Adaptive integrity verification of software using integrity manifest of pre-defined authorized software listing
First Claim
Patent Images
1. A computing system, comprising:
- a processor;
a memory; and
an integrity validation component to operate with the processor and the memory and in communication with an isolated execution environment in operation with the processor and the memory, the integrity validation component operable to verify a software component attempting interaction with the isolated execution environment by completing at least two integrity verification operations including;
authentication of runtime information of the software component, the authentication including comparing the runtime information of the software component to stored information associated with the software component, the stored information associated in a manifest specific to the software component, the manifest stored in a repository maintaining manifests specific to respective software components, the runtime information including reference information used to identify the software component in the manifest, the comparing performed when the software component is loaded into memory at runtime, wherein the manifest provides a pre-defined listing of one or more known software components approved for execution in the isolated execution environment and runtime information for the one or more known software components approved for execution in the isolated execution environment, the one or more known software components including the software component; and
authorization of a memory address call involving the software component, the authorization performed subsequent to successful authentication of the runtime information of the software component in the manifest, wherein the memory address call is referenced from the isolated execution environment or referenced into the isolated execution environment;
wherein the isolated execution environment is a virtual machine configured to execute code independently and securely isolated from other virtual machines in the computing system;
wherein the integrity validation component is configured to receive from the virtual machine a validation request based on the memory address call from the software component;
wherein the memory address call is a memory address entry point in the data operations of an unprotected software event, and in response to the validation request the integrity validation component is configured to verify the integrity of the software component using the manifest; and
wherein the isolated execution environment is operable to execute verified software components, prevent execution of a non-verified software component, and prevent interaction of the non-verified software component with the verified software components.
0 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are described herein that discuss how a computing platform executing a virtualized environment, in one example, can be integrity verified adaptively and on demand. This may occur at initial runtime, as well as during continued operations, and allows the platform user to install software from various vendors without sacrificing the integrity measurement and therefore the trustworthiness of the platform.
66 Citations
19 Claims
-
1. A computing system, comprising:
-
a processor; a memory; and an integrity validation component to operate with the processor and the memory and in communication with an isolated execution environment in operation with the processor and the memory, the integrity validation component operable to verify a software component attempting interaction with the isolated execution environment by completing at least two integrity verification operations including; authentication of runtime information of the software component, the authentication including comparing the runtime information of the software component to stored information associated with the software component, the stored information associated in a manifest specific to the software component, the manifest stored in a repository maintaining manifests specific to respective software components, the runtime information including reference information used to identify the software component in the manifest, the comparing performed when the software component is loaded into memory at runtime, wherein the manifest provides a pre-defined listing of one or more known software components approved for execution in the isolated execution environment and runtime information for the one or more known software components approved for execution in the isolated execution environment, the one or more known software components including the software component; and authorization of a memory address call involving the software component, the authorization performed subsequent to successful authentication of the runtime information of the software component in the manifest, wherein the memory address call is referenced from the isolated execution environment or referenced into the isolated execution environment; wherein the isolated execution environment is a virtual machine configured to execute code independently and securely isolated from other virtual machines in the computing system; wherein the integrity validation component is configured to receive from the virtual machine a validation request based on the memory address call from the software component; wherein the memory address call is a memory address entry point in the data operations of an unprotected software event, and in response to the validation request the integrity validation component is configured to verify the integrity of the software component using the manifest; and wherein the isolated execution environment is operable to execute verified software components, prevent execution of a non-verified software component, and prevent interaction of the non-verified software component with the verified software components. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method comprising integrity verification operations performed by an integrity validation component to operate with a processor and memory in a computer system, the integrity verification operations including:
-
authenticating an unverified software component that is attempting interaction with an isolated execution environment, the authenticating performed by comparing runtime information of the unverified software component to information associated with the unverified software component and stored in an integrity manifest listing, wherein the integrity manifest listing is stored in a repository, and wherein the runtime information includes reference information available to the isolated execution environment at runtime identifying the unverified software component; authorizing a memory address call in a data operation involving the unverified software component, the authorizing subsequent to the successful authentication of the runtime information of the unverified software component, the data operation attempting access outside the isolated execution environment from within the isolated execution environment or access into the isolated execution environment from outside the isolated execution environment; and allowing execution of the unverified software component in the isolated execution environment responsive to successful authentication of the unverified software component and successful authorization of the memory address call; wherein the unverified software component performs a software event including an instruction fetch page fault which leaves the isolated execution environment, and wherein authorizing the memory address call in a data operation with the unverified software component includes authorizing an entry point into the unverified software component called by the data operation. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A non-transitory computer readable storage medium comprising instructions that, in response to being executed on a computing device, cause the computing device to validate integrity of an unverified software component by performing integrity verification operations to:
-
authenticate the unverified software component attempting interaction with an isolated execution environment, the authentication performed by comparing runtime information of the unverified software component to information associated with the unverified software component and stored in an integrity manifest listing, the integrity manifest listing stored in a repository, the runtime information including reference information identifying the unverified software component in an operating environment of the unverified software component at runtime; authorize a memory address call in a data operation involving the unverified software component, the authorization subsequent to successful authentication of the unverified software component, the data operation attempting access outside the isolated execution environment from within the isolated execution environment or attempting access into the isolated execution environment from outside the isolated execution environment; and allow execution of the unverified software component in the isolated execution environment responsive to successful authentication of the unverified software component and successful authorization of the memory address call; wherein the unverified software component performs a software event including an instruction fetch page fault which leaves the isolated execution environment, and wherein operations to authorize the memory address call in a data operation with the unverified software component includes operations to authorize an entry point into the unverified software component called by the data operation. - View Dependent Claims (18, 19)
-
Specification