Method and system for reducing time and power requirements for executing computer-readable instruction streams in an execution environment having run-time security constraints

US 6,154,842 A
Filed: 10/13/1998
Issued: 11/28/2000
Est. Priority Date: 10/13/1998
Status: Expired due to Term

First Claim

Patent Images

1. A method for reducing time and power requirements for executing computer-readable instruction streams in an execution environment having run-time security constraints comprising:

verifying that the computer-readable instruction stream does not violate the run-time security constraints of the execution environment;

storing the computer-readable instruction stream in a storage device;

retrieving the computer-readable instruction stream from the storage device;

verifying that the computer-readable instruction stream has not been modified; and

executing one or more times the computer-readable instruction stream while bypassing verification of the run-time security constraints of the execution environment, the computer-readable instruction stream capable of being executed multiple times in the execution environment while bypassing verification of the run-time security constraints of the execution environment each time the instruction stream is executed, the verification bypass resulting from the verifying step determining that the computer readable instruction stream has not been modified.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer-readable instruction stream is verified to determine that it does not violate the run-time security constraints of the execution environment (150). The computer-readable instruction stream after verification is stored in a storage device (140). The execution environment (150) retrieves the computer-readable instruction stream from the storage device (14) and verifies that the computer-readable instruction stream has not been modified. Upon verification, the computer-readable instruction stream is executed, while bypassing verification of the run-time security constraints of the execution environment (150).

10 Citations

View as Search Results

20 Claims

1. A method for reducing time and power requirements for executing computer-readable instruction streams in an execution environment having run-time security constraints comprising:
- verifying that the computer-readable instruction stream does not violate the run-time security constraints of the execution environment;
  
  storing the computer-readable instruction stream in a storage device;
  
  retrieving the computer-readable instruction stream from the storage device;
  
  verifying that the computer-readable instruction stream has not been modified; and
  
  executing one or more times the computer-readable instruction stream while bypassing verification of the run-time security constraints of the execution environment, the computer-readable instruction stream capable of being executed multiple times in the execution environment while bypassing verification of the run-time security constraints of the execution environment each time the instruction stream is executed, the verification bypass resulting from the verifying step determining that the computer readable instruction stream has not been modified.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method according to claim 1 wherein the step of verifying that the computer-readable instruction stream does not violate the run-time security constraints of the execution environment and the step of storing the computer-readable instruction stream in a storage device are performed at a server remotely located from the execution environment.
  - 3. The method according to claim 1 wherein the step of verifying that the computer-readable instruction stream does not violate the run-time security constraints of the execution environment and the step of storing the computer-readable instruction stream in a storage device are performed in a build environment remotely located from the execution environment.
  - 4. The method according to claim 1 wherein the execution environment is a byte-code interpreted environment.
  - 5. The method according to claim 1 wherein the storage device is a read-only memory.
  - 6. The method according to claim 1 wherein the storage device is an archive containing the computer-readable instruction stream with a digital signature attached.
  - 7. The method according to claim 1 wherein the step of verifying that the computer-readable instruction stream does not violate the run-time security constraints of the execution environment comprises checking access to regions of memory in the execution environment.
  - 8. The method according to claim 1 wherein the step of verifying that the computer-readable instruction stream does not violate the run-time security constraints of the execution environment comprises checking access to files in the execution environment.
  - 9. The method according to claim 1 wherein the step of verifying that the computer-readable instruction stream does not violate the run-time security constraints of the execution environment comprises checking that a resource requirement does not exceed a limitation of the execution environment.

10. A method for reducing time and power requirements for executing computer-readable instruction streams in an execution environment having run-time security constraints comprising:
- verifying that the computer-readable instruction stream does not violate the run-time security constraints of the execution environment;
  
  sending the computer-readable instruction stream to the execution environment via a secure communication channel; and
  
  executing the computer-readable instruction stream while bypassing verification of the run-time security constraints of the execution environment, the computer-readable instruction stream capable of being executed multiple times in the execution environment while bypassing verification of the run-time security constraints of the execution environment each time the instruction stream is executed, the bypass verification resulting from the verifying step determining that the computer readable instruction stream is unmodified.

11. An apparatus for reducing time and power requirements for executing computer-readable instruction streams in an execution environment having run-time security constraints comprising:
- a security constraints verifier for verifying the run-time security constraints of the execution environment;
  
  a storage device, coupled to the security constraints verifier, for storing the computer-readable instruction stream;
  
  a storage device integrity verifier, coupled to the storage device, for verifying an integrity of the storage device to insure that the computer-readable instruction stream has not been modified; and
  
  a central processing unit, coupled to the storage device integrity verifier, for executing the computer-readable instruction stream while bypassing verification of the run-time security constraints of the execution environment, the central processing unit executing the computer-readable instruction stream multiple times while bypassing verification of the run-time security constraints of the execution environment, the verification bypass occurring upon the storage device integrity verifier determining that the instruction stream has not been modified.
- View Dependent Claims (12, 13, 14, 15, 16)
- - 12. The apparatus according to claim 11 wherein the security constraints verifier and the storage device are located in an build environment remotely located from the execution environment.
  - 13. The apparatus according to claim 11 wherein the security constraints verifier and the storage device are located on a server remotely located from the execution environment.
  - 14. The apparatus according to claim 11 wherein the storage device is an archive containing the computer-readable instruction stream with a digital signature attached.
  - 15. The apparatus according to claim 14 wherein the storage device integrity verifier validates the digital signature'"'"'s authenticity.
  - 16. The apparatus according to claim 11 wherein the execution environment is a byte-code interpreted environment.

17. An apparatus for reducing time and power requirements for executing computer-readable instruction streams in an execution environment having run-time security constraints comprising, at the execution environment:
- a receiver for retrieving a storage device having a computer-readable instruction stream that has passed verification of the run-time security constraints;
  
  a storage device integrity verifier, coupled to the receiver, for verifying an integrity of the storage device; and
  
  a central processing unit, coupled to the storage device integrity verifier, for executing the computer-readable instruction stream while bypassing verification of the run-time security constraints of the execution environment, the central processing unit executing the computer-readable instruction stream capable of being executed multiple times while bypassing verification of the run-time security constraints of the execution environment each time the instruction stream is executed, the verification bypass occurring upon the storage device integrity verifier determining that the instruction stream has not been modified.

18. An apparatus for reducing time and power requirements for executing computer-readable instruction streams in an execution environment having run-time security constraints comprising, at the execution environment:
- a read-only memory having a computer-readable instruction stream that has passed verification of the run-time security constraints; and
  
  a central processing unit, coupled to the read-only memory, for executing the computer-readable instruction stream multiple times while bypassing verification of the run-time security constraints of the execution environment during each subsequent execution of the instruction team after the instruction stream has passed verification.

19. A storage medium having a set of instruction stored thereon, the instructions when loaded into a microprocessor causing the microprocessor to perform the following functions:
- receiving a computer-readable instruction stream that has passed a verification of the run-time security constraints;
  
  verifying that the computer-readable instruction stream has not been modified after passing the verification of the run-time security constraints; and
  
  executing the computer-readable instruction stream multiple times while bypassing verification of the run-time security constraints of the execution environment every time the instruction stream is executed.
- View Dependent Claims (20)
- - 20. The storage medium according to claim 19 wherein the microprocessor further performs the following function:
    - storing the computer-readable instruction stream in a storage device after the step of verifying; and
      
      verifying that the computer-readable instruction stream has not been modified after the step of storing prior to re-executing the computer-readable instruction stream in the execution environment.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Google Technology Holdings LLC (Alphabet Inc.)
Original Assignee
Motorola, Inc. (Motorola Solutions, Inc.)
Inventors
Van Peursem, James E.
Primary Examiner(s)
LE, DIEU MINH T

Application Number

US09/170,554
Time in Patent Office

777 Days
Field of Search

713/200, 713/201, 709/305, 709/331, 709/332, 364/222.5, 364/286.4
US Class Current

726/22
CPC Class Codes

G06F 9/44589 Program code verification, ...

Method and system for reducing time and power requirements for executing computer-readable instruction streams in an execution environment having run-time security constraints

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

10 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for reducing time and power requirements for executing computer-readable instruction streams in an execution environment having run-time security constraints

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

10 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links