P. Falcarin, R. Scandariato, M. Baldi, and Y. Ofek, "Integrity Checking in Remote Computation," AICA 2005, Udine, Italy, October 2005.
How can a client-side application be entrusted albeit running inside an
un-trusted environment? Within an un-trusted environment a possibly
malicious user has complete access to system resources and tools in
order to tamper with the application code. under those assumptions, the
server-side application needs a way to continuously ascertain that the
client code has not been altered prior to and during execution, i.e.,
the server is required to continuously entrust the client. to address
this problem, we propose a novel approach based on the client side
generation of an execution signature, which is remotely checked by the
server, wherein affirmative checking ensure the authenticity of the
client-side software. The method proposed is applicable to remote
computation, in general, and has the potential to solve some of the
central trust problem in GRID computing.