How can I deploy my matlab application securely?

2 views (last 30 days)
Robert
Robert on 20 Sep 2014
Commented: Image Analyst on 20 Sep 2014
Let's say I've written a Matlab application and compiled it and given it to a client. They may upload some sensitive data into it to perform some analysis.
I understand that, while the compiled code is encrypted, it is decrypted on the fly at run time. This creates a vulnerability, i.e. people may be able to get hold of the application, run it and extract the sensitive data.
What can be done to address this vulnerability?
Many thanks,
Rob

Sign in to answer this question.

Answers (1)

Image Analyst
Image Analyst on 20 Sep 2014
I don't think it's decrypted into source code. When you run the exe it unpacks "source code" into encrypted p-code and runs that. It's not like they could look at those and see what you did.
Anyway, if your end-user/client "uploaded some sensitive data into it" ("it" meaning your program) then it's their data, isn't it? So they already have it. It's your program but their data, right? Please clarify.
  2 Comments
Image Analyst
Image Analyst on 20 Sep 2014
Rob's reply to me moved from an "Answer" to a comment to my answer:
Thanks for your answer. I want to protect agains the following scenario:
1. User uploads data into executable and executable already contains some sensitive data. It's a forecasting tool that will already contain some sensitive time series data and with the possibility of adding more.
2. Executable performs calculation.
3. Executable is then stolen somehow. e.g. user gives application to someone who then passes it on to someone who shouldn't have it.
4. Executable can be reverse engineered and the sensitive data retrieved.
I just want to be able to tell the clients that if they use the application data/code within it will be safe.
Many thanks,
Rob
Image Analyst
Image Analyst on 20 Sep 2014
I think that's the situation with any commercial software. I'm sure Microsoft, HP, Apple, or whoever doesn't want people reverse engineering their software. So I suggest you look to more general purpose solutions than just a MATLAB specific solution. For example, passwords, encrypting the whole hard drive, physical security (locked rooms and locked computers), authentication/vetting of users (background checks), audit trails, etc. Even so, there is no guarantee - just look at "inside jobs" by Bradley Manning and Edward Snowden. I'm not a security consultant so I can't really say much more that's useful.

Sign in to comment.

Categories

Find more on MATLAB Compiler in Help Center and File Exchange

Tags

Products

Community Treasure Hunt

Find the treasures in MATLAB Central and discover how the community can help you!

Start Hunting!