Method and system for establishing trust in downloaded proxy code

US 6,901,518 B1
Filed: 04/06/2000
Issued: 05/31/2005
Est. Priority Date: 04/08/1999
Status: Expired due to Term

First Claim

Patent Images

1. A method in a distributed system, comprising the steps of:

downloading code from a server by a client;

determining a set of constraints specified by the client for conducting secure communication with the server via the downloaded code; and

using secure code verified locally by the client to determine whether the downloaded code will enforce the set of constraints specified by the client when the downloaded code is used to communicate with the server.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system consistent with the present invention enables a program in a distributed system to determine whether downloaded code is trustworthy before using the downloaded code to communicate with other programs or services in the distributed system. A client that downloads proxy code from a service can verify that both the service and the downloaded code are trustworthy before using the code to communicate with the service. “Trustworthy” code is code the client knows will enforce the client'"'"'s security constraints in communicating with the service, e.g., mutual authentication, confidentiality, and integrity.

261 Citations

13 Claims

1. A method in a distributed system, comprising the steps of:
- downloading code from a server by a client;
  
  determining a set of constraints specified by the client for conducting secure communication with the server via the downloaded code; and
  
  using secure code verified locally by the client to determine whether the downloaded code will enforce the set of constraints specified by the client when the downloaded code is used to communicate with the server.
- View Dependent Claims (2, 3)
- - 2. The method of claim 1, further comprising the step of:
    - using the downloaded code to invoke a method on the server, wherein the downloaded code enforces the set of constraints on the server.
  - 3. The method of claim 1, wherein the set of security constraints include at least one of integrity, anonymity, mutual authentication, delegation, and confidentiality.

4. A method in a distributed system for ensuring trustworthiness of a first proxy, comprising the steps of:
- downloading the first proxy containing code for communication purposes;
  
  using the first proxy to obtain a second proxy containing code for communication purposes;
  
  determining whether the second proxy is trustworthy by using a trustworthiness verification routine;
  
  determining whether a server is trustworthy by using the second proxy when it has been determined that the second proxy is trustworthy;
  
  requesting the server to determine whether the first proxy is trustworthy by using the second proxy when it has been determined that the server is trustworthy; and
  
  using the first proxy to invoke a method on the server when it has been determined that the first proxy is trustworthy, that the second proxy is trustworthy, and that the server is trustworthy.
- View Dependent Claims (5)
- - 5. The method of claim 4, wherein the requesting step further comprises the substeps of:
    - receiving a trust verifier routine from the server;
      
      receiving codebase information and signer information for the trust verifier from the server;
      
      determining whether the trust verifier routine is trustworthy using the codebase information and the signer information; and
      
      when it has been determined that the trust verifier routine is trustworthy, using the trust verifier routine to determine whether the first proxy is trustworthy.

6. A distributed system comprising:
- a server computer, comprising;
  
  a memory with a service; and
  
  a processor that runs the service; and
  
  a client computer, comprising;
  
  a memory with a proxy that facilitates use of the service, a client program that invokes a method of the service using the proxy and specifies a set of constraints for conducting secure communication with the service, and a secure verifier that determines whether the proxy will enforce the set of constraints when communicating with the service; and
  
  a processor that runs the client program.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The distributed system of claim 6, wherein the server computer and the client computer communicate via the Internet.
  - 8. The distributed system of claim 6, wherein the server computer and the client computer communicate via a local area network.
  - 9. The distributed system of claim 6, wherein the security constraints include at least one of integrity, anonymity, mutual authentication, delegation, and confidentiality.
  - 10. The distributed system of claim 6, wherein the security constraints are set by the service.

11. A computer-readable medium containing instructions for controlling a data processing system to perform a method in a distributed system, the method comprising the steps of:
- downloading code from a server by a client;
  
  determining a set of constraints specified by the client for conducting secure communication with the server via the downloaded code; and
  
  using secure code verified locally by the client to determine whether the downloaded code will enforce the set of constraints specified by the client when the downloaded code is used to communicate with the server.
- View Dependent Claims (12)
- - 12. The computer-readable medium of claim 11, wherein the method further comprises the step of:
    - using the downloaded code to invoke a method on the server, wherein the downloaded code enforces the set of constraints on the server.

13. A computer-readable medium containing instructions for controlling a data processing system to perform a method in a distributed system the method comprising the steps of:
- downloading the first proxy containing code for communication purposes;
  
  using the first proxy to obtain a second proxy containing code for communication purposes;
  
  determining whether the second proxy is trustworthy by using a trustworthiness verification routine;
  
  determining whether a server is trustworthy by using the second proxy when it has been determined that the second proxy is trustworthy;
  
  requesting the server to determine whether the first proxy is trustworthy by using the second proxy when it has been determined that the server is trustworthy; and
  
  using the first proxy to invoke a method on the server when it has been mined that the first proxy is trustworthy, that the second proxy is trustworthy, and that the server is trustworthy.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle America, Inc. (Oracle Corporation)
Original Assignee
Sun Microsystems Incorporated (Oracle Corporation)
Inventors
Jones, Peter C., Scheifler, Robert W., Waldo, James H.
Primary Examiner(s)
Sheikh, Ayaz
Assistant Examiner(s)
REVAK, CHRISTOPHER A

Application Number

US09/543,908
Time in Patent Office

1,881 Days
Field of Search

713/156, 713/175, 713/176, 713200-202, 709/223, 709/224, 717/120, 717/174, 717176-178
US Class Current

726/12
CPC Class Codes

G06F 21/51 at application loading time...

Method and system for establishing trust in downloaded proxy code

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

261 Citations

13 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for establishing trust in downloaded proxy code

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

261 Citations

13 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links