SOFTWARE INTEGRITY CHECKING SYSTEMS AND METHODS

US 20200134173A1
Filed: 10/31/2019
Published: 04/30/2020
Est. Priority Date: 03/07/2016
Status: Active Grant

First Claim

Patent Images

1-16. -16. (canceled)

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

This disclosure relates to systems and methods generating and distributing protected software applications. In certain embodiments, integrity checking mechanisms may be implemented using integrity checking code in software code prior to compilation into machine code. Following compilation and execution of the application, the introduced code may check the integrity of the application by determining whether the application behaves and/or otherwise functions as expected. By introducing integrity checking in this manner, integrity checking techniques may be injected into the application prior to compilation into machine code and/or independent of the particular manner in which the application is compiled.

0 Citations

36 Claims

1-16. -16. (canceled)

17. A method for protecting an application performed by a system comprising a processor and a non-transitory computer-readable medium storing instructions that, when executed by the processor, cause the system to perform the method, the method comprising:
- generating functional integrity checking code, the functional integrity checking code being configured to execute one or more functional integrity checks of the application to verify that at least a portion of the application associated with the one or more functional integrity checks function according to a defined behavior by verifying that at least one input and at least one output associated with the at least a portion of the application correspond with an expected input and output behavior;
  
  inserting the functional integrity checking code into code associated with the application;
  
  inserting integrity check value generation code into the code associated with the application;
  
  inserting integrity checking code configured to verify the integrity of the application into the code associated with the application; and
  
  compiling the code associated with the application including the inserted functionality integrity checking code, the inserted integrity check value generation code, and the inserted integrity checking code,wherein the functional integrity checking code is further configured to initiate the integrity check value generation code upon successful verification that the at least one input and the at least one output associated with the at least a portion of the application correspond with the expected input and output behavior.
- View Dependent Claims (18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
- - 18. The method of claim 17, wherein the one or more functional integrity checks are configured to execute in response to an initial execution of the application.
  - 19. The method of claim 17, wherein the one or more functional integrity checks are configured to execute in response to an installation of the application.
  - 20. The method of claim 17, wherein inserting the functional integrity checking code into the code associated with the application comprises appending the functional integrity checking code into the code associated with the application.
  - 21. The method of claim 17, wherein inserting the functional integrity checking code into the code associated with the application comprises injecting the functional integrity checking code into a plurality of locations in the code associated with the application.
  - 22. The method of claim 17, wherein the functional integrity checking code is at least in part obfuscated.
  - 23. The method of claim 17, wherein the integrity check value generation code is at least in part obfuscated.
  - 24. The method of claim 17, wherein the integrity checking code is at least in part obfuscated.
  - 25. The method of claim 17, wherein the integrity check value generation code is configured to generate one or more first integrity check values based on one or more portions of the application.
  - 26. The method of claim 25, wherein the integrity check value generation code is further configured to store the one or more first integrity check values in a secure storage space of a user device executing the application.
  - 27. The method of claim 25, wherein the integrity check value generation code is further configured to insert the one or more first integrity check values in one or more locations of the application.
  - 28. The method of claim 25, wherein the integrity check value generation code is configured to generate the one or more first integrity check values by performing an operation on at least one portion of the one or more portions of the application.
  - 29. The method of claim 28, wherein the operation comprises a hashing operation and the one or more first integrity check values comprise one or more hash values.
  - 30. The method of claim 25, wherein the integrity checking code is configured to execute in response to an execution of the application following installation of the application on a user device.
  - 31. The method of claim 30, wherein the integrity checking code is configured to perform one or more comparison integrity checks.
  - 32. The method of claim 31, wherein the one or more comparison integrity checks comprise generating one or more second integrity check values based on the one or more portions of the application.
  - 33. The method of claim 32, wherein the one or more comparison integrity checks further comprise determining that the one or more second integrity check values match corresponding values of the one or more first integrity check values.
  - 34. The method of claim 33, wherein the integrity checking code is configured to allow the execution of the application based one determining that the one or more second integrity check values match corresponding values of the one or more first integrity check values.
  - 35. The method of claim 17, wherein the code associated with the application comprises an intermediate representation of the application.
  - 36. The method of claim 17, wherein compiling the code associated with the application including the inserted functionality integrity checking code, the inserted integrity check value generation code, and the inserted integrity checking code comprises transmitting the code associated with the application including the inserted functionality integrity checking code, the inserted integrity check value generation code, and the inserted integrity checking code to an application store system for compilation by the application store system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Original Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Inventors
CAKLOVIC, Marko

Granted Patent

US 10,872,146 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/51   at application loading time...

G06F 21/54   by adding security routines...

G06F 21/57   Certifying or maintaining t...

G06F 21/64   Protecting data integrity, ...

G06F 2221/033   Test or assess software

SOFTWARE INTEGRITY CHECKING SYSTEMS AND METHODS

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

0 Citations

36 Claims

Specification

Solutions

Use Cases

Quick Links

SOFTWARE INTEGRITY CHECKING SYSTEMS AND METHODS

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

0 Citations

36 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links