Skip to Main Content
Executable code not effectively inspected and authorized before its execution has been one of the key reasons for wild spread of malicious codes. This paper proposes a program file authorization model based on an integrity measurement and access control combined methodology. It measures integrity signature of each program file and verifies it with the its original value before its execution. By allowing only running of known and trusted programs, it is able to disable invokes of malicious programs. To protect from attacks which donpsilat modify a program file, an active code authorization scheme is proposed. It divides a program file into an ordered series of code blocks by the return and jump instructions, constructs the integrity signatures of all code blocks respectively at compiling time, then measures and verifies them at run-time. By disallowing unexpected code blocks from running, it is able to prevent invokes of malicious codes injected by attackers.