Method and system for accepting preverified information

US 7,155,606 B1
Filed: 04/12/2000
Issued: 12/26/2006
Est. Priority Date: 04/12/2000
Status: Expired due to Fees

First Claim

Patent Images

1. A method of ensuring the integrity of a first system in a distributed computing environment, the method comprising:

sending information including intermediate language code from a second system to the first system;

receiving the information from the second system;

thereafter, testing whether the information sent from the second system is preverified information by examining a digital signature associated with the information indicating the information is preverified and what source verified the information;

if the information is not preverified, verifying the information or rejecting receipt of the information, wherein verifying the information includes analyzing an entire flow of control in the intermediate code to ensure that resulting variable types match source variable types;

if the information is preverified, testing if the information was received from a trusted system;

if the information was received from the trusted system, accepting receipt of the information; and

if the information was not received from a trusted system verifying the information or rejecting receipt of the information wherein verifying the information includes analyzing an entire flow of control in the intermediate code to ensure that resulting variable types match source variable types; and

if receipt of the information is accepted;

compiling the intermediate language code; and

executing the complied intermediate language code.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for ensuring the integrity of a receiving system in a distributed computing environment includes receiving information from a transmitting system. The method also includes testing whether the information is preverified information. If the information is not preverified, the method includes verifying the information or rejecting receipt of the information. If the information is preverified, the method includes testing if the information was received from a trusted transmitting system. If the information was received from a trusted transmitting system, the method includes accepting receipt of the information without reverifying. If the information was not received from a trusted transmitting system, the method includes verifying the information or rejecting receipt of the information.

23 Citations

View as Search Results

12 Claims

1. A method of ensuring the integrity of a first system in a distributed computing environment, the method comprising:
- sending information including intermediate language code from a second system to the first system;
  
  receiving the information from the second system;
  
  thereafter, testing whether the information sent from the second system is preverified information by examining a digital signature associated with the information indicating the information is preverified and what source verified the information;
  
  if the information is not preverified, verifying the information or rejecting receipt of the information, wherein verifying the information includes analyzing an entire flow of control in the intermediate code to ensure that resulting variable types match source variable types;
  
  if the information is preverified, testing if the information was received from a trusted system;
  
  if the information was received from the trusted system, accepting receipt of the information; and
  
  if the information was not received from a trusted system verifying the information or rejecting receipt of the information wherein verifying the information includes analyzing an entire flow of control in the intermediate code to ensure that resulting variable types match source variable types; and
  
  if receipt of the information is accepted;
  
  compiling the intermediate language code; and
  
  executing the complied intermediate language code.
- View Dependent Claims (2, 3, 4)
- - 2. A method according to claim 1 wherein the step of receiving includes receiving information from the second system via a hard-link or wireless communication channel or via a physical storage medium.
  - 3. A method according to claim 1 wherein the step of accepting includes accepting receipt of the information without reverifying on a small device.
  - 4. A method according to claim 3 wherein the step of accepting includes accepting receipt of the preverified information without reverifying on a cellular phone.

5. A computer program storage medium readable by a computing system and encoding a computer program of instructions for executing a computer process for ensuring the integrity of a first system in a distributed computing environment, the computer process comprising:
- sending intermediate language code from a first source;
  
  receiving the intermediate language code from the first source;
  
  thereafter, testing whether the intermediate language code sent firm the first source is preverified by examining a digital signature associated with the intermediate language code indicating the intermediate language code is preverified and what source verified the intermediate language code;
  
  if the intermediate language code is not preverified, verifying the intermediate language code or rejecting receipt of the intermediate language code, wherein verifying the information includes analyzing an entire flow of control in the intermediate language code to ensure that resulting variable types match source variable types;
  
  if the intermediate language code is preverified, testing if the intermediate language code was received from a trusted source;
  
  if the intermediate language code was received from the trusted source, accepting receipt of the preverified intermediate language code without reverifying; and
  
  if the intermediate language code was not received from the trusted source, verifying the intermediate language code or rejecting receipt of the intermediate language code, wherein verifying the information includes analyzing the entire flow of a control in the intermediate language code to ensure that the result, variable tunes match the source variable types; and
  
  if receipt of the information is accepted;
  
  compiling the intermediate language code; and
  
  executing the complied intermediate language code.
- View Dependent Claims (6, 7, 8)
- - 6. A computer process according to claim 5 wherein the step of receiving includes receiving intermediate language code from the first source via a hard-link or wireless communication channel or via a physical storage medium.
  - 7. A computer process according to claim 5 wherein the step of accepting includes accepting receipt of the preverified intermediate language code without reverifying on a small device.
  - 8. A computer process according to claim 7 wherein the step of accepting includes accepting receipt of the preverified intermediate language code without reverifying on a cellular phone.

9. A system for ensuring the integrity of a first system in a distributed computing environment, the apparatus comprising:
- a receipt module that receives information including intermediate language code sent from a second system;
  
  a test module that thereafter tests whether the information sent from the second system is preverified information by examining a digital signature associated with the information indicating the information is preverified and what source verified the information;
  
  a query module that tests if the information was received from a trusted system if the information if preverified;
  
  an accept module that accepts receipt of the information without reverifying if the information was received from the trusted system;
  
  a verify module that verifies the information by analyzing an entire flow of control in the intermediate language code to ensure that resulting variable types match source variable types, or rejects receipt of the information if the information is not preverified or if the information is not from the trusted system even if preverified; and
  
  a user module that complies and executes the intermediate language code if receipt of the information is accepted.
- View Dependent Claims (10, 11, 12)
- - 10. A system according to claim 9 wherein the receipt module receives information from the second system via a hard link or wireless communication channel or via a physical storage medium.
  - 11. A system according to claim 9 wherein the system is a small device.
  - 12. A system according to claim 11 wherein the small device is a cellular phone.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Lamacchia, Brian A., Smith, Michael D., Toutonghi, Michael J.
Primary Examiner(s)
Moazzami, Nasser
Assistant Examiner(s)
Tran, Ellen C

Application Number

US09/548,056
Time in Patent Office

2,449 Days
Field of Search

713150-282, 726/22, 380/270
US Class Current

713/156
CPC Class Codes

G06F 21/51   at application loading time...

H04L 2209/80   Wireless network architectu...

H04L 63/12   Applying verification of th...

H04L 9/3247   involving digital signatures

Method and system for accepting preverified information

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

23 Citations

12 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for accepting preverified information

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

23 Citations

12 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links