Secure logic interlocking

US 7,895,643 B2
Filed: 08/14/2002
Issued: 02/22/2011
Est. Priority Date: 03/16/2002
Status: Active Grant

First Claim

Patent Images

1. A system for assuring proper execution of a software computer program on a computer apparatus, the system comprising:

an integrated combination of computer software program comprised of a software application logic module and an operation assurance logic module;

wherein the software application logic module and the operational assurance logic module each provide a plurality of sub-procedures which operate as a combined plurality of sub-procedures that are executed to provide combined computing functions comprised of the functionality of the respective software application module, and an integrated concurrent generation of unique security tags utilizing the functionality of the respective operational assurance logic module;

storage for the integrated computer software program;

a controller of the integrated computer software program for execution on the computer apparatus of a concurrent executed integrated combination of the respective software application logic module, and the respective operational assurance logic module, as expressly provided in the associated computer software program;

wherein during the combined computing functions, the unique security tags which provide for validating that the software computer program as executed was not tampered with, are selectively generated by the sub-procedures of the operational assurance logic module and are only generated when the integrated software computer program is executed and has not been tampered with; and

an associated operational checking logic, for validating that the integrated software computer program as executed was not tampered with responsive to the unique security tags.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

This invention discloses a method and system for processing logic modules, each having a separate functionality, into a unique functionality that is to be executed in an interlocked mode as a unique functionality. The method is based on taking logic modules (programs and data) with known functionality and transforming them into a hidden program by integrating modules to execute together into a logic which is partially obfuscated and/or encrypted and/or physically hidden. The hidden program is being updated dynamically to strengthen it against reverse engineering efforts. The program includes the functionality for generating security signals, which are unpredictable by observers, such as a pseudo random sequence of security signals. Only elements that share the means for producing the security signals can check their validity. The modules include operational tasks and performance parameters for this operation. The operation can be transmission of data packets with given parameters of performance that the hidden program contains. The generated security signals thus assure that the correct operation was taken place and can be used to signal various cryptographic parameters as well.

38 Citations

View as Search Results

74 Claims

1. A system for assuring proper execution of a software computer program on a computer apparatus, the system comprising:
- an integrated combination of computer software program comprised of a software application logic module and an operation assurance logic module;
  
  wherein the software application logic module and the operational assurance logic module each provide a plurality of sub-procedures which operate as a combined plurality of sub-procedures that are executed to provide combined computing functions comprised of the functionality of the respective software application module, and an integrated concurrent generation of unique security tags utilizing the functionality of the respective operational assurance logic module;
  
  storage for the integrated computer software program;
  
  a controller of the integrated computer software program for execution on the computer apparatus of a concurrent executed integrated combination of the respective software application logic module, and the respective operational assurance logic module, as expressly provided in the associated computer software program;
  
  wherein during the combined computing functions, the unique security tags which provide for validating that the software computer program as executed was not tampered with, are selectively generated by the sub-procedures of the operational assurance logic module and are only generated when the integrated software computer program is executed and has not been tampered with; and
  
  an associated operational checking logic, for validating that the integrated software computer program as executed was not tampered with responsive to the unique security tags.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28)
- - 2. The system as in claim 1, wherein the combined computing functions resist at least one of reverse engineering, modification, replacement of any of the software application logic module and the operational assurance logic module, and replacement of any portion of the software application logic module and the operational assurance logic module.
  - 3. The system as in claim 1, wherein the operational assurance logic module provides at least one of:
    - a cryptographic function for producing a pseudo-random sequence of security tags, and a digital signing function of selected parts of the software application logic module for producing a sequence of at least one security tag.
  - 4. The system as in claim 3, wherein the cryptographic function utilizes computation by at least one of:
    - applying a pseudo-random generator, applying a pseudo-random function, applying a cryptographic function, applying an encryption function, applying a scrambling subroutine, applying an authentication function, applying a digital signing function, applying a cryptographic hash function, applying a subroutine, applying a computational logic module, applying a symmetric cryptography function, applying an asymmetric cryptography function, employing a cryptographic key, employing a cryptographic seed, employing an encrypted software, employing an obfuscated software, employing a hidden program, employing logic with a set of parameters, employing a hardware module, employing a smart card, employing, a portable device, and employing a distributed protocol across a network, and employing a distributed protocol across a network for providing codes and parameters.
  - 5. The system as in claim 1, wherein the software application logic module provides logic to construct data packets.
  - 6. The system as in claim 5, wherein logic to construct data packets computes at least one of:
    - an IP data packet, a TCP/IP data packet, a UDP data packet, an ATM data packet, a MPLS data packet, a TCP SYN signal, a PING signal, an ICMP signal, an IPv4, IPv6, a FC frame, a cable modem frame, an Ethernet frame, and a data packet segmentation.
  - 7. The system as in claim 1, wherein the software application logic module provides rules of transmission.
  - 8. The system as in claim 7, wherein the rules of transmission compute at least one of:
    - performance characteristics, access characteristics, transmission limitations, transmission rates, window sizes, port numbers, IP addresses, network addresses, quotas, renewable quotas, packet structure limitations, a renewable precondition for transmission, and a schedule for transmission.
  - 9. The system as in claim 7, wherein at least one of the rules of transmission determines a renewable precondition for transmission;
    - andwherein the renewable precondition for transmission is least one of;
      
      a renewable transmission quota of trusted data packets, a number of trusted data packets that can be transmitted per unit of time, a time signal, a UTC time signal, a digitally signed time signal, a digital cache for transmission of trusted data packets, cryptographic keys for marking trusted data packets, predefined logic, an external rule controller, a security management system, via a network interface, a network appliance, a server, a network management system, a firewall, local computation, a smart card device, and a portable device.
  - 10. The system as in claim 1, wherein the operational assurance logic module provides a cryptographic function for producing a pseudo-random sequence of security tags;
    - wherein the software application logic module provides rules; and
      
      wherein the rules provide for computing at least one of;
      
      performance characteristics, execution time measurements, execution time measurements that are responsive to UTC, access characteristics, transmission limitations, transmission rates, window sizes, port numbers, IP addresses, network addresses, quotas, renewable quotas, packet structure limitations, and a schedule for transmission.
  - 11. The system as in claim 1, wherein the operational assurance logic module provides a cryptographic function for producing a pseudo-random sequence of security tags;
    - wherein the software application logic module provides logic to construct data packets and provides rules of transmission; and
      
      wherein the rules of transmission provide for computing at least one of;
      
      performance characteristics, access characteristics, execution time characteristics, execution time measurements that are responsive to UTC, transmission limitations, transmission rates, window sizes, port numbers, IP addresses, network addresses, quotas, renewable quotas, packet structure limitations, and a schedule for transmission.
  - 12. The system as in claim 1, further comprising:
    - a source of interlocking parameters and a remote trusted server; and
      
      wherein the source of interlocking parameters resides on at least one of a remote trusted server, a smart card;
      
      the system further comprising of means for combining the software application logic module and the operational assurance logic module according to defined interlocking logic responsive to the interlocking parameters received from the remote trusted server.
  - 13. The system as in claim 12, wherein the source of interlocking parameters is generated by at least one of a random source, cryptographic keys, a defined location in memory, receiving parameters from the trusted server, and receiving codes from the trusted server.
  - 14. The system as in claim 12, wherein the controller provides for determining a combination of subtask computing functions of the software application logic module and subtask computing functions of the operational assurance logic module to provide for combined function;
    - wherein the controller provides for a plurality of combinations of the subtask computing functions; and
      
      wherein each of the plurality of the combinations of the subtask computing functions provides for at least one of a plurality of combined functions.
  - 15. The system as in claim 14, wherein the combination is further comprised of at least one of obfuscation, encryption, replication, adding dummy code, addition of redundant control, renaming of variables, splitting a procedure into multiple sub-procedure, dictionary transformation, compilation, interpretation, cryptographic transformation, digital signing, and scrambling.
  - 16. The system as in claim 15, wherein the replication is comprised of repetitions of the software logic modules into an oversize program comprising the single logic program embedded therein.
  - 17. The system as in claim 16, wherein each repetition respectively defines a single program within the oversize.
  - 18. The system as in claim 1, wherein the controller further generates external software modules and parameters for linked operation to provide the combined computing functions;
    - means for transmitting the external software modules and parameters to separate computing subsystems; and
      
      wherein the external software modules and parameters are executed in the separate computing subsystems to provide at least one of;
      
      update information and renewable information coupled to the integrated computer software program.
  - 19. The system as in claim 18, wherein the means for transmitting utilizes at least one of:
    - encryption, authentication, time measurement, digital signing, digital signing of selected groups of instructions, and digital signing of selected groups of instructions responsive to parameters received from a remote trusted server across a network.
  - 20. The system as in claim 18, wherein the update information is at least one of:
    - a change data, a change executable code, a change pattern, a change order, a pseudo-change of dummy code, selected sub-procedures of the software application logic module and selected sub-procedures of the operational assurance logic module.
  - 21. The system as in claim 18, wherein the renewable information is at least one of:
    - a renewable transmission quota of trusted data packets, a number of trusted data packets that can be transmitted per unit of time, a time signal, a UTC time signal, a digitally signed time signal, a digital cache for transmission of trusted data packets, and cryptographic keys for marking trusted data packets.
  - 22. The system as in claim 18, wherein the software application logic module execution receives the external software modules and parameters from a remote trusted server across a network.
  - 23. The system as in claim 1, wherein security verification information is generated responsive to the operational assurance logic module as part of the combined computing functions, for utilization by the operational checking logic in a separate communications subsystem.
  - 24. The system as in claim 1, wherein the operational assurance logic module provides security services for at least one of:
    - user authentication, user sign-on, data packet authentication, user login, applying a user'"'"'s cryptographic keys, applying an organization'"'"'s cryptographic keys, and digital signing.
  - 25. The system as in claim 24, wherein the security services further provide for applying cryptographic transformations based on keys provided by a primary computing system.
  - 26. The system as in claim 25, wherein the primary computing system provides for execution of the computer software program.
  - 27. The system as in claim 1,wherein a secondary computing subsystem, which is independent and separate from the controller, provides for generating the integrated computer software program, responsive to the software application logic module and the operational assurance logic module.
  - 28. The system as in claim 1, wherein the computing functions are provided responsive to the validating that the software computer program, as executed, was not tampered with.

29. A method for assuring proper execution of a software computer program executing on a computing system, the method comprising:
- providing an integrated computer software program comprised of a software application logic module and an operational assurance logic module;
  
  wherein the software application logic module is operable to provide a plurality of sub-procedures to provide computing functions associated with the software application logic module execution of the integrated software computer program and as a part of the integrated software computer program;
  
  wherein the operational assurance logic provides for generation of unique security tags securely associated with the execution of the integrated software computer program;
  
  executing the integrated software computer program to provide generation of the unique software keys by the operation assurance logic when the integrated software computer program as executed is unaltered, to provide thr validating that the integrated software computer program that is being executed was not altered and that there was no tampering of the integrated software computer program;
  
  wherein the executing of the integrated software computer program provides a set of combined computing functions;
  
  wherein during the combined computing functions, an operational set of unique data tags are generated by the sub-procedures of the operational assurance logic module to provide for validating that the integrated software computer program as executed was not tampered with;
  
  wherein the integrated software computer program generates the operational unique data tags which only when operating as a part of the integrated software computer program; and
  
  validating that the integrated software computer program as executed was not tampered with, responsive to the unique data tags.
- View Dependent Claims (30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60)
- - 30. The method as in claim 29, further comprising:
    - producing a pseudo-random sequence of security tags responsive to the operational assurance logic module.
  - 31. The method as in claim 30, further comprising:
    - producing the pseudo-random sequence of security tags utilizing computation by at least one of;
      
      applying a pseudo-random generator, applying a pseudo-random function, applying a cryptographic function, applying an encryption function, applying a scrambling subroutine, applying an authentication function, applying a digital signing function, applying a cryptographic hash function, applying a subroutine, applying a computational logic module, applying a symmetric cryptography function, applying an asymmetric cryptography function, employing a cryptographic key, employing a cryptographic seed, employing an encrypted software, employing an obfuscated software, employing a hidden program, employing logic with a set of parameters, employing a hardware module, employing a smart card, employing a portable device, and employing a distributed protocol.
  - 32. The method as in claim 30, further comprising:
    - generating security verification information for utilization by security tag verification logic in a separate communications subsystem which validates the security tags.
  - 33. The method as in claim 29, further comprising:
    - constructing data packets responsive to the combined computing functions.
  - 34. The method as in claim 29, further comprising:
    - constructing data packets by computing utilizing at least one of;
      
      an IP data packet, a TCP/IP data packet, a UDP data packet, an ATM data packet, a MPLS data packet, a TCP SYN signal, a PING signal, an ICMP signal, an IPv4, an IPv6, a FC frame, a cable modem frame, a Ethernet frame, and a data packet segmentation.
  - 35. The method as in claim 29, further comprised of at least one of a trusted computing machine and a trusted hardware module;
    - wherein at least one of the software application logic module and the operational assurance logic module provides rules of transmission to at least one of the trusted computing machine and the trusted hardware module.
  - 36. The method as in claim 35, further comprising:
    - utilizing the rules of transmission to compute at least one of;
      
      performance characteristics, access time characteristics, execution time characteristics, transmission time limitations, transmission rates, window sizes, port numbers, IP addresses, network addresses, quotas, renewable quotas, packet structure limitations, and a schedule for transmission.
  - 37. The method as in claim 35, further comprising:
    - determining a renewable precondition for transmission responsive to at least one of the rules of transmission.
  - 38. The method as in claim 37, wherein the renewable precondition for transmission is least one of:
    - a renewable transmission quota of trusted data packets, a number of trusted data packets that can be transmitted per unit of time, a time signal, an execution time characteristic, an access time characteristic, a UTC time signal, digitally signed time signal, digital cash for transmission of trusted data packets, and cryptographic keys for marking trusted data packets.
  - 39. The method as in claim 37, further comprising:
    - obtaining the renewable precondition for transmission from at least one of a predefined logic, an external rule controller, a security management system, a network interface, a network appliance, a server, a network management system, a firewall, a local computation, a smart card device, and a portable device.
  - 40. The method as in claim 29, further comprising:
    - providing a cryptographic function for producing a pseudo-random sequence of security tags;
      
      providing rules of transmission; and
      
      utilizing the rules of transmission to provide for computing at least one of performance characteristics, access characteristics, transmission limitations, transmission rates, window sizes, port numbers, IP addresses, network addresses, quotas, renewable quotas, packet structure limitations, and schedule for transmission.
  - 41. The method as in claim 29, further comprising:
    - providing logic to construct data packets responsive to the combined computing functions.
  - 42. The method as in claim 29, further comprising:
    - combining the software application logic module and the operational assurance logic module according to a defined interlocking logic responsive to interlocking parameters.
  - 43. The method as in claim 42, further comprising:
    - generating a source of interlocking parameters by at least one of;
      
      a random source, cryptographic keys, and a defined location in memory.
  - 44. The method as in claim 42, further comprising:
    - providing the combined computing functions responsive to the combination of subtask functions of the software application logic module and subtask functions of the operational assurance logic module which generates the unique data tags when combined into and executed unaltered in the integrated software computer program.
  - 45. The method as in claim 44, further comprising:
    - providing the combination by a defined plurality of different methods; and
      
      wherein each of the different methods provides a respectively unique single logic program providing a respective combination of the computing functions.
  - 46. The method as in claim 45, wherein each of the different methods is further comprised of at least one of:
    - obfuscation, encryption, replication, adding dummy code, addition of redundant control, renaming of variables, splitting a procedure into multiple sub-procedure, dictionary transformation, compilation, interpretation, cryptographic transformation, digital signing, and scrambling.
  - 47. The method as in claim 46, wherein the software application logic module is comprised of a plurality of software logic modules;
    - andwherein the replication provides for repetitions of the plurality of the software logic modules into an oversize program; and
      
      embedding the single logic software computer program in the oversize program.
  - 48. The method as in claim 47, further comprising:
    - activating each repetition separately to define an active single program within the oversize program.
  - 49. The method as in claim 29, further comprising:
    - generating external software modules for linked operation with the integrated software computer program; and
      
      providing the proper operational unique data tags responsive to the execution of the external software modules integrated with execution of the integrated software computer program, to enable the providing the computing functions.
  - 50. The method as in claim 49, further comprising:
    - transmitting the external software modules to a plurality of separate computing subsystems; and
      
      executing at least one of the external software modules in a respective one of the separate computing subsystems to provide at least one of;
      
      update information and renewable information coupled to the software computer program.
  - 51. The method as in claim 50, wherein the update information is at least one of:
    - change data, a change executable code, a change pattern, a change order, and a pseudo-change of dummy code.
  - 52. The method as in claim 50, wherein the renewable information is at least one of:
    - a renewable transmission quota of trusted data packets, a number of trusted data packets that can be transmitted per unit of time, a time signal, a UTC time signal, a digitally signed time signal, digital cash for transmission of trusted data packets, and cryptographic keys for marking trusted data packets.
  - 53. The method as in claim 29, further comprising:
    - transmitting the software computer program to a primary computing system.
  - 54. The method as in claim 53, utilizing at least one of:
    - encryption, authentication, and digital signing for the transmitting of the single logic software computer program to the primary computing system.
  - 55. The method as in claim 29, further comprising:
    - providing security services responsive to the operational assurance logic module.
  - 56. The method as in claim 55, wherein the security services are comprised of at least one of:
    - user authentication, user sign-on, data packet authentication, user login, applying a user'"'"'s cryptographic keys, applying an organization'"'"'s cryptographic keys, and digital signing.
  - 57. The method as in claim 55, wherein the security services further provide for applying cryptographic transformations based on keys provided by a primary computing system.
  - 58. The method as in claim 57, wherein the primary computing system provides for execution of the combined computing functions.
  - 59. The method as in claim 29, further comprising:
    - providing the computing functions responsive to the validating that the computer software program, as executed, was not tampered with.
  - 60. The system as in claim 29, further comprising:
    - receiving external software modules and parameters from a remote trusted server across a network; and
      
      executing the software application logic module responsive to receiving the external software modules and parameters from the remote trusted server across the network.

61. A method for assuring non-tampered proper execution of a software computer program executing on a computing subsystem, the method comprising:
- providing an integrated combination of computer software program comprised of a software application logic module and an operation assurance logic module;
  
  wherein the software application logic module and the operational assurance logic module each provide a plurality of sub-procedures which operate as a combined plurality of sub-procedures that are executed to provide combined computing functions comprised of the functionality of the respective software application module, and an integrated concurrent generation of unique security tags utilizing the functionality of the respective operational assurance logic module;
  
  executing on the computer apparatus a concurrently executed integrated combination of the respective software application logic module and the respective operational assurance logic module, as expressly provided in the associated computer software program;
  
  wherein during the combined computing functions, the unique security tags which provide for validating that the software computer program as executed was not tampered with, are selectively generated by the sub-procedures of the operational assurance logic module and are only generated when the integrated software computer program is executed and has not been tampered with; and
  
  validating that the integrated software computer program as executed was not tampered with responsive to the unique security tags.
- View Dependent Claims (62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74)
- - 62. The method as in claim 61, wherein the operational assurance logic module utilizes a pseudo-random sequence of security tags.
  - 63. The method as in claim 62, wherein the security tags are created by at least one of:
    - a pseudo-random generator, a pseudo-random function, a cryptographic function, an encryption function, a scrambling subroutine, an authentication function, a digital signing function, a cryptographic hash function, a subroutine, a computational logic module, a symmetric cryptography function, an asymmetric cryptography function, a cryptographic key, employing a cryptographic seed, an encrypted software, an obfuscated software, a hidden program, logic with a set of parameters, a hardware module, a smart card, a portable device, and a distributed protocol.
  - 64. The method as in claim 62, further comprising:
    - providing security tag verification logic in a separate communications subsystem for generating security verification information responsive to validating the pseudo-random sequence of security tags.
  - 65. The method as in claim 61, wherein the software application logic module provides an output of data packets provided responsive to concurrent execution of the software application logic module and the operational assurance logic module.
  - 66. The method as in claim 61, wherein the software application logic module provides rules of transmission.
  - 67. The method as in claim 61, further comprising:
    - logic to provide data packets responsive to the software application logic module.
  - 68. The method as in claim 61, further comprising:
    - combining the software application logic module and the operational assurance logic module in order to generate the integrated software computer program responsive to defined interlocking logic.
  - 69. The method as in claim 61, further comprising:
    - providing, at a primary computing system, for at least one of;
      
      transmitting the integrated software computer program and receiving the integrated software computer program.
  - 70. The method as in claim 61, further comprising:
    - providing security services responsive to the operational assurance logic module; and
      
      wherein the security services are executed on at least one of;
      
      a trusted server across a network, a smart card, a tamper resisting hardware that is accessed via message passing protocol, and a tamper resisting hardware that is accessed via memory mapped input and output (I/O).
  - 71. The method as in claim 61, further comprising:
    - security services responsive to the operational assurance logic module; and
      
      wherein the security services further provide for applying cryptography transformations based on keys provided by a primary computing system.
  - 72. The method as in claim 69, wherein the provides for execution of the software computer program.
  - 73. The method as in claim 61, wherein the concurrent execution of the software application logic module and the operational assurance logic module provide validation that the computer software program, as executed, was not tampered with.
  - 74. The method as in claim 61, wherein the single logic software computer program only provides the computing functions of the software application logic module and the computing functions of the operational assurance logic module responsive to the validating.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Attestwave LLC (Jeffrey M. Gross)
Original Assignee
Trustedflow Systems, Inc.
Inventors
Ofek, Yoram, Yung, Marcel Mordechay
Primary Examiner(s)
Vu; Kimyen
Assistant Examiner(s)
TRUVAN, LEYNNA THANH

Application Number

US10/219,378
Publication Number

US 20030177374A1
Time in Patent Office

3,114 Days
Field of Search

709100-103, 709/106, 709/225, 709/229, 705/64, 705/67, 705/75, 726 2- 7, 726/17, 726/19, 726/21, 726/27, 726/30, 707 4- 5, 707/103.R, 707100-102, 707/103.Y, 707/104.1, 717/120, 717/126, 717/127, 717/171, 717/172, 717/176, 717/177
US Class Current

726/5
CPC Class Codes

G06F 21/14   against software analysis o...

H04L 47/10   Flow control; Congestion co...

H04L 47/193   at the transport layer, e.g...

H04L 47/27   Evaluation or update of win...

H04L 47/283   in response to processing d...

H04L 63/0227   Filtering policies mail mes...

H04L 63/10   for controlling access to d...

H04L 69/16   Implementation or adaptatio...

H04L 69/161   Implementation details of T...

H04L 69/163   In-band adaptation of TCP d...

Y04S 40/20   Information technology spec...

Y10S 707/99939   Privileged access

Secure logic interlocking

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

38 Citations

74 Claims

Specification

Solutions

Use Cases

Quick Links

Secure logic interlocking

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

38 Citations

74 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links