Method and system for software installation

US 8,612,773 B2
Filed: 05/03/2007
Issued: 12/17/2013
Est. Priority Date: 05/03/2007
Status: Expired due to Fees

First Claim

Patent Images

1. A method for installing software over a network comprising:

generating, by a requesting agent in a client, a request for a software update to be installed on the client, the request being digitally encoded by a first trusted hardware element in the client to provide a secure encoded request, the requesting agent being external to the first trusted hardware element in the client, the request for a software update being a request for an update to software on the client other than in the trusted hardware element;

transmitting, by the client, the secure encoded request over the network to a server;

receiving, by the server, the secure encoded request;

generating, by a servicing agent in the server in response to the request for a software update encoded in the secure encoded request, a response that is digitally coded by a second trusted hardware element in the server to provide a secure encoded response, the secure encoded response including a list of software and an associated information file containing security attributes associated with the list of software, the servicing agent being external to the second trusted hardware element in the server;

transmitting, by the server, the secure encoded response over the network to the client;

receiving, by the client, the secure encoded response;

authenticating, by the first trusted hardware element in the client, the secure encoded response;

installing, by the client, the secure encoded response on the client other than in the trusted hardware element; and

configuring the requesting agent on the client to monitor for a software upgrade required to be installed on the client and to generate the secure encoded request for the software upgrade at the client.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A network based installation management system that dynamically manages secure software installation on a client. The server is configured to determine the software required and prepare an appropriated response containing the list of software and an information file containing the respective attributes of the list of software. The server encoded this response and the encoded response is transmitted to the client. The client on receiving the response is configured to authenticate the response and install the encoded response after authentication. Highly accurate and reliable software installation using the network based installation management system may be achieved using a respective hardware element on the client and the server, which is configured to encode and decode a request and/or response suitably thereby providing a high level of security and trust in an un-trusted network environment.

Citations

10 Claims

1. A method for installing software over a network comprising:
- generating, by a requesting agent in a client, a request for a software update to be installed on the client, the request being digitally encoded by a first trusted hardware element in the client to provide a secure encoded request, the requesting agent being external to the first trusted hardware element in the client, the request for a software update being a request for an update to software on the client other than in the trusted hardware element;
  
  transmitting, by the client, the secure encoded request over the network to a server;
  
  receiving, by the server, the secure encoded request;
  
  generating, by a servicing agent in the server in response to the request for a software update encoded in the secure encoded request, a response that is digitally coded by a second trusted hardware element in the server to provide a secure encoded response, the secure encoded response including a list of software and an associated information file containing security attributes associated with the list of software, the servicing agent being external to the second trusted hardware element in the server;
  
  transmitting, by the server, the secure encoded response over the network to the client;
  
  receiving, by the client, the secure encoded response;
  
  authenticating, by the first trusted hardware element in the client, the secure encoded response;
  
  installing, by the client, the secure encoded response on the client other than in the trusted hardware element; and
  
  configuring the requesting agent on the client to monitor for a software upgrade required to be installed on the client and to generate the secure encoded request for the software upgrade at the client.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein the first trusted hardware element is a trusted platform module and the second trusted hardware element is a trusted platform module.
  - 3. The method of claim 2, further comprising:
    - authenticating, by the server, the secure encoded request.
  - 4. The method of claim 3, further comprising:
    - a servicing agent at the server configured to monitor, compute and generate the secure encoded response, and transmit the secure encoded response;
      
      wherein the secure encoded response includes the list of software and the respective information file containing the associated security attributes with the software.
  - 5. The method of claim 4, wherein the server is configured to initiate pushing the secure encoded response to the client over the network.

6. An installation management system comprising:
- a network;
  
  a server coupled to the network; and
  
  a requesting agent in a client, coupled to the network, that generates a request for a software update to be installed on the client, the request being digitally encoded by a first trusted hardware element in the client to provide a secure encoded request, the request for a software update being a request for an update to software on the client other than in the trusted hardware element, wherein the client is configured to transmit the secure encoded request over the network to the server;
  
  the server being configured to receive the secure encoded request, the server being further configured with a servicing agent that generates a response that is digitally coded by a second trusted hardware element in the server to provide a secure encoded response, the secure encoded response including a list of software and an associated information file containing security attributes associated with the list of software, the server being further configured to transmit the secure encoded response over the network to the client;
  
  the client being configured to receive the secure encoded response and such that the first trusted hardware element authenticates the secure encoded response, the client being further configured to install the secure encoded response on the client other than in the trusted hardware element, the requesting agent on the client being configured to monitor for a software upgrade required to be installed on the client and to generate the secure encoded request for the software upgrade at the client.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The installation management system of claim 6, wherein the first trusted hardware element and the second trusted hardware element are both trusted platform modules.
  - 8. The installation management system of claim 7, wherein the requesting agent is further configured to:
    - receive the secure encoded response;
      
      authenticate the secure encoded response; and
      
      install the secure encoded response on the client without any human intervention, wherein the secure encoded response includes the list of software and associated information file containing the security attributes associated with the list of software.
  - 9. The installation management system of claim 7, wherein the servicing agent in the server is further configured to generate the secure encoded response on the server without any human intervention, wherein the secure encoded response includes the list of software and associated information file containing the security attributes associated with the list of software.
  - 10. The installation management system of claim 9, wherein the server is configured to initiate pushing the secure encoded response to the client over the network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Nataraj, Pruthvi Panyam, Anbalagan, Arun Prasath, Reyes, Eduardo Lazaro, Tomar, Bipin
Primary Examiner(s)
Pwu, Jeffrey
Assistant Examiner(s)
Lauzon, Thomas C

Application Number

US11/743,789
Publication Number

US 20080276301A1
Time in Patent Office

2,420 Days
Field of Search

713/161, 713/165, 713/170, 713/187, 713/191, 713/192, 717/168, 717/169, 717/172, 717/173, 717/174, 717/175, 717/177, 717/178, 726/2, 726/26, 726/27, 726/30
US Class Current

713/192
CPC Class Codes

G06F 8/60   Software deployment

H04L 2209/80   Wireless

H04L 63/123   received data contents, e.g...

H04L 67/34   involving the movement of s...

H04L 9/3234   involving additional secure...

Method and system for software installation

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

10 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for software installation

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

10 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links