System and method for detecting a security compromise on a device
First Claim
1. A computer-implemented method for verifying security mechanisms of an operating system, the method comprising:
- receiving, via a security application executing on a computer, one or more decryption keys configured to enable a media component on the computer to decrypt encrypted content;
determining, via the security application executing on the computer, whether a replacement operating system or an altered operating system is present on the computer;
determining, via the security application executing on the computer, that one or more security mechanisms of the operating system of the computer are not compromised in response to a replacement operating system or an altered operating system not being present on the computer;
attempting, via the security application executing on the computer, to initiate execution of an insecure application through the operating system;
determining, via the security application executing on the computer, that the one or more security mechanisms of the operating system are not compromised in response to the operating system preventing execution of the insecure application; and
providing, via the security application executing on the computer, the one or more decryption keys to the media component on the computer in response to determining that the one or more security mechanisms of the operating system of the computer are not compromised.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments of a system and method for detecting a security compromise on a device are described. Embodiments may be implemented by a content consumption application configured to protect content decryption keys on a device, such as a computer system (e.g., a desktop or notebook computer) or a mobile device (e.g., a smartphone or tablet). For instance, the content consumption application may be configured to provide decryption keys for respective content to a media component (or another component of the operating system) if multiple conditions have been met. For instance, in various embodiments, the content consumption application may pass the key to the media component after ensuring that i) one or more security mechanisms of the device operating system have not been compromised and ii) one or more executable instructions of the content consumption application have not been tampered (e.g., instructions corresponding to a function that handles the decryption key(s)).
-
Citations
20 Claims
-
1. A computer-implemented method for verifying security mechanisms of an operating system, the method comprising:
-
receiving, via a security application executing on a computer, one or more decryption keys configured to enable a media component on the computer to decrypt encrypted content; determining, via the security application executing on the computer, whether a replacement operating system or an altered operating system is present on the computer; determining, via the security application executing on the computer, that one or more security mechanisms of the operating system of the computer are not compromised in response to a replacement operating system or an altered operating system not being present on the computer; attempting, via the security application executing on the computer, to initiate execution of an insecure application through the operating system; determining, via the security application executing on the computer, that the one or more security mechanisms of the operating system are not compromised in response to the operating system preventing execution of the insecure application; and providing, via the security application executing on the computer, the one or more decryption keys to the media component on the computer in response to determining that the one or more security mechanisms of the operating system of the computer are not compromised. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system, comprising:
-
one or more hardware-based processors; one or more hardware-based computer-readable storage media comprising processor-executable instructions that, responsive to execution by the one or more hardware-based processors, implement a security application to perform operations comprising; receiving, via the security application executing on the system, one or more decryption keys configured to enable a media component on the system to decrypt encrypted content; determining, via the security application executing on the system, whether a file indicative of a replacement operating system or an altered operating system is present on the system; determining, via the security application executing on the system, that one or more security mechanisms of an operating system of the system are not compromised in response to the file indicative of a replacement operating system or an altered operating system not being present on the system; attempting, via the security application executing on the system, to initiate execution of an insecure application through the operating system of the system; determining, via the security application executing on the system, that the one or more security mechanisms of the operating system are not compromised in response to the operating system preventing execution of the insecure application; and providing, via the security application executing on the system, the one or more decryption keys to the media component on the system in response to determining that the one or more security mechanisms of the operating system of the system are not compromised. - View Dependent Claims (11, 12, 13, 14, 15)
-
-
16. A computer-readable storage device comprising processor-executable instructions that, responsive to execution by one or more processors, implement a security application to perform operations comprising:
-
receiving, via the security application executing on the one or more processors, one or more decryption keys configured to enable a media component of a computing device to decrypt encrypted content; determining, via the security application executing on the one or more processors, whether a replacement operating system or an altered operating system is present on the computing device; determining, via the security application executing on the one or more processors, that one or more security mechanisms of an operating system of the computing device are not compromised in response to a replacement operating system or an altered operating system not being present on the computing device; attempting, via the security application executing on the one or more processors, to initiate execution of an insecure application through the operating system of the computing device; determining, via the security application executing on the one or more processors, that the one or more security mechanisms of the operating system are not compromised in response to the insecure application not being able to run on the computing device; and providing, via the security application executing on the one or more processors, the one or more decryption keys to the media component of the computing device in response to determining that the one or more security mechanisms of the operating system of the computing device are not compromised. - View Dependent Claims (17, 18, 19, 20)
-
Specification