Please use this identifier to cite or link to this item: https://doi.org/10.1109/SSIRI-C.2010.19
Title: The problem of usable binary authentication
Authors: Wu, Y. 
Yap, R.H.C. 
Issue Date: 2010
Source: Wu, Y.,Yap, R.H.C. (2010). The problem of usable binary authentication. SSIRI-C 2010 - 4th IEEE International Conference on Secure Software Integration and Reliability Improvement Companion : 34-35. ScholarBank@NUS Repository. https://doi.org/10.1109/SSIRI-C.2010.19
Abstract: Attacks by malware usually work by getting a binary to be executed. Sometimes users are unaware that such binaries are being executed. The end result is that attackers can either compromise a system or get it to fail. One defence against such attacks is to ensure integrity of files. A more comprehensive mechanism is binary authentication (code signing is also a form of binary authentication) which tries to ensure that any binaries loaded by the operating system and software applications are first authenticated, i.e. the content of the binary is known and is trusted. To have full protection using binary authentication, it makes sense to have a default deny policy where binaries which do not pass authentication are prevented from executing. However, if an operating system employs mandatory binary authentication for protection purposes, the end result may either be not user friendly or not very usable. In this paper, we discuss the issues and difficulties of making binary authentication usable on the Windows operating system. © 2010 IEEE.
Source Title: SSIRI-C 2010 - 4th IEEE International Conference on Secure Software Integration and Reliability Improvement Companion
URI: http://scholarbank.nus.edu.sg/handle/10635/43169
ISBN: 9780769540870
DOI: 10.1109/SSIRI-C.2010.19
Appears in Collections:Staff Publications

Show full item record
Files in This Item:
There are no files associated with this item.

Page view(s)

45
checked on Dec 16, 2017

Google ScholarTM

Check

Altmetric


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.