But sometimes what looks like an insoluble problem is really just the shadow thats cast by a faulty assumption. For example, we take it for granted that if someone finds a vulnerability in one instance of a widely used piece of software, the corresponding attack can be used against other instances: A buffer overflow, for example, can be assumed to overwrite the same set of binary instructions on a target machine that it successfully corrupted on another test system that was running the same piece of code.
What if any given instance of a program might be one of almost uncountable variations, all produced by mathematically equivalent transformations of an instruction stream--no two of them alike? For that matter, what if I regularly regenerated the binary executables on any given system, each time with a randomly chosen transform, so that any attackers knowledge of flaws at even the level of machine code was only useful until the next time that I refreshed it?
I spoke last week with Alec Main, CTO at Cloakware Corp., about his companys efforts (some of which use technology licensed from Intel) to apply these ideas to critical applications. The obvious question, or so it seemed to me, is whether rearrangement of code unavoidably reduces performance: He agreed that this is a concern, but said that the companys tools give developers control over the balance between speed and security.
"Our product allows you to vary the overheads," Main explained. "If youre trying to protect server code, you might choose to have low code expansion of only a few percent: An application might be protected, in critical areas, by an expansion of two times. Compute-intensive loops, you might protect in a different way."
Theres only so much that we can do with perimeter security, as we try to put more self-contained capability and more communication into an ever-growing range of devices. Solving our problems at their centers, rather than protecting their ever-longer edges, seems like a sound idea: Application-level security, using Cloakwares and other approaches, is a strategy worth considering.
Discuss this in the eWEEK forum.
Tell me what you find obscure about securing components and applications.
Peter Coffee is Director of Platform Research at salesforce.com, where he serves as a liaison with the developer community to define the opportunity and clarify developers' technical requirements on the company's evolving Apex Platform. Peter previously spent 18 years with eWEEK (formerly PC Week), the national news magazine of enterprise technology practice, where he reviewed software development tools and methods and wrote regular columns on emerging technologies and professional community issues.Before he began writing full-time in 1989, Peter spent eleven years in technical and management positions at Exxon and The Aerospace Corporation, including management of the latter company's first desktop computing planning team and applied research in applications of artificial intelligence techniques. He holds an engineering degree from MIT and an MBA from Pepperdine University, he has held teaching appointments in computer science, business analytics and information systems management at Pepperdine, UCLA, and Chapman College.