Volume 1 (AINA'06)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/AINA.2006.286","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 11

摘要

给定一个客户机/服务器应用程序，服务器如何信任远程客户机的完整性，尽管后者运行在不受信任的机器上?为了解决这一研究问题，我们提出了一种基于客户端生成执行签名的新方法，该方法由服务器远程检查，其中签名生成通过代码完整性检查锁定到委托软件。我们的方法利用了动态面向方面编程(AOP)的特性，以几种方式扩展了代码完整性检查器的功能。本文既介绍了我们的方法，又描述了一个消息传递应用程序的原型实现。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Remote trust with aspect-oriented programming

Given a client/server application, how can the server entrust the integrity of the remote client, albeit the latter is running on an un-trusted machine? To address this research problem, we propose a novel approach based on the client-side generation of an execution signature, which is remotely checked by the server, wherein signature generation is locked to the entrusted software by means of code integrity checking. Our approach exploits the features of dynamic aspect-oriented programming (AOP) to extend the power of code integrity checkers in several ways. This paper both presents our approach and describes a prototype implementation for a messaging application.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

20th International Conference on Advanced Information Networking and Applications - Volume 1 (AINA'06)

自引率

0.00%

发文量