상세정보
학술지
Efficient Scheme of Verifying Integrity of Application Binaries in Embedded Operating Systems
- 저자
- 김순석, 이덕규, 박종혁
- 발행일
- 201202
- 출처
- Journal of Supercomputing, v.59 no.2, pp.676-692
- ISSN
- 0920-8542
- 출판사
- Springer
- 협약과제
- 11GS1300, 비행자료 처리시스템 개발, 한종욱
- 초록
- Currently, embedded systems have been widely used for ubiquitous computing environments including digital setup boxes, mobile phones, and USN (Ubiquitous Sensor Networks). The significance of security has been growing as it must be necessarily embedded in all these systems. Up until now, many researchers have made efforts to verify the integrity of applied binaries downloaded in embedded systems. The research of problem solving is organized into hardware methods and software-like methods. In this research, the basic approach to solving problems from the software perspective was employed. From the software perspective, unlike in the existing papers (Seshadri et al., Proc. the IEEE symposium on security and privacy, 2004; Seshadri et al., Proc. the symposium on operating systems principals, 2005) based on the standardized model (TTAS.KO-11.0054. http://www.tta.or.kr 2006) publicized in Korea, there is no extra verifier and conduct for the verification function in the target system. Contrary to the previous schemes (Jung et al. http://ettrends.etri.re.kr/PDFData/23-1-001-011. pdf, 2008; Lee et al., LNCS, vol. 4808, pp. 346-355, 2007), verification results are stored in 1 validation check bit, instead of storing signature value for application binary files in the i-node structure for the purpose of reducing run-time execution overhead. Consequently, the proposed scheme is more efficient because it dramatically reduces overhead in storage space, and when it comes to computing, it performs one hash algorithm for initial execution and thereafter compares 1 validation check bit only, instead of signature and hash algorithms for every application binary. Furthermore, in cases where there are frequent changes in the i-node structure or file data depending on the scheme application, the scheme can provide far more effective verification performance compared to the previous schemes. © 2010 Springer Science+Business Media, LLC.
- KSP 제안 키워드
- Embedded operating system, Embedded system, Hash algorithm, Node structure, Run time, Storage space, Ubiquitous computing environment, mobile phone, problem solving, security and privacy, ubiquitous sensor network