The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.06 - November/December (2007 vol.5)
pp: 32-40
Paolo Salvaneschi , University of Bergamo
Francesco Balducci , Turin Polytechnic
Ugo Piazzalunga , Eutronsec Infosecurity
Cristiano Moroncelli , Turin Polytechnic
ABSTRACT
Many people consider dongles to be among the strongest forms of copy protection, but how much security do they actually offer? The model presented here aims to monetize the security strength of dongle-protected software by forecasting the amount of time a hypothetical attacker would take to break it.
INDEX TERMS
hacking, phreaking, hardware, software, security
CITATION
Paolo Salvaneschi, Francesco Balducci, Ugo Piazzalunga, Cristiano Moroncelli, "Security Strength Measurement for Dongle-Protected Software", IEEE Security & Privacy, vol.5, no. 6, pp. 32-40, November/December 2007, doi:10.1109/MSP.2007.176
REFERENCES
1. C.S. Collberg and C. Thomborson, "Watermarking, Tamper-Proofing, and Obfuscation-Tools for Software Protection," IEEE Trans. Software Eng., vol. 28, no. 8, 2002, pp. 735–746.
2. Worldwide Hardware Authentication Token 2004–2008 Forecast and 2003 Vendor Shares, IDC document #31432, IDC, June 2004.
3. J. Viega and G. McGraw, Building Secure Software, Addison-Wesley, 2001.
4. P. Cerven, Crackproof Your Software, No Starch Press, 2002.
5. S.E. Schechter, "Toward Econometric Models of the Security Risk from Remote Attack," IEEE Security &Privacy, vol. 3, no. 1, 2005, pp. 40–44.
6. F. Balducci, P. Jacomuzzi, and C. Moroncelli, Security Measure of Protected Software: A Methodology and an Application to Dongles, MS thesis (in Italian), Dept. of Electronics, Turin Polytechnic, 2005.
7. R. Anderson, Security Engineering, Wiley, 2001.
8. S. Ring and E. Cole, "Taking a Lesson from Stealthy Rootkits," IEEE Security &Privacy, vol. 2, no. 4, 2004, pp. 38–45.
9. M. Howard and D. LeBlanc, Writing Secure Code, Microsoft Press, 2003.
10. G. Hoglund and G. McGraw, Exploiting Software, Addison-Wesley, 2004.
11. S. Chow et al., "A White-Box DES Implementation for DRM Applications," ACM CCS-9 DRM Workshop, 2002
12. B. Schneier, "Attack Trees: Modeling Security Threats," Dr. Dobb's J., vol. 24, no. 12, 1999, pp. 21–29.
13. M. Andrews and J.A. Whittaker, How to Break Web Software, Addison-Wesley, 2006.
14. Open Web Application Security Project Foundation, "A Guide to Building Secure Web Applications and Web Services, 2.1" (DRAFT 3), Feb. 2006; www.owasp.org/index.phpCategory:OWASP_Guide_Project .
6 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool