Trusted code groups
First Claim
Patent Images
1. A method executed by a computer for ensuring trust between code modules, the method comprising:
- receiving code identifying a hierarchy of Trusted Entities (“
TEs”
), the hierarchy consisting of a root TE and at least one subordinate TE, each subordinate TE having one or more associated Trusted Code Groups (“
TCGs”
), each TCG having a unique 32-bit TCG ID;
receiving an application that uses a class of functionality, the application including a first list of TGCs trusted by the application to implement the class;
receiving a library that implements the class of functionality, the library being signed using a signing key, the signature including a list of TCG IDs identifying a second list of TCGs, each TCG in the second list of TCGs being a module that the library has been approved to access;
executing code in the application which requests creation of an instance of a class implemented in the library;
loading the library into application memory; and
prior to loading the library, causing the signature on the library to be verified to determine if the TGC IDs in the signature of the library are listed in the first list of TGCs,wherein each TGC ID is allocated a bit range uniquely identifying the subordinate TE to which it belongs.
1 Assignment
0 Petitions
Accused Products
Abstract
Described are techniques and mechanisms for enforcing trust between an application and a library loaded by the application. Very generally stated, the application declares one or more trusted code groups (“TCGs”) of which a library must be a member to be authorized for execution with the application. Libraries that are authorized to assert membership in one or more TCGs include a secure indicator of that membership. As the application executes and attempts to load a library, that libraries membership in a TCG authorized by the application is verified prior to loading the library.
-
Citations
35 Claims
-
1. A method executed by a computer for ensuring trust between code modules, the method comprising:
-
receiving code identifying a hierarchy of Trusted Entities (“
TEs”
), the hierarchy consisting of a root TE and at least one subordinate TE, each subordinate TE having one or more associated Trusted Code Groups (“
TCGs”
), each TCG having a unique 32-bit TCG ID;receiving an application that uses a class of functionality, the application including a first list of TGCs trusted by the application to implement the class; receiving a library that implements the class of functionality, the library being signed using a signing key, the signature including a list of TCG IDs identifying a second list of TCGs, each TCG in the second list of TCGs being a module that the library has been approved to access; executing code in the application which requests creation of an instance of a class implemented in the library; loading the library into application memory; and prior to loading the library, causing the signature on the library to be verified to determine if the TGC IDs in the signature of the library are listed in the first list of TGCs, wherein each TGC ID is allocated a bit range uniquely identifying the subordinate TE to which it belongs. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method executed by a computer for verifying a trustworthiness of a library, comprising:
-
receiving code identifying a hierarchy of Trusted Entities (“
TEs”
), the hierarchy consisting of a root TE and at least one subordinate TE, each subordinate TE having one or more associated Trusted Code Groups (“
TCGs”
), each TCG having a unique 32-bit TCG ID;receiving an instruction from an application to load the library, the application having an associated list of authorized TGCs each TCG representing a level of trust associated with a group of libraries; examining the library to detect a digital signature that associates the library with a TCG; comparing the TCG of the library to the list of authorized TCGs associated with the application to determine if the library is authorized to execute with the application; and if the library is authorized, loading the library, wherein each TGC ID is allocated a bit range uniquely identifying the subordinate TE to which it belongs. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A non-transitory storage medium having computer-executable instructions for verifying a trustworthiness of a library, comprising:
-
receiving code identifying a hierarchy of Trusted Entities (“
TEs”
), the hierarchy consisting of a root TE and at least one subordinate TE, each subordinate TE having one or more associated Trusted Code Groups (“
TCGs”
), each TCG having a unique 32-bit TCG ID;receiving an instruction from an application to load the library, the application having an associated list of authorized TGCs, each TCG representing a level of trust associated with a group of libraries; examining the library to detect a digital signature that associates the library with a TCG; comparing the TCG of the library to the list of authorized TCGs associated with the application to determine if the library is authorized to execute with the application; and if the library is authorized, loading the library, wherein each TGC ID is allocated a bit range uniquely identifying the subordinate TE to which it belongs. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
-
-
33. An apparatus for verifying a trustworthiness of a library, comprising:
-
means for receiving code identifying a hierarchy of Trusted Entities (“
TEs”
), the hierarchy consisting of a root TE and at least one subordinate TE, each subordinate TE having one or more associated Trusted Code Groups (“
TCGs”
), each TCG having a unique 32-bit TCG ID;means for receiving an instruction from an application to load the library, the application having an associated list of authorized TCGs, each TCG representing a level of trust associated with a group of libraries; means for examining the library to detect a digital signature that associates the library with a TCG; means for comparing the TCG of the library to the list of authorized TCGs associated with the application to determine if the library is authorized to execute with the application; and if the library is authorized, means for loading the library, wherein each TGC ID is allocated a bit range uniquely identifying the subordinate TE to which it belongs. - View Dependent Claims (34)
-
-
35. An apparatus for verifying a trustworthiness of a library, comprising:
-
a storage medium on which is stored an application and a library; a processor; and a memory coupled to the processor and the storage medium, and in which resides computer-executable components that are operative to cause the processor to; receive code identifying a hierarchy of Trusted Entities (“
TEs”
), the hierarchy consisting of a root TE and at least one subordinate TE, each subordinate TE having one or more associated Trusted Code Groups (“
TCGs”
), each TCG having a unique 32-bit TCG ID;receive an instruction from an application to load the library, the application having an associated list of authorized TCGs, each TCG representing a level of trust associated with a group of libraries; examine the library to detect a digital signature that associates the library with a TCG; compare the TCG of the library to the list of authorized TCGs associated with the application to determine if the library is authorized to execute with the application; and if the library is authorized, to load the library, wherein each TGC ID is allocated a bit range uniquely identifying the subordinate TE to which it belongs.
-
Specification