Securely sharing applications installed by unprivileged users

US 8,082,442 B2
Filed: 08/10/2006
Issued: 12/20/2011
Est. Priority Date: 08/10/2006
Status: Expired due to Fees

First Claim

Patent Images

1. At a computer system, the computer system including a processor and system memory, the computer system accessible to a plurality of different users that share applications installed at the computer system, each user instantiating shared applications through the interoperation between components in a shared repository and components in a user specific private repository, a method for securely sharing a software application between users at the computer system, the method comprising:

an act of receiving a user entered command from a specified user, the specified user being one of the plurality of users that share applications at the computer system, the user command instructing the computer system to instantiate a shared software application for use by the specified user, the shared software application having been previously installed for use by the specified user, the previous installation including at least installing one or more shared application data objects in a shared repository and installing at least a user manifest corresponding to the shared software application and one or more user specific configuration data objects in a user specific private repository for the specified user, the user manifest including;

an first application identifier for identifying the shared software application stored in the shared repository; and

a public key for a publisher of the shared software application;

an act of accessing an application manifest for the shared software application from the shared repository in response to the user entered command, the application manifest including;

a second application identifier for identifying the shared software application stored in the shared repository;

a digital signature representing the publisher'"'"'s signature on the application manifest file; and

one or more data object identifiers detailing characteristics of appropriate application data objects for executing the shared software application;

prior to permitting the shared software application to run at the computer system for use by the specified user, an act of processing the shared software application to verify security of the shared software application by verifying aspects of the application manifest stored in the shared repository, including;

an act of the processor using the public key of the publisher to verify the publisher'"'"'s signature on the application manifest for authenticity and to verify that the publisher is the author of the application manifest prior to relying on information contained in the application manifest to perform further verifications for the shared software application;

an act of verifying that the first application identifier matches the second application identifier; and

an act of verifying that the application data objects are appropriate for executing the shared software application by comparing the application data objects to characteristics detailed in the one or more data object identifiers; and

upon verifying each of the aspects of the application manifest, an act of running the shared software application using the installed user specific configuration data objects that specify how the application is to be run for the user, wherein the shared application data objects in the shared repository are locked while the application is running such that other users are prevented from modifying the shared application data objects.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one embodiment of this invention, a computer system performs a method for securely sharing applications installed by unprivileged users. The method involves the computer system receiving a user associated command from a user of the computer system. A previous application installation included installing an application manifest and application data objects in a shared repository and installing a user manifest and user configuration data objects in a private repository for an initial installing user. The computer system verifies that a digital signature of the application manifest corresponds to a public key of a user manifest for the associated user. The computer system verifies that an application identifier of the application manifest matches an application identifier of the user manifest. The computer system verifies that the data objects belong to the software application by comparing the application data objects to one or more data object identifiers in the application manifest.

63 Citations

View as Search Results

11 Claims

1. At a computer system, the computer system including a processor and system memory, the computer system accessible to a plurality of different users that share applications installed at the computer system, each user instantiating shared applications through the interoperation between components in a shared repository and components in a user specific private repository, a method for securely sharing a software application between users at the computer system, the method comprising:
- an act of receiving a user entered command from a specified user, the specified user being one of the plurality of users that share applications at the computer system, the user command instructing the computer system to instantiate a shared software application for use by the specified user, the shared software application having been previously installed for use by the specified user, the previous installation including at least installing one or more shared application data objects in a shared repository and installing at least a user manifest corresponding to the shared software application and one or more user specific configuration data objects in a user specific private repository for the specified user, the user manifest including;
  
  an first application identifier for identifying the shared software application stored in the shared repository; and
  
  a public key for a publisher of the shared software application;
  
  an act of accessing an application manifest for the shared software application from the shared repository in response to the user entered command, the application manifest including;
  
  a second application identifier for identifying the shared software application stored in the shared repository;
  
  a digital signature representing the publisher'"'"'s signature on the application manifest file; and
  
  one or more data object identifiers detailing characteristics of appropriate application data objects for executing the shared software application;
  
  prior to permitting the shared software application to run at the computer system for use by the specified user, an act of processing the shared software application to verify security of the shared software application by verifying aspects of the application manifest stored in the shared repository, including;
  
  an act of the processor using the public key of the publisher to verify the publisher'"'"'s signature on the application manifest for authenticity and to verify that the publisher is the author of the application manifest prior to relying on information contained in the application manifest to perform further verifications for the shared software application;
  
  an act of verifying that the first application identifier matches the second application identifier; and
  
  an act of verifying that the application data objects are appropriate for executing the shared software application by comparing the application data objects to characteristics detailed in the one or more data object identifiers; and
  
  upon verifying each of the aspects of the application manifest, an act of running the shared software application using the installed user specific configuration data objects that specify how the application is to be run for the user, wherein the shared application data objects in the shared repository are locked while the application is running such that other users are prevented from modifying the shared application data objects.
- View Dependent Claims (2, 3, 4, 5, 10, 11)
- - 2. The method of claim 1, wherein application data objects in include executable and data files for the shared software application.
  - 3. The method of claim 2, wherein at least one of the executable files or the data files for the shared software application are digitally signed.
  - 4. The method of claim 1, wherein the one or more data object identifier detail at least one of the following for the shared software application:
    - a name, a version, a timestamp, a size, a checksum, or a hash code.
  - 5. The method of claim 4, wherein partial hash codes are stored for one or more application data objects.
  - 10. The method as recited in claim 1, wherein the act of verifying that first application identifier matches the second application identifier comprises an act of verifying that first application identifier matches the second application identifier subsequently and in response to verifying the publisher'"'"'s signature is authentic.
  - 11. The method as recited in claim 1, wherein the act of verifying that the application data objects are appropriate for executing the shared software application by comparing the application data objects to characteristics detailed in the one or more data object identifiers comprises an act of comparing the application data objects to characteristics detailed in the one or more data object identifiers subsequently and in response to verifying that first application identifier matches the second application identifier.

6. At a computer system, the computer system including a processor and system memory, the computer system accessible to a plurality of different users that share applications installed at the computer system, each user instantiating shared applications through the interoperation between components in a shared repository and components in a user specific private repository, a method for installing a shared software application for use by a plurality of users on a computer system, the method comprising:
- an act of receiving an indication that a first user is requesting to install a software application at the computer system for use by the first user;
  
  in response to the indication;
  
  an act of installing application data objects for the software application in the shared repository;
  
  an act of installing an application manifest for the software application in the shared repository, the application manifest including;
  
  an application identifier for identifying the software application stored in the shared repository;
  
  a digital signature representing a signature of a publisher of the software application on the application manifest file; and
  
  one or more data object identifiers detailing characteristics of appropriate application data objects for executing the software application; and
  
  an act of installing a first user manifest for the first user and one or more user specific configuration data objects in a user specific private repository for the first user, the first user manifest for use by the first user to verify the security of the shared software application by verifying aspects of the application manifest stored in the shared repository in response to a request by the first user to run the software application, the first user manifest including;
  
  a first application identifier for identifying the software application installed in the shared repository; and
  
  a public key for the publisher of the software application for verifying the publisher'"'"'s signature on the application manifest for authenticity and for verifying that the publisher is the author of the application manifest prior to relying on information contained in the application manifest to perform further verifications for the shared software application; and
  
  an act of receiving a subsequent indication that a second user is requesting to install the software application at the computer system for use by the second user, the subsequent indication received after installing the application manifest and the application data objects in the shared repository;
  
  in response to the second indication;
  
  an act of detecting that the application manifest and the application data objects were previously installed in the shared repository;
  
  an act of refraining from installing the application manifest and application data objects in the shared repository in response to detecting that the application manifest and application data objects were previously installed;
  
  an act of installing a second user manifest in a user specific private repository for the second user, the second user manifest for use by the second user to verify the security of the shared software application by verifying aspects of the application manifest stored in the shared repository in response to a request by the second user to run the software application, the second manifest containing information for appropriately accessing the application data objects from the shared repository that were installed in response to the indication, the second user manifest including;
  
  a second application identifier for identifying the software application installed in the shared repository; and
  
  the public key for the publisher of the software application; and
  
  upon verifying each of the aspects of the application manifest, an act of running the shared software application using the installed user specific configuration data objects that specify how the application is to be run for the user, wherein the shared application data objects in the shared repository are locked while the application is running such that other users are prevented from modifying the shared application data objects.
- View Dependent Claims (7)
- - 7. The method of claim 6 wherein the one or more data object identifiers detail at least one of the following for the software application:
    - a name, a version, a timestamp, a size, a checksum, or a hash code.

8. A computer system for allowing one or more unprivileged computer system users to install and share software applications through interaction between components in a shared repository and components in user specific private repositories, the system comprising:
- one or more processors;
  
  system memory;
  
  wherein the shared repository is accessible by all users of the computer system;
  
  a plurality of user specific private repositories, each user having access to a corresponding user specific private repository that includes one or more user specific configuration data objects for use with a shared software application stored in the shared repository;
  
  an application manifest for the shared software application stored in the shared repository, the application manifest comprising;
  
  an application identifier for identifying the shared software application stored in the shared repository;
  
  a digital signature representing a signature of a publisher of the shared software application on the application manifest; and
  
  one or more data object identifiers detailing the characteristics of appropriate application data objects for executing the shared software application; and
  
  a user manifest for each user of the computer system that has installed the shared software application, each user manifest stored in the corresponding user specified private repository for the user, each user manifest comprising;
  
  a further application identifier for identifying the software application installed in the shared repository; and
  
  a public key for the publisher of the software application;
  
  prior to permitting the shared software application to run at the computer system for use by a specified user, an act of verifying security of the shared software application, verification including;
  
  an act of using the public key included in a user manifest for the specified user to verify the publisher'"'"'s signature on the application manifest, verification of the publisher'"'"'s signature verifying that the application manifest is authentic and that the publisher is the author of the application manifest;
  
  an act of verifying that the application identifier of the application manifest matches the further application identifier included in the user manifest for the specified user subsequently and in response to verifying the publisher'"'"'s signature is authentic; and
  
  an act of verifying that the data objects are appropriate for executing the shared software application by comparing the application data objects to characteristics detailed in the one or more data object identifiers; and
  
  upon verifying each of the aspects of the application manifest, an act of running the shared software application using the installed user specific configuration data objects that specify how the application is to be run for the user, wherein the shared application data objects in the shared repository are locked while the application is running such that other users are prevented from modifying the shared application data objects.
- View Dependent Claims (9)
- - 9. The computer system of claim 8 wherein the one or more data object identifiers detail at least one of the following for the shared software application:
    - a name, a version, a timestamp, a size, a checksum, or a hash code.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Keljo, Jonathan, Kaufman, Charles William
Primary Examiner(s)
Pearson, David
Assistant Examiner(s)
CHANG, KENNETH W

Application Number

US11/463,858
Publication Number

US 20080052705A1
Time in Patent Office

1,958 Days
Field of Search

713/164
US Class Current

713/164
CPC Class Codes

G06F 21/57 Certifying or maintaining t...

G06F 9/445 Program loading or initiati...

Securely sharing applications installed by unprivileged users

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

63 Citations

11 Claims

Specification

Solutions

Use Cases

Quick Links

Securely sharing applications installed by unprivileged users

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

63 Citations

11 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links