Evaluation of tamper resistant software system implementations
First Claim
Patent Images
1. A method comprising:
- generating a model of tamper resistance capabilities, the generating comprising;
creating a node in the model for each of a plurality of block of code;
adding directed edges between nodes for each;
node providing integrity verification for another node;
node providing anti-debugging protection to another node; and
node that repairs another node;
adding additionally nodes for each block that contains concealment protection; and
adding a superblock for nodes that provide protection for more than one additional node, the superblock encompassing all of the more than one additional nodes;
defining, by a computer, a rating of the tamper resistance of a software system using data from the model;
breaking down said rating into a plurality of metrics relevant to the tamper resistance of said software system;
calculating, by the computer, a score for each of said metrics; and
combining said scores of said metrics into a composite score for said rating.
1 Assignment
0 Petitions
Accused Products
Abstract
According to one embodiment of the present invention, a method for evaluating a software system includes defining a rating of the tamper resistance of a software system and breaking down the rating into a plurality of metrics relevant to the tamper resistance of the software system. A score may then be calculated for each metric and the scores may be combined into a composite score for the rating.
-
Citations
25 Claims
-
1. A method comprising:
-
generating a model of tamper resistance capabilities, the generating comprising; creating a node in the model for each of a plurality of block of code; adding directed edges between nodes for each; node providing integrity verification for another node; node providing anti-debugging protection to another node; and node that repairs another node; adding additionally nodes for each block that contains concealment protection; and adding a superblock for nodes that provide protection for more than one additional node, the superblock encompassing all of the more than one additional nodes; defining, by a computer, a rating of the tamper resistance of a software system using data from the model; breaking down said rating into a plurality of metrics relevant to the tamper resistance of said software system; calculating, by the computer, a score for each of said metrics; and combining said scores of said metrics into a composite score for said rating. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method comprising:
-
generating a model of tamper resistance capabilities, the generating comprising; creating a node in the model for each of a plurality of block of code; adding directed edges between nodes for each; node providing integrity verification for another node; node providing anti-debugging protection to another node; and node that repairs another node; adding additionally nodes for each block that contains concealment protection; and adding a superblock for nodes that provide protection for more than one additional node, the superblock encompassing all of the more than one additional nodes; defining, by a computer, a rating and a plurality of sub-ratings of the tamper resistance of a software system, using data from the model; breaking down said plurality of sub-ratings into a plurality of metrics relevant to the tamper resistance of said software system; calculating, by the computer, a score for each metric; combining, by the computer, said scores of said metrics into composite scores for said sub-ratings; and combining, by the computer, said composite scores for said sub-ratings into an overall score for said rating. - View Dependent Claims (12, 13, 14)
-
-
15. A method comprising:
-
generating a model of tamper resistance capabilities, the generating comprising; creating a node in the model for each of a plurality of block of code; adding directed edges between nodes for each; node providing integrity verification for another node; node providing anti-debugging protection to another node; and node that repairs another node; adding additionally nodes for each block that contains concealment protection; and adding a superblock for nodes that provide protection for more than one additional node, the superblock encompassing all of the more than one additional nodes; defining, by a computer, a rating of the tamper resistance of at least two software systems using data from the model; decomposing said rating into at least one sub-rating that is a subset of said rating; breaking down said sub-rating into a plurality of metrics relevant to the tamper resistance of said at least two software systems; calculating, by the computer, a score for each metric; combining, by the computer, said scores of said metrics into a composite score for said sub-rating and combining said scores of said sub-ratings into a composite score for the said rating for each of said at least two software systems; and comparing, by the computer, said ratings of different ones of said at least two software systems to determine which software system has the highest tamper resistance. - View Dependent Claims (16, 17, 18)
-
-
19. A method of providing a rating of a software system comprising:
-
receiving, by a computer, a software system from an entity; generating a model of tamper resistance capabilities, responsive to the receiving, the generating comprising; creating a node in the model for each of a plurality of block of code; adding directed edges between nodes for each; node providing integrity verification for another node; node providing anti-debugging protection to another node; and node that repairs another node; adding additionally nodes for each block that contains concealment protection; and adding a superblock for nodes that provide protection for more than one additional node, the superblock encompassing all of the more than one additional nodes; defining a rating of the tamper resistance of said software system using data from the model; decomposing said rating into at least one sub-rating that is a subset of said rating; breaking down said sub-rating into a plurality of metrics relevant to the tamper resistance of said software system; calculating, by the computer, a score for each metric using data from the model; combining, by the computer, said scores of said metrics into a composite score for said sub-rating and combining said scores of said sub-ratings into a composite score for said rating; and providing a security rating for said software system to said entity. - View Dependent Claims (20, 21, 22)
-
-
23. A computer program product for rating the tamper resistance of a software system, the computer program product comprising:
-
a non-transitory computer readable storage medium having computer usable program code embodied therewith, the computer usable program code comprising; computer usable program code configured to; generate a model of tamper resistance capabilities, the generating comprising; creating a node in the model for each of a plurality of block of code; adding directed edges between nodes for each; node providing integrity verification for another node; node providing anti-debugging protection to another node; and node that repairs another node; adding additionally nodes for each block that contains concealment protection; and adding a superblock for nodes that provide protection for more than one additional node, the superblock encompassing all of the more than one additional nodes; define a rating of the tamper resistance of a software system using data from the model; decompose said rating into at least one sub-rating that is a subset of said rating; break down said sub-rating into a plurality of metrics relevant to the tamper resistance of said software system; calculate a score for each metric using data from the model; and combine said scores of said metrics into a composite score for said rating. - View Dependent Claims (24, 25)
-
Specification