Revoking Malware in a Computing Device

US 20100115269A1
Filed: 06/26/2007
Published: 05/06/2010
Est. Priority Date: 06/29/2006
Status: Abandoned Application

First Claim

Patent Images

1. A method of operating a computing device, the method comprising enabling the device to make use of one or more sets of previously stored information to supplement, replace or override information concerning certificate revocation provided by a chain of one or more certificates included with a software package, wherein the computing device is caused to utilise the previously stored information in the event that the chain of certificates included with the software package does not resolve to a trusted certificate previously stored on the device.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computing device is operated in a manner which provides improved checking to determine whether or not an authentication certificate for a software application being loaded onto the device has been revoked. In the case of trusted certificate chains that contain no revocation information, the device checks using an AuthorityInfoAccess extension (AIA) as selected by the device. In the case of untrusted certificate chains, notably including self-signed certificates, the device is controlled so that it ignores any authentication revocation information provided with the software application and always uses information stored on the device.

14 Citations

View as Search Results

10 Claims

1. A method of operating a computing device, the method comprising enabling the device to make use of one or more sets of previously stored information to supplement, replace or override information concerning certificate revocation provided by a chain of one or more certificates included with a software package, wherein the computing device is caused to utilise the previously stored information in the event that the chain of certificates included with the software package does not resolve to a trusted certificate previously stored on the device.
- View Dependent Claims (5, 6, 7, 8, 9, 10)
- - 5. A method according to claim 1 wherein the chain of certificates included with the software package comprises X.509 certificates and wherein the information concerning certificate revocation is provided either by CRL or OSCP revocation related extensions.
  - 6. A method according to claim 1 wherein the previously stored information on the computing device comprisesa. CRL related extensions such as cRLDistributionPoints for accessing CRL servers;
    - and/orb. OSCP revocation related extensions such as AuthorityInfoAccess for accessing OSCP responders or servers.
  - 7. A method according to claim 6 wherein, when the previously stored information comprises CRL related extensions and OSCP revocation related extensions, the computing device is arranged to use the OSCP extensions in preference to the CRL extensions
  - 8. A method according to claim 1 wherein the previously stored information utilised when the chain of certificates included with the software package does not resolve to a trusted certificate previously is used to access an OSCP responder or server for returning an affirmative response for unknown certificates.
  - 9. A computing device arranged to operate in accordance with a method as claimed in claim 1.
  - 10. An operating system for causing a computing device to operate in accordance with a method as claimed in claim 1.

2. (canceled)

3. A method according to 1 wherein the previously stored information concerning certificate revocation differs from the previously stored information concerning certificate revocation utilised in the event thata. the chain of certificates included with the software package resolves to a trusted certificate stored on the device;
- andb. any of the certificates included with the software package do not include revocation information.

4. A method according to 1 wherein the previously stored information concerning certificate revocation is the previously stored information concerning certificate revocation utilised in the event thata. the chain of certificates included with the software package resolve to a trusted certificate stored on the device;
- andb. any of the certificates included with the software package do not include revocation information.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Nokia Corporation
Original Assignee
Symbian Software Limited (Accenture PLC)
Inventors
Heath, Craig, Allen, Matthew, Harker, Andrew

Application Number

US12/306,343
Publication Number

US 20100115269A1
Time in Patent Office

Days
Field of Search
US Class Current

713/157
CPC Class Codes

G06F 21/33   using certificates

G06F 21/51   at application loading time...

G06F 21/57   Certifying or maintaining t...

Revoking Malware in a Computing Device

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

14 Citations

10 Claims

Specification

Solutions

Use Cases

Quick Links

Revoking Malware in a Computing Device

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

14 Citations

10 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links