System and method for secure distributed execution
First Claim
1. A computing system, the system comprising:
- a first computing subsystem;
a second computing subsystem;
a network coupling said first computing subsystem and said second computing subsystem;
wherein the second computing subsystem provides sending of a first software application operational software module comprising a user operative portion and a hidden program portion, wherein the user operative portion provides for sending data packets for controlled transmission, and, wherein the hidden program portion provides a security signal representative of the hidden program portion that is coupled to a controller for controlling coupling of the data packets to the network responsive to the hidden program portion;
wherein the user operative portion and the hidden program portion are interlocked into an integrated logic program that provides a combined functionality that is only provided by the first computing subsystem when the integrated logic program with the combined functionality is executed unchanged;
wherein the second computing subsystem provides sending of data packets to the first computing subsystem;
wherein the first computing subsystem provides means for;
(a) receiving of the data packets from the second computing subsystem, (b) utilizing the operational software module by the first computing subsystem for processing of the data packets, and (c) utilizing the operational software module by the first computing subsystem for generating security tags responsive to said processing of the data packets and sending the security tags to the second subsystem; and
wherein the second computing subsystem provides means for;
(a) receiving the security tags from the first computing subsystem, and (b) providing processing logic for validating as a successful validation that the operational software module was unchanged when utilized in generating the security tags at the first computing subsystem, and otherwise determining a failed validation if the operational software module was changed when utilized in generating the security tags at the first computing subsystem;
wherein the sending of data packets to the first computing subsystem by the second computing subsystem is controlled responsive to the validating by the processing logic.
0 Assignments
0 Petitions
Accused Products
Abstract
This invention discloses a method and system for processing logic modules, each having a separate functionality, into a unique functionality that is to be executed in an interlocked mode as a unique functionality. The method is based on taking logic modules (programs and data) with known functionality and transforming them into a hidden program by integrating modules to execute together into a logic which is partially obfuscated and/or encrypted and/or physically hidden. The hidden program is being updated dynamically to strengthen it against reverse engineering efforts. The program includes the functionality for generating security signals, which are unpredictable by observers, such as a pseudo random sequence of security signals. Only elements that share the means for producing the security signals can check their validity. The modules include operational tasks and performance parameters for this operation. The operation can be transmission of data packets with given parameters of performance that the hidden program contains. The generated security signals thus assure that the correct operation was taken place and can be used to signal various cryptographic parameters as well.
7 Citations
51 Claims
-
1. A computing system, the system comprising:
-
a first computing subsystem; a second computing subsystem; a network coupling said first computing subsystem and said second computing subsystem; wherein the second computing subsystem provides sending of a first software application operational software module comprising a user operative portion and a hidden program portion, wherein the user operative portion provides for sending data packets for controlled transmission, and, wherein the hidden program portion provides a security signal representative of the hidden program portion that is coupled to a controller for controlling coupling of the data packets to the network responsive to the hidden program portion; wherein the user operative portion and the hidden program portion are interlocked into an integrated logic program that provides a combined functionality that is only provided by the first computing subsystem when the integrated logic program with the combined functionality is executed unchanged; wherein the second computing subsystem provides sending of data packets to the first computing subsystem; wherein the first computing subsystem provides means for;
(a) receiving of the data packets from the second computing subsystem, (b) utilizing the operational software module by the first computing subsystem for processing of the data packets, and (c) utilizing the operational software module by the first computing subsystem for generating security tags responsive to said processing of the data packets and sending the security tags to the second subsystem; andwherein the second computing subsystem provides means for;
(a) receiving the security tags from the first computing subsystem, and (b) providing processing logic for validating as a successful validation that the operational software module was unchanged when utilized in generating the security tags at the first computing subsystem, and otherwise determining a failed validation if the operational software module was changed when utilized in generating the security tags at the first computing subsystem;wherein the sending of data packets to the first computing subsystem by the second computing subsystem is controlled responsive to the validating by the processing logic. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
-
-
28. A method for authenticating, at a second computing subsystem, a software module utilized in operation at a first computing subsystem, the method comprising:
-
sending of data and software modules comprised of an operational software module and an associated tag generation module to the first computing subsystem from the second computing subsystem, wherein the operational software module and the associated tag generation module are interlocked into an integrated logic program that provides a combined functionality that is only provided by the first computing subsystem when the integrated logic program with the combined functionality is executed unchanged; receiving and storing the data and the and software modules in the first computing subsystem; processing the data on the first computing subsystem responsive to the operational software module of the integrated logic program; generating security tags in the first computing subsystem responsive to the associated tag generation module of the integrated logic program concurrently executing with the operational software module; sending the security tags to the second computing subsystem from the first computing subsystem; processing the security tags in the second computing subsystem to determine successful validation responsive to validating that the processing of the data in the first computing subsystem was processed by the operational software module of the integrated logic program operating concurrently with the generating the security tags by the associated tag generation module of the integrated logic program, and otherwise determining a failed validation; and adjusting communication of sending of the data responsive to the validating. - View Dependent Claims (29, 30, 31, 32)
-
-
33. A method of protected communicating of data, the method comprising:
-
sending data comprising operational software module comprising a user operative portion and a hidden program portion, wherein the user operative portion provides for sending data packets for controlled transmission, and, wherein the hidden program portion provides a security signal representative of the hidden program portion that is coupled to a controller for controlling coupling of the data packets to the network responsive to the hidden program portion, from a second computing subsystem to a first computing subsystem, wherein the hidden program portion and the user operative portion are interlocked into an integrated logic program that provides a combined functionality that is only provided by the first computing subsystem when the integrated logic program with the combined functionality is executed unchanged; receiving and storing the data in the first computing subsystem; processing of the data in the first computing subsystem according to defined rules for processing in the hidden program portion; generating security tags responsive to execution of the defined rules for processing; sending the security tags from the first computing subsystem to a second computing subsystem;
providing security tag validation logic in the second computing subsystem;processing, in the second computing subsystem, the received security tags, responsive to the security tag validation logic to provide respective validated security tags; and processing in the second computing subsystem the validated security tags and the received security tags to determine whether the generating security tags in the first computing subsystem were properly generated responsive to execution of the defined rules for processing at the first computing subsystem so as to validate that the defined rules of processing were unchanged at the time of execution at the first computing subsystem, wherein the sending of the data to the first computing subsystem by the second computing subsystem is controlled responsive to the determining that the security tags were properly generated at the first computing subsystem. - View Dependent Claims (34, 35, 36)
-
-
37. A method for authentication of integrity of software executed within a computer, the method comprising:
-
sending data comprising operation software comprising an operational program and an associated tag generation program from a second computing subsystem to a first computing subsystem, wherein the associated tag generation program of the operation software provides for defining rules of processing for execution on the first computer subsystem, wherein the associated tag generation program and the operational program are interlocked into an integrated logic program that provides a combined functionality that is only provided by the first computing subsystem when the integrated logic program with the combined functionality is executed unchanged; transmitting data packets from the second computing subsystem to the first computing subsystem; receiving the data packets for processing in the first computing subsystem; generating security tags at the first computing subsystem responsive to the data packets and responsive to the rules of processing to validate that the operational program was operated unchanged; sending selected ones of the security tags from the first computing subsystem to the second computing subsystem; and processing the selected ones of the security tags in the second computing subsystem to validate that the operational program of the operation software was unchanged when the operation software performed the processing in the first computing subsystem when operating according to the rules of processing; and wherein the transmitting the data packets is controlled responsive to the validating the operation software was unchanged. - View Dependent Claims (38)
-
-
39. A computer system providing remote authentication, the system comprising:
-
a second computing subsystem sending data comprising software modules comprising an operational software module comprising a user operative portion and a hidden program portion, wherein the user operative portion provides for sending data packets for controlled transmission, and, wherein the hidden program portion provides a security signal representative of the hidden program portion that is coupled to a controller for controlling coupling of the data packets to the network from a second location, responsive to the hidden program portion, wherein the hidden program portion and the user operative portion are interlocked into an integrated logic program that provides a combined functionality that is only provided by the first computing subsystem when the integrated logic program with the combined functionality is executed unchanged; a first computing subsystem receiving and storing the data at a remote location;
processing logic within the first computing subsystem providing processing in accordance with first defined rules responsive to the hidden program of the software modules;a tag generator at the second computing subsystem operating from an initial generator state to locally generate a sequence of security tags responsive to concurrent execution of the hidden program and the operational software module utilizing a sequence of content processing steps; wherein the remote computing subsystem provides transmission of the sequence of security tags to the first computing subsystem; a tag verifier at the first computing subsystem, operating from an initial verification state to generate a sequence of comparison security tags for selective comparison to the sequence of the security tags responsive to the hidden program of the software modules; means for coordinating the initial generator state and the initial verifier state prior to the execution of the operational software module;
wherein the tag verifier selectively provides valid comparison tags responsive to the means for coordinating, andwherein the valid comparison tags are utilized to authenticate that the operational software module was unchanged during the execution at the remote computing subsystem; wherein the sending data is controlled responsive to the valid companion tags.
-
-
40. A system for authenticating operation by providing secure integration of separate software logic modules to provide a combined functionality, the system comprising:
-
a first computing subsystem for sending data comprising a plurality of software logic modules from a first location; a second computing subsystem for receiving and storing the data at a second location; wherein the plurality of software logic modules each are operable stand-alone to provide a respective one of a plurality of subtask functions associated with operations on a first computing subsystem; a transformation controller providing interlocking of the plurality of software logic modules, comprised at least of a first separate operational module and a second separate operational module, into a single logic program that provides a combined functionality; wherein the combined functionality is only provided by the first computing subsystem when the plurality of subtask functions are executed concurrently responsive to the single logic program; and wherein the second computing subsystem is responsive to the single logic program to provide the combined functionality at the second computing subsystem and providing the subtask functions of; (a) receiving of communicating data from the second computing subsystem responsive to the first separate operational module within the single logic program, and providing processing of the data responsive to defined rules for processing of the data, and (b) generation of security tags responsive to the second separate operational module within the single logic program and selectively sending of the security tags to the first computing subsystem from the second computing subsystem; and, validation logic verifying the combined functionality and that the first separate operational software module for receiving of the data executed unchanged and concurrently with execution of the second separate software logic module while the second separate software logic module is generating the security tags; wherein the sending of the data is controlled responsive to verifying the combined functionality. - View Dependent Claims (41, 42, 43, 44, 45, 46, 47)
-
-
42. The system as in claim 40, wherein one of the software logic modules within the single logic program provides logic to process content of the streaming data packets.
-
43. The system as in claim 42, wherein logic to process the content performs at least one of:
- video rendering on a video display, playing audio via audio speakers, displaying an image representative of the data on an e-book output device, outputting the data to a digital output device, and outputting a signal representative of the data to an analog output device.
-
44. The system as in claim 40, wherein one of the software logic modules in the single logic program provides rules of playing of audio and video content.
-
45. The system as in claim 44,
wherein the rules of playing of audio and video content ensure at least one of: - the content is not printed;
the content is not sent to a third party;
the content is destroyed after being displayed on a video monitor;
the content is being destroyed after being played via an audio speakers;
the content is erased from all memory storage devices after being displayed on a video monitor;
the content is erased from all memory storage devices after being played via an audio speakers;
the content is erased from all memory storage devices after being used via an e-book output device;
the content is erased from all memory storage devices after a predefined time interval;
the content is erased from all memory storage devices at a time defined time by coordinated universal time (UTC);
the content is used in accordance with rights defined using XrML (Extensible Rights Markup Language) specifications;
the content is used in accordance with trusted computing specifications;
the content is used in accordance with trusted computing based principles; and
the content is used in accordance with at least one of the following;
watermarking information, stenographic information, fingerprinting information, embedded data and digital signature information.
- the content is not printed;
-
46. The system as in claim 44,
wherein the rules of playing provide at least one of: - data processing and determining a renewable software for data processing.
-
47. The system as in claim 46,
wherein the renewable software for data processing controls at least one of: - a number of times a representation of the data can be displayed, a number of times a representation of the data can be utilized to provide a presentation, a number of times the representation of the data can be played, a number of times that the data can be reproduced, a time signal, a UTC time signal, a digitally signed time signal, a software element, a predefined task, a code for processing data signature, and a code for watermarking the data.
-
48. A method of providing controlled signaling, the method comprising:
-
sending data comprising software modules comprising an operational software module comprising a user operative portion and a hidden program portion, wherein the user operative portion provides for sending data packets for controlled transmission, and, wherein the hidden program portion provides a security signal representative of the hidden program portion that is coupled to a controller for controlling coupling of the data packets to the network responsive to the hidden program portion from a first computing device at a first location, wherein the hidden program portion and the user operative portion are interlocked into an integrated logic program that provides a combined functionality that is only provided by the first computing subsystem when the integrated logic program with the combined functionality is executed unchanged; receiving and storing the data at the remote computing device at a remote node location; receiving data from a first computing subsystem; processing of the data on the first computing subsystem, in accordance with defined rules in the first computing subsystem, responsive to the operational software of the software modules; generating a security tag responsive to the processing in accordance with the defined rules in the first computing subsystem, responsive to the hidden program portion of the software modules; transmitting at least the security tag to the second computing subsystem; and
,validating the security tag on the second computing subsystem responsive to determining that the defined rules were unchanged when the security tag was generated in accordance with the processing of the data on the first computing subsystem, wherein the sending data is controlled responsive to the validating. - View Dependent Claims (49, 50, 51)
-
Specification