Hi
My company is working for another company (let call it C) that is going to
provide Linux boxes to its customers. As C is going to give them free or for a
small fee, C doesn't want the customers to use the boxes for another purpose
that the one specified by C.
C doesn't want the user to be able to:
- run another kernel than the one S provides
- run executables that have not been signed by authorized developpers or that
have been modified (signed executables)
- change or alter the dynamic libraries (signed .so files)
- have access to the binary of some executables (for avoiding reverse
engineering)
- save a file and give the disk to a friend (encrypted files, but I need to
be fast on read and write, here)
All that by using:
- a SmartCard
- a modified kernel
- a specialised hardware for encryption
- maybe a modified loader (lilo)
And that mustn't be just simple tricks, we must protect those boxes against
very skilled hackers.
Is there existing projects on those subjects? Is anybody already worked on it?
Thanks for your help.
---
-°) Patrick Valsecchi
/\\
_\_v
***************************************************************
Linux Smart Card Developers - M.U.S.C.L.E.
(Movement for the Use of Smart Cards in a Linux Environment)
http://www.linuxnet.com/smartcard/index.html
***************************************************************