Securing Web server source documents and executables
First Claim
1. A system in a computing environment for preventing information from being published over a network in said computing environment after an unauthorized alteration of said information, comprising:
- one or more files stored on a storage medium accessible to a first computer in said computing environment;
a digital signature for each of said one or more files, each of said digital signatures being stored in a location accessible to said first computer;
means for receiving a request for a selected one of said files from a user of a second computer in said computing environment;
means for authenticating, responsive to said means for receiving, that said requested file was created by an authorized author; and
means for publishing said requested file to said user only when said means for authenticating has a successful result.
3 Assignments
0 Petitions
Accused Products
Abstract
A method, system, and computer readable code for validating that a document or executable to be served from a server is the same original document or executable placed on the server by the legitimate author or owner. Digital signatures are stored with each file available for serving from, or executing from, a server. When a file is requested by a user, the contents of the requested file are validated (i.e. authenticated) using this digital signature. If the validation does not succeed, the file is not served to the user—instead, the user is told that the requested file was not found. A number of optimizations are defined, including caching validated files and/or caching computed digests.
-
Citations
31 Claims
-
1. A system in a computing environment for preventing information from being published over a network in said computing environment after an unauthorized alteration of said information, comprising:
-
one or more files stored on a storage medium accessible to a first computer in said computing environment;
a digital signature for each of said one or more files, each of said digital signatures being stored in a location accessible to said first computer;
means for receiving a request for a selected one of said files from a user of a second computer in said computing environment;
means for authenticating, responsive to said means for receiving, that said requested file was created by an authorized author; and
means for publishing said requested file to said user only when said means for authenticating has a successful result. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
means for notifying said user that said requested file was not found when said means for authenticating has an unsuccessful result.
-
-
3. The system for preventing information from being published after an unauthorized alteration of said information according to claim 2, further comprising means for generating an additional notification when said means for authenticating has said unsuccessful result, said additional notification comprising one or more of:
- an alert and a log record.
-
4. The system for preventing information from being published after an unauthorized alteration of said information according to claim 1, wherein said means for authenticating further comprises:
-
means for retrieving said requested file from said storage medium;
means for computing a cryptographic digest of said retrieved file;
first means for determining whether an entry exists in a validation cache for said requested file, said entry comprising a previously-validated digest for said requested file;
first means for comparing said computed digest to said previously-validated digest, wherein said successful result occurs when said first means for comparing detects that said computed digest and said previously-validated digest are identical; and
means for validating said retrieved file when said entry does not exist or said first means for comparing detects that said computed digest and said previously-validated digest are not identical, further comprising;
means for decrypting said stored digital signature for said retrieved file; and
second means for comparing said computed digest to said decrypted signature, wherein said successful result occurs when said second means for comparing detects that said computed digest and said decrypted signature are identical; and
further comprising;
means for storing said computed digest in said validation cache for a future invocation of said means for authenticating when said means for authenticating has said successful result.
-
-
5. The system for preventing information from being published after an unauthorized alteration of said information according to claim 4, wherein said means for authenticating further comprises second means for determining whether a certificate of said author is valid, and wherein said successful result occurs only if said certificate is valid, said second means for determining indicating that said certificate is valid if said certificate has either of:
- a locally-stored trusted status or a trusted status derived from a higher-level trusted certificate authority.
-
6. The system for preventing information from being published after an unauthorized alteration of said information according to claim 5, further comprising means for verifying one or more permissions of said author.
-
7. The system for preventing information from being published after an unauthorized alteration of said information according to claim 6, wherein said permissions comprise one or more of:
-
a first permission to create files in a particular directory where said requested file is stored on said storage medium; and
a second permission to create files for a particular action type associated with said requested file.
-
-
8. The system for preventing information from being published after an unauthorized alteration of said information according to claim 4, further comprising means for initializing said validation cache, wherein said means for initializing further comprises:
-
means for retrieving selected ones of said stored tiles, means for computing said cryptographic digest for each of said selected files; and
means for storing each of said computed digests in said validation cache.
-
-
9. The system for preventing information from being published after an unauthorized alteration of said information according to claim 4, further comprising:
-
means for using a system cache to optimize performance of said system, further comprising;
means for checking said system cache for said requested file prior to operation of said means for authenticating;
means for bypassing operation of said means for authenticating if said means for checking locates said requested file in said system cache; and
wherein said means for publishing publishes said located file following operation of said means for bypassing; and
means for storing said retrieved file in said system cache for said future invocation when said means for authenticating has said successful result.
-
-
10. The system for preventing information from being published after an unauthorized alteration of said information according to claim 9, wherein said means for bypassing further requires that a cache timestamp of said located file and a timestamp of said requested file on said storage medium are identical.
-
11. A method for preventing information from being published over a network in a computing environment after an unauthorized alteration of said information, comprising the steps of:
-
storing one or more files on a storage medium accessible to a first computer in said computing environment;
storing a digital signature for each of said one or more files, each of said digital signatures being stored in a location accessible to said first computer;
receiving a request for a selected one of said files from a user of a second computer in said computing environment;
authenticating responsive to said receiving step, that said requested file was created by an authorized author; and
publishing said requested file to said user only when said authenticating step has a successful result. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
notifying said user that said requested file was not found when said authenticating step has an unsuccessful result.
-
-
13. The method for preventing information from being published after an unauthorized alteration of said information according to claim 12, further comprising the step of generating an additional notification when said authenticating step has said unsuccessful result, said additional notification comprising one or more of:
- an alert and a log record.
-
14. The method for preventing information from being published after an unauthorized alteration of said information according to claim 11, wherein said authenticating step further comprises the steps of:
-
retrieving said requested file from said storage medium;
computing a cryptographic digest of said retrieved file;
decrypting said stored digital signature for said retrieved file; and
comparing said computed digest to said decrypted signature, wherein said successful result occurs when said comparing step detects that said computed digest and said decrypted signature are identical.
-
-
15. The method for preventing information from being published after an unauthorized alteration of said information according to claim 14, wherein said decrypting step uses a public key of said authorized author.
-
16. The method for preventing information from being published after an unauthorized alteration of said information according to claim 14, wherein said stored digital signature is stored externally from said retrieved file.
-
17. The method for preventing information from being published after an unauthorized alteration of said information according to claim 14, wherein said stored digital signature is embedded within said retrieved file.
-
18. The method for preventing information from being published after an unauthorized alteration of said information according to claim 11, wherein said authorized author may be an automated file generation process.
-
19. A method for securing Web server content in a computing environment connected to a network, comprising the steps of:
-
storing one or more files on a storage medium accessible to a Web server in said computing environment;
storing a digital signature for each of said one or more files, each of said digital signatures being stored in a location accessible to said Web server;
authenticating that selected ones of said stored files were created by an authorized author; and
for any ones of said selected files for which said authenticating step has an unsuccessful result, making said ones unavailable for publishing over said network. - View Dependent Claims (20, 21)
retrieving each of said selected ones from said storage medium; and
validating each of said retrieved ones, further comprising the steps of;
computing a cryptographic digest of said retrieved file;
decrypting said stored digital signature for said retrieved file; and
comparing said computed digest to said decrypted signature, wherein said unsuccessful result occurs when said comparing step detects that said computed digest and said decrypted signature are not identical.
-
-
22. A computer program product on a computer-readable medium in a computing environment for preventing information from being published over a network in said computing environment after an unauthorized alteration of said information, comprising:
-
one or more files stored on a storage medium accessible to a first computer in said computing environment;
a digital signature for each of said one or more files, each of said digital signatures being stored in a location accessible to said first computer;
computer-readable program code means for receiving a request for a selected one of said files from a user of a second computer in said computing environment;
computer-readable program code means for authenticating, responsive to said computer-readable program code means for receiving, that said requested file was created by an authorized author; and
computer-readable program code means for publishing said requested file to said user only when said computer-readable program code means for authenticating has a successful result. - View Dependent Claims (23, 24, 25, 26, 27)
computer-readable program code means for notifying said user that said requested file was not found when said computer-readable program code means for authenticating has an unsuccessful result.
-
-
24. The computer program product for preventing information from being published after an unauthorized alteration of said information according to claim 23, further comprising computer-readable program code means for generating an additional notification when said computer-readable program code means for authenticating has said unsuccessful result, said additional notification comprising one or more of:
- an alert and a log record.
-
25. The computer program product for preventing information from being published after an unauthorized alteration of said information according to claim 22, wherein said computer-readable readable program code means for authenticating further comprises:
-
computer-readable program code means for retrieving said requested file from said storage medium;
program code means for computing a cryptographic digest of said retrieved file;
computer-readable program code means for decrypting said stored digital signature for said retrieved file; and
computer-readable program code means for comparing said computed digest to said decrypted signature, wherein said successful result occurs when said computer-readable program code means for comparing detects that said computed digest and said decrypted signature are identical.
-
-
26. The computer program product for preventing information from being published after an unauthorized alteration of said information according to claim 22, wherein said computer-readable program code means for authenticating further comprises:
-
computer-readable program code means for retrieving said requested file from said storage medium;
computer-readable program code means for computing a cryptographic digest of said retrieved file;
first computer-readable program code means for determining whether an entry exists in a validation cache for said requested file said entry comprising a previously-validated digest for said requested file;
first computer-readable program code means for comparing said computed digest to said previously-validated digest, wherein said successful result occurs when said first computer-readable program code means for comparing detects that said computed digest and said previously-validated digest are identical; and
computer-readable program code means for validating said retrieved file when said entry does not exist or said first computer-readable program code means for comparing detects that said computed digest and said previously-validated digest are not identical, further comprising;
computer-readable program code means for decrypting said stored digital signature for said retrieved file; and
second computer-readable program code means for comparing said computed digest to said decrypted signature, wherein said successful result occurs when said second computer-readable program code means for comparing detects that said computed digest and said decrypted signature are identical; and
further comprising;
computer-readable program code means for storing said computed digest in said validation cache for a future invocation of said computer-readable program code means for authenticating when said computer-readable program code means for authenticating has said successful result.
-
-
27. The computer program product for preventing information from being published after an unauthorized alteration of said information according to claim 22, wherein said authorized author may be an automated file generation process.
-
28. A computer program product on a computer-readable medium for securing Web server content in a computing environment connected to a network, comprising:
-
one or more files stored on a storage medium accessible to a Web server in said computing environment;
a digital signature for each of said one or more files, each of said digital signatures being stored in a location accessible to said Web server;
computer-readable program code means for authenticating that selected ones of said stored files were created by an authorized author; and
for any ones of said selected files for which said computer-readable program code means for authenticating has an unsuccessful result, computer-readable program code means for making said ones unavailable for publishing over said network. - View Dependent Claims (29, 30)
computer-readable program code means for retrieving each of said selected ones from said storage medium; and
computer-readable program code means for validating each of said retrieved ones, further comprising;
computer-readable program code means for computing a cryptographic digest of said retrieved file;
computer-readable program code means for decrypting said stored digital signature for said retrieved file; and
computer-readable program code means for comparing said computed digest to said decrypted signature, wherein said unsuccessful result occurs when said computer-readable program code means for comparing detects that said computed digest and said decrypted signature are not identical.
-
-
31. A computer program product on a computer-readable medium for securely serving an aggregated document from a first server connected to a computer network to a user connected to said network, wherein said aggregated document is comprised of one or more other documents obtained by said first server from one or more other servers in addition to zero or more documents locally accessible to said first server, said system comprising:
-
computer-readable program code means for requesting said one or more other documents from selected ones of said other servers;
computer-readable program code means for receiving said requested documents;
computer-readable program code means for validating that each of said received documents was created by an authorized author, further comprising;
computer-readable program code means for computing a cryptographic digest of said received document;
computer-readable program code means for retrieving a digital signature for said received document, wherein said digital signature was previously created by an author of said received document;
computer-readable program code means for decrypting said retrieved digital signature using a public key of said author; and
computer-readable program code means for comparing said decrypted signature to said, computed digest, wherein said computer-readable program code means for comparing has a successful outcome only if said decrypted signature and said computed digest are identical; and
computer-readable program code means for serving said aggregated document to said user only if each of said received files has said successful outcome in said means for comparing.
-
Specification