Defending systems against viruses through cryptographic authentication

The author describes the use of cryptographic authentication for controlling computer viruses. The objective is to protect against viruses infecting software distributions, updates, and programs stored or executed on a system. The authentication determines the source and integrity of an executable, relying on the source to produce virus-free software. The scheme relies on a trusted (and verifiable, where possible) device, the authenticator, used to authenticate and update programs and convert programs between the various formats. In addition, each user's machine uses a similar device to perform run-time checking.<<ETX>>

[1]  R. Jagannathan,et al.  A prototype real-time intrusion-detection expert system , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[2]  Maria M. Pozzo,et al.  A Model for the Containment of Computer Viruses , 1986 .

[3]  Virgil D. Gligor,et al.  On the Design and the Implementation of Secure Xenix Workstations , 1986, 1986 IEEE Symposium on Security and Privacy.

[4]  CHARLES S. KLINE,et al.  UCLA Secure Unix* , 1979, 1979 International Workshop on Managing Requirements Knowledge (MARK).

[5]  W. W. Peterson,et al.  Error-Correcting Codes. , 1962 .

[6]  Leonard M. Adleman,et al.  An Abstract Theory of Computer Viruses , 1988, CRYPTO.

[7]  G. I. Davida,et al.  UNIX Guardians: active user intervention in data protection , 1988, [Proceedings 1988] Fourth Aerospace Computer Security Applications.

[8]  Paul A. Karger,et al.  Limiting the Damage Potential of Discretionary Trojan Horses , 1987, 1987 IEEE Symposium on Security and Privacy.

[9]  Fred Cohen,et al.  Computer viruses—theory and experiments , 1990 .

[10]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[11]  Maria M. Pozzo,et al.  An approach to containing computer viruses , 1987, Comput. Secur..

[12]  George I. Davida,et al.  The Design of Secure CPU-Multiplexed Computer Systems: The Master/Slave Architecture , 1981, 1981 IEEE Symposium on Security and Privacy.

[13]  J. Boyar Inferring a Sequence Generated by a Linear Congruence , 1982, FOCS.

[14]  Fred Cohen A cryptographic checksum for integrity protection , 1987, Comput. Secur..

[15]  Algirdas Avizienis,et al.  A fault tolerance approach to computer viruses , 1988, Proceedings. 1988 IEEE Symposium on Security and Privacy.

[16]  Dorothy E. Denning,et al.  Cryptography and Data Security , 1982 .

[17]  Yvo Desmedt,et al.  Is There an ultimate Use of Cryptography? , 1986, CRYPTO.