KIT | KIT-Bibliothek | Impressum | Datenschutz

Access Control for Binary Integrity Protection using Ethereum

Stengele, Oliver; Baumeister, Andreas; Birnstill, Pascal; Hartenstein, Hannes

Abstract (englisch):
The integrity of executable binaries is essential to the security of any device that runs them. At best, a manipulated binary can leave the system in question open to attack, and at worst, it can compromise the entire system by itself. In recent years, supply-chain attacks have demonstrated that binaries can even be compromised unbeknownst to their creators. This, in turn, leads to the dissemination of supposedly valid binaries that need to be revoked later.

In this paper, we present and evaluate a concept for publishing and revoking integrity protecting information for binaries, based on the Ethereum Blockchain and its underlying peer-to-peer network. Smart Contracts are used to enforce access control over the publication and revocation of integrity preserving information, whereas the peer-to-peer network serves as a fast, global communication service to keep user clients informed. The Ethereum Blockchain serves as a tamper-evident, publicly-verifiable log of published and revoked binaries. Our implementation incurs costs comparable to registration fees for centralised software distribution platforms but allows publication and revocation of individual binaries within minutes. ... mehr

Open Access Logo


Postprint §
DOI: 10.5445/IR/1000095972
Veröffentlicht am 17.07.2019
Coverbild
Zugehörige Institution(en) am KIT Institut für Telematik (TM)
Kompetenzzentrum für angewandte Sicherheitstechnologie (KASTEL)
Publikationstyp Proceedingsbeitrag
Jahr 2019
Sprache Englisch
Identifikator ISBN: 978-1-4503-6753-0
KITopen-ID: 1000095972
Erschienen in Proceedings of the 24th ACM Symposium on Access Control Models and Technologies (SACMAT '19), Toronto, CDN, June 4-6, 2019
Veranstaltung 24th ACM Symposium on Access Control Models and Technologies (SACMAT 2019), Toronto, Kanada, 04.06.2019 – 06.06.2019
Verlag ACM Press, New York, NY
Seiten 3-12
Projektinformation KASTEL_ISE (BMBF, 16KIS0754)
Schlagworte Blockchain, binary integrity protection, revocation
Nachgewiesen in Scopus
KIT – Die Forschungsuniversität in der Helmholtz-Gemeinschaft
KITopen Landing Page