Implementing digital signatures for data streams and data archives
First Claim
1. A computer-implemented method for verifying the authenticity of data, the method comprising:
- a) receiving at least one data file and a signature file, wherein the data file and the signature file are separate, the data file including a first identifier, the signature file including a representation of the first identifier for the data file and a digital signature, the signature file being arranged to include representations of identifiers for additional data files; and
b) processing the signature file using a computer system to determine the authenticity of the signature file;
c) comparing the first identifier in the data file with the representation of the first identifier in the signature file using the computer system to determine the authenticity of the data file, wherein processing the signature file further includes processing the digital signature using the computer system to determine the authenticity of the signature file; and
d) marking the data file as signed when the first identifier in the data file and the representation of the first identifier in the signature file match.
0 Assignments
0 Petitions
Accused Products
Abstract
Methods, apparatuses and products are provided for establishing and verifying the authenticity of data within one or more data files. In accordance with one aspect of the present invention, a method for verifying the authenticity of data involves providing at least one data file which includes an identifier and a signature file which includes the identifier for the data file as well as a digital signature. The digital signature is then verified using a computer system, and the identifier in the data file is compared with the identifier in the signature file using the computer system. In one embodiment, the identifier for the data file includes at least one certificate authority, site certificate, software publisher identifier, or a site name, and verifying the authenticity of data involves setting a security level for at least one of the certificate authority, the site certificate, the software publisher identifier, and the site name.
-
Citations
32 Claims
-
1. A computer-implemented method for verifying the authenticity of data, the method comprising:
-
a) receiving at least one data file and a signature file, wherein the data file and the signature file are separate, the data file including a first identifier, the signature file including a representation of the first identifier for the data file and a digital signature, the signature file being arranged to include representations of identifiers for additional data files; and b) processing the signature file using a computer system to determine the authenticity of the signature file; c) comparing the first identifier in the data file with the representation of the first identifier in the signature file using the computer system to determine the authenticity of the data file, wherein processing the signature file further includes processing the digital signature using the computer system to determine the authenticity of the signature file; and d) marking the data file as signed when the first identifier in the data file and the representation of the first identifier in the signature file match. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. An apparatus for verifying the authenticity of at least one data file and a signature file, the data file including an identifier, the signature file including a representation of the identifier for the data file and a digital signature, the apparatus comprising:
-
a processor for processing the digital signature to determine the authenticity of the signature file; and a comparator for comparing the identifier in the data file with the representation of the identifier in the signature file using the computer system to determine the authenticity of the data file, wherein the processor is further arranged to process the digital signature using the computer system to determine the authenticity of the signature file, the comparator further including a marker for marking the data file as signed when the identifier in the data file and the representation of the identifier in the signature file match. - View Dependent Claims (20, 21, 22, 23, 24, 25, 26)
-
-
27. A computer program product for verifying the authenticity of data, the computer program product comprising:
-
computer code that receives at least one data file and a signature file, the data file including an identifier, the signature file including a representation of the identifier for the data file and a digital signature; computer code that process the signature file using a computer system to determine the authenticity of the signature file, wherein the computer code that processes the signature file further includes computer code that processes the digital signature using the computer system to determine the authenticity of the signature file; computer code that compares the identifier in the data file with the representation of the identifier in the signature file using the computer system to determine the authenticity of the data file, wherein the computer code that compares the identifier in the data file with the representation of the identifier in the signature file using the computer system further includes computer code that marks the data file as signed when the identifier in the data file and the representation of the identifier in the signature file match; and a computer-readable medium that stores the computer codes. - View Dependent Claims (28, 29, 30, 31, 32)
-
Specification