System and method for protecting use of dynamically linked executable modules
First Claim
1. A method of operating a computer system, comprising the steps of:
- (A) executing a procedure in a first program module, and while executing the procedure in the first program module making a call from the first program module to a second program module;
(B) in response to the call from the first program module, executing a procedure in the second program module to generate a result, and prior to generating the result verifying the first program module'"'"'s authenticity;
(C) upon verifying the first program module'"'"'s authenticity, completing execution of the procedure in the second program module to generate the result and returning control to the first program module procedure; and
(D) upon failing to verify the first program module'"'"'s authenticity, preventing generation of the result by the procedure in the second program module;
said first program module includes a first digital signature, and step (B) includes verifying the first program module'"'"'s authenticity by verifying the first digital signature.
0 Assignments
0 Petitions
Accused Products
Abstract
A computer system has a program module verifier and at least first and second program modules. Each program module includes a digital signature and an executable procedure. The first program module furthermore includes a procedure call to the second procedure module, a procedure call to the program module verifier that is logically positioned in the first program module so as to be executed prior to execution of the procedure call to the second program module, and instructions preventing execution of the procedure call to the second program module when the procedure call to the program module verifier results in a verification denial being returned by the program module verifier. The second program module includes an executable procedure to be performed in response to the procedure call by the first program module to the second program module, a procedure call to the program module verifier that is logically positioned in the second program module so as to be executed prior to completion of execution of the second program module'"'"'s executable procedure, and instructions preventing completion of execution of that executable procedure when the program module verifier returns a verification denial with respect to the first program module. The program module verifier responds to procedure calls by verifying the authenticity of any specified program module and by returning a verification confirmation or denial. When the program module verifier fails to verify the authenticity of a program module, the calling program module throws an exception and aborts its execution.
-
Citations
10 Claims
-
1. A method of operating a computer system, comprising the steps of:
-
(A) executing a procedure in a first program module, and while executing the procedure in the first program module making a call from the first program module to a second program module; (B) in response to the call from the first program module, executing a procedure in the second program module to generate a result, and prior to generating the result verifying the first program module'"'"'s authenticity; (C) upon verifying the first program module'"'"'s authenticity, completing execution of the procedure in the second program module to generate the result and returning control to the first program module procedure; and (D) upon failing to verify the first program module'"'"'s authenticity, preventing generation of the result by the procedure in the second program module; said first program module includes a first digital signature, and step (B) includes verifying the first program module'"'"'s authenticity by verifying the first digital signature.
-
-
2. A method of operating a computer system, comprising the steps of:
-
(A) executing a procedure in a first program module, and while executing the procedure in the first program module making a call from the first program module to a second program module; (B) in response to the call from the first program module, executing a procedure in the second program module to generate a result, and prior to generating the result verifying the first program module'"'"'s authenticity; (C) upon verifying the first program module'"'"'s authenticity, completing execution of the procedure in the second program module to generate the result and returning control to the first program module procedure; and (D) upon failing to verify the first program module'"'"'s authenticity, preventing generation of the result by the procedure in the second program module; said first program module includes a first digital signature; step (B) including decoding the first digital signature in the first program module with a corresponding decoding key, generating a message digest of at least a portion the first program module in accordance with the predefined message digest function, verifying the authenticity of the first program module when the decoded digital signature matches the message digest, and denying verification of the authenticity of the first program module when the decoded digital signature does not match the message digest.
-
-
3. A method of operating a computer system, comprising the steps of:
-
(A) executing a procedure in a first program module, and while executing the procedure in the first program module making a call from the first program module to a second program module; (B) in response to the call from the first program module, executing a procedure in the second program module to generate a result, and prior to generating the result verifying the first program module'"'"'s authenticity; (C) upon verifying the first program module'"'"'s authenticity, completing execution of the procedure in the second program module to generate the result and returning control to the first program module procedure; and (D) upon failing to verify the first program module'"'"'s authenticity, preventing generation of the result by the procedure in the second program module; step (A) including, prior to making the call from the first program module to a second program module; (A1) verifying the second program module'"'"'s authenticity by making a call to a trusted program module verifier, the program module verifier responding by verifying authenticity of the second program module and by returning a verification confirmation or denial in response to the call; (A2) upon verifying the second program module'"'"'s authenticity, making the call from the first program module to the second program module; and (A3) upon failing to verify the second program module'"'"'s authenticity, preventing the call from the first program module to the second program module. - View Dependent Claims (4)
-
-
5. A method of operating a computer system, comprising the steps of:
-
(A) receiving at a second program module a call from a first program module; (B) in response to the call from the first program module, verifying the first program module'"'"'s authenticity; (C) upon verifying the first program module'"'"'s authenticity, enabling execution of a procedure in the second program module to generate a result and returning control to the first program module; and (D) upon failing to verify the first program module'"'"'s authenticity, preventing generation of the result by the procedure in the second program module; said first program module includes an executable procedure and a first digital signature, and step (B) includes verifying the first program module'"'"'s authenticity by verifying the first digital signature.
-
-
6. A method of operating a computer system, comprising the steps of:
-
(A) receiving at a second program module a call from a first program module; (B) in response to the call from the first program module, verifying the first program module'"'"'s authenticity; (C) upon verifying the first program module'"'"'s authenticity, enabling execution of a procedure in the second program module to generate a result and returning control to the first program module; and (D) upon failing to verify the first program module'"'"'s authenticity, preventing generation of the result by the procedure in the second program module; said first program module includes an executable procedure and a first digital signature; step (B) including decoding the first digital signature in the first program module with a corresponding decoding key, generating a message digest of at least a portion the first program module in accordance with the predefined message digest function, verifying the authenticity of the first program module when the decoded digital signature matches the message digest, and denying verification of the authenticity of the first program module when the decoded digital signature does not match the message digest.
-
-
7. A computer program product comprising a computer readable storage medium and a computer program mechanism embedded therein, wherein the computer program product is for use in conjunction with a computer system having
a program module verifier configured to respond to procedure calls to the program module verifier by verifying authenticity of any specified program module and by returning a verification confirmation or denial in response to each such procedure call; -
the computer program mechanism comprising; a program module, including; an executable procedure to be performed in response to a call from another program module; a call to the program module verifier for verifying the other module'"'"'s authenticity, wherein the call to the program module verifier is logically positioned in the program module so as to be executed prior to completion of execution of the executable procedure; and instructions preventing completion of execution of the executable procedure when the call to the program module verifier results in a verification denial being returned by the program module verifier; said other program module includes an executable procedure and a digital signature, and the program module verifier verifies authenticity of the other program module by verifying the other program module'"'"'s digital signature.
-
-
8. A computer program product comprising a computer readable storage medium and a computer program mechanism embedded therein, wherein the computer program product is for use in conjunction with a computer system having
a program module verifier configured to respond to procedure calls to the program module verifier by verifying authenticity of any specified program module and by returning a verification confirmation or denial in response to each such procedure call; -
the computer program mechanism comprising; a program module, including; an executable procedure to be performed in response to a call from another program module; a call to the program module verifier for verifying the other module'"'"'s authenticity, wherein the call to the program module verifier is logically positioned in the program module so as to be executed prior to completion of execution of the executable procedure; and instructions preventing completion of execution of the executable procedure when the call to the program module verifier results in a verification denial being returned by the program module verifier; said other program module includes an executable procedure and a digital signature; and the program verifier module includes instructions for responding to a procedure call requesting verification of the other program module by decoding the digital signature in the other program module with a corresponding decoding key, generating a message digest of at least a portion the other program module in accordance with a predefined message digest function, returning a verification confirmation when the decoded digital signature matches the message digest, and returning a verification denial when the decoded digital signature does not match the message digest.
-
-
9. A computer program product comprising a computer readable storage medium and a computer program mechanism embedded therein, the computer program mechanism comprising:
-
a program module verifier configured to respond to procedure calls to the program module verifier by verifying authenticity of any specified program module and by returning a verification confirmation or denial in response to each such procedure call; and a program module, including; an executable procedure to be performed in response to a call from another program module; a call to the program module verifier for verifying the other module'"'"'s authenticity, wherein the call to the program module verifier is logically positioned in the program module so as to be executed prior to completion of execution of the executable procedure; and instructions preventing completion of execution of the executable procedure when the call to the program module verifier results in a verification denial being returned by the program module verifier; said other program module includes an executable procedure and a digital signature, and the program module verifier verifies authenticity of the other program module by verifying the other program module'"'"'s digital signature.
-
-
10. A computer program product comprising a computer readable storage medium and a computer program mechanism embedded therein, the computer program mechanism comprising:
-
a program module verifier configured to respond to procedure calls to the program module verifier by verifying authenticity of any specified program module and by returning a verification confirmation or denial in response to each such procedure call; and a program module, including; an executable procedure to be performed in response to a call from another program module; a call to the program module verifier for verifying the other module'"'"'s authenticity, wherein the call to the program module verifier is logically positioned in the program module so as to be executed prior to completion of execution of the executable procedure; and instructions preventing completion of execution of the executable procedure when the call to the program module verifier results in a verification denial being returned by the program module verifier; said other program module includes an executable procedure and a digital signature; and the program verifier module includes instructions for responding to a procedure call requesting verification of the other program module by decoding the digital signature in the other program module with a corresponding decoding key, generating a message digest of at least a portion the other program module in accordance with a predefined message digest function, returning a verification confirmation when the decoded digital signature matches the message digest, and returning a verification denial when the decoded digital signature does not match the message digest.
-
Specification