Virtual machine with securely distributed bytecode verification
First Claim
1. A method for controlling a device having an external port and a microcontroller configured to execute a virtual machine, the method comprising the steps of:
- receiving through the external port, code including virtual machine code for use by the virtual machine;
determining whether the code is authentic in response to an indicator of authenticity provided within the code; and
if the code is determined to be authentic, then omitting verification that the virtual machine code conforms to at least some of a predetermined set of criteria, and operating the virtual machine according to the virtual machine code.
0 Assignments
0 Petitions
Accused Products
Abstract
A system for executing a software application comprising a plurality of hardware independent bytecodes is provided comprising a computing system that generates bytecodes, a virtual machine, remote to the computing system, that receives a plurality of bytecodes from said computing system, and executes said plurality of bytecodes, a system for testing said bytecodes against a set of predetermined criteria in which the testing is securely distributed between said virtual machine and said computing system so that the bytecode verification completed by the computing system is authenticated by the virtual machine prior to the execution of the bytecodes by said virtual machine. A method for distributed bytecode verification is also provided.
-
Citations
63 Claims
-
1. A method for controlling a device having an external port and a microcontroller configured to execute a virtual machine, the method comprising the steps of:
-
receiving through the external port, code including virtual machine code for use by the virtual machine;
determining whether the code is authentic in response to an indicator of authenticity provided within the code; and
if the code is determined to be authentic, then omitting verification that the virtual machine code conforms to at least some of a predetermined set of criteria, and operating the virtual machine according to the virtual machine code. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method for programming a device having a microcontroller configured to execute a virtual machine and a port to a communications link from a remote computer connected to the communications link, the method comprising the steps of:
-
verifying at the remote computer that particular virtual machine code for use by the virtual machine conforms to at least some of a predetermined set of criteria;
if the particular virtual machine code passes the step of verifying, then generating at least one indicator of authenticity, and sending code including the particular virtual machine code and the at least one indicator of authenticity from the remote computer to the device over the communications link. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
-
22. A method for programming a device having a microcontroller configured to execute a virtual machine and a port to a communications link from a remote computer connected to the communications link, the method comprising the steps of:
-
verifying at the remote computer that particular virtual machine code for use by the virtual machine conforms to at least some of a predetermined set of criteria;
if the particular virtual machine code passes the step of verifying, then generating at least one indicator of authenticity, and sending code including the particular virtual machine code and the at least one indicator of authenticity from the remote computer to the device over the communications link;
receiving the code through the port at the device;
determining at the device whether the code is authentic in response to the at least one indicator of authenticity; and
if the code is determined to be authentic, then omitting verification that the particular virtual machine code conforms to the at least some of the predetermined set of criteria, and operating the virtual machine according to the particular virtual machine code. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31)
-
-
32. A programmable device comprising:
-
an external port;
an authenticator configured to determine whether code received through the port is authentic in response to an indicator of authenticity provided within the code; and
a microcontroller configured to omit verification that particular code provided within the code conforms to at least some of a predetermined set of criteria, said particular code for execution using said microcontroller, and to execute the particular code, if the code is determined to be authentic. - View Dependent Claims (33, 34, 35, 36, 37)
the microcontroller is configured to execute a virtual machine; and
the particular code comprises bytecode for the virtual machine.
-
-
35. The device of claim 32, wherein the device is a small footprint device.
-
36. The device of claim 32, wherein the particular code comprises bytecode.
-
37. The device of claim 32, wherein the device is a small footprint device.
-
38. An apparatus for remotely programming a device having a microcontroller configured to execute a virtual machine and a port to a communications link, said apparatus comprising:
-
a memory medium for storing particular code for operating the virtual machine;
a port to a communications link; and
a processor connected to the port and the memory medium, the processor configured to verify that the particular code conforms to at least some of a predetermined set of criteria, and if the particular code passes verification, to generate at least one indicator of authenticity, and to send code including the particular code and the at least one indicator of authenticity to the device through the port to the communications link. - View Dependent Claims (39)
-
-
40. A system for remotely programming a programmable device having a microcontroller configured to run a virtual machine and an external port, said system comprising:
-
a communications link;
a remote computer comprising a memory medium for storing particular code for operating the virtual machine, a port connected to the communications link, and a processor connected to the port and the memory medium, the processor configured to verify that the particular code conforms to at least some of a predetermined set of criteria, and, if the particular code passes verification, to generate at least one indicator of authenticity, and to send code including the particular code and the at least one indicator of authenticity to the programmable device through the port to the communications link; and
the programmable device comprising an external port selectably connected to the communications link, an authenticator configured to determine whether the code received through the external port is authentic in response to the indicator of authenticity, and the microcontroller configured to omit verification that the particular code conforms to the at least some of the predetermined set of criteria, and to execute the particular code, if the authenticated code is determined to be authentic. - View Dependent Claims (41, 42, 43, 44)
-
-
45. A computer program product for a programmable device having a microcontroller and an external port, the computer program product comprising:
-
a memory medium;
instructions, stored on the memory medium, to cause the microcontroller to determine whether code received through the external port is authentic, to omit verification that particular code provided within the received code conforms to at least some of a predetermined set of criteria, and to execute the particular code, if the received code is determined to be authentic. - View Dependent Claims (46, 47, 48)
the microcontroller is configured to execute a virtual machine; and
the particular code comprises bytecode for the virtual machine.
-
-
48. The computer program product of claim 45, wherein the programmable device is a small footprint device.
-
49. A computer program product for remotely programming a programmable device having an external port and a microcontroller configured to run a virtual machine, the computer program product comprising:
-
a memory medium; and
instructions, stored on the memory medium, to cause one or more processors to verify that particular code for operating the virtual machine conforms to at least some of a predetermined set of criteria, and, if the particular code passes verification, to generate at least one indicator of authenticity, and to send code including the particular code and the at least one indicator of authenticity through a port connected to the processor to a communications link with the external port of the programmable device. - View Dependent Claims (50, 51, 52)
-
-
53. A transmission of instructions for controlling a programmable device having an external port and a microcontroller configured to run a virtual machine, the transmission comprising:
-
a carrier wave;
instructions, transmitted as signals on the carrier wave, for a virtual machine running on the microcontroller; and
at least one indicator, transmitted as signals on the carrier wave, that the transmission is authentic and that said instructions conform to at least some of a predetermined set of criteria. - View Dependent Claims (54, 55)
-
-
56. A transmission of instructions for remotely controlling a programmable device having an external port and a microcontroller configured to run a virtual machine, the transmission comprising:
-
a carrier wave; and
instructions, transmitted as signals on the carrier wave, to cause one or more processors to verify that particular code for the virtual machine conforms to at least some of a predetermined set of criteria, and, if the particular code passes verification, to generate at least one indicator of authenticity, and to send code including the particular code and the at least one indicator of authenticity through a port connected to the one or more processors to a communications link with the external port of the programmable device. - View Dependent Claims (57, 58, 59)
-
-
60. A method for controlling a device having an external port and a microcontroller configured to run a virtual machine, the method comprising the steps of:
-
receiving through the port, code including virtual machine code for use by the virtual machine;
determining whether the code is authentic in response to an indicator of authenticity provided within the code; and
if the code is determined to be authentic, then omitting processing of the virtual machine code according to at least some of a predetermined set of processes, and operating the device in response to the virtual machine code.
-
-
61. A programmable device comprising:
-
an external port;
an authenticator configured to determine whether code received through the port is authentic in response to an indicator of authenticity provided within the code; and
a microcontroller configured to omit processing of particular code provided within the received code according to at least some of a predetermined set of processes, said particular code for execution using said microcontroller, and to execute the particular code, if the received code is determined to be authentic.
-
-
62. A computer program product for a programmable device having an external port and a microcontroller configured to run a virtual machine, the computer program product comprising:
-
a memory medium;
instructions, stored on the memory medium, to cause the microcontroller to determine whether code received through the external port is authentic in response to an indicator of authenticity provided within the received code, to omit processing of particular code provided within the received code according to at least some of a predetermined set of processes, and to execute the particular code, if the received code is determined to be authentic.
-
-
63. A transmission of instructions for remotely controlling a programmable device having an external port and a microcontroller configured to run a virtual machine, the transmission comprising:
-
a carrier wave; and
instructions, transmitted as signals on the carrier wave, to cause one or more processors to process particular code for the virtual machine according to at least some of a predetermined set of processes, and, after processing the particular code, to generate at least one indicator of authenticity, and to send code including the processed particular code and the at least one indicator of authenticity through a port connected to the one or more processors to a communications link with the external port of the programmable device.
-
Specification