Method and apparatus for protecting application data in secure storage areas
First Claim
Patent Images
1. A method for loading a certified program CP from external storage into a secure area for execution in the secure area, the certified program CP having an object PN and an attached digital signature DPN, the method comprising the acts of:
- requesting an operating system resident in the secure area load the program CP;
retrieving CP from external storage into operating system protected mode memory;
separating in protected mode memory in the secure area, the digital signature DPN from the object PN of certified program CP;
validating that digital signature DPN, using a public key corresponding to the private key of a public-private key pair algorithm which was used to generate DPN, is a valid signature for the object PN;
separating a program P from a name N of the object PN;
loading program P into memory for execution;
storing name N in protected operating system memory for later use in allowing access by program P to a data file stored in a memory in the secure area.
1 Assignment
0 Petitions
Accused Products
Abstract
A method, apparatus and computer program product are disclosed for certifying the authenticity of an application program and for securely associating certified application programs whose certification has been verified, with persistent application data that they own. The invention prevents other application programs, including certified application programs whose certifications have been verified, from accessing data not of their own.
-
Citations
6 Claims
-
1. A method for loading a certified program CP from external storage into a secure area for execution in the secure area, the certified program CP having an object PN and an attached digital signature DPN, the method comprising the acts of:
-
requesting an operating system resident in the secure area load the program CP;
retrieving CP from external storage into operating system protected mode memory;
separating in protected mode memory in the secure area, the digital signature DPN from the object PN of certified program CP;
validating that digital signature DPN, using a public key corresponding to the private key of a public-private key pair algorithm which was used to generate DPN, is a valid signature for the object PN;
separating a program P from a name N of the object PN;
loading program P into memory for execution;
storing name N in protected operating system memory for later use in allowing access by program P to a data file stored in a memory in the secure area. - View Dependent Claims (2)
receiving at the operating system, a request by the program P for access to a data object;
retrieving from protected memory, the name N of program P;
retrieving from the data object D an owner name n;
comparing the name N with the owner name n;
granting access by program P to data object D when name N and owner name n match; and
denying access by program P to data object D when name N and owner name n do not match.
-
-
3. Apparatus for loading a certified program CP from external storage into a secure area for execution in the secure area, the certified program CP having an object PN and an attached digital signature DPN, comprising:
-
means for requesting an operating system resident in the secure area load the program CP;
means for retrieving CP from external storage into operating system protected mode memory;
means for separating in protected mode memory in the secure area, the digital signature DPN from the object PN of certified program CP;
means for validating that digital signature DPN, using a public key corresponding to the private key of a public-private key pair algorithm which was used to generate DPN, is a valid signature for the object PN;
means for separating a program P from a name N of the object PN;
means for loading program P into memory for execution;
means for storing name N in protected operating system memory for later use in allowing access by program P to a data file stored in a memory in the secure area. - View Dependent Claims (4)
means for receiving at the operating system, a request by the program P for access to a data object;
means for retrieving from protected memory, the name N of program P;
means for retrieving from the data object D an owner name n;
means for comparing the name N with the owner name n;
means for granting access by program P to data object D when name N and owner name n match, and denying access by program P to data object D when name N and owner name n do not match.
-
-
5. A computer program product having a computer readable medium having computer program logic recorded thereon for loading a certified program CP from external storage into a secure area for execution in the secure area, the certified program CP having an attached digital signature DPN, the program product comprising:
-
means for requesting an operating system resident in the secure area load a program CP;
means for retrieving CP from external storage into operating system protected mode memory;
means for separating in protected mode memory in the secure area, the digital signature DPN from the object PN of certified program CP;
means for validating that digital signature DPN, using a public key corresponding to the private key of a public-private key pair algorithm which was used to generate DPN, is a valid signature for the object PN;
means for separating a program P from a name N of the object PN;
means for loading program P into memory for execution;
means for storing name N in protected operating system memory for later use in allowing access by program P to a data file stored in a memory in the secure area. - View Dependent Claims (6)
means for receiving at the operating system, a request by the program P for access to a data object;
means for retrieving from protected memory, the name N of program P;
means for retrieving from the data object D an owner name n;
means for comparing the name N with the owner name n;
means for granting access by program P to data object D when name N and owner name n match, and denying access by program P to data object D when name N and owner name n do not match.
-
Specification