Protection of software code from unauthorized use by executing portions of the code in a secure computer environment separate from the environment that executes the remaining portions of the code
First Claim
1. A method of executing code of at least one software program in a multi-processor computer environment, each software program including (i) a first portion of software code to be executed in a computer, and (ii) a second portion of software code that includes one or more fragments of code of the software program, the method comprising executing the second portion of code in one or more external devices which are in communication with the computer.
0 Assignments
0 Petitions
Accused Products
Abstract
Code of at least one software program is executed in a multi-processor computer environment. Each software program includes a first portion of software code to be executed in a computer, and a second portion of software code that includes one or more fragments of code of the software program. The second portion of code is executed in one or more external devices which are in communication with the computer. The second portion of code is encrypted, transferred to a secure computer environment, such as a smart card, and decrypted in the one or more external devices prior to execution. The fragments of code may be interspersed within the first portion of code.
34 Citations
33 Claims
- 1. A method of executing code of at least one software program in a multi-processor computer environment, each software program including (i) a first portion of software code to be executed in a computer, and (ii) a second portion of software code that includes one or more fragments of code of the software program, the method comprising executing the second portion of code in one or more external devices which are in communication with the computer.
-
9. An apparatus which executes code of at least one software program in a multi-processor computer environment, each software program including (i) a first portion of software code, and
(ii) a second portion of software code that includes one or more fragments of code of the software program, the apparatus comprising: -
(a) a first computer which executes the first portion; and
(b) one or more externals unit in communication with the computer, the one or more external units executing the second portion. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A method of transforming a computer program which includes software code, the method comprising:
-
(a) identifying one or more fragments of the software code, (b) associating a program call with each of the identified fragments; and
(c) inserting the program call into the software code, thereby transforming the software program, wherein when a program call is reached, the respective fragment of software code is executed. - View Dependent Claims (16)
-
-
17. A method of executing a computer program which includes software code, the software code having (i) a first portion, and (ii) a second portion, the second portion including one or more fragments of the software code and a program call associated with each fragment, the method comprising:
-
(a) executing the first portion; and
(b) executing the associated fragments when a program call in the second portion is reached. - View Dependent Claims (18, 19, 20, 21)
-
-
22. An apparatus for executing a computer program which includes software code, the software code having (i) a first portion, and (ii) a second portion, the second portion including one or more fragments of the software code and a program call associated with each fragment, the apparatus comprising:
-
(a) means for executing the first portion; and
(b) means for executing the associated fragments when a program call in the second portion is reached. - View Dependent Claims (23, 24, 25)
-
-
26. A method of access control of software code which is executed on a smart card that is in communication with a host computer, the smart card having stored therein access control parameters for identified software code, the method comprising:
-
(a) the host computer uploading software code and its identity data to the smart card; and
(b) the smart card using the access control parameters and the identity data to determine whether access is permissible for the uploaded software code, wherein the software may be executed only if access is permissible. - View Dependent Claims (27, 28, 29)
-
-
30. A method of executing a plurality of software code fragments of a software program on an external unit, wherein the external unit is connected to a computer, the external unit including a processor and a memory, the method comprising:
-
(a) at execution time of each of the software code fragments, automatically uploading the respective software code fragment to the memory of the external unit; and
(b) executing the respective software code fragment in the external unit using only the processor and the memory of the external unit. - View Dependent Claims (31)
-
- 32. A method of preparing code of a software program, the software program including (i) a first portion of source code to be executed by a first processor, and (ii) a second portion of source code to be executed by a second processor, the second portion of source code including one or more fragments of code of the software program, the method comprising prior to compilation of the software program, encrypting only the second portion of source code.
Specification