ABYSS: An Architecture for Software Protection

ABYSS (a basic Yorktown security system) is an architecture for protecting the execution of application software. It supports a uniform security service across the range of computing systems. The use of ABYSS in solving the software protection problem, especially in the lower end of the market, is discussed. Both current and planned software distribution channels are supportable by the architecture, and the system is nearly transparent to legitimate users. A novel use-once authorization mechanism, called a token, is introduced as a solution to the problem of providing authorizations without direct communication. Software vendors may use the system to obtain technical enforcement of virtually any terms and conditions of the sale of their software, including such things as rental software. Software may be transferred between systems, and backed up to guard against loss in case of failure. The problem of protecting software on these systems is discussed, and guidelines to its solution are offered. >

[1]  Morrie Gasser,et al.  Building a Secure Computer System , 1988 .

[2]  J. Voelcker,et al.  How disks are `padlocked' , 1986, IEEE Spectrum.

[3]  Oded Goldreich,et al.  Towards a Theory of Software Protection , 1986, CRYPTO.

[4]  Steve H. Weingart Physical Security for the μABYSS System , 1987, 1987 IEEE Symposium on Security and Privacy.

[5]  Steve R. White,et al.  ABYSS: ATrusted Architecture for Software Protection , 1987, 1987 IEEE Symposium on Security and Privacy.

[6]  Gustavus J. Simmons,et al.  How to (Selectively) Broadcast A Secret , 1985, 1985 IEEE Symposium on Security and Privacy.

[7]  Amir Herzberg,et al.  Public protection of software , 1985, TOCS.

[8]  Stephen T. Kent Protecting externally supplied software in small computers , 1980 .

[9]  Gustavus J. Simmons,et al.  A Software Protection Scheme , 1982, 1982 IEEE Symposium on Security and Privacy.

[10]  Gilles Brassard,et al.  Quantum Cryptography, or Unforgeable Subway Tokens , 1982, CRYPTO.

[11]  David Chaum,et al.  Design Concepts for Tamper Responding Systems , 1983, CRYPTO.

[12]  Stephen M. Matyas,et al.  Message Authentication with Manipulation Detection Code , 1983, 1983 IEEE Symposium on Security and Privacy.

[13]  Silvio Micali,et al.  The knowledge complexity of interactive proof-systems , 1985, STOC '85.