When the software industry discusses software integrity, the main focus is on the protection of static software modules (e.g., by verifying the signature of their originator). On the other hand, dynamic software authentication in real-time during execution is a known problem without a satisfactory solution. Specifically, how to ensure that trusted code base (i.e., the software as was specified and coded) is running on an untrusted machine at all times and that the original code functionality was not modified prior to or during execution, is an open research challenge. This issue of entrusting software components is crucial since software, computers and networks are invading all aspects of modern life.

The issue of executing software in a trusted computing (TC) environment has gained a great deal of attention recently, in particular, the TCG (Trusted Computing Group), Microsoft NGSCB (Next Generation Secure Computing Base) and TrustZone developed by ARM. These activities are somewhat complementary and orthogonal to the suggested project. This is due to a number of issues and constraints. First, they all are hardware- based, and consequently, will not be available on all existing machines. RE-TRUST research hypothesis is that a solution can be designed at any layer as a software component enhancing the layer itself in a cost- effective fashion; in contrast, TC is invasive, since it requires special hardware on the "motherboard". The proposed novel mechanism to trust software will be available as a general, platform-independent solution (i.e., it is non-monopolistic, thus more competitive). The solution adds another line of defense to complement the current hardware solutions; while Trusted Computing can help manage keys and verify the system integrity during startup, it offers little protection against an attacker that already has access to the machine.

The key research question RE-TRUST project addresses is: "How can the execution of a software component be continuously entrusted by a remote machine, albeit the software component is running inside an untrusted environment?" (This is called the "remote entrusting problem").

The solution to the above research problem should be able to employ external hardware, such as, smart cards, but again not as a mandatory component. Furthermore, this project investigates a novel methodology for solving this problem by employing a software-based trusted logic component on a remote untrusted machine that in turn authenticates its operation continuously during run-time. The method should assure the entrusting component that if the authentication is successful, then the original software functionality is being executed.

The long-term objective of the proposed approach is to entrust selected functionalities that are executed on untrusted machines and thereby ensure crucial trust/security properties.

Examples of possible applications are:

1. Protecting network resources and servers from users employing untrusted/unauthorized software and protocols - specifically in the critical applications, such as, e-commerce.
2. Ensuring data privacy in Grid computing as well as digital right management (DRM) adherence by assuring proper processing of untrusted (possibly misbehaving) machines.

There are two fundamental differences between remote entrusting and other related approaches. Those fundamental differences are clear manifestation of some of the advancements beyond the state-of-the-art proposed in the RE-TRUST project.

1. Core of trust location - the basic working assumption when dealing with trust is that "some system components can be trusted," called at times, "core of trust". In some current approaches, such as trusted computing (TC), the "core of trust" is located locally on the "mother board", while in RE-TRUST the "core of trust" is placed in a remote trusted entity across the network. In other words, RE-TRUST solves the trust problem by using the network under the assumption of continuous network connectivity, which is almost a reality today.
2. Entrusting/validation method - RE-TRUST proposed validation method is a significant departure from the-state-of the-art by introducing a novel protocol that provides software trust (or authentication) that is continuous during run-time - in other words, RE-TRUST introduces a proactive (avoidance) method. The main current approach to trust, e.g., TC (trusted computing) is off-line or reactive (after the fact); namely, it may be possible to detect trust violations after some damage has been done. The objective of RE-TRUST project is to avoid breach of SW trust damages all together.