Method and apparatus for securing software distributed over a network
First Claim
Patent Images
1. A method to secure software downloaded from a server computer to a client computer over a computer network, the method comprising:
- receiving a Universal Resource Locator (URL) pertaining to a server computer in a browser window provided by a browser program running on a client computer;
initiating the downloading of a web page on the browser window on the client computer based on the URL, wherein the web page has associated therewith a control software program with a corresponding digital signature;
verifying the control software program using the digital signature;
displaying a first message if the control software program fails the verification;
querying the browser program to determine the URL to which the browser program is pointed;
determining whether the URL to which the browser program is pointed is authorized;
executing the control software program if it is determined that the URL to which the browser program is pointed is authorized; and
displaying a second message if it is determined that the URL to which the browser program is pointed is not authorized.
14 Assignments
0 Petitions
Accused Products
Abstract
A method and computer executable program code are disclosed to verify the source of software downloaded from a remote site to a client computer over a computer network before the software can be executed on the client computer.
-
Citations
8 Claims
-
1. A method to secure software downloaded from a server computer to a client computer over a computer network, the method comprising:
-
receiving a Universal Resource Locator (URL) pertaining to a server computer in a browser window provided by a browser program running on a client computer;
initiating the downloading of a web page on the browser window on the client computer based on the URL, wherein the web page has associated therewith a control software program with a corresponding digital signature;
verifying the control software program using the digital signature;
displaying a first message if the control software program fails the verification;
querying the browser program to determine the URL to which the browser program is pointed;
determining whether the URL to which the browser program is pointed is authorized;
executing the control software program if it is determined that the URL to which the browser program is pointed is authorized; and
displaying a second message if it is determined that the URL to which the browser program is pointed is not authorized.
-
-
2. The method of claim 1 and further comprising authenticating a user via the browser program.
-
3. The method of claim 1 and further comprising
invoking at least two of a plurality of methods provided by the browser program to determine if it is pointed to an authorized web site; - and
comparing the results obtained by the methods that are invoked.
- and
-
4. The method of claim 1 and further comprising invoking at least one method provided by the browser program to obtain information located in a top-level browser window.
-
5. The method of claim 1 and further comprising invoking at least one method provided by the browser program to obtain information located in an opener browser window.
-
6. Computer executable program code stored on a computer readable medium to implement the method of claim 1.
-
7. A method to secure software downloaded from a server computer to a client computer over a computer network, the method comprising:
-
receiving a Universal Resource Locator (URL) pertaining to a server computer in a browser window provided by a browser program running on a client computer;
initiating the downloading of a web page on the browser window on the client computer based on the URL, wherein the web page has associated therewith a control software program with a corresponding digital signature, wherein the control software program includes computer maintenance software;
verifying the control software program using the digital signature;
displaying a first message if the control software program fails the verification;
querying the browser program to determine the URL to which the browser program is pointed;
determining whether the URL to which the browser program is pointed is authorized;
executing the control software program if it is determined that the URL to which the browser program is pointed is authorized; and
displaying a second message if it is determined that the URL to which the browser program is pointed is not authorized.
-
-
8. A method to secure software downloaded from a server computer to a client computer over a computer network, the method comprising:
-
receiving a Universal Resource Locator (URL) pertaining to a server computer in a browser window provided by a browser program on a client computer;
initiating the downloading of a web page on the browser window on the client computer based on the URL, wherein the web page has associated therewith a control software program with a corresponding digital signature;
verifying the control software program using the digital signature;
displaying a first message if the control software program fails the verification;
querying the browser program to determine the URL to which the browser program is pointed;
determining whether the URL to which the browser program is pointed is authorized;
executing the control software program if it is determined that the URL to which the browser program is pointed is authorized;
displaying a second message if it is determined that the URL to which the browser program is pointed is not authorized;
determining a first URL pointed to by a top-level window;
determining a second URL pointed to by an opener window; and
executing the control software program only if both the first URL and the second URL are authorized.
-
Specification