Share Email Print

Proceedings Paper

Transporting mobile code with internal authentication and tamper detection
Author(s): Lisa M. Marvel; Edmund H. Baur; George W. Hartwig
Format Member Price Non-Member Price
PDF $14.40 $18.00

Paper Abstract

Mobile code opens a world of possibilities for Battlespace digitization. However, due to security issues associated with transporting code over such networks, mobile code in the battlefield may present serious risks. Attackers may attempt to thwart the end-user's mission by manipulating or destroying code prior to its final destination. To combat such acts, we propose an authentication method that can reside on any Internet server/client without the typical constraints that exist for firewalls and certificates. Our method consists of the construction of a digital signature at the server based on the characteristics of the mobile code itself. This signature, or mark, is then embedded within the code in a hidden manner using steganographic methods. Upon receipt of the mobile code, the client can use the key to extract the embedded mark and regenerate a mark from the received code. The two marks are compared to verify the integrity of the code and the authenticity of the sender. This technique is implemented for HTML code and the effectiveness of tamper detection is demonstrated. Mobile code authentication techniques, such as this, can provide the security necessary to permit the exploitation of this powerful computing medium on the networked battlefield.

Paper Details

Date Published: 29 August 2001
PDF: 8 pages
Proc. SPIE 4396, Battlespace Digitization and Network-Centric Warfare, (29 August 2001); doi: 10.1117/12.438307
Show Author Affiliations
Lisa M. Marvel, Army Research Lab. (United States)
Edmund H. Baur, Army Research Lab. (United States)
George W. Hartwig, Army Research Lab. (United States)

Published in SPIE Proceedings Vol. 4396:
Battlespace Digitization and Network-Centric Warfare
Raja Suresh, Editor(s)

© SPIE. Terms of Use
Back to Top