Advanced stream format (ASF) data stream header object protection

US 7,401,221 B2
Filed: 09/04/2002
Issued: 07/15/2008
Est. Priority Date: 09/04/2002
Status: Expired due to Fees

First Claim

Patent Images

1. A method for adding a digital signature sub-object for use with a header object comprising a plurality of sub-objects implemented by at least one computing system, the method comprising:

selecting all or a portion of at least one of said plurality of sub-objects within the header object that are to be associated with a digital signature, wherein the selection, or the selections collectively, make up at least one region;

identifying a region specifier for the at least one region;

creating an array comprising the region specifier for each of the at least one region,producing the digital signature associated with each of said at least one region in said array;

adding the digital signature sub-object comprising said array and said digital signature to the header object, said plurality of sub-objects within the header object being rearrangeable within the header object without invalidating the digital signature; and

storing said header object in memory.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A header object for a data file is comprised of sub-objects which specify properties of the data stream and contains information needed to properly verify and interpret the information within the data object. In order to allow the protection of any set of sub-objects without requiring that the sub-objects follow any specific ordering, a new sub-object is introduced which includes region specifiers identifying regions within sub-objects and verification information for those regions. This new sub-object in the header object allows the modification of non-protected regions and reorganization of sub-objects in a header without invalidating verification information.

79 Citations

View as Search Results

54 Claims

1. A method for adding a digital signature sub-object for use with a header object comprising a plurality of sub-objects implemented by at least one computing system, the method comprising:
- selecting all or a portion of at least one of said plurality of sub-objects within the header object that are to be associated with a digital signature, wherein the selection, or the selections collectively, make up at least one region;
  
  identifying a region specifier for the at least one region;
  
  creating an array comprising the region specifier for each of the at least one region,producing the digital signature associated with each of said at least one region in said array;
  
  adding the digital signature sub-object comprising said array and said digital signature to the header object, said plurality of sub-objects within the header object being rearrangeable within the header object without invalidating the digital signature; and
  
  storing said header object in memory.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
- - 2. The method of claim 1, where each of said at least one region comprises a sub-object from among said plurality of sub-objects.
  - 3. The method of claim 1, where each of said region specifiers comprises a checksum calculated according to a checksum algorithm.
  - 4. The method of claim 3, where said checksum is calculated for the at least one region.
  - 5. The method of claim 3, where said checksum is calculated for the all or the portion of at least one of said plurality of sub-objects contained in the region.
  - 6. The method of claim 3, where said digital signature sub-object comprises a checksum algorithm identifier identifying the checksum algorithm used.
  - 7. The method of claim 3 where each of said region specifiers comprises a checksum length.
  - 8. The method of claim 1, where said digital signature sub-object comprises a signature algorithm identifier identifying a signature algorithm used for said producing of a digital signature.
  - 9. The method of claim 1, where said digital signature sub-object comprises signer identifier identifying a signer for verification of said digital signature.
  - 10. The method of claim 9, where said signer identifier comprises digital certificates for securely identifying and verifying a public key of said signer.
  - 11. The method of claim 1, where each of said region specifiers comprises a region offset identifying a start location of the corresponding region in a sub-object.
  - 12. The method of claim 1, where each of said region specifiers comprises a region size identifying a size of the corresponding region in a sub-object.
  - 13. The method of claim 1, where said header object is a header object for an ASF file.
  - 14. The method of claim 13, where said header object further comprises a GUID.

15. A method for use with a header object comprising a plurality of sub-objects implemented by at least one computing system, comprising:
- validating a digital signature for at least one region, where a selection of all or a portion of at least one of said plurality of sub-objects within the header object that are associated with a digital signature make up at least one region, where said sub-objects are rearrangeable within the header object without invalidating the digital signature, and where an array comprises region specifiers for each of said at least one region;
  
  identifying a region corresponding to each of said region specifiers;
  
  creating a digital signature sub-object, within said header object, comprising said array and, for each of said region specifiers, said region corresponding to said region specifier;
  
  validating said digital signature on said digital signature sub-object; and
  
  storing said digital signature sub-object in memory.
- View Dependent Claims (16)
- - 16. The method of claim 15, where said header object is a header object for an ASF file.

17. A method for use with a header object comprising a plurality of sub-objects implemented by at least one computing system, comprising:
- validating a digital signature for at least one region, where a selection of all or a portion of at least one of said plurality of sub-objects within the header object that are associated with a digital signature make up at least one region, where said sub-objects are rearrangeable within the header object without invalidating the digital signature, and where an array comprises region specifiers for each of said at least one region;
  
  determining a count of digital signatures present in said header object;
  
  validating each of said digital signatures; and
  
  storing said header object in memory.
- View Dependent Claims (18)
- - 18. The method of claim 17, further comprising:
    - returning an error value if the count of digital signatures present in said header object is zero.

19. A system for use with an object comprising a plurality of sub-objects, said system providing a digital signature for at least one region, where said at least one region is comprised of all or a portion of one of at least one sub-object within said plurality of sub-objects, the system comprising:
- array-creation means for creating an array comprising, for said at least one region, a region specifier identifying the region, where each of said region specifiers comprises a checksum calculated according to a checksum algorithm;
  
  signing means for producing the digital signature based on data comprising each region and said array; and
  
  signature sub-object adding means for adding a signature sub-object comprising said array and said digital signature to the object, where said sub-objects within the object may be rearranged within the object without invalidating the digital signature.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
- - 20. The system of claim 19, where said at least one region comprises a sub-object from among said plurality of sub-objects.
  - 21. The system of claim 19, where said checksum is calculated for the region.
  - 22. The system of claim 19, where said checksum is calculated for the all or the portion of at least one of said plurality of sub-objects contained in the region.
  - 23. The system of claim 19, where said signature sub-object comprises a checksum algorithm identifier identifying the checksum algorithm used.
  - 24. The system of claim 19, where each of said region specifiers comprises a checksum length.
  - 25. The system of claim 19, where said signature sub-object comprises a signature algorithm identifier identifying a signature algorithm used for said producing of a digital signature.
  - 26. The system of claim 19, where said signature sub-object comprises signer identifier identifying a signer for verification of said digital signature.
  - 27. The system of claim 26, where said signer identifier comprises digital certificates for securely identifying and verifying a public key of said signer.
  - 28. The system of claim 19, where each of said region specifiers comprises a region offset identifying a start location of the corresponding region in a sub-object.
  - 29. The system of claim 19, where each of said region specifiers comprises a region size identifying a size of the corresponding region in a sub-object.
  - 30. The system of claim 19, where said object is a header object for an ASF file.
  - 31. The system of claim 30, where said header object further comprises a GUID.

32. A system for validating a digital signature for use with an object comprising a plurality of sub-objects, said system comprising:
- at least one region comprising all or a portion of one of at least one sub-object within said plurality of sub-objects;
  
  an array comprising region specifiers for each of said at least one region;
  
  region-identifying means identifying a region corresponding to each of said region specifiers, where each of said region specifiers comprises a checksum calculated according to a checksum algorithm;
  
  object creation means for creating a object comprising said array and, for each of said region specifiers, said region corresponding to said region specifier; and
  
  validation means for validating said digital signature on said object for said at least one region, wherein said sub-objects are rearrangable within the object without invalidating the digital signature.
- View Dependent Claims (33)
- - 33. The system of claim 32, where said object is a header object for an ASF file.

34. A system for validating a digital signature for use with an object comprising a plurality of sub-objects, said system comprising:
- counting means for determining a number of digital signatures present in said object, wherein at least one region comprises all or a portion of one of at least one sub-object of the plurality of sub-objects and an array comprises region specifiers for each of said at least one region, each region specifier comprising a checksum calculated according to a checksum algorithm; and
  
  validating means for validating each of said digital signatures for at least one region, wherein said sub-objects are rearrangable within the object without invalidating the digital signature.
- View Dependent Claims (35)
- - 35. The system of claim 34, further comprising:
    - error return means returning an error value if the number of digital signatures present in said object is zero.

36. A computer-readable storage medium for use with a header object comprising a plurality of sub-objects, said computer-readable storage medium, comprising instructions for:
- creating an array comprising, for each of at least one region, a region specifier identifying the region, wherein each of said at least one region is comprised of all or a portion of one of at least one sub-object within said plurality of sub-objects;
  
  producing a digital signature based on data comprising each region and said array; and
  
  adding a signature sub-object comprising said array and said digital signature to the header object, wherein said sub-objects may be rearranged within the header object without invalidating the digital signature.
- View Dependent Claims (37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49)
- - 37. The computer-readable storage medium of claim 36, where each of said at least one region comprises a sub-object from among said plurality of sub-objects.
  - 38. The computer-readable storage medium of claim 36, where each of said region specifiers comprises a checksum calculated according to a checksum algorithm.
  - 39. The computer-readable storage medium of claim 38, where said checksum is calculated for the region.
  - 40. The computer-readable storage medium of claim 38, where said checksum is calculated for the all or the portion of at least one of said plurality of sub-objects contained in the region.
  - 41. The computer-readable storage medium of claim 38, where said signature sub-object comprises a checksum algorithm identifier identifying the checksum algorithm used.
  - 42. The computer-readable storage medium of claim 38, where each of said region specifiers comprises a checksum length.
  - 43. The computer-readable storage medium of claim 36, where said signature sub-object comprises a signature algorithm identifier identifying a signature algorithm used for said producing of a digital signature.
  - 44. The computer-readable storage medium of claim 36, where said signature sub-object comprises signer identifier identifying a signer for verification of said digital signature.
  - 45. The computer-readable storage medium of claim 44, where said signer identifier comprises digital certificates for securely identifying and verifying a public key of said signer.
  - 46. The computer-readable storage medium of claim 36, where each of said region specifiers comprises a region offset identifying a start location of the corresponding region in a sub-object.
  - 47. The computer-readable storage medium of claim 36, where each of said region specifiers comprises a region size identifying a size of the corresponding region in a sub-object.
  - 48. The computer-readable storage medium of claim 36, where said header object is a header object for an ASF file.
  - 49. The computer-readable storage medium of claim 48, where said header object further comprises a GUID.

50. A computer-readable storage medium for use with a header object comprising a plurality of sub-objects comprising instructions for:
- identifying at least one region that comprises all or a portion of one of at least one sub-object within said plurality of sub-objects, wherein an array comprises region specifiers for each of said at least one region;
  
  creating a digital signature sub-object comprising said array and, for each of said region specifiers, said region corresponding to said region specifier; and
  
  validating a digital signature on said object for at least one region, wherein the sub-objects are rearrangeable within the header object without invalidating the digital signature.
- View Dependent Claims (51)
- - 51. The computer-readable storage medium of claim 50, where said header object is a header object for an ASF file.

52. A computer-readable storage medium for use with a header object comprising a plurality of sub-objects, comprising instructions for:
- determining a count of digital signatures present in said header object, wherein at least one region comprises all or a portion of one of at least one sub-object within said plurality of sub-objects, at least one region comprises a digital signature validated for that region, and an array comprises region specifiers for each of said at least on region; and
  
  validating each of said digital signatures, wherein the sub-objects are rearrangeable within the header object without invalidating the digital signature.
- View Dependent Claims (53)
- - 53. The computer-readable storage medium of claim 52, said computer-readable storage medium with instructions further comprising:
    - returning an error value if the count of digital signatures present in said header object is zero.

54. A memory for storing a data structure that is accessible by a user or application program, said data structure comprising:
- a globally unique identifier (GUID) for said data structure;
  
  a value for size of the data structure;
  
  an array comprising at least one region specifier, each of said at least one region specifier comprising a checksum calculated according to a checksum algorithm, and each of said at least one region specifier specifying a region comprising all or a portion of one of at least one sub-object within said plurality of sub-objects;
  
  a count of regions in said array;
  
  a digital signature for data comprising each of said region and said array, wherein an order of the sub-objects may be changed;
  
  a signature algorithm identifier identifying an algorithm used to produce said digital signature;
  
  a signature length for said digital signature; and
  
  signer information for verifying said digital signature.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Strom, Clifford P., Dublish, Pratul, Adent, Daniel, Crites, Brian D., West, Cory
Primary Examiner(s)
Smithers; Matthew
Assistant Examiner(s)
GERGISO, TECHANE

Application Number

US10/235,587
Publication Number

US 20040054912A1
Time in Patent Office

2,141 Days
Field of Search

713/167, 713/164, 713/168, 709/217, 370/471, 380/26
US Class Current

713/167
CPC Class Codes

H04L 63/0823 using certificates cryptogr...

H04L 63/12 Applying verification of th...

Advanced stream format (ASF) data stream header object protection

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

79 Citations

54 Claims

Specification

Use Cases

Quick Links

Others

Advanced stream format (ASF) data stream header object protection

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

79 Citations

54 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others