Manualshelf

Datasheet

ManualsBrandsWiley ManualsSoftware978-0-470-62446-3
21222324252627282930
30 Part I Overview of Commerce
that even if the job is malicious, it remains confined to the isolated environment.
This type of isolation can be achieved through several mechanisms:
Application-level sandboxing:
This mechanism, also known as Proof
Carrying Code (PCC), enables the code provider to generate proofs of the
safeness of the code and embed it inside the compiled code.
Virtualization:
As noted in Chapter 1, virtualization is a technique to
allow the applications to run in isolated environments called Virtual
Machines (VM).
Flexible kernels:
These systems typically include kernels, which can be
extended in a flexible manner for better performance and isolation.
Sandboxing:
Perhaps the most popular of the isolation systems, these
systems typically enforce isolation through interrupting system calls and
loadable kernel modules.
Signed Application
Deploying a signed application is an effective way of establishing trust and
deploying a verification mechanism to detect whether a trusted application
is modified, which in turn could indicate malicious behavior. The process of
signing an application is straight-forward. At a high-level it is:
1. Bundling together files of a relationship, such as the application binary
and its associated configuration files
2. Obtaining a one-way hash of the bundle in Step 1 (fast operation)
3. Encrypting the one-way hash in Step 2 with the private key of the signer
(cloud infrastructure in our case) to attest to the content corresponding
to the digital envelope (includes other cryptographic artifacts)
4. Packaging the digital envelope created in Step 3 and the bundle in Step 1
The process of verification is also straight-forward.
1. Validate the integrity of the signature (assumes the availability of signer’s
public key) to prove the integrity of the one-way hash in the digital
envelope.
2. Obtain the same one-way hash used for signing from the bundle.
3. Compare the calculated one-way hash with the one carried within a digital
envelope.
It is important to note that a digital signature assumes the availability of
signers’ public keys (a sound assumption) and provides us with the verifiable-
assertion that the claimed entity has attested to the integrity of the content. The
latter property cannot be achieved if only a one-way hash is used.
624463c01.indd 30 3/29/11 2:26:36 AM