Advisor(s)

Agnes Hui Chan

Contributor(s)

Guevara Noubir, Rajmohan Rajaraman, Ravi Sundaram, Lily Chen

Date of Award

2008

Date Accepted

4-2008

Degree Grantor

Northeastern University

Degree Level

Ph.D.

Degree Name

Doctor of Philosophy

Department or Academic Unit

College of Computer and Information Science.

Keywords

Computer science, Software update, Incremental Hashing, Authentication Ticket

Subject Categories

Software maintenance, Computer software--Validation

Disciplines

Computer Sciences

Abstract

Software update is the process of updating software running on computing devices. It allows computing devices to download and to install software packages and patches in real time. This is an important feature for managing the computing devices in a distributed network, as it saves the trouble of having to either recall the devices back to the manufacturers or send field engineers to remote locations to maintain the devices. Without authentication, software update can be exploited to distribute trojan horses, viruses, or other malicious programs. Previous approaches to software update either use no authentication at all, or use conventional digital signatures that are inefficient for authenticating partial updates such as patches. In our research, we solve two problems, 1) how to distribute software updates to devices so that the devices can efficiently authenticate the data that is received, and 2) how to restrict devices to run only the authenticated software that is authorized for the devices. We design and develop a client-server software update system, which uses an on-the-fly signature generation scheme to provide data authentication to a dynamic bundle of various software packages. With our scheme, each bundle is authenticated by a single digital signature. Compared with conventional software update systems where each software package within a bundle has to be individually signed, our scheme reduces the computation for the server to generate the signature and for the client to verify it. For client devices which has an embedded trusted computing module (TCM), by using a single signature for a bundle instead of one signature per software package inside the bundle, our data authentication scheme can prevent the bundle from being modified by adding or removing signed software packages. Using one signature for a bundle, with conventional fingerprint algorithms this means any change to the bundle will incur the whole bundle to go through the underlying hashing process of the fingerprint algorithm. We devised two incremental fingerprint algorithms. When the bundle is partially updated, by using our incremental fingerprint algorithms, the fingerprint of the bundle can be quickly updated by incorporating to the fingerprint of the original bundle with the fingerprints of those packages that are actually changed. Experiments show that our fingerprint update cost is proportional to the size of the data that is modified.

Document Type

Dissertation

Rights Information

Copyright 2008

Rights Holder

Ye Ruopeng


View Full Text

Click button above to open, or right-click to save.

Share

COinS