Validating and certifying execution of a software program with a smart card

US 6,308,270 B1
Filed: 02/13/1998
Issued: 10/23/2001
Est. Priority Date: 02/13/1998
Status: Expired due to Term

First Claim

Patent Images

1. A method of validating execution of a software program comprising:

executing the software program on a computer;

sending information from the computer to a smart card during execution of the software program including sending an identifier indicative of a point in the software program at which the information was sent to the smart card;

verifying in the smart card that the information received from the computer satisfies a criteria indicative of the validity of the software program; and

storing a signal in the smart card indicative of whether execution of the software program is certified as valid.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A smart card for use in connection with execution of a software program by a computer includes a microcontroller configured by a program stored in a smart card memory to verify information received from the computer during execution of the software program. The microcontroller is further configured to cause a signal to be stored in the smart card memory which is indicative of whether execution of the software program is certified as valid based on results of verifying the received information. Methods of using the smart card are also disclosed.

Citations

49 Claims

1. A method of validating execution of a software program comprising:
- executing the software program on a computer;
  
  sending information from the computer to a smart card during execution of the software program including sending an identifier indicative of a point in the software program at which the information was sent to the smart card;
  
  verifying in the smart card that the information received from the computer satisfies a criteria indicative of the validity of the software program; and
  
  storing a signal in the smart card indicative of whether execution of the software program is certified as valid.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 12, 13, 14, 15, 16, 18, 19, 20)
- - 2. The method of claim 1 of validating execution of a software program further comprising:
3. The method of claim 1 wherein verifying comprises checking whether the identifier is correct.
4. The method of claim 1 wherein the software program is in a current state, and wherein sending information comprises sending information indicative of the current state of the software program.
5. The method of claim 4 wherein the software program comprises a variable having a current value, and wherein sending information comprises sending the current value of the variable to the smart card.
6. The method of claim 5 wherein verifying comprises checking whether the current value of the variable is accurate.
7. The method of claim 5 wherein verifying comprises checking whether the current value of the variable falls within a prescribed range.
8. The method of claim 1 wherein storing a signal comprises storing a signal indicating that the software program was not altered in an unauthorized manner prior to or during its execution.
12. The method of claim 1 further comprising sending control values from the smart card to the computer in response to verifying the information received from the computer, wherein the frequency with which the computer sends information to the smart card depends upon the control values.
13. The method of claim 1 wherein sending information comprises sending information identifying memory addresses in the computer in which specified data is stored.
14. The method of claim 13 wherein verifying comprises verifying whether the memory addresses are permissible memory locations for the specified data.
15. The method of claim 1 wherein sending information to the smart card occurs multiple times during execution of the software program in a particular order, and wherein verifying comprises verifying that the order in which the multiple occurrences takes place is correct.
16. The method of claim 1 wherein the software program comprises a plurality of routines each of which routines is called for during execution of the software program, and wherein verifying comprises determining whether a frequency with which each of the routines is called is within acceptable ranges.
18. The method of claim 1 of validating execution of a software program further comprising:
- terminating execution of the software program if the control value indicates the software program further.
19. The method of claim 1 wherein verifying comprises performing a plurality of verification tests in response to the information received from the computer, and wherein storing a signal comprises storing a signal indicating that the software program was not improperly altered during its execution only if all of the verification tests are satisfied.
20. The method of claim 1 further comprising retrieving from the smart card the signal indicative of whether execution of the software program is certified as valid.

9. A method of validating execution of a software program comprising:
- executing the software program on a computer;
  
  sending a value for a specified variable from the computer to a smart card during execution of the software program;
  
  verifying in the smart card that the value received from the computer is accurate or within an expected range;
  
  sending a control value from the smart card to the computer in response to verifying the information received from the computer and indicative of whether the software program is valid or invalid;
  
  continuing execution of the software program if the control value indicates that the software program is valid.
- View Dependent Claims (10, 11)
- - 10. The method of claim 9 wherein the control value determines when subsequent information will be sent from the computer to the smart card during execution of the software program.
  - 11. The method of claim 9 of validating execution of a software program further comprising:

17. A method of validating execution of a software program comprising:
- executing the software program on a computer;
  
  sending information from the computer to a smart card during execution of the software program; and
  
  verifying in the smart card that a duration of time between successive calls to the smart card by the computer during execution of the software program is within acceptable ranges; and
  
  sending a control value from the smart card to the computer in response to verifying the information received from the computer and indicative of whether the software program is valid or invalid; and
  
  continuing execution of the software program if the control value indicates that the software program is valid.

21. A method of validating execution of a software program comprising:
- executing the software program on a computer;
  
  verifying in a smart card information received from the computer during execution of the software program is within an expected frequency;
  
  generating a signal by the smart card indicative of whether execution of the software program is certified as valid based on the verifying step; and
  
  sending control values indicating the validity or invalidity of the software program from the smart card to the computer in response to verifying the information received from the computer.
- View Dependent Claims (22, 23)
- - 22. The method of claim 21 wherein the signal indicative of whether execution of the software program is certified as valid is generated after completion of the software program.
  - 23. The method of claim 21 of validating exacution of a software program further comprising:

24. A method of validating execution of a software program comprising:
- executing the software program on a computer;
  
  sending a control value from a smart card to the computer;
  
  sending information from the software program to the computer in response to the control value;
  
  verifying in the smart card that the information received from the computer during execution of the software program is a correct response to the control value.
- View Dependent Claims (25)
- - 25. The method of claim 24 wherein the control value determines when subsequent information will be sent from the computer to the smart card during execution of the software program.

26. A smart card for use in connection with execution of a software program by a computer, the smart card comprising:
- communication circuitry for receiving information from a location external to the smart card and for transmitting information from the smart card to the external location;
  
  memory which stores data and a smart card program; and
  
  a microcontroller configured by the smart card program to verify information received from the computer during execution of the software program and to cause a signal to be stored in the memory, wherein the signal is indicative of whether execution of the software program is certified as valid based on results of verifying the received information;
  
  wherein the information received from the computer comprises information identifying memory addresses in the computer in which specified data is stored, and wherein the microcontroller is further configured to verify whether the memory addresses are permissible memory locations for the specified data.
- View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34, 35)
- - 27. The smart card of claim 26 wherein the microcontroller is configured to check whether a value of a variable received from the computer during execution of the software program is accurate.
  - 28. The smart card of claim 26 wherein the microcontroller is configured to check whether a value of a variable received from the computer during execution of the software program falls within a prescribed range.
  - 29. The smart card of claim 26 wherein the signal stored in the memory indicates that the software program was not altered in an unauthorized manner prior to or during execution of the software program.
  - 30. The smart card of claim 26 wherein the microcontroller is further configured to send a control value to the computer.
  - 31. The smart card of claim 30 wherein the microcontroller is configured to determine whether the software program responds correctly to the control value.
  - 32. The smart card of claim 26 wherein the microcontroller is configured to perform a plurality of verification tests in response to the information received from the computer, and wherein the microcontroller is further configured to cause a signal indicating that the software program was not improperly altered during its execution to be stored in the memory only if all of the verification tests are satisfied.
  - 33. The smart card of claim 26 wherein the microcontroller is further configured to cause a signal indicative of whether execution of the software program is certified as valid to be generated in response to a query generated externally to the smart card.
  - 34. The smart card of claim 26 wherein the microcontroller is further configured to cause information indicative of the number of times the software program has been executed to be stored in the memory.
  - 35. The smart card of claim 26 wherein the software program comprises a plurality of routines, and wherein the microcontroller is further configured to cause information indicative of the frequency with which each of the routines was called during execution of the software program to be stored in the memory.

36. A smart card for use in connection with execution of a software program by a computer, the smart card comprising:
- communication circuitry for receiving information from a location external to the smart card and for transmitting information from the smart card to the external location;
  
  memory which stores data and a smart card program; and
  
  a microcontroller configured by the smart card program to verify information received from the computer during execution of the software program and to cause a signal to be stored in the memory, wherein the signal is indicative of whether execution of the software program is certified as valid based on results of verifying the received information;
  
  wherein the information received from the computer comprises a plurality of routines each of which routines is called by the software program during execution of the software program, and wherein the microcontroller is further configured to determine whether a frequency with which each of the routines was called is within acceptable ranges.

37. A smart card for use in connection with execution of a software program by a computer, the smart card comprising:
- communication circuitry for receiving information from a location external to the smart card and for transmitting information from the smart card to the external location;
  
  memory which stores data and a smart card program; and
  
  a microcontroller configured by the smart card program to verify information received from the computer during execution of the software program and to cause a signal to be stored in the memory wherein the signal is indicative of whether execution of the software program is certified as valid based on results of verifying the received information;
  
  wherein the microcontroller is further configured to determine whether a duration of time between successive calls to the smart card by the computer during execution of the software program is within acceptable ranges.

38. A software package for use on a computer system havinga computer readable medium which stores a software program for execution by a computer and a smart card having communication circuitry for receiving information from a location external to the smart card and for transmitting information from the smart card to the external location, memory which stores data and a smart card program, and a microcontroller, the software package comprising logic to cause the smart card program to verify information received from the computer during execution of the software program and to cause a signal to be stored in the memory, wherein the signal is indicative of whether execution of the software program is certified as valid based on results of verifying the received information;
- wherein the information received from the computer comprises information identifying memory addresses in the computer in which specified data is stored, and wherein the microcontroller is further configured to verify whether the memory addresses are permissible memory locations for the specified data.
- View Dependent Claims (39, 40, 41, 42, 43, 44, 46, 47, 48, 49)
- - 39. The software package of claim 38 further comprising logic to cause the microcontroller to check whether a value of a variable received from the computer during execution of the software program is accurate.
  - 40. The software package of claim 39 wherein the signal stored in the memory indicates that the software program was not altered in an unauthorized manner prior to or during execution of the software program.
  - 41. The software package of claim 38 further comprising logic to cause the microcontroller to check whether a value of a variable received from the computer during execution of the software program falls within a prescribed range.
  - 42. The software package of claim 38 further comprising logic to cause the microcontroller to send a control value to the computer.
  - 43. The software package of claim 42 further comprising logic to cause the microcontroller to determine whether the software program responds correctly to the control value.
  - 44. The software package of claim 38 wherein the information received from the computer comprises a plurality of routines each of which routines is called by the software program during execution of the software program, and further comprising logic to cause the microcontroller to determine whether a frequency with which each of the routines was called is within acceptable ranges.
  - 46. The software package of claim 38 further comprising logic to cause the microcontroller to perform a plurality of verification tests in response to the information received from the computer, and logic to cause the microcontroller to cause a signal indicating that the software program was not improperly altered during its execution to be stored in the memory only if all of the verification tests are satisfied.
  - 47. The software package of claim 38 further comprising logic to cause the microcontroller to cause a signal indicative of whether execution of the software program is certified as valid to be generated in response to a query generated externally to the smart card.
  - 48. The software package of claim 38 further comprising logic to cause the microcontroller to cause information indicative of the number of times the software program has been executed to be stored in the memory.
  - 49. The software package of claim 38 wherein the software program comprises a plurality of routines, and wherein the software package further comprises logic to cause the microcontroller to cause information indicative of the frequency with which each of the routines was called during execution of the software program to be stored in the memory.

45. A software package for use on a computer system havinga computer readable medium which stores a software program for execution by a computer, and a smart card having communication circuitry for receiving information from a location external to the smart card and for transmitting information from the smart card to the external location, memory which stores data and a smart card program, and a microcontroller, the software package comprising:
- logic to cause the microcontroller to verify information received from the computer during execution of the software program and to cause a signal to be stored in the memory, wherein the signal is indicative of whether execution of the software program is certified as valid based on results of verifying the received information; and
  
  logic to cause the microcontroller to determine whether a duration of time between successive calls to the smart card by the computer during execution of the software program is within acceptable ranges.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Schlumberger Technologies Incorporated (SLB)
Original Assignee
Schlumberger Technologies Incorporated (SLB)
Inventors
Guthery, Scott B.
Primary Examiner(s)
Grant, William
Assistant Examiner(s)
Hartman, Jr., Ronald D

Application Number

US09/023,559
Time in Patent Office

1,348 Days
Field of Search

713/200, 713/201, 713/202, 380/3, 380/4, 380/23, 380/25, 705/43, 705/44, 705/18, 705/17, 705/16, 714/50, 714/51, 714/16, 714/38, 340/5.74, 717/4
US Class Current

726/9
CPC Class Codes

G06F 21/123 by using dedicated hardware...

Validating and certifying execution of a software program with a smart card

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

49 Claims

Specification

Solutions

Use Cases

Quick Links

Validating and certifying execution of a software program with a smart card

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

49 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links