System and method for secure authentication of external software modules provided by third parties
First Claim
1. A computer system for secure authentication of executable external modules, comprising:
- memory for storing an executable external module whose authenticity is to be verified, data K that can be created by using two different schemes, at least one scheme of the two different schemes being based on the integrity of a module to be verified, and an authentication token for the module to be verified which produces data K in both schemes, the executable external module being representative of the module to be verified; and
a processor, communicatively coupled to the memory, for using data K as created by one scheme of the two different schemes to disrupt the executable external module; and
using data K as created by the other scheme of the two different schemes to restore the executable external module from the disrupted executable external module thereby authenticating said executable external module.
1 Assignment
0 Petitions
Accused Products
Abstract
An external module loads into an entity'"'"'s memory and is transformed by two functions. These are namely, the STOMP function and the UNSTOMP function. One or both of these functions is based on the actual code that is found in a legitimate version of the external module. The STOMP-UNSTOMP pair produces an external module that works differently if even a single byte of code in the external module has been changed by an attacker. The STOMP transforms the external module and makes it temporarily unusable whilst conversely, the UNSTOMP repairs the damage and makes it workable again. Thus, if the module is not authentic, the pairing between the STOMP and UNSTOMP is broken. Therefore, a patched module from a hacker remains unusable since the STOMP and UNSTOMP transformations do not produce a working external module. Because of the STOMP and UNSTOMP technique, an application is secure because if an external module is free from tampering then the application executes normally. In the event that an illicitly patched external module is loaded then the application fails. In either case, no audio, video or information content is illegally copied because of the disablement of the external module by the STOMP-UNSTOMP procedure.
71 Citations
25 Claims
-
1. A computer system for secure authentication of executable external modules, comprising:
-
memory for storing an executable external module whose authenticity is to be verified, data K that can be created by using two different schemes, at least one scheme of the two different schemes being based on the integrity of a module to be verified, and an authentication token for the module to be verified which produces data K in both schemes, the executable external module being representative of the module to be verified; and
a processor, communicatively coupled to the memory, for using data K as created by one scheme of the two different schemes to disrupt the executable external module; and
using data K as created by the other scheme of the two different schemes to restore the executable external module from the disrupted executable external module thereby authenticating said executable external module. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A computer readable medium comprising computer instructions including instructions for authenticating an external module comprising:
-
providing data K that can be created by using two different schemes, at least one scheme of the two different schemes being based on the integrity of a module to be verified;
providing an authentication token for said module which produces data K in both schemes, an executable external module being representative of said module;
at a computer system, using data K as created by one scheme of the two different schemes to disrupt said executable external module; and
at the computer system, using data K as created by the other scheme of the two different schemes to restore the executable external module from the disrupted executable external module thereby authenticating said executable external module. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
Specification