Server verification of requesting clients
First Claim
1. A method of providing services to client programs that execute on a computer, the computer having executable memory and secondary storage, the method comprising:
- accepting a request for services from a client program, wherein the client program executes from an executable image in executable memory, and wherein the executable image has previously been loaded into executable memory from one or more image files that reside on the secondary storage;
comparing the executable image with said one or more image files to determine whether the executable image has been altered in the executable memory;
providing the requested services to the client program only if the executable image of the client program has not been altered.
2 Assignments
0 Petitions
Accused Products
Abstract
Described herein is a method of verifying the integrity of client programs that request services from server programs. The invention includes a step of accepting a request for services from a client program, wherein the client program executes from an executable image in executable memory. In response to such a request, the server program identifies one or more image files on secondary storage corresponding to non-writeable sections of the executable image. The server program then compares the non-writeable sections of the executable image with the corresponding sections of the image files to determine whether the executable image has been altered in the executable memory. The server program provides the requested services only if the executable image of the client program has not been altered.
97 Citations
26 Claims
-
1. A method of providing services to client programs that execute on a computer, the computer having executable memory and secondary storage, the method comprising:
-
accepting a request for services from a client program, wherein the client program executes from an executable image in executable memory, and wherein the executable image has previously been loaded into executable memory from one or more image files that reside on the secondary storage;
comparing the executable image with said one or more image files to determine whether the executable image has been altered in the executable memory;
providing the requested services to the client program only if the executable image of the client program has not been altered. - View Dependent Claims (2, 3, 4, 5)
hashing at least portions of the executable image to create a first hash value;
hashing at least portions of the one or more image files to create a second hash value;
comparing the first and second hash values.
-
-
4. A method as recited in claim 1, wherein comparing the executable image with said one or more image files comprises accounting for relocation fixups in the executable image.
-
5. A method as recited in claim 1, wherein comparing the executable image with said one or more image files comprises undoing relocation fixups in the executable image.
-
6. A method of providing services to client programs that execute on a computer, the computer having executable memory and secondary storage, the method comprising:
-
accepting a request for services from a client program, wherein the client program executes from an executable image in executable memory;
identifying one or more image files on the secondary storage corresponding to non-writeable sections of the executable image;
comparing the non-writeable sections of the executable image with the corresponding one or more image files to determine whether the executable image has been altered in the executable memory;
providing the requested services to the client program only if the executable image of the client program has not been altered. - View Dependent Claims (7, 8, 9)
hashing the non-writeable sections of the executable image to create a first hash value;
hashing the program module files corresponding to the non-writeable sections of the executable image to create a second hash value;
comparing the first and second hash values.
-
-
8. A method as recited in claim 6, wherein comparing the non-writeable sections of the executable image comprises accounting for relocation fixups in the executable image.
-
9. A method as recited in claim 6, wherein comparing the non-writeable sections of the executable image comprises undoing relocation fixups in the executable image.
-
10. A method of providing services to client programs that execute on a computer, the computer having executable memory and secondary storage, the method comprising:
-
creating an executable image of a client program in executable memory from one or more image files on secondary storage corresponding to the client program;
requesting services of a server program from the client program;
identifying the one or more image files corresponding to the client program;
comparing the executable image of the client program with the image files corresponding to the client program to determine whether the executable image has been altered in the executable memory;
providing the requested services from the server program only if the executable image of the client program has not been altered. - View Dependent Claims (11, 12, 13, 14, 15)
hashing at least portions of the executable image to create a first hash value;
hashing at least portions of the one or more image files to create a second hash value;
comparing the first and second hash values.
-
-
13. A method as recited in claim 10, wherein comparing the executable image of the client program comprises a step of accounting for relocation fixups in the executable image.
-
14. A method as recited in claim 10, wherein comparing the executable image of the client program comprises undoing relocation fixups in the executable image.
-
15. A method as recited in claim 10, further comprising verifying the integrity of the one or more image files.
-
16. A computer comprising:
-
executable memory;
non-volatile secondary storage;
the computer being configured to execute a server program that provides services to requesting client programs;
the computer being further configured to load an executable image of a client program into executable memory from one or more corresponding image files on secondary storage, the client program being configured to request services from the server program;
the server program being configured to identify the one or more image files corresponding to the executable image of the requesting client program and to compare the executable image with the identified image files to determine whether the executable image has been altered in the executable memory;
wherein the server program is further configured to provide the requested services to the requesting client program only if the executable image of the requesting client program has not been altered. - View Dependent Claims (17, 18, 19, 20, 21)
hashing at least portions of the executable image to create a first hash value;
hashing at least portions of the one or more image files to create a second hash value;
comparing the first and second hash values.
-
-
19. A computer as recited in claim 16, wherein the server program accounts for image relocation fixups when comparing the executable image with the identified image files.
-
20. A computer as recited in claim 16, wherein the server program undoes relocation fixups in the executable image when comparing the executable image with the identified image files.
-
21. A computer as recited in claim 16, further comprising an anti-virus program running on the computer to ensure the integrity of the one or more image files.
-
22. A computer-readable storage medium containing a server program that provides services to requesting client programs, the server program being executable by a computer to perform acts comprising:
-
accepting a request for services from a client program, wherein the client program executes from an executable image in executable memory, and wherein the executable image has previously been loaded into executable memory from one or more image files that reside on the secondary storage;
comparing the executable image with said one or more image files to determine whether the executable image has been altered in the executable memory;
providing the requested services to the client program only if the executable image of the client program has not been altered. - View Dependent Claims (23, 24, 25, 26)
hashing at least portions of the executable image to create a first hash value;
hashing at least portions of the one or more image files to create a second hash value;
comparing the first and second hash values.
-
-
25. A computer-readable storage medium as recited in claim 22, wherein the comparing act includes a step of accounting for relocation fixups in the executable image.
-
26. A computer-readable storage medium as recited in claim 22, wherein the comparing act includes a step of undoing relocation fixups in the executable image.
Specification