Systems and methods using cryptography to protect secure computing environments

US 9,165,135 B2
Filed: 08/01/2013
Issued: 10/20/2015
Est. Priority Date: 02/13/1995
Status: Expired due to Fees

First Claim

Patent Images

1. A non-transitory computer-readable storage medium comprising program code, the program code being operable, when executed by a computer system, to cause the computer system to perform steps comprising:

testing a load module to determine if the load module performs as specified by a specification associated with the load module and determine if the load module would be harmful to a system when executed by the system;

wherein the specification identifies the load module and describes the functions of the load module,digitally signing the load module using a first key to yield a first digital signature when it is determined that the load module performs as specified by the specification and would not be harmful to a system when executed by the system;

digitally signing a second load module using a second key to yield a second digital signature when it is determined that the second load module performs as specified by the specification and would not be harmful to a system if executed by the system;

distributing at least the first digital signature to a first remote electronic appliance comprising a first protected processing environment operable to authenticate the first digital signature before the first remote electronic appliance executes the load module, wherein the load module, when executed by the first remote electronic appliance, causes the first remote electronic appliance to perform at least one action on a first electronic content; and

,distributing at least the second digital signature to a second remote electronic appliance comprising a second protected processing environment operable to authenticate the second digital signature before the second remote electronic appliance executes the second load module, wherein the second load module, when executed by the second remote electronic appliance, causes the second remote electronic appliance to perform at least one action on a second electronic content.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Secure computation environments are protected from bogus or rogue load modules, executables and other data elements through use of digital signatures, seals and certificates issued by a verifying authority. A verifying authority—which may be a trusted independent third party—tests the load modules or other executables to verify that their corresponding specifications are accurate and complete, and then digitally signs the load module or other executable based on tamper resistance work factor classification. Secure computation environments with different tamper resistance work factors use different verification digital signature authentication techniques (e.g., different signature algorithms and/or signature verification keys)—allowing one tamper resistance work factor environment to protect itself against load modules from another, different tamper resistance work factor environment. Several dissimilar digital signature algorithms may be used to reduce vulnerability from algorithm compromise, and subsets of multiple digital signatures may be used to reduce the scope of any specific compromise.

Citations

9 Claims

1. A non-transitory computer-readable storage medium comprising program code, the program code being operable, when executed by a computer system, to cause the computer system to perform steps comprising:
- testing a load module to determine if the load module performs as specified by a specification associated with the load module and determine if the load module would be harmful to a system when executed by the system;
  
  wherein the specification identifies the load module and describes the functions of the load module,digitally signing the load module using a first key to yield a first digital signature when it is determined that the load module performs as specified by the specification and would not be harmful to a system when executed by the system;
  
  digitally signing a second load module using a second key to yield a second digital signature when it is determined that the second load module performs as specified by the specification and would not be harmful to a system if executed by the system;
  
  distributing at least the first digital signature to a first remote electronic appliance comprising a first protected processing environment operable to authenticate the first digital signature before the first remote electronic appliance executes the load module, wherein the load module, when executed by the first remote electronic appliance, causes the first remote electronic appliance to perform at least one action on a first electronic content; and
  
  ,distributing at least the second digital signature to a second remote electronic appliance comprising a second protected processing environment operable to authenticate the second digital signature before the second remote electronic appliance executes the second load module, wherein the second load module, when executed by the second remote electronic appliance, causes the second remote electronic appliance to perform at least one action on a second electronic content.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The non-transitory computer-readable storage medium of claim 1, further including program code that is operable, when executed by the computer system, to cause the computer system to perform the step of:
    - testing the load module.
  - 3. The non-transitory computer-readable storage medium of claim 2, further including program code that is operable, when executed by the computer system, to cause the computer system to perform the step of testing the load module to determine if it does what it is supposed to do.
  - 4. The non-transitory computer-readable storage medium of claim 2, further including program code that is operable, when executed by the computer system, to cause the computer system to perform the step of testing the load module further comprises determining whether the load module is operable to compromise or harm a system upon which it is executed.
  - 5. The non-transitory computer-readable storage medium of claim 2, further including program code that is operable, when executed by the computer system, to cause the computer system to perform the step of testing the load module further comprises determining whether the load module performs as specified by a specification.
  - 6. The non-transitory computer-readable storage medium of claim 2, further including program code that is operable, when executed by the computer system, to cause the computer system to perform the step of testing the load module, comprises determining whether the load module is a virus.
  - 7. The non-transitory computer-readable storage medium of claim 1, in which the first protected processing environment has an assurance level that is different from an assurance level of the second protected processing environment.
  - 8. The non-transitory computer-readable storage medium of claim 1, further including program code that is operable, when executed by the computer system, to cause the computer system to perform the step of:
    - securely distributing a third key to the first protected processing environment, the third key being configured for use in authenticating the first digital signature; and
      
      securely distributing a fourth key to the second protected processing environment, the fourth key being configured for use in authenticating the second digital signature.
  - 9. The non-transitory computer-readable storage medium of claim 1, further including program code that is operable, when executed by the computer system, to cause the computer system to perform the step of:
    - encrypting the load module.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Original Assignee
Intertrust Technologies Corporation (Fidelio Acquisition Co LLC)
Inventors
Shear, Victor H., Sibert, W. Olin, Van Wie, David M.
Primary Examiner(s)
Shiferaw, Eleni
Assistant Examiner(s)
CALLAHAN, PAUL E

Application Number

US13/956,932
Publication Number

US 20140006791A1
Time in Patent Office

810 Days
Field of Search

705/54, 705/57, 713/2, 713/156, 713/175, 713/190, 713/194, 726/22, 726/30, 717/177, 717/178
US Class Current

1/1
CPC Class Codes

G06F 21/51   at application loading time...

G06F 9/4406   Loading of operating system

H04L 9/3247   involving digital signatures

Systems and methods using cryptography to protect secure computing environments

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

9 Claims

Specification

Solutions

Use Cases

Quick Links

Systems and methods using cryptography to protect secure computing environments

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

9 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links