Abstract
In a shared, multiuser environment, protecting data from damage or misappropriation by unauthorized users is a major concern. The widespread use of active (executable) content such as Microsoft ActiveX controls and Javascripts has given rise to a dangerous, common practice: executing unknown, untrusted code. Security-minded users typically address this problem by executing only signed content that a familiar entity has verified. However, code signing does not protect against bugs already present in the signed code. Patched or new versions of the code can be issued, but the loader (which verifies and loads the executable content, and then transfers the execution control to the module) will still accept the old version, unless the newer version is installed over it. We propose a method that addresses the executable content management problem. Our method employs an executable content loader (which we call a strong loader) and a short-lived configuration management file to address the software aging problem. The loader is tightly integrated to the operating system. It downloads the configuration file from an integrity server; then it verifies and loads executable modules by applying the policy in this configuration file.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
