1-1hit |
Dimitrios N. SERPANOS Richard J. LIPTON
Digital rights management in client-server environments requires the establishment of client integrity, in order to protect sensitive (secret) information from loss or misuse. Clients are vulnerable to powerful man-in-the-middle attacks through malicious software (viruses, etc.), which is undetectable by conventional anti-virus technology. We present such powerful viruses and demonstrate their ability to compromise clients. Furthermore, we introduce a defense against all viruses, which is based on simple hardware devices that execute specialized protocols to establish client integrity and protect against sensitive data loss.