Scalable, Confidential and Survivable Software Updates

Software update systems must guarantee high availability, integrity and security even in presence of cyber attacks. We propose the first survivable software update framework for the secure distribution of confidential updates that is based on a distributed infrastructure with no single points of failure. Previous works guarantee either survivability or confidentiality of software updates but do not ensure both properties. Our proposal is based on an original application of a multi-authority attribute-based encryption scheme in the context of decentralized access control management that avoids single-point-of-vulnerability. We describe the original framework, propose the protocols to implement it, and demonstrate its feasibility through a security and performance evaluation.

Automated summary

In this study, we propose a software update framework based on a distributed infrastructure to ensure the high availability, integrity, and security of software even in the presence of cyber attacks. This framework utilizes a multi-authority attribute-based encryption scheme to avoid single-point vulnerabilities and guarantees both survivability and confidentiality of software updates.