Portion-level in-memory module authentication

US 20060026569A1
Filed: 07/29/2004
Published: 02/02/2006
Est. Priority Date: 07/29/2004
Status: Active Grant

First Claim

Patent Images

1. A method of verifying the integrity of a software module where at least one portion of said software module is loaded into memory of a computing environment for execution, comprising:

for a specific portion from among said at least one portion of said software module, retrieving corresponding portion-level verification data, said portion-level verification data allowing verification of said specific portion of said software module; and

using said corresponding portion-level verification data to verify said specific portion of said software module as loaded into memory.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Dynamic run-time verification of a module which is loaded in memory (in whole or in part) for execution is enabled by using pre-computed portion-level verification data for portions of the module smaller than the whole (e.g. at the page-level). A portion of the module as loaded into memory for execution can be verified. Pre-computed portion-level verification data is retrieved from storage and used to verify the loaded portions of the executable. Verification data may be, for example, a digitally signed hash of the portion. Where the operating system loader has modified the portion for execution, the modifications are reversed, removing any changes performed by the operating system. If the portion has not been tampered, this will return the portion to its original pre-loaded state. This version is then used to determine validity using the pre-computed portion-level verification. Additionally, during execution of the module, new portions/pages of the module which are loaded can be verified to ensure that they have not been changed, and a list of hot pages of the module can be made, including pages to be continually reverified, in order to ensure that no malicious changes have been made in the module.

Citations

41 Claims

1. A method of verifying the integrity of a software module where at least one portion of said software module is loaded into memory of a computing environment for execution, comprising:
- for a specific portion from among said at least one portion of said software module, retrieving corresponding portion-level verification data, said portion-level verification data allowing verification of said specific portion of said software module; and
  
  using said corresponding portion-level verification data to verify said specific portion of said software module as loaded into memory.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method of claim 1, where said specific portion is a page.
  - 3. The method of claim 1, where said steps of retrieving corresponding-portion level verification data and using said corresponding portion-level verification data to verify said specific portion of said software module are performed for each of said portions of said software module loaded into memory.
  - 4. The method of claim 3, where said steps of retrieving corresponding-portion level verification data and using said corresponding portion-level verification data to verify said specific portion of said software module for each of said portions of said software module loaded into memory occur before said software module is executed.
  - 5. The method of claim 1, further comprising:
    - maintaining a hot list of specific portions of said software module which have been loaded into said memory; and
      
      verifying each portion on said hot list using corresponding portion level verification data.
  - 6. The method of claim 1, where said steps of retrieving corresponding-portion level verification data and using said corresponding portion-level verification data to verify said specific portion of said software module are performed for at least one secure portion of said software module related to secure functionality before said secure functionality is utilized.
  - 7. The method of claim 1, where said step of using said corresponding portion-level verification data to verify said specific portion of said software module as loaded into memory comprises:
    - modifying said specific portion to reverse any loading changes implemented by a loader in loading said specific portion; and
      
      hashing said modified specific portion.
  - 8. The method of claim 7, where said step of using said corresponding portion-level verification to verify said specific portion of said software module as loaded into memory further comprises:
    - comparing the result of said hash of said modified specific portion to said corresponding portion-level verification data.
  - 9. The method of claim 1, where said step of using said corresponding portion-level verification data to verify said specific portion of said software module as loaded into memory further comprises:
    - using a digital signature of said corresponding portion-level verification data to determine that said corresponding portion-level verification data is trustworthy.
  - 10. The method of claim 1, wherein said portion level verification data comprises a plurality of hashes of said specific portion, each of said plurality of hashes being based on an anticipated change to a loaded portion of said software module.
  - 11. The method of claim 1, where said step of using said corresponding portion-level verification data to verify said specific portion of said software module as loaded into memory comprises:
    - periodically verifying said specific portion from among said at least two portions of said software module.
  - 12. The method of claim 11, where said periodic verification occurs at a randomly chosen time.
  - 13. The method of claim 11, where said periodic verification occurs according to a tunable parameter.
  - 14. The method of claim 11, where said periodic verification is scheduled based on a factor selected from among the following:
    - inclusion of said specific portion on a hot list;
      
      the time elapsed since said specific portion was last verified; and
      
      whether said specific portion had previously been verified.
  - 15. At least one of an operating system, a computer readable medium having stored thereon a plurality of computer-executable instructions, a co-processing device, a computing device, and a modulated data signal carrying computer executable instructions for performing the method of claim 1.

16. A method of verifying the integrity of a software module where at least one portion of said software module is loaded into memory of a computing environment for execution, comprising:
- identifying at least two portions of said software module;
  
  for each of said at least two portions of said software module, creating corresponding portion-level verification data; and
  
  storing said portion-level verification data.
- View Dependent Claims (17, 18, 19, 20, 21, 22)
- - 17. The method of claim 16, where said specific portion is a page.
  - 18. The method of claim 16, where said step of creating corresponding portion-level verification data, for a given portion, comprises:
    - hashing said given portion.
  - 19. The method of claim 18, wherein said act of hashing comprises:
    - creating a plurality of hashes of said given portion, each of said plurality of hashes being based on an anticipated variation of said given portion.
  - 20. The method of claim 16, where said step of creating corresponding portion-level verification data, for a given portion, further comprises:
    - using a digital signature to sign said portion-level verification data.
  - 21. The method of claim 16, further comprising:
    - providing said portion-level verification data in response to a request.
  - 22. At least one of an operating system, a computer readable medium having stored thereon a plurality of computer-executable instructions, a co-processing device, a computing device, and a modulated data signal carrying computer executable instructions for performing the method of claim 16.

23. A module verifier for verifying the integrity of a software module where at least one portion of said software module is loaded into memory of a computing environment for execution, comprising:
- portion-level verification data retrieval for, for a specific portion from among said at least one portion of said software module, retrieving corresponding portion-level verification data, said portion-level verification data allowing verification of said specific portion of said software module; and
  
  portion-level verifier for using said corresponding portion-level verification data to verify said specific portion of said software module as loaded into memory.
- View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
- - 24. The module verifier of claim 23, where said specific portion is a page.
  - 25. The module verifier of claim 23, where said portion-level verifier is used to verify each of said portions of said software module loaded into memory.
  - 26. The module verifier of claim 25, where said verification occurs before said software module is executed.
  - 27. The module verifier of claim 23, further comprising:
    - hot list maintenance for maintaining a hot list of specific portions of said software module which have been loaded into said memory; and
      
      where said verifier verifies each portion on said hot list using a corresponding portion level verification.
  - 28. The module verifier of claim 23, where said portion-level verifier is used to verify at least one secure portion of said software module related to secure functionality before said secure functionality is utilized.
  - 29. The module verifier of claim 23, where said portion-level verifier modifies said specific portion to reverse any loading changes implemented by an operating system loader in loading into memory said specific portion and hashes said modified specific portion.
  - 30. The module verifier of claim 29, where said portion-level verifier further compares the result of said hash of said modified specific portion to said corresponding portion-level verification data.
  - 31. The module verifier of claim 23, where said portion-level verifier uses a digital signature of said corresponding portion-level verification data to determine that said corresponding portion-level verification data is trustworthy.
  - 32. The module verifier of claim 23, where said portion-level verifier periodically verifies said specific portion from among said at least two portions of said software module.
  - 33. The module verifier of claim 32, where said periodic verification occurs at a randomly chosen time.
  - 34. The module verifier of claim 32, where said periodic verification occurs according to a tunable parameter.
  - 35. The module verifier of claim 32, where said periodic verification is scheduled based on a factor selected from among the following:
    - inclusion of said specific portion on a hot list;
      
      the time elapsed since said specific portion was last verified; and
      
      whether said specific portion had previously been verified.
  - 36. The module verifier of claim 23, wherein said corresponding portion-level verification data comprises a plurality of hashes based on said specific portion of said software module, each of said plurality of hashes being based on an anticipated variation of said specific portion of said software module.

37. A portion-level verification initiator for verifying the integrity of a software module where at least one portion of said software module is loaded into memory of a computing environment for execution, comprising:
- a portion-level verification creator for, for each of said at least two portions of said software module, creating corresponding portion-level verification data; and
  
  storage for storing said portion-level verification data.
- View Dependent Claims (38, 39, 40, 41)
- - 38. The portion-level verification initiator of claim 37, where said specific portion is a page.
  - 39. The portion-level verification initiator of claim 37, where said portion-level verification creator hashes said given portion.
  - 40. The portion-level verification initiator of claim 37, where said portion-level verification creator uses a digital signature to sign said corresponding portion-level verification data.
  - 41. The portion-level verification initiator of claim 37, wherein said portion-level verification data comprises a plurality of hashes for each of said at least two portions, wherein the hashes that correspond to a given one of said at least two portions are based on anticipated variations of said given one of said at least two portions.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Oliver, Robert Ian, Lafornara, Philip J., Marr, Michael David, Brender, Scott A., Oerting, Timothy J.

Granted Patent

US 7,644,287 B2
Time in Patent Office

Days
Field of Search
US Class Current

717/126
CPC Class Codes

G06F 21/51 at application loading time...

Portion-level in-memory module authentication

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

41 Claims

Specification

Solutions

Use Cases

Quick Links

Portion-level in-memory module authentication

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

41 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links