System and method for authenticating peer components
DCFirst Claim
1. A method of controlling the usage of data in a computer having one or more peer data objects, the method comprising:
- providing a data object, the data object including a description of one or more of the peer data objects that are required for usage of the data object;
determining whether the peer data objects are authorized to communicate with the data object;
determining whether the data object is authorized to communicate with the peer data objects; and
connecting the data object to the peer data objects based upon authorization being granted such that the data object can communicate with the peer data objects and the peer data objects can communicate with the data object.
13 Assignments
Litigations
0 Petitions
Accused Products
Abstract
A system and method for controlling the usage of data objects in component object systems. According to the invention, each data object includes a peer list that defines one or more peer data objects that are required by the data object. Upon receipt of a data object, the system verifies the integrity of the data object. Further, the system identifies the integrity of the peer data objects. If the system cannot find the peer data objects, or the system cannot authenticate the peer data objects, the system may optionally retrieve a peer data object that can be authenticated from a data object depository. In addition to validating the integrity of the data object, the system verifies that the data object is authorized to communicate with each of the peer data objects. Further, the system verifies that the peer data objects are authorized to communicate with the data object.
112 Citations
32 Claims
-
1. A method of controlling the usage of data in a computer having one or more peer data objects, the method comprising:
-
providing a data object, the data object including a description of one or more of the peer data objects that are required for usage of the data object;
determining whether the peer data objects are authorized to communicate with the data object;
determining whether the data object is authorized to communicate with the peer data objects; and
connecting the data object to the peer data objects based upon authorization being granted such that the data object can communicate with the peer data objects and the peer data objects can communicate with the data object. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
determining the presence of the peer data objects; and
retrieving any of the peer data objects that are not present in the computer.
-
-
5. The method of claim 1, wherein the data object includes one or more subcomponents that define the usage of the data object in connection with the peer data objects.
-
6. The method of claim 1, wherein the peer data objects collectively define a software application.
-
7. The method of claim 1, wherein the software application is an Internet browser.
-
8. The method of claim 7, wherein the software application is an on-line virtual store.
-
9. The method of claim 1, wherein one of the peer data objects is a hardware device.
-
10. The method of claim 1, wherein the data object is encrypted.
-
11. The method of claim 1, wherein determining whether the peer data objects are authorized to communicate with the data object includes verifying at least one digital signature in each of the peer data objects.
-
12. The method of claim 1, wherein determining whether the data object is authorized to communicate with the peer data objects includes verifying at least one digital signature in the data object.
-
13. The method of claim 1, wherein the data object has at least one subcomponent, the subcomponent having an associated digital signature, and wherein determining whether the data object is authorized to communicate with the peer data objects includes verifying the digital signature associated with each subcomponent.
-
14. The method of claim 13, wherein the subcomponent contains data, and wherein the digital signature is a digitally encrypted hash of the content of the data in the subcomponent using a private key of the signer of the digital signature.
-
15. The method of claim 1, additionally comprising verifying the integrity of the data object.
-
16. The method of claim 1, wherein each of the peer data objects is a data object.
-
17. A system for controlling the usage of a data object, the system comprising:
-
one or more peer data objects, the peer data objects collectively defining a software application;
a parser capable of reading from a data object a description of one or more peer data objects that are required for use of the data object;
a validate data object module capable of determining whether the data object is authorized to communicate with one or more peer data objects;
a validate peer module capable of determining whether the peer data objects are authorized to communicate with the data object; and
a wiring module capable of controlling the connection of the peer data objects to the data object. - View Dependent Claims (18, 19)
-
-
20. A data object that is configured to be dynamically wired to one or more other data objects, the data object comprising:
-
a description of one or more peer data objects that are required to be connected to the data object before the data object can be accessed by the peer data objects; and
at least one digital signature that identifies a provider of the data object. - View Dependent Claims (21, 22)
-
-
23. A system for controlling the usage of data in a computer having one or more peer data objects, the system comprising:
-
means for reading a data object, the data object including a description of one or more of the peer data objects that are required for usage of the data object and configured into a state that is unusable by the peer data objects;
means for determining whether the peer data objects are authorized to communicate with the data object;
means for determining whether the data object is authorized to communicate with the peer data objects;
means for converting the data object into a state that is usable by the peer data objects; and
means for connecting the data object to the peer data objects such that data object can communicate with the peer data objects and the peer data objects can communicate with the data object. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32)
means for determining the presence of the peer data objects; and
means for retrieving any of the peer data objects that are not present in the computer.
-
-
27. The system of claim 23, wherein the data object includes one or more subcomponents.
-
28. The system of claim 23, wherein the peer data objects together define a software application.
-
29. The system of claim 28, wherein the software application is an Internet browser.
-
30. The system of claim 28, wherein the software application is an on-line virtual store.
-
31. The system of claim 23, wherein one of the peer data objects is a hardware device.
-
32. The system of claim 23, wherein the data object is encrypted.
Specification