Kernel-mode Software Protection to Prevent Piracy, Reverse Engineering, and Tampering of End-Node Applications
Small Business Information
12530 Rock Ridge Road, Herndon, VA, 20170
AbstractWe propose to develop a secure niche from which to run integrity management or other OS and application monitoring software on COTS PCs running popular COTS operating systems. The security of the proposed environment will have no dependency on the correct operation of the host operating system. The security model will assume that the operating system and its kernel have been compromised. The design of the secure niche will be capable of being formally modeled, proved, and evaluated under the Common Criteria at a high assurance level. Our approach is to use the Security Management Mode (SMM) that is part of every Pentium processor as the core of the mechanism, using it to implement a new security ring (call it Ring -1) below the Ring 0 kernel. Various payloads can then be run in this niche, such as integrity monitors and virus checkers, to protect the OS and user applications and data from corruption. The secure niche protects the payload so the payload can protect the system.
* information listed above is at the time of submission.