METHOD FOR SECURING A GADGET ACCESS TO A LIBRARY

US 20120054494A1
Filed: 12/28/2009
Published: 03/01/2012
Est. Priority Date: 01/16/2009
Status: Abandoned Application

First Claim

Patent Images

1. Method for securing the operation of a gadget requiring access to features hosted in a library (44) of a gadget container (36) in order to implement these features into a primary file (35) of such gadget, the primary file (35) being sent by a Web hosting server (40) to the gadget container (36) to allow the implementation of the features with the primary file (35), wherein:

the gadget container (36) retrieves the primary file (35) of the gadget from the Web hosting server (40) with a signature (16), based on a public key (24)/private key (14) encryption system, associated therein,the gadget container (36) controls, with a public key (24) of the public/private key encryption system, the signature (16) associated to the gadget primary file,the gadget container (36) decides to authorize or to refuse the implementation of its library (44) features depending on whether the signature (16) associated with the primary file (35) is accepted or refused.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention relates to a method for securing the operation of a gadget requiring access to features hosted in a library of a gadget container (36) in order to implement these features into a primary file (35) of such gadget, the primary file (35) being sent by a Web hosting server (40) to the gadget container (36) to allow the implementation of the features with the primary file (35), wherein: —the gadget container (36) retrieves the primary file (35) of the gadget from the Web hosting server (40) with a signature (16), based on a public key/private key encryption system, associated therein,—the gadget container (36) verifies, with a public key of the public/private key encryption system, the signature (16) associated to the gadget primary file, —the gadget container (36) decides to authorize or to refuse the implementation of its library (44) features depending on whether the signature (16) associated with the primary file (35) is accepted or refused.

10 Citations

View as Search Results

11 Claims

1. Method for securing the operation of a gadget requiring access to features hosted in a library (44) of a gadget container (36) in order to implement these features into a primary file (35) of such gadget, the primary file (35) being sent by a Web hosting server (40) to the gadget container (36) to allow the implementation of the features with the primary file (35), wherein:
- the gadget container (36) retrieves the primary file (35) of the gadget from the Web hosting server (40) with a signature (16), based on a public key (24)/private key (14) encryption system, associated therein,the gadget container (36) controls, with a public key (24) of the public/private key encryption system, the signature (16) associated to the gadget primary file,the gadget container (36) decides to authorize or to refuse the implementation of its library (44) features depending on whether the signature (16) associated with the primary file (35) is accepted or refused.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 11)
- - 2. Method according to claim 1 wherein the signature associated to the primary file (35) derives from an encryption, with a private key (14) of the public/private key encryption system, of an identifier (12) depending on the primary file (35) code.
  - 3. Method according to claim 2 wherein the identifier (12) depending on the primary file (35) code is a Hash function of the primary file (35).
  - 4. Method according to claim 1 wherein the gadget container (36) decides to authorize the access to the library (44) features when it both identifies the authorized private key (14) an authorized private key and establishes the integrity of the primary file (35).
  - 5. Method according to claim 1 wherein the gadget container (36) decides to refuse the access to the library features (44) if either:
    - the private key (14) is not recognized, orthe private key (14) is not authorized, orthe integrity of the primary file (35) is not established.
  - 6. Method according to claim 5 wherein a message indicating a lack of authorization is transmitted to the Web browser (32) requesting to operate the gadget.
  - 7. Method according to claim 1 wherein the feature is dynamically generated depending on an IP address associated to a request (34) for operating the gadget.
  - 8. Method according to claim 1 wherein the authorization for access is given for a certain lack of time.
  - 9. Method according to claim 1 wherein the primary file is an XML file and the features comprise Javascript®
    - code.
  - 11. Method according to claim 1 wherein the primary file (35) requiring access to features hosted in a library (44) of a gadget container (36) in order to implement these features for its operation, comprises a signature (16), based on public key (24)/private key (14) encryption system, associated therein in order to implement the method.

10. Gadget container (36) hosting features to be implemented into a primary file (35) of a gadget, such primary file (35) being received from a Web hosting server (40) upon request by the gadget container (36), wherein the gadget container (36) comprises:
- Means for retrieving the primary file (35) of the gadget with a signature, based on public/private key encryption system, associated therein,Means (50) for controlling, with a public key of the public/private key encryption system, the signature associated to the gadget primary file,Means for authorizing or refusing the access to the library'"'"'s (44) features depending on whether it accepts or refuses the signature associated within the primary file.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Alcatel-Lucent SA (Nokia Corporation)
Original Assignee
Alcatel-Lucent SA (Nokia Corporation)
Inventors
Hiribarren, Vincent, Robinson, Julien

Application Number

US13/144,770
Publication Number

US 20120054494A1
Time in Patent Office

Days
Field of Search
US Class Current

713/176
CPC Class Codes

G06F 21/51 at application loading time...

METHOD FOR SECURING A GADGET ACCESS TO A LIBRARY

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

10 Citations

11 Claims

Specification

Solutions

Use Cases

Quick Links

METHOD FOR SECURING A GADGET ACCESS TO A LIBRARY

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

10 Citations

11 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links