Code certification for network transmission
First Claim
1. A network code certification system for establishing at a receiving computer a source of an executable file accessed from a remote site on a computer network, comprising:
- a keyed source signature having a secure representation of the executable file;
a keyed source certification by a certification agency and having an identifier for the source and a key to the source signature;
a key to the source certification stored at the receiving computer; and
computer-executable instructions stored on a computer-readable medium for confirming the executable file against its secure representation and selectively providing a certification notification indicating that the executable file is provided by the source according to the certification agency.
2 Assignments
0 Petitions
Accused Products
Abstract
A certification or signing method ensures the authenticity and integrity of a computer program, an executable file, or code received over a computer network. The method is used by a publisher or distributor to "sign" an executable file so it can be transmitted with confidence to a recipient over an open network like the Internet. The executable file may be of any executable form, including an executable or portable executable .exe file format, a .cab cabinet file format, an .ocx object control format, or a Java class file. The code signing method assures the recipient of the identity of the publisher as the source of file (i.e., its authenticity) and that the file has not been modified after being transmitted by the publisher (i.e., the integrity of the file). As a result, the code signing method allows an executable file to be transmitted over open computer networks like the Internet with increased certainty in the identity of the source of the file and minimized risk of contracting a computer virus or other malicious executable computer files.
592 Citations
31 Claims
-
1. A network code certification system for establishing at a receiving computer a source of an executable file accessed from a remote site on a computer network, comprising:
-
a keyed source signature having a secure representation of the executable file; a keyed source certification by a certification agency and having an identifier for the source and a key to the source signature; a key to the source certification stored at the receiving computer; and computer-executable instructions stored on a computer-readable medium for confirming the executable file against its secure representation and selectively providing a certification notification indicating that the executable file is provided by the source according to the certification agency. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method of identifying at a local computer a source of an executable file accessed from a remote site on a computer network, comprising:
-
delivering to the local computer a keyed source signature having a secure representation of the executable file and a keyed source certification by a certification agency and having an identifier for the source and a key to the source signature; obtaining the key to the source signature from the source certification with a key available on the local computer; and confirming the executable file against its secure representation. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A keyed source digital certificate for identifying at a local computer a source of an electronic document accessed from a remote site on a computer network, the source digital certificate comprising:
-
a keyed source signature having a secure representation of the executable file; and a keyed source certification by a certification agency and having an identifier for the source and a key to the source signature, such certification formed with a private key having a corresponding well-known public key; wherein the certification agency validates the source by issuing the keyed certification, and such certification is decoded with the well-known public key to allow validation of the certificate at the local computer. - View Dependent Claims (24, 25, 26)
-
-
27. A network code certification system for validating at a receiving computer a publisher of a plain-text source, such as an executable file, accessed from a remote site on a computer network, comprising:
-
a first encoding key for generating a signature for the plaint-text, such signature being a secure representation of the plain-text; a second encoding key by a certification agency for generating a certificate, such certificate having an identifier for the publisher and a first decoding key for the signature; a second decoding key stored at the receiving computer for decoding the certificate; and computer-executable instructions for validating the executable file against the secure representation of the plain-text and selectively providing a certification notification indicating that the executable file is provided by the source according to the certification agency. - View Dependent Claims (28, 29, 30, 31)
-
Specification