Trusted code groups

US 8,020,001 B2
Filed: 02/23/2006
Issued: 09/13/2011
Est. Priority Date: 02/23/2006
Status: Active Grant

First Claim

Patent Images

1. A method executed by a computer for ensuring trust between code modules, the method comprising:

receiving code identifying a hierarchy of Trusted Entities (“

TEs”

), the hierarchy consisting of a root TE and at least one subordinate TE, each subordinate TE having one or more associated Trusted Code Groups (“

TCGs”

), each TCG having a unique 32-bit TCG ID;

receiving an application that uses a class of functionality, the application including a first list of TGCs trusted by the application to implement the class;

receiving a library that implements the class of functionality, the library being signed using a signing key, the signature including a list of TCG IDs identifying a second list of TCGs, each TCG in the second list of TCGs being a module that the library has been approved to access;

executing code in the application which requests creation of an instance of a class implemented in the library;

loading the library into application memory; and

prior to loading the library, causing the signature on the library to be verified to determine if the TGC IDs in the signature of the library are listed in the first list of TGCs,wherein each TGC ID is allocated a bit range uniquely identifying the subordinate TE to which it belongs.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Described are techniques and mechanisms for enforcing trust between an application and a library loaded by the application. Very generally stated, the application declares one or more trusted code groups (“TCGs”) of which a library must be a member to be authorized for execution with the application. Libraries that are authorized to assert membership in one or more TCGs include a secure indicator of that membership. As the application executes and attempts to load a library, that libraries membership in a TCG authorized by the application is verified prior to loading the library.

Citations

35 Claims

1. A method executed by a computer for ensuring trust between code modules, the method comprising:
- receiving code identifying a hierarchy of Trusted Entities (“
  
  TEs”
  
  ), the hierarchy consisting of a root TE and at least one subordinate TE, each subordinate TE having one or more associated Trusted Code Groups (“
  
  TCGs”
  
  ), each TCG having a unique 32-bit TCG ID;
  
  receiving an application that uses a class of functionality, the application including a first list of TGCs trusted by the application to implement the class;
  
  receiving a library that implements the class of functionality, the library being signed using a signing key, the signature including a list of TCG IDs identifying a second list of TCGs, each TCG in the second list of TCGs being a module that the library has been approved to access;
  
  executing code in the application which requests creation of an instance of a class implemented in the library;
  
  loading the library into application memory; and
  
  prior to loading the library, causing the signature on the library to be verified to determine if the TGC IDs in the signature of the library are listed in the first list of TGCs,wherein each TGC ID is allocated a bit range uniquely identifying the subordinate TE to which it belongs.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method recited in claim 1, wherein the signature associates the library with the TCG by binding the library to the TCG ID that identifies the TCG.
  - 3. The method recited in claim 1, wherein public key cryptography is used to sign and verify the library.
  - 4. The method recited in claim 3, wherein the signing and verification are done using certificate hierarchies.
  - 5. The method recited in claim 4, wherein causing the signature to be verified further comprises determining if the TCG certificate has expired.
  - 6. The method recited in claim 4, wherein causing the signature to be verified further comprises determining if the TCG certificate has been revoked.
  - 7. The method recited in claim 1, wherein the signature associates the library with the TCG through a certificate chain that associates the signing key with the root Trusted Entity (“
    - TE”
      
      ) that is responsible for authorizing libraries to be signed into the TCG.
  - 8. The method recited in claim 1, wherein causing the signature on the library to be verified comprises verifying the signature using a root certificate associated with the subordinate TE, the root certificate being used to verify the authenticity of the signature and that the subordinate TE is authorized to sign the library into the TCG.
  - 9. The method recited in claim 1, wherein the application comprises one or more code modules selected from a group comprising a user application, a script, web page content, markup content, and a user interface.
  - 10. The method recited in claim 1, wherein the library comprises one or more code modules selected from a group comprising a shared library, a public library, a dynamically linked library, a statically linked library, an extension, a script, a configuration, content, a user interface, and a resource.

11. A method executed by a computer for verifying a trustworthiness of a library, comprising:
- receiving code identifying a hierarchy of Trusted Entities (“
  
  TEs”
  
  ), the hierarchy consisting of a root TE and at least one subordinate TE, each subordinate TE having one or more associated Trusted Code Groups (“
  
  TCGs”
  
  ), each TCG having a unique 32-bit TCG ID;
  
  receiving an instruction from an application to load the library, the application having an associated list of authorized TGCs each TCG representing a level of trust associated with a group of libraries;
  
  examining the library to detect a digital signature that associates the library with a TCG;
  
  comparing the TCG of the library to the list of authorized TCGs associated with the application to determine if the library is authorized to execute with the application; and
  
  if the library is authorized, loading the library,wherein each TGC ID is allocated a bit range uniquely identifying the subordinate TE to which it belongs.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 12. The method recited in claim 11, wherein the digital signature associates the library with the TCG through a certificate chain that associates a signing key used to create the digital signature with a root certificate for the subordinate Trusted Entity (“
    - TE”
      
      ) that is responsible for authorizing libraries to be signed into the TCG.
  - 13. The method recited in claim 11, wherein the digital signature associates the library with the TCG by binding the library to a TCG ID that identifies a particular TCG.
  - 14. The method recited in claim 13, wherein the TCG ID comprises an integer value in a range of integer values, at least one of the integer values being used to identify a group of libraries that have been evaluated for authorization to use the at least one integer values.
  - 15. The method recited in claim 11, further comprising validating the digital signature to ensure that the TCG association with the library is authentic.
  - 16. The method recited in claim 15, wherein validating the digital signature comprises using a root certificate associated with a trusted entity to ensure that the digital signature is authentic.
  - 17. The method recited in claim 15, wherein validating the digital signature comprises verifying that a trusted entity is authorized to sign the library into the TCG.
  - 18. The method recited in claim 11, further comprising if the library is not authorized, not loading the library.
  - 19. The method recited in claim 11, wherein the application comprises one or more code modules selected from a group comprising a user application, a script, web page content, markup content, and a user interface.
  - 20. The method recited in claim 11, wherein the library comprises one or more code modules selected from a group comprising a shared library, a public library, a dynamically linked library, a statically linked library, an extension, a script, a configuration, content, a user interface, and a resource.
  - 21. The method recited in claim 11, wherein the instruction from the application comprises a request for a particular class of functionality, and further wherein the library comprises one of a group of libraries that provide the particular class of functionality, the method further comprising the step of selecting the library from the group of libraries based on the library being associated with an authorized TCG.

22. A non-transitory storage medium having computer-executable instructions for verifying a trustworthiness of a library, comprising:
- receiving code identifying a hierarchy of Trusted Entities (“
  
  TEs”
  
  ), the hierarchy consisting of a root TE and at least one subordinate TE, each subordinate TE having one or more associated Trusted Code Groups (“
  
  TCGs”
  
  ), each TCG having a unique 32-bit TCG ID;
  
  receiving an instruction from an application to load the library, the application having an associated list of authorized TGCs, each TCG representing a level of trust associated with a group of libraries;
  
  examining the library to detect a digital signature that associates the library with a TCG;
  
  comparing the TCG of the library to the list of authorized TCGs associated with the application to determine if the library is authorized to execute with the application; and
  
  if the library is authorized, loading the library,wherein each TGC ID is allocated a bit range uniquely identifying the subordinate TE to which it belongs.
- View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
- - 23. The storage medium recited in claim 22, wherein the digital signature associates the library with the TCG through a certificate chain that associates a signing key used to create the digital signature with a root certificate for the subordinate Trusted Entity (“
    - TE”
      
      ) that is responsible for authorizing libraries to be signed into the TCG.
  - 24. The storage medium recited in claim 22, wherein the digital signature associates the library with the TCG by binding the library to a TCG ID that identifies a particular TCG.
  - 25. The storage medium recited in claim 24, wherein the TCG ID comprises an integer value in a range of integer values, at least one of the integer values being used to identify a group of libraries that have been evaluated for authorization to use the at least one integer values.
  - 26. The storage medium recited in claim 24, further comprising validating the digital signature to ensure that the TCG ID association with the library is authentic.
  - 27. The storage medium recited in claim 26, wherein validating the digital signature comprises using a root certificate associated with a trusted entity to ensure that the digital signature is authentic.
  - 28. The storage medium recited in claim 26, wherein validating the digital signature comprises verifying that a trusted entity is authorized to sign the library into the TCG.
  - 29. The storage medium recited in claim 22, further comprising if the library is not authorized, not loading the library.
  - 30. The storage medium recited in claim 22, wherein the application comprises one or more code modules selected from a group comprising a user application, a script, web page content, markup content, and a user interface.
  - 31. The storage medium recited in claim 22, wherein the library comprises one or more code modules selected from a group comprising a shared library, a public library, a dynamically linked library, a statically linked library, an extension, a script, a configuration, content, a user interface, and a resource.
  - 32. The storage medium recited in claim 22, wherein the instruction from the application comprises a request for a particular class of functionality, and further wherein the library comprises one of a group of libraries that provide the particular class of functionality, the computer-executable instructions further comprising selecting the library from the group of libraries based on the library being associated with an authorized TCG.

33. An apparatus for verifying a trustworthiness of a library, comprising:
- means for receiving code identifying a hierarchy of Trusted Entities (“
  
  TEs”
  
  ), the hierarchy consisting of a root TE and at least one subordinate TE, each subordinate TE having one or more associated Trusted Code Groups (“
  
  TCGs”
  
  ), each TCG having a unique 32-bit TCG ID;
  
  means for receiving an instruction from an application to load the library, the application having an associated list of authorized TCGs, each TCG representing a level of trust associated with a group of libraries;
  
  means for examining the library to detect a digital signature that associates the library with a TCG;
  
  means for comparing the TCG of the library to the list of authorized TCGs associated with the application to determine if the library is authorized to execute with the application; and
  
  if the library is authorized, means for loading the library, wherein each TGC ID is allocated a bit range uniquely identifying the subordinate TE to which it belongs.
- View Dependent Claims (34)
- - 34. The apparatus recited in claim 33, further comprising if the library is not authorized, not loading the library.

35. An apparatus for verifying a trustworthiness of a library, comprising:
- a storage medium on which is stored an application and a library;
  
  a processor; and
  
  a memory coupled to the processor and the storage medium, and in which resides computer-executable components that are operative to cause the processor to;
  
  receive code identifying a hierarchy of Trusted Entities (“
  
  TEs”
  
  ), the hierarchy consisting of a root TE and at least one subordinate TE, each subordinate TE having one or more associated Trusted Code Groups (“
  
  TCGs”
  
  ), each TCG having a unique 32-bit TCG ID;
  
  receive an instruction from an application to load the library, the application having an associated list of authorized TCGs, each TCG representing a level of trust associated with a group of libraries;
  
  examine the library to detect a digital signature that associates the library with a TCG;
  
  compare the TCG of the library to the list of authorized TCGs associated with the application to determine if the library is authorized to execute with the application; and
  
  if the library is authorized, to load the library,wherein each TGC ID is allocated a bit range uniquely identifying the subordinate TE to which it belongs.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Qualcomm, Inc.
Original Assignee
Qualcomm, Inc.
Inventors
Kelley, Brian Harold, Hohlfeld, Matthew, Lundblade, Laurence
Primary Examiner(s)
Hoffman; Brandon S
Assistant Examiner(s)
TRUONG, THONG P

Application Number

US11/361,230
Publication Number

US 20070198841A1
Time in Patent Office

2,028 Days
Field of Search

713/176
US Class Current

713/176
CPC Class Codes

G06F 21/51   at application loading time...

G06F 21/52   during program execution, e...

G06F 8/60   Software deployment

G06F 8/61   Installation

Trusted code groups

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

35 Claims

Specification

Solutions

Use Cases

Quick Links

Trusted code groups

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

35 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links