行動式程式碼系統中之軟體授權與保護

Abstract

Java語言的發展對於軟體的使用帶來了相當大的改變。在這個環境中 ，從遠端下載的程式碼讓使用者能立刻使用任何他們想要使用的軟體。在 網際網路上，要保護軟體的板權，必須要防止非法的盜用。許多技術如母 片保護、硬體鎖、及序號保護常被用來做為軟體保護的方法。這類的保護 通常將驗證的程序隱藏在軟體某處，因而很難有效的防止高手的破解。在 網路環境下，軟體一旦被破解之後，在網路上往往迅速的被流傳，對於軟 體製造商造成了相當大的傷害。 在這篇論文中，我們提出了一個在行 動式程式碼 (mobile code) 系統中提供軟體授權與保護的模型。在這個 模型中，一個軟體被分為許多的物件，我們稱其中每一個物件為 applet 。這些 applet 執行的權利被分散在不同的機器上，其中某部份的applet 必須經由一個或多個稱為可信任的運算代理伺服器 (trusted computational proxy) 來執行。一個軟體的執行則由這些分散在不同地 方的 applet合作完成。如果兩個 applet 之間有訊息的傳遞，我們稱這 兩個 applet 為相關。為了減少當這些代理伺服器遭受入侵者攻擊時所造 成的傷害，我們將有相關 applet的執行權利分散到不同的地方。因此， 當一個代理伺服器被入侵時，入侵者只能從中穫取少量的資訊。在這個環 境下，我們也對於這些 applet 的安排提出了一個最佳化的方法，使得在 安全的限制下，這些代理伺服器的運算負擔及這些代理伺服器與使用者間 的網路負擔能被減到最輕。 The development of Java language created a new environment for software usage. In this environment, dynamically downloaded codes allow users to execute any program they are interested in. To protect the copyright of softwares on the Internet, software piracy must be prevented. Many approaches have been proposed to prevent software piracy, such as key disks, parallel-port locks, and custom serial-number validations. These schemes with authentication process embedded in the software cannot effectively protect the security attacks by a smart cracker. Once the software is cracked, it will be then distributed widely on the network. In this thesis, a model for software authorization and protection in mobile code systems is proposed. In the model, a software is partitioned into objects, called applets, and the privileges to access to these applets are separated and distributed to a number of trusted principles called trusted computational proxies. The execution of a software are conducted by cooperation of the applets and the proxies that contain them. Two applets are dependent if there are messages passed between them. To reduce the risk of proxies being attacked, dependent applets are distributed to different proxies. In the case that a proxy is compromised, little information can be acquired by the intruder. An optimal assignment of applets to proxies is also proposed to minimize, under the security constraint, the computation load of the proxies and the communication load between proxies and users.