VERIFICATION OF UN-TRUSTED CODE FOR CONSUMPTION ON AN INSECURE DEVICE
First Claim
1. A computer readable storage medium including computer executable instructions for securing a computing device, the computer readable storage medium comprising:
- instructions for granting, to a managed library, access to native resources of an operating system in response to validating a digital certificate associated with the managed library; and
instructions for denying, to a managed application, access to native resources of the operating system, wherein the managed application includes a digital certificate authorizing the managed application to access a specific native resource of the operating system through the managed library.
2 Assignments
0 Petitions
Accused Products
Abstract
Disclosed is a code verification service that detects malformed data in an automated process and rejects submission and distribution if any malicious code is found. Once the submission is verified it may be packaged in container. The container may then be deployed to a mobile device, and the public key may be used to verify that the container authentic. The device can load trusted managed libraries needed to execute the application and a manager can ensure that only trusted libraries access native resources of the device.
80 Citations
20 Claims
-
1. A computer readable storage medium including computer executable instructions for securing a computing device, the computer readable storage medium comprising:
-
instructions for granting, to a managed library, access to native resources of an operating system in response to validating a digital certificate associated with the managed library; and instructions for denying, to a managed application, access to native resources of the operating system, wherein the managed application includes a digital certificate authorizing the managed application to access a specific native resource of the operating system through the managed library. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for protecting a closed computing device from executing un-trusted instructions, the method comprising:
-
receiving, by a manager, a request from a managed application to access a native system resource through a managed library; authorizing, by the manager, the request to access the native system resource through the managed library, wherein the manager includes information that identifies managed libraries that the managed application is authorized to access, further wherein the manager is effectuated by native instructions; authorizing, by the manager, the request to access the native system resource by the managed library, wherein information that identifies that the managed library is authorized to access the native system resource was obtained from a digital certificate associated with the managed library; sending, by the managed library, a request to access the native system resource to a runtime host, wherein the runtime host is effectuated by native instructions; and accessing, by the runtime host, the native system resource. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A computer system for publishing videogames configured to execute on a mobile device, the system comprising:
-
circuitry for receiving a package from a networked computer system; circuitry for identifying an executable in the package; circuitry for verifying managed metadata associated with the executable, wherein the managed metadata describes the structure of executable, further wherein verifying the managed metadata includes inspecting the managed metadata at runtime to determine that the executable includes type safe code; and circuitry for storing the verified executable in a digitally signed container. - View Dependent Claims (18, 19, 20)
-
Specification