System and method for protecting use of dynamically linked executable modules
First Claim
1. A computer data signal residing on a medium, the computer data signal carrying program module data for receipt and storage in a computer system having a program module verifier configured to respond to procedure calls to the program module verifier by verifying authenticity of any specified program module and by returning a verification confirmation or denial in response to each such procedure call;
- the program module data carried by the computer data signal comprising;
a first program module; and
a second program module;
the first program module including;
a procedure call to the second program module;
a procedure call to the program module verifier for verifying the second program module'"'"'s authenticity, wherein the procedure call to the program module verifier is logically positioned in the first program module so as to be executed prior to execution of the procedure call to the second program module; and
instructions preventing execution of the procedure call to the second program module when the procedure call to the program module verifier results in a verification denial being returned by the program module verifier;
the second program module including;
an executable procedure to be performed in response to the procedure call to the second program module;
a procedure call to the program module verifier for verifying the first program module'"'"'s authenticity, wherein the procedure call to the program module verifier is logically positioned in the second program module so as to be executed prior to completion of execution of the executable procedure; and
instructions preventing completion of execution of the executable procedure when the procedure call to the program module verifier results in a verification denial being returned by the program module verifier.
0 Assignments
0 Petitions
Accused Products
Abstract
A computer system has a program module verifier and at least first and second program modules. Each program module includes a digital signature and an executable procedure. The first program module furthermore includes a procedure call to the second procedure module, a procedure call to the program module verifier that is logically positioned in the first program module so as to be executed prior to execution of the procedure call to the second program module, and instructions preventing execution of the procedure call to the second program module when the procedure call to the program module verifier results in a verification denial being returned by the program module verifier. The second program module includes an executable procedure to be performed in response to the procedure call by the first program module to the second program module, a procedure call to the program module verifier that is logically positioned in the second program module so as to be executed prior to completion of execution of the second program module'"'"'s executable procedure, and instructions preventing completion of execution of that executable procedure when the program module verifier returns a verification denial with respect to the first program module. The program module verifier responds to procedure calls by verifying the authenticity of any specified program module and by returning a verification confirmation or denial. When the program module verifier fails to verify the authenticity of a program module, the calling program module throws an exception and aborts its execution.
45 Citations
19 Claims
-
1. A computer data signal residing on a medium, the computer data signal carrying program module data for receipt and storage in a computer system having a program module verifier configured to respond to procedure calls to the program module verifier by verifying authenticity of any specified program module and by returning a verification confirmation or denial in response to each such procedure call;
-
the program module data carried by the computer data signal comprising;
a first program module; and
a second program module;
the first program module including;
a procedure call to the second program module;
a procedure call to the program module verifier for verifying the second program module'"'"'s authenticity, wherein the procedure call to the program module verifier is logically positioned in the first program module so as to be executed prior to execution of the procedure call to the second program module; and
instructions preventing execution of the procedure call to the second program module when the procedure call to the program module verifier results in a verification denial being returned by the program module verifier;
the second program module including;
an executable procedure to be performed in response to the procedure call to the second program module;
a procedure call to the program module verifier for verifying the first program module'"'"'s authenticity, wherein the procedure call to the program module verifier is logically positioned in the second program module so as to be executed prior to completion of execution of the executable procedure; and
instructions preventing completion of execution of the executable procedure when the procedure call to the program module verifier results in a verification denial being returned by the program module verifier. - View Dependent Claims (2, 3)
the program verifier module includes instructions for issuing an authenticity verification for any specified program module only when inspection of the specified program module indicates that the specified program module is identical to a corresponding program module known to be authentic, and for otherwise issuing an authenticity verification denial; - and
the instructions preventing execution of the procedure call include instructions for aborting execution of the first program module when the procedure call to the program module verifier results in a verification denial being returned by the program module verifier.
-
-
3. The computer data signal of claim 1,
the first program module including a first digital signature and a first executable procedure; -
the second program module including a second digital signature and a second executable procedure;
the program verifier module including instructions for responding to a procedure call requesting verification of the second program module by decoding the second digital signature in the second program module with a corresponding decoding key, generating a message digest of at least a portion the second program module in accordance with a predefined message digest function, returning a verification confirmation when the decoded digital signature matches the message digest, and returning a verification denial when the decoded digital signature does not match the message digest.
-
-
4. A computer data signal residing on a medium, the computer data signal carrying program module data for receipt and storage in a computer system having a program module verifier configured to verify authenticity of any specified program module and to return to a requesting program module a verification signal, comprising a verification confirmation or verification denial, respectively confirming or denying authenticity of the specified program module;
-
the program module data carried by the computer data signal comprising;
a first program module; and
a second program module;
the first program module including;
first instructions for receiving from the program module verifier the verification signal with respect to the second program module, and second instructions for preventing execution of third instructions in the first program module when the received verification signal comprises a verification denial; and
the second program module including;
fourth instructions for receiving from the program module verifier the verification signal with respect to the first program module, and fifth instructions for preventing execution of sixth instructions in the second program module when the received verification signal comprises a verification denial. - View Dependent Claims (5, 6, 7)
the program verifier module includes instructions for issuing a verification signal comprising a verification confirmation with respect to any specified program module only when inspection of the specified program module indicates that the specified program module is identical to a corresponding program module known to be authentic, and for otherwise issuing a verification signal comprising a verification denial; - and
the second instructions of the first program module prevent execution of a procedure call to the second procedure when the received verification signal comprises a verification denial.
-
-
6. The computer data signal of claim 4, wherein
the program verifier module includes instructions for issuing a verification signal comprising a verification confirmation with respect to any specified program module only when inspection of the specified program module indicates that the specified program module is identical to a corresponding program module known to be authentic, and for otherwise issuing a verification signal comprising a verification denial; - and
the second instructions of the first program module abort execution of the first program module when the received verification signal comprises a verification denial.
- and
-
7. The computer data signal of claim 4, wherein
the first program module includes a first digital signature and a first executable procedure; -
the second program module includes a second digital signature and a second executable procedure;
the program verifier module includes instructions for responding to a procedure call requesting verification of the second program module by decoding the second digital signature in the second program module with a corresponding decoding key, generating a message digest of at least a portion of the second program module in accordance with a predefined message digest function, returning a verification signal comprising a verification confirmation when the decoded digital signature matches the message digest, and returning a verification signal comprising a verification denial when the decoded digital signature does not match the message digest.
-
-
8. A computer data signal residing on a medium, the computer data signal carrying program module data for receipt and storage in a computer system, the program module data carried by the computer data signal comprising:
-
a program module verifier configured to verify authenticity of any specified program module and to return to a requesting program module a verification signal, comprising a verification confirmation or verification denial, respectively confirming or denying authenticity of the specified program module;
a first program module; and
a second program module;
the first program module including;
first instructions for receiving from the program module verifier the verification signal with respect to the second program module, and second instructions for preventing execution of third instructions in the first program module when the received verification signal comprises a verification denial; and
the second program module including;
fourth instructions for receiving from the program module verifier the verification signal with respect to the first program module, and fifth instructions for preventing execution of sixth instructions in the second program module when the received verification signal comprises a verification denial. - View Dependent Claims (9, 10, 11)
the program verifier module includes instructions for issuing a verification signal comprising a verification confirmation with respect to any specified program module only when inspection of the specified program module indicates that the specified program module is identical to a corresponding program module known to be authentic, and for otherwise issuing a verification signal comprising a verification denial; - and
the second instructions of the first program module prevent execution of a procedure call to the second procedure when the received verification signal comprises a verification denial.
-
-
10. The computer data signal of claim 8, wherein
the program verifier module includes instructions for issuing a verification signal comprising a verification confirmation with respect to any specified program module only when inspection of the specified program module indicates that the specified program module is identical to a corresponding program module known to be authentic, and for otherwise issuing a verification signal comprising a verification denial; - and
the second instructions of the first program module abort execution of the first program module when the received verification signal comprises a verification denial.
- and
-
11. The computer data signal of claim 8, wherein
the first program module includes a first digital signature and a first executable procedure; -
the second program module includes a second digital signature and a second executable procedure;
the program verifier module includes instructions for responding to a procedure call requesting verification of the second program module by decoding the second digital signature in the second program module with a corresponding decoding key, generating a message digest of at least a portion of the second program module in accordance with a predefined message digest function, returning a verification signal comprising a verification confirmation when the decoded digital signature matches the message digest, and returning a verification signal comprising a verification denial when the decoded digital signature does not match the message digest.
-
-
12. A computer program product comprising a computer readable storage medium and a computer program mechanism embedded therein, the computer program mechanism comprising:
-
a program module verifier configured to verify authenticity of any specified program module and to return to a requesting program module a verification signal, comprising a verification confirmation or verification denial, respectively confirming or denying authenticity of the specified program module;
a first program module; and
a second program module;
the first program module including;
first instructions for receiving from the program module verifier the verification signal with respect to the second program module, and second instructions for preventing execution of third instructions in the first program module when the received verification signal comprises a verification denial; and
the second program module including;
fourth instructions for receiving from the program module verifier the verification signal with respect to the first program module, and fifth instructions for preventing execution of sixth instructions in the second program module when the received verification signal comprises a verification denial. - View Dependent Claims (13, 14, 15)
the program verifier module includes instructions for issuing a verification signal comprising a verification confirmation with respect to any specified program module only when inspection of the specified program module indicates that the specified program module is identical to a corresponding program module known to be authentic, and for otherwise issuing a verification signal comprising a verification denial; - and
the second instructions of the first program module prevent execution of a procedure call to the second procedure when the received verification signal comprises a verification denial.
-
-
14. The computer program product of claim 12, wherein
the program verifier module includes instructions for issuing a verification signal comprising a verification confirmation with respect to any specified program module only when inspection of the specified program module indicates that the specified program module is identical to a corresponding program module known to be authentic, and for otherwise issuing a verification signal comprising a verification denial; - and
the second instructions of the first program module abort execution of the first program module when the received verification signal comprises a verification denial.
- and
-
15. The computer program product of claim 12, wherein
the first program module includes a first digital signature and a first executable procedure; -
the second program module includes a second digital signature and a second executable procedure;
the program verifier module includes instructions for responding to a procedure call requesting verification of the second program module by decoding the second digital signature in the second program module with a corresponding decoding key, generating a message digest of at least a portion of the second program module in accordance with a predefined message digest function, returning a verification signal comprising a verification confirmation when the decoded digital signature matches the message digest, and returning a verification signal comprising a verification denial when the decoded digital signature does not match the message digest.
-
-
16. A computer program product for use in conjunction with a computer system having a program module verifier configured to verify authenticity of any specified program module and to return to a requesting program module a verification signal, comprising a verification confirmation or verification denial, respectively confirming or denying authenticity of the specified program module;
-
the computer program product comprising a computer readable storage medium and a computer program mechanism embedded therein, the computer program mechanism comprising;
a first program module; and
a second program module;
the first program module including;
first instructions for receiving from the program module verifier the verification signal with respect to the second program module, and second instructions for preventing execution of third instructions in the first program module when the received verification signal comprises a verification denial; and
the second program module including;
fourth instructions for receiving from the program module verifier the verification signal with respect to the first program module, and fifth instructions for preventing execution of sixth instructions in the second program module when the received verification signal comprises a verification denial. - View Dependent Claims (17, 18, 19)
the program verifier module includes instructions for issuing a verification signal comprising a verification confirmation with respect to any specified program module only when inspection of the specified program module indicates that the specified program module is identical to a corresponding program module known to be authentic, and for otherwise issuing a verification signal comprising a verification denial; - and
the second instructions of the first program module prevent execution of a procedure call to the second procedure when the received verification signal comprises a verification denial.
-
-
18. The computer program product of claim 16, wherein
the program verifier module includes instructions for issuing a verification signal comprising a verification confirmation with respect to any specified program module only when inspection of the specified program module indicates that the specified program module is identical to a corresponding program module known to be authentic, and for otherwise issuing a verification signal comprising a verification denial; - and
the second instructions of the first program module abort execution of the first program module when the received verification signal comprises a verification denial.
- and
-
19. The computer program product of claim 16, wherein
the first program module includes a first digital signature and a first executable procedure; -
the second program module includes a second digital signature and a second executable procedure;
the program verifier module includes instructions for responding to a procedure call requesting verification of the second program module by decoding the second digital signature in the second program module with a corresponding decoding key, generating a message digest of at least a portion of the second program module in accordance with a predefined message digest function, returning a verification signal comprising a verification confirmation when the decoded digital signature matches the message digest, and returning a verification signal comprising a verification denial when the decoded digital signature does not match the message digest.
-
Specification