Trustworthy indication of software integrity

US 9,942,257 B1
Filed: 07/11/2012
Issued: 04/10/2018
Est. Priority Date: 07/11/2012
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for providing a trustworthy indication of the integrity of a computer program, the computer-implemented method comprising executing instructions in a computing device to perform the operations of:

in response to receiving a request to execute the computer program, causing a hardware trust evaluation device located inside the computing device to determine trustworthiness of the computer program;

in response to the hardware trust evaluation device determining that the computer program is trustworthy, causing a trust indicator that is integrated into a circuit board containing the trust evaluation device and is visible on an external surface of the computing device to provide a positive indication of the trustworthiness of the computer program, the trust indicator comprising one or more lights;

in response to the hardware trust evaluation device determining that the computer program is not trustworthy, causing the trust indicator to provide a negative indication of the trustworthiness of the computer program and restricting functionality provided by the computer program;

receiving a selection from a list of computer programs currently executing; and

in response to receiving the selection, providing an indication of trustworthiness of the selected computer program by way of the trust indicator.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Computing devices are disclosed that include functionality for providing a trustworthy indication of software integrity. The computing devices include a hardware trust evaluation device capable of determining the trustworthiness of computer programs executing on the device. At least one trust indicator is also connected to the hardware trust evaluation device for providing an external indication of the trustworthiness of a computer program. If the hardware trust evaluation device determines that a program is trustworthy, the trust evaluation device causes the trust indicator to provide a positive indication of the trustworthiness of the computer program to a user of the computing device. If the hardware trust evaluation device determines that a program is not trustworthy, the trust evaluation device causes the trust indicator to provide a negative indication of the trustworthiness of the computer program. Certain functionality might also be restricted in response to determining that a program is not trustworthy.

27 Citations

View as Search Results

26 Claims

1. A computer-implemented method for providing a trustworthy indication of the integrity of a computer program, the computer-implemented method comprising executing instructions in a computing device to perform the operations of:
- in response to receiving a request to execute the computer program, causing a hardware trust evaluation device located inside the computing device to determine trustworthiness of the computer program;
  
  in response to the hardware trust evaluation device determining that the computer program is trustworthy, causing a trust indicator that is integrated into a circuit board containing the trust evaluation device and is visible on an external surface of the computing device to provide a positive indication of the trustworthiness of the computer program, the trust indicator comprising one or more lights;
  
  in response to the hardware trust evaluation device determining that the computer program is not trustworthy, causing the trust indicator to provide a negative indication of the trustworthiness of the computer program and restricting functionality provided by the computer program;
  
  receiving a selection from a list of computer programs currently executing; and
  
  in response to receiving the selection, providing an indication of trustworthiness of the selected computer program by way of the trust indicator.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The computer-implemented method of claim 1, wherein the trust indicator is configured to minimize a possibility that indications provided by the trust indicator can be imitated by malicious program code executing on the computing device.
  - 3. The computer-implemented method of claim 1, wherein the computing device further comprises a secondary trust indicator that includes at least one of a light, a display, a speaker, a buzzer or a scent generator.
  - 4. The computer-implemented method of claim 1, wherein restricting functionality provided by the computer program comprises restricting access of the computer program to one or more hardware components of the computing device.
  - 5. The computer-implemented method of claim 1, further comprising performing functionality on behalf of a user in response to the hardware trust evaluation device determining that the computer program is trustworthy.
  - 6. The computer-implemented method of claim 1, wherein restricting functionality provided by the computer program comprises restricting access of the computer program to one or more application programming interfaces provided by the computing device.
  - 7. The computer-implemented method of claim 1, wherein the computer program comprises an application program.
  - 8. The computer-implemented method of claim 1, wherein the computer program comprises a device driver for a peripheral connected to the computing device.

9. A non-transitory computer-readable storage medium having computer-executable instructions stored thereupon which, when executed by a computing device having a hardware trust evaluation device integrated therein and a trust indicator connected directly to the hardware trust evaluation device, cause the computing device to:
- determine, by way of the hardware trust evaluation device, that a computer program executing on the computing device is trustworthy based on a definition of trustworthiness provided by a user of the computing device, wherein the definition specifies a policy for the trust indicator to provide a positive indication of trust and a negative indication of trust; and
  
  in response to the hardware trust evaluation device determining that the computer program is trustworthy, provide a positive indication of the trustworthiness of the computer program by way of the trust indicator, wherein the trust indicator comprises a display that is connected directly to the trust evaluation device and is visible on an external surface of the computing device.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 10. The computer-readable storage medium of claim 9, having further computer-executable instructions stored thereupon which, when executed by the computing device, cause the computing device to provide a negative indication of the trustworthiness of the computer program by way of the trust indicator in response to determining that the computer program is not trustworthy.
  - 11. The computer-readable storage medium of claim 9, having further computer-executable instructions stored thereupon which, when executed by the computing device, cause the computing device to restrict functionality provided by the computer program in response to the hardware trust evaluation device determining that the computer program is not trustworthy.
  - 12. The computer-readable storage medium of claim 9, wherein the hardware trust evaluation device comprises a Trusted Platform Module (TPM).
  - 13. The computer-readable storage medium of claim 9, wherein the trust indicator comprises one or more lights that are visible on an external surface of the computing device.
  - 14. The computer-readable storage medium of claim 11, wherein restricting the functionality provided by the computer program comprises removing data from the computing device.
  - 15. The computer-readable storage medium of claim 11, wherein restricting the functionality provided by the computer program comprises terminating execution of the computer program.
  - 16. The computer-readable storage medium of claim 11, wherein restricting the functionality provided by the computer program comprises preventing access to one or more hardware components of the computing device.
  - 17. The computer-readable storage medium of claim 9, wherein the trust indicator is physically connected directly to the trust evaluation device independent of a network connection.
  - 18. The computer-readable storage medium of claim 9, wherein the trust indicator comprises one of a speaker, a buzzer or a scent generator that is connected directly to the trust evaluation device.

19. A computing device configured to provide a trustworthy indication of the integrity of a computer program, the computing device comprising:
- at least one processor configured to execute the computer program;
  
  a memory connected to the at least one processor storing the computer program;
  
  at least one trust indicator comprising a display that is visible on an external surface of a case and configured to identify the computer program; and
  
  a hardware trust evaluation module connected to the at least one processor and having the at least one trust indicator connected directly thereto, the at least one processor, memory, and the hardware trust evaluation module being contained within the case, the hardware trust evaluation module being configured to evaluate trustworthiness of the computer program based on a definition of trustworthiness provided by a user of the computing device that specifies a policy for the trust indicator to provide a positive indication of trust and a negative indication of trust and to provide a negative indication of the trustworthiness of the computer program by way of the trust indicator in response to determining that the computer program is not trustworthy.
- View Dependent Claims (20, 21, 22, 23, 24, 25, 26)
- - 20. The computing device of claim 19, wherein the computing device is further configured to restrict functionality in response to the hardware trust evaluation module determining that the computer program is not trustworthy.
  - 21. The computing device of claim 20, wherein restricting functionality comprises one or more of removing data from the computing device, restricting access to one or more application programming interfaces provided by the computing device, terminating execution of the computer program, disabling one or more hardware components of the computing device, or disabling the computing device.
  - 22. The computing device of claim 19, wherein the hardware trust evaluation module is further configured to provide a positive indication of the trustworthiness of the computer program by way of the trust indicator in response to determining that the computer program is trustworthy.
  - 23. The computing device of claim 19, wherein the trust indicator comprises one or more lights that are visible on an external surface of the case.
  - 24. The computing device of claim 19, further comprising a secondary trust indicator connected directly to the hardware trust evaluation module.
  - 25. The computing device of claim 24, wherein hardware trust evaluation module is further configured to receive a request from a program executing on the processor to activate the secondary trust indicator and, in response to receiving the request, to activate the secondary trust indicator in response to a previous determination made by the hardware trust evaluation module that the program is trustworthy.
  - 26. The computing device of claim 19, wherein the trust indicator further comprises a physical switch which, when activated, causes the hardware trust evaluation module to evaluate trustworthiness of a foreground computer program.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Original Assignee
Amazon Technologies, Inc. (Amazon.com, Inc.)
Inventors
Hitchcock, Daniel W., Canavor, Darren E., Johansson, Jesper M., Bhimanaik, Bharath Kumar, Roths, Andrew J.
Primary Examiner(s)
LE, KHOI V

Application Number

US13/546,626
Time in Patent Office

2,099 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/57   Certifying or maintaining t...

H04L 63/12   Applying verification of th...

H04L 63/1433   Vulnerability analysis

Trustworthy indication of software integrity

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

27 Citations

26 Claims

Specification

Solutions

Use Cases

Quick Links

Trustworthy indication of software integrity

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

27 Citations

26 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links