Q. Le Viet

Bio: Q. Le Viet is an academic researcher from Queensland University of Technology. The author has contributed to research in topics: Message authentication code & Secure Shell. The author has an hindex of 1, co-authored 1 publications receiving 2 citations.

The CASS Shell

Abstract: The goal of the Computer Architecture for Secure Systems (CASS) project [1] is to develop an architecture and tools to ensure the security and integrity of software in distributed systems. CASS makes use of various cryptographic techniques at the operating system kernel level to authenticate software integrity. The CASS shell, the work described in this paper, is on the other hand a secure shell implemented on top of UNIX1 System V Release 4.2 (UNIX SVR4.2) to achieve the same purpose but in an operating system independent manner. The CASS shell carries out cryptographic authentication of executable files based on the MD5 Message-Digest algorithm [2] and presents a closed computing environment in which system utilities are safeguarded against unauthorised alteration and users are prevented from executing unsafe commands. In order to provide cryptographic authentication and other cryptographic functions such as public-key based signatures, in hardware, the work has also involved the incorporation of an encryption hardware sub-system into SVR4.2 operating on an Intel 80×86 hardware platform. The paper describes the structure and features of the CASS shell and the development and performance of both the hardware and software implementations of the cryptographic functions it uses.

Kernel and shell based applications integrity assurance

Abstract: The verification of the authenticity of software by an executing host has become a vital security issue in recent years with the original postulation and subsequent evolution of computer viruses. The CASS (Computer Architecture for Secure Systems) project addresses this issue by incorporating integrity checking at the operating system level. This paper describes three prototype implementations of the architecture, two of these at the kernel level targetting UNIX SVR4.2 and the Mach 3.0 microkernel, with the third-for reasons of generality-involving the implementation of a specialised shell which is then portable across UNIX-style platforms in general. The paper focusses on a description of the former, viz. the kernel-based implementations, and examines the design and implementation issues which had to be addressed in achieving kernel-based integrity checking of executables for the two platforms.

An architecture for software integrity assurance

Abstract: The work described in this paper refers to the CASS (Computer Architecture for Secure Systems) architecture previously reported by Mohay et al. (1993) which addresses the problem of software authenticity on two fronts. Three prototype implementations of that architecture have been developed, two of these at the kernel level targetting UNIX SVR4.2 and the Mach 3.0 Micro-Kernel, while the third-for reasons of generality-has involved the implementation of a specialised shell which is then portable across UNIX-style platforms in general. Before executing an applications program, these implementations verify the integrity of a program seal associated with the application. If verified, this provides assurance of program compliance with safety criteria previously checked and certified by our secure Modula-2 compiler and linker. The paper describes how our Modula-2 based development environment has been modified to provide the cryptographic seals required and exploited by the CASS kernels and the CASS Shell software to provide integrity assurance.