Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
COMPSAC
2009
IEEE
2009
IEEE
SN2K Attacks and Honest Services
—In this paper, we define and illustrate a new form of attack in the context of software services: the software-based need-to-know (SN2K) attack. SN2K attacks can be carried out by dishonest provider of a software service so that it can maliciously gain access to sensitive information, even if the service does not need to know such data in order to compute the functionalities offered by it. We prove that it is generally undecidable to detect whether a given implementation of a service is dishonest, i.e., it implements an SN2K attack. A certification scheme for honest services is also proposed; our scheme relies on program slicing and certain other aspects of static program analysis.
Real-time TrafficRelated Content
| Added | 20 May 2010 |
| Updated | 20 May 2010 |
| Type | Conference |
| Year | 2009 |
| Where | COMPSAC |
| Authors | Ashish Kundu |
Comments (0)
Researcher Info
|
