Support for portable trusted software
First Claim
1. A method for distributing program code comprising the steps of providing to a recipient system a trusted third party certification, the trusted third party certification including a computer readable description of resources and permissions required for verified nonharmful operation of the code, wherein the description of resources required includes data describing both a quantity of at least one resource to be used by the code and a maximum rate of consumption of at least one resource by the code.
4 Assignments
0 Petitions
Accused Products
Abstract
A form of authentication is provided wherein a trusted third party signs a certificate to identify the author of a program and to secure its integrity. The program code is encapsulated or otherwise associated with the certificate and an access control list (ACL). The access control list describes the permissions and resources required by the code. An enforcement mechanism which allocates system permissions and resources in accordance with the ACL. In a preferred embodiment, a code production system communicates with a certification agency, which is a trusted third party. The certification agency issues a certificate for the code and a certificate for the access list of that code. Once the certificate is issued it is not possible for any party to modify the code or access list without invalidating the certificate. The code and its ACL, along with their certificates are stored on a server. A client downloading the code or access list can verify the integrity of the code/access list and the system can enforce the access list such that the permissions and resources are not exceeded.
301 Citations
20 Claims
- 1. A method for distributing program code comprising the steps of providing to a recipient system a trusted third party certification, the trusted third party certification including a computer readable description of resources and permissions required for verified nonharmful operation of the code, wherein the description of resources required includes data describing both a quantity of at least one resource to be used by the code and a maximum rate of consumption of at least one resource by the code.
-
13. A method for distributing program code comprising the steps of:
-
providing a recipient system with an encrypted trusted third party certification of the program code, the trusted third party certification being encapsulated with the program code and including a computer readable description of resources and permissions required for verified non-harmful operation of the code; reading the certification by the recipient system; determining the integrity of the certification by the recipient system; and
,only after the integrity has been verified, allocating resources and permissions of the recipient system in accordance with user selected options so as not to exceed the permissions specified in the certification; and
,executing the program code in accordance with the allocating, wherein the description of resources required includes data describing both a quantity of at least one resource to be used by the code and a maximum rate of consumption of at least one resource by the code and wherein the description of permissions required includes data describing specific facilities of the recipient system to be accessed by the code. - View Dependent Claims (19)
-
-
14. A computing system, comprising:
-
an importation device for importing programs and data into the computing system; an operating system for controlling the operation of the computing system; access logic for extracting from the data and associating with a given program a computer readable description of resources required for verified non-harmful operation of the given program, the access logic further including integrity checking logic for generating verification data indicative of the integrity of the computer readable description; and
,enforcement logic coupled to the operating system and responsive to the verification data for tracking and allocating for at least one resource consumption and consumption rate within the recipient system so as not to exceed the allocation specified in the description for the given program; and
,a processor for executing the given program in accordance with the allocating. - View Dependent Claims (15, 16, 17, 20)
-
Specification