Software Revocation Infrastructure
First Claim
Patent Images
1. A method comprising:
- distributing, over a network, multiple instances of a signed software component to multiple devices, the instances including an identification of a revocation authority;
receiving a request, at a processor of the revocation authority, for a revocation message of the signed software component; and
transmitting, by the processor, the revocation message in response to the request, the revocation message including mitigation information for configuration of the signed software component on one or more of the devices and including a signature.
1 Assignment
0 Petitions
Accused Products
Abstract
In one implementation, software components include an identity of a revocation authority. Prior to loading of the software in a given platform, the revocation authority is checked for any revocation messages. The revocation authority creates software component specific messages for any software components to be revoked, rather than using certificate revocation or individual licenses. The messages include mitigation information, such as instructions for automatically configuring already installed software without requiring an update or change in code.
-
Citations
20 Claims
-
1. A method comprising:
-
distributing, over a network, multiple instances of a signed software component to multiple devices, the instances including an identification of a revocation authority; receiving a request, at a processor of the revocation authority, for a revocation message of the signed software component; and transmitting, by the processor, the revocation message in response to the request, the revocation message including mitigation information for configuration of the signed software component on one or more of the devices and including a signature. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. Logic encoded in one or more non-transitory computer-readable media that includes code for execution and when executed by a processor is operable to perform operations comprising:
-
activating a software component on a platform, the software component including a first signature and having a version; verifying that the first signature is valid and rooted in a trusted signing certificate; checking for revocation of the version of the software component; receiving mitigation information when the version is revoked; and processing the mitigation information for the software component. - View Dependent Claims (15, 16, 17, 18)
-
-
19. Logic encoded in one or more non-transitory computer-readable media that includes code for execution and when executed by a processor is operable to perform operations comprising:
distributing a signed revocation message comprising mitigation information for a vulnerability of software, the mitigation information including one or more instructions for automatic mitigation by a platform loading the software. - View Dependent Claims (20)
Specification