When the software industry discusses about software integrity, the main focus is on the protection of static software modules (e.g., by verifying the signature of their originator). In contrast, dynamic software authentication in real-time during execution is a known problem without a satisfactory solution. Specifically, how to ensure that a trusted code base (i.e., the software as was specified and implemented) is running on an untrusted machine at all times and that the original code functionality has not been modified prior to or during run-time, is an open research challenge.
This project will investigate both all-in-software and hardware-assisted novel methodologies in order to solve the problem mentioned above by employing a trusted logic component on an untrusted machine that in turn authenticates its operation continuously during run-time. The method assures a remote entrusting component so that if the authentication is successful, then the original software functionality is properly executed on the untrusted machine.
By providing a more software-based, cost-effective infrastructure to trust the RE-TRUST project will have a major impact on the security R&D landscape and potentially a major long-term impact on business and commercial applications, like e-commerce and e-government.
The RE-TRUST project aims at a providing a successful solution to the central issues of digital right management (DRM), data privacy in Grid computing, and protection of networks and servers. The realization of the proposed objective poses major scientific and engineering challenges of an interdisciplinary nature:
- SW engineering,
- cryptography,
- security protocols,
- operating systems,
- network protocols and
- smart cards. Thus, a high quality academic and industrial consortium has been assembled, accordingly.