Application security in an interactive media environment

US 7,941,522 B2
Filed: 02/15/2006
Issued: 05/10/2011
Est. Priority Date: 07/01/2005
Status: Expired due to Fees

First Claim

Patent Images

1. A method for ensuring security of an application in an interactive multimedia environment, comprising:

a. receiving an application comprising instructions for synchronously managing graphics, audio, and video multimedia objects responsively to user input, the instructions not executable to implement a security policy for the application;

b. detecting whether the application has an associated digital signature, wherein the detecting comprises reading a manifest file associated with the application, and determining if the manifest is signed with an author'"'"'s signature and certificate;

c. if a valid digital signature associated with the application is detected, then executing the application by a processor associated with a multimedia player to synchronously manage graphics, audio, and video multimedia objects responsively to user input events, execution of the application resulting in the application having access to a source of local storage of the multimedia player and a network resource;

d. if a valid digital signature associated with the application is not detected, then executing the application by a processor associated with a multimedia player to synchronously manage graphics, audio, and video multimedia objects responsively to user input events, while prohibiting the executing application from accessing a source of local storage of the multimedia player and a network resource;

e. receiving another application;

f. detecting whether the other application has an associated digital signature; and

g. if either a valid digital signature associated with the application or a valid digital signature associated with the other application is not detected, then denying permission for both applications to access both a source of local storage and a network resource of the multimedia player;

orh. if both a valid digital signature associated with the application and a valid digital signature associated with the other application are detected, then granting permission for both applications to access both a source of local storage and a network resource.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A security system is described which controls the access of applications to system resources in the field of interactive multimedia. The system establishes a framework for application security, including a signature system, and further provides file formats that support security. Signed applications are afforded high access privileges, while unsigned applications are afforded low access privileges. The combination of signed and unsigned applications on, e.g., a disk, provides for low access privileges for all applications, signed and unsigned.

127 Citations

17 Claims

1. A method for ensuring security of an application in an interactive multimedia environment, comprising:
- a. receiving an application comprising instructions for synchronously managing graphics, audio, and video multimedia objects responsively to user input, the instructions not executable to implement a security policy for the application;
  
  b. detecting whether the application has an associated digital signature, wherein the detecting comprises reading a manifest file associated with the application, and determining if the manifest is signed with an author'"'"'s signature and certificate;
  
  c. if a valid digital signature associated with the application is detected, then executing the application by a processor associated with a multimedia player to synchronously manage graphics, audio, and video multimedia objects responsively to user input events, execution of the application resulting in the application having access to a source of local storage of the multimedia player and a network resource;
  
  d. if a valid digital signature associated with the application is not detected, then executing the application by a processor associated with a multimedia player to synchronously manage graphics, audio, and video multimedia objects responsively to user input events, while prohibiting the executing application from accessing a source of local storage of the multimedia player and a network resource;
  
  e. receiving another application;
  
  f. detecting whether the other application has an associated digital signature; and
  
  g. if either a valid digital signature associated with the application or a valid digital signature associated with the other application is not detected, then denying permission for both applications to access both a source of local storage and a network resource of the multimedia player;
  
  orh. if both a valid digital signature associated with the application and a valid digital signature associated with the other application are detected, then granting permission for both applications to access both a source of local storage and a network resource.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 17)
- - 2. The method of claim 1, further comprising if a valid digital signature associated with the application is detected, then giving the executing application permission access to file I/O and security and diagnostic APIs associated with the multimedia player.
  - 3. The method of claim 1, wherein the application includes an archive which houses the manifest file and at least one resource file, and wherein the manifest file is the first file in the archive.
  - 4. The method of claim 3, wherein the archive has a format such that the archive may be streamed efficiently.
  - 5. The method of claim 1, further comprising if a valid digital signature associated with the application is detected, then the application includes a signed root certificate, a content revocation list, or an author identifier.
  - 6. The method of claim 1, wherein the source of local storage is a directory keyed to the author identifier.
  - 7. The method of claim 1, further comprising if a valid digital signature associated with the application is detected, then prohibiting the executing application from accessing a source of local storage of the multimedia player comprises denying permission access to file I/O and security and diagnostic APIs associated with the multimedia player.
  - 8. The method of claim 1, further comprising if a valid digital signature associated with the application is not detected, then giving permission access to utilization of a markup language and utilization of the objects consisting of:
    - XML without I/O functionality, globalization, drawing functions, and user input operations.
  - 9. The method of claim 1, further comprising if a valid digital signature associated with the application is not detected, and the application is received from an optical disk, then running the application only from the optical disk.
  - 17. The method according to claim 1, wherein the step of receiving an application comprises receiving an application via a media disk readable by the multimedia player.

10. A multimedia playback system for applications comprising instructions for synchronously managing graphics, audio, and video multimedia objects responsively to user input events, the instructions not executable to implement a security policy for the applications, comprising:
- a network resource;
  
  a source of local storage;
  
  a device to receive at least a first application;
  
  a processor to detect whether any received application has an associated digital signature;
  
  wherein if only a first application is received, and if a valid digital signature associated with the first application is detected, then executing the application by a processor associated with a multimedia player to synchronously manage graphics, audio, and video multimedia objects responsively to user input events, execution of the first application resulting in the first application having access to a source of local storage of the multimedia player and a network resource;
  
  wherein if only a first application is received, and if a valid digital signature associated with the first application is not detected, then executing the first application by a processor associated with a multimedia player to synchronously manage graphics, audio, and video multimedia objects responsively to user input events, while prohibiting the executing application from accessing a source of local storage of the multimedia player and a network resource;
  
  wherein if a valid digital signature associated with the first application and a valid digital signature associated with a second application are detected, wherein the detecting comprises reading a manifest file associated with the application, and determining if the manifest is signed with an author'"'"'s signature and certificate, the first application and the second application are executed by the processor to synchronously manage graphics, audio, and video multimedia objects responsively to user events, and both the first application and the second application are given permission to access the source of local storage and the network resource; and
  
  wherein if a valid digital signature associated with the first application or a valid digital signature associated with the second application is not detected, the first application and the second application are executed by the processor to synchronously manage graphics, audio, and video multimedia objects responsively to user events, but denied permission to access the source of local storage and the network resource.
- View Dependent Claims (11, 12, 13, 14, 15, 16)
- - 11. The system of claim 10, wherein the processor detects whether the first application and the second application each have an associated digital signature by reading a manifest file associated with the application, and determining if the manifest is signed with the author'"'"'s signature and certificate.
  - 12. The system of claim 11, wherein the first application and the second application each contain an archive which houses the manifest file and at least one resource file, and wherein the manifest file is the first file in the archive.
  - 13. The system of claim 10, wherein if the signature status is signed, then the first application and the second application each include a signed root certificate, a content revocation list, or an author identifier.
  - 14. The system of claim 13, wherein the source of local storage is a directory keyed to the author identifier.
  - 15. The system of claim 10, wherein if a valid digital signature associated with the first application and a valid digital signature associated with the second application are each detected, then the first application and the second application are each given permission access to file I/O and security and diagnostic APIs.
  - 16. The system of claim 10, wherein if a valid digital signature associated with the first application or with the second application is not detected, then the first and second applications are:
    - a. denied permission access to file I/O and security and diagnostic APIs;
      
      orb. given permission access to utilization of a markup language and utilization of the objects consisting of;
      
      XML without I/O functionality, globalization, drawing functions, and user input operations.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Arrouye, Yves, Hughes, Robert K. Jr.
Primary Examiner(s)
Vaughn, Jr.; William C
Assistant Examiner(s)
Cloud; Joiya M

Application Number

US11/354,800
Publication Number

US 20070005758A1
Time in Patent Office

1,910 Days
Field of Search

709/224, 709/229, 709/231, 713/176
US Class Current

709/224
CPC Class Codes

G06F 21/51   at application loading time...

H04N 21/4424   Monitoring of the internal ...

H04N 21/4431   characterized by the use of...

Application security in an interactive media environment

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

127 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Application security in an interactive media environment

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

127 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links