Digital signatures have been proposed by several researchers as a way of preventing execution of malicious code. In this paper, we propose a general architecture for performing the signature verification as part of the kernel execution process. The proposed architecture does not require any change in the interpreters used to execute code and it can accommodate any executable format. We also report on our implementation for the Linux operating system that focuses on ELF and script executables. Experimental results show that our solution is of potential interest as virtually no slowdown is experienced in the execution.
File in questo prodotto:
Non ci sono file associati a questo prodotto.