This Article 
 Bibliographic References 
 Add to: 
ABYSS: An Architecture for Software Protection
June 1990 (vol. 16 no. 6)
pp. 619-629

ABYSS (a basic Yorktown security system) is an architecture for protecting the execution of application software. It supports a uniform security service across the range of computing systems. The use of ABYSS in solving the software protection problem, especially in the lower end of the market, is discussed. Both current and planned software distribution channels are supportable by the architecture, and the system is nearly transparent to legitimate users. A novel use-once authorization mechanism, called a token, is introduced as a solution to the problem of providing authorizations without direct communication. Software vendors may use the system to obtain technical enforcement of virtually any terms and conditions of the sale of their software, including such things as rental software. Software may be transferred between systems, and backed up to guard against loss in case of failure. The problem of protecting software on these systems is discussed, and guidelines to its solution are offered.

[1] J. Voelker and P. Wallich, "How disks are 'padlocked',"IEEE Spectrum, p. 32, June 1986.
[2] S. T. Kent, "Protecting externally supplied software in small computers," Ph.D. dissertation, Lab. Comput. Sci., Massachusetts Inst. Technol., Cambridge, MA, Sept. 1980.
[3] R. M. Best, "Microprocessor for executing enciphered programs," U.S. Patent No. 4 168 396, issued Sept. 18, 1979.
[4] R. M. Best, "Preventing software piracy with crypto-microprocessors," inProc. IEEE Spring COMPCON 80, San Francisco, CA, Feb. 25-28, 1980, p. 466.
[5] R. M. Best, "Crypto microprocessor for executing enciphered programs," U.S. Patent No. 4 278 837, issued July 14, 1981.
[6] R. M. Best, "Cryptographic decoder for computer programs," U.S. Patent No. 4 433 207, issued Feb. 21, 1984.
[7] R. M. Best, "Crypto microprocessor that executes enciphered programs," U.S. Patent No. 4 465 901, issued Aug. 14, 1984.
[8] O. Goldreich, "Towards a theory of software protection," inProc. Crypto '86, Santa Barbara, CA, 1986, p. 35-1.
[9] G. B. Purdy, G. J. Simmons, and J. A. Studier, "A software protection scheme," inProc. 1982 Symp. Security and Privacy, Oakland, CA, Apr. 26-28, 1982, p. 99.
[10] A. Herzberg, and G. Karmi, "On software protection," inProc. Fourth JCIT, Apr. 1984, p. 388.
[11] M. G. Arnold and Mark D. Winkel, "Computer systems to inhibit unauthorized copying, unauthorized usage, and automated cracking of protected software," U.S. Patent No. 4 558 176, issued Dec. 10, 1985.
[12] D. Everett, "Padlock,"Comput. Bull., ser. 3, no. 1, pt. 1, p. 16, Mar. 1985.
[13] G. J. Simmons, "How to (selectively) broadcast a secret," inProc. 1985 Symp. Security and Privacy, Oakland, CA, Apr. 22-24, 1985, p. 108.
[14] A. Herzberg and S. S. Pinter, "Public protection of software," inAdvances in Cryptology: Proc. Crypto 85, H. C. Williams, Ed., 1986, p. 158.
[15] R. Mori and S. Tashiro, "The concept of a software services system (SSS),"Trans. Inst. Electron. Inf. Commun. Eng. D (Japan), vol. J70D, no. 1, p. 79, Jan. 1987.
[16] S. R. White and L. Comerford, "ABYSS: A trusted architecture for software protection," inProc. 1987 Symp. Security and Privacy, Oakland, CA, Apr. 27-29, 1987, p. 38.
[17] V. J. Cina, Jr., S. R. White, and L. Comerford, "ABYSS: A basic Yorktown security system: PC software asset protection concepts," IBM Res. Rep. RC 12401, Dec. 18, 1986.
[18] S. H. Weingart, "Physical security for theµABYSS system," inProc. 1987 Symp. Security and Privacy, Oakland, CA, Apr. 27-29, 1987, p. 52.
[19] D. Chaum, "Design concepts for tamper responding systems," inAdvances in Cryptology: Proc. Crypto 83. D. Chaum, Ed. New York: Plenum, 1984, pp. 387.
[20] W. L. Price, "Physical security of transaction devices," Nat. Physical Lab., NPL Tech. Memo DITC 4/86, Jan. 1986.
[21] D.E. Denning,Cryptography and Data Security, Addison-Wesley Publishing Co., Reading, Mass., 1982.
[22] C. H. Bennet, G. Brassard, S. Breidbart, and S. Wiesner, "Quantum cryptography, or unforgeable subway tokens," inAdvances in Cryptology, Proc. Crypto 82, Chaum, Rivest, and Sherman, Eds. New York: Plenum, 1983, p. 267.
[23] S. Goldwasser, S. Micali, and C. Rackoff, "The knowledge complextty of interactive proof systems," inProc. 17th ACM Symp. Theory of Computing, 1985, p. 291.
[24] B. Strohm, L. Comerford, and S. R. White, "ABYSS tokens," IBM Res. Rep. RC 12402, Dec. 18, 1986.
[25] M. Gasser,Building a Secure Computer System. New York: Van Nostrand Reinhold, 1988.
[26] R. R. Jeuneman, S. M. Matyas, and C. H. Meyers, "Message authentication with manipulation detection codes," inProc. 1983 Symp. Security and Privacy, p. 33.
[27] P. Purdom and C. Brown,The Analysis of Algorithms. New York: Holt, Reinhart and Winston, 1985.

Index Terms:
software protection architecture; execution protection; software transfer; software back-up; loss guarding; ABYSS; a basic Yorktown security system; application software; uniform security service; computing systems; software distribution channels; use-once authorization; token; technical enforcement; rental software; security of data; software engineering.
S.R. White, L. Comerford, "ABYSS: An Architecture for Software Protection," IEEE Transactions on Software Engineering, vol. 16, no. 6, pp. 619-629, June 1990, doi:10.1109/32.55090
Usage of this product signifies your acceptance of the Terms of Use.