System and method of providing communication security
First Claim
1. A process of checking the authorization and authenticity of an application provided by a user, comprising:
- authenticating an application authentication file against a domain administrator'"'"'s public membership key;
hashing an application executable;
comparing the application hash result to an authentication hash contained in the application authentication file;
denying services to the application if the application hash and the authentication hash do not match;
decoding configuration assignments in the application authentication file if the application hash and the authentication hash match;
comparing the decoded configuration assignments to the user'"'"'s configuration assignments;
providing services to the application if the result of the decode is favorable; and
denying services to the application if the result of the decode is not favorable.
1 Assignment
0 Petitions
Accused Products
Abstract
A process of checking the authorization and authenticity of an application provided by a user includes authenticating an application authentication file against a domain administrator'"'"'s public membership key. An application executable is then hashed, and the application hash result is compared to an authentication hash contained in the application authentication file. At this point, services are denied to the application if the application hash and the authentication hash do not match. Configuration assignments in the application authentication file are decoded if the application hash and the authentication hash match. The decoded configuration assignments are compared to the user'"'"'s configuration assignments. Services are provided to the application if the result of the decode is favorable. Services are denied to the application if the result of the decode is not favorable.
392 Citations
1 Claim
-
1. A process of checking the authorization and authenticity of an application provided by a user, comprising:
-
authenticating an application authentication file against a domain administrator'"'"'s public membership key;
hashing an application executable;
comparing the application hash result to an authentication hash contained in the application authentication file;
denying services to the application if the application hash and the authentication hash do not match;
decoding configuration assignments in the application authentication file if the application hash and the authentication hash match;
comparing the decoded configuration assignments to the user'"'"'s configuration assignments;
providing services to the application if the result of the decode is favorable; and
denying services to the application if the result of the decode is not favorable.
-
Specification
-
- Resources
-
Current AssigneeTecSec, Incorporated
-
Original AssigneeTecSec, Incorporated
-
InventorsWack, C. Jay, Scheidt, Edward M.
-
Application NumberUS09/858,326Publication NumberTime in Patent OfficeDaysField of SearchUS Class Current713/201CPC Class CodesG06F 21/31 User authenticationG06Q 20/02 involving a neutral party, ...G06Q 20/3552 Downloading or loading of p...G06Q 20/3829 involving key managementG07F 7/1008 Active credit-cards provide...H04L 2209/08 Randomization, e.g. dummy o...H04L 2209/56 Financial cryptography, e.g...H04L 63/064 Hierarchical key distributi...H04L 63/068 using time-dependent keys, ...H04L 63/0823 using certificates cryptogr...H04L 63/12 Applying verification of th...H04L 63/126 the source of the received ...H04L 9/007 involving hierarchical stru...H04L 9/0825 using asymmetric-key encryp...H04L 9/0891 Revocation or update of sec...H04L 9/3236 using cryptographic hash fu...
