Updating Applications Using Migration Signatures

US 20140040873A1
Filed: 08/12/2008
Published: 02/06/2014
Est. Priority Date: 08/12/2008
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method, the method comprising:

receiving an installation file digitally signed with a first package signature;

determining whether the received installation file includes a migration signature to confirm that the received installation file includes a valid update related to an installed software application, wherein the migration signature is applied to the installation file and the first package signature after being signed with the first package signature, and wherein the migration signature matches a second signature associated with the installed software application; and

updating the installed software application based on the received installation file when the migration signature is included.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In general, in one aspect, an installation file digitally signed with a first package signature is received. It is determined whether the received installation file includes a migration signature that covers the first package signature and that matches a second signature associated with an installed software application, to confirm that the received installation file includes a valid update related to the installed software application. The installed software application is updated from the received installation file when the migration signature is included.

68 Citations

View as Search Results

36 Claims

1. A computer-implemented method, the method comprising:
- receiving an installation file digitally signed with a first package signature;
  
  determining whether the received installation file includes a migration signature to confirm that the received installation file includes a valid update related to an installed software application, wherein the migration signature is applied to the installation file and the first package signature after being signed with the first package signature, and wherein the migration signature matches a second signature associated with the installed software application; and
  
  updating the installed software application based on the received installation file when the migration signature is included.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the second signature is associated with a self-signed security certificate, and wherein the first package signature is associated with a certificate issued by a certificate authority.
  - 3. The method of claim 1, wherein the first package signature is associated with a first public signing key, the second signature is associated with a second public signing key different from the first public signing key, andthe migration signature is associated with the second public signing key when the migration signature is included.
  - 4. The method of claim 1, wherein the determining comprises:
    - comparing an identifier generated from the second signature with an identifier generated from the migration signature to determine whether or not the identifiers match; and
      
      when the identifiers match, determining that the migration signature matches the second signature.
  - 5. The method of claim 4, wherein the second signature and the migration signature are associated with different public signing keys, and wherein the method further comprises:
    - determining whether the first package signature of the installation file matches the second signature associated with the installed software application;
      
      updating the installed software application from the received installation file when the first package signature matches the second signature; and
      
      not updating the installed software application otherwise.
  - 6. The method of claim 5, wherein determining whether the first package signature matches the second signature comprises:
    - determining whether an identifier generated from the first package signature matches an identifier generated from the second signature.
  - 7. The method of claim 1, wherein the software application is installed and updated in a cross-platform runtime environment.
  - 8. The method of claim 1, wherein the receiving comprises:
    - receiving an installation file, digitally signed with the first package signature, that includes an update to an association between the installed software application and an application publisher.
  - 9. The method of claim 1, wherein updating the installed software application based on the received installation file changes an association of the second digital signature with the installed software application without otherwise affecting the installed software application, such that future updates to the installed software application are signed by only the first package signature.

10. A system, comprising:
- a processor; and
  
  a non-transitory storage medium coupled with the processor, the non-transitory storage medium including instructions operable to cause the processor to perform operations comprising;
  
  receiving an installation file digitally signed with a first package signature;
  
  determining whether the received installation file includes a migration signature to confirm that the received installation file includes a valid update related to an installed software application, wherein the migration signature is applied to the installation file and the first package signature after being signed with the first package signature, and wherein the migration signature matches a second signature associated with the installed software application; and
  
  updating the installed software application based on the received installation file when the migration signature is included.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
- - 11. The system of claim 10, wherein the second signature is associated with a self-signed security certificate, and wherein the first package signature is associated with a certificate issued by a certificate authority.
  - 12. The system of claim 10, wherein the first package signature is associated with a first public signing key, the second signature is associated with a second public signing key different from the first public signing key, andthe migration signature is associated with the second public signing key when the migration signature is included.
  - 13. The system of claim 10, wherein the determining comprises:
    - comparing an identifier generated from the second signature with an identifier generated from the migration signature to determine whether or not the identifiers match; and
      
      when the identifiers match, determining that the migration signature matches the second signature.
  - 14. The system of claim 13, wherein the second signature and the migration signature are associated with different public signing keys, and wherein the operations further comprise:
    - determining whether the first package signature of the installation file matches the second signature associated with the installed software application;
      
      updating the installed software application from the received installation file when the first package signature matches the second signature; and
      
      not updating the installed software application otherwise.
  - 15. The system of claim 14, wherein determining whether the first package signature matches the second signature comprises:
    - determining whether an identifier generated from the first package signature matches an identifier generated from the second signature.
  - 16. The system of claim 10, wherein the software application is installed and updated in a cross-platform runtime environment.
  - 17. The system of claim 10, wherein the receiving comprises:
    - receiving an installation file, digitally signed with the first package signature, that includes an update to an association between the installed software application and an application publisher.
  - 18. The system of claim 10, wherein updating the installed software application based on the received installation file changes an association of the second digital signature with the installed software application without otherwise affecting the installed software application, such that future updates to the installed software application are signed by only the first package signature.

19. A computer program product, encoded on a non-transitory storage medium, operable to cause data processing apparatus to perform operations comprising:
- receiving an installation file digitally signed with a first package signature;
  
  determining whether the received installation file includes a migration signature to confirm that the received installation file includes a valid update related to an installed software application, wherein the migration signature is applied to the installation file and the first package signature after being signed with the first package signature, and wherein the migration signature matches a second signature associated with the installed software application; and
  
  updating the installed software application based on the received installation file when the migration signature is included.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27)
- - 20. The computer program product of claim 19, wherein the second signature is associated with a self-signed security certificate, and wherein the first package signature is associated with a certificate issued by a certificate authority.
  - 21. The computer program product of claim 19, wherein the first package signature is associated with a first public signing key, the second signature is associated with a second public signing key different from the first public signing key, andthe migration signature is associated with the second public signing key when the migration signature is included.
  - 22. The computer program product of claim 19, wherein the determining comprises:
    - comparing an identifier generated from the second signature with an identifier generated from the migration signature to determine whether or not the identifiers match; and
      
      when the identifiers match, determining that the migration signature matches the second signature.
  - 23. The computer program product of claim 22, wherein the second signature and the migration signature are associated with different public signing keys, and wherein the operations further comprise:
    - determining whether the first package signature of the installation file matches the second signature associated with the installed software application;
      
      updating the installed software application from the received installation file when the first package signature matches the second signature; and
      
      not updating the installed software application otherwise.
  - 24. The computer program product of claim 23, wherein determining whether the first package signature matches the second signature comprises:
    - determining whether an identifier generated from the first package signature matches an identifier generated from the second signature.
  - 25. The computer program product of claim 19, wherein the software application is installed and updated in a cross-platform runtime environment.
  - 26. The computer program product of claim 19, wherein the receiving comprises:
    - receiving an installation file, digitally signed with the first package signature, that includes an update to an association between the installed software application and an application publisher.
  - 27. The computer program product of claim 19, wherein updating the installed software application based on the received installation file changes an association of the second digital signature with the installed software application without otherwise affecting the installed software application, such that future updates to the installed software application are signed by only the first package signature.

28. A computer-implemented method, the method comprising:
- obtaining an installation file digitally signed with a first signature, the installation file corresponding to a software application previously installed on a computing platform, and the software application having a second signature associated with the installed software application on the computing platform;
  
  applying a migration signature to the installation file to generate a dual-signature installation file, the migration signature covering the first signature and matching the second signature associated with the installed software application to validate the first signature for association with the software application on the computing platform; and
  
  distributing the dual-signature installation package for use on the computing platform.
- View Dependent Claims (29, 30)
- - 29. The method of claim 28, wherein the second signature is associated with a self-signed security certificate, and wherein the first signature is associated with a certificate issued by a certificate authority.
  - 30. The method of claim 28, wherein the obtained installation file includes an update to functionality of the installed software application.

31. A system, comprising:
- a processor; and
  
  a computer readable medium coupled with the processor, the computer readable medium including instructions operable to cause the processor to perform operations comprising;
  
  obtaining an installation file digitally signed with a first signature, the installation file corresponding to a software application previously installed on a computing platform, and the software application having a second signature associated with the installed software application on the computing platform;
  
  applying a migration signature to the installation file to generate a dual-signature installation file, the migration signature covering the first signature and matching the second signature associated with the installed software application to validate the first signature for association with the software application on the computing platform; and
  
  distributing the dual-signature installation package for use on the computing platform.
- View Dependent Claims (32, 33)
- - 32. The system of claim 31, wherein the second signature is associated with a self-signed security certificate, and wherein the first signature is associated with a certificate issued by a certificate authority.
  - 33. The system of claim 31, wherein the obtained installation file includes an update to functionality of the installed software application.

34. A computer program product, encoded on a computer-readable medium, operable to cause data processing apparatus to perform operations comprising:
- obtaining an installation file digitally signed with a first signature, the installation file corresponding to a software application previously installed on a computing platform, and the software application having a second signature associated with the installed software application on the computing platform;
  
  applying a migration signature to the installation file to generate a dual-signature installation file, the migration signature covering the first signature and matching the second signature associated with the installed software application to validate the first signature for association with the software application on the computing platform; and
  
  distributing the dual-signature installation package for use on the computing platform.
- View Dependent Claims (35, 36)
- - 35. The computer program product of claim 34, wherein the second signature is associated with a self-signed security certificate, and wherein the first signature is associated with a certificate issued by a certificate authority.
  - 36. The computer program product of claim 34, wherein the obtained installation file includes an update to functionality of the installed software application.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Adobe Inc.
Original Assignee
Adobe Systems Incorporated (Adobe Inc.)
Inventors
Goldman, Oliver

Granted Patent

US 10,459,711 B2
Time in Patent Office

Days
Field of Search
US Class Current

717/168
CPC Class Codes

G06F 21/57   Certifying or maintaining t...

G06F 21/64   Protecting data integrity, ...

G06F 8/65   Updates security arrangemen...

H04L 2209/64   Self-signed certificates

H04L 2209/68   Special signature format, e...

H04L 9/3263   involving certificates, e.g...

Updating Applications Using Migration Signatures

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

68 Citations

36 Claims

Specification

Solutions

Use Cases

Quick Links

Updating Applications Using Migration Signatures

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

68 Citations

36 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links