By Topic

An Executable Code Authorization Model for Secure Operating System

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Chen Zemao ; Dept. of Inf. Security, Naval Univ. of Eng., Wuhan ; Wu Xiaoping ; Tang Weimin

Executable code not effectively inspected and authorized before its execution has been one of the key reasons for wild spread of malicious codes. This paper proposes a program file authorization model based on an integrity measurement and access control combined methodology. It measures integrity signature of each program file and verifies it with the its original value before its execution. By allowing only running of known and trusted programs, it is able to disable invokes of malicious programs. To protect from attacks which donpsilat modify a program file, an active code authorization scheme is proposed. It divides a program file into an ordered series of code blocks by the return and jump instructions, constructs the integrity signatures of all code blocks respectively at compiling time, then measures and verifies them at run-time. By disallowing unexpected code blocks from running, it is able to prevent invokes of malicious codes injected by attackers.

Published in:

Electronic Commerce and Security, 2008 International Symposium on

Date of Conference:

3-5 Aug. 2008