Authenticating third-party programs for platforms
First Claim
1. A method comprising:
- receiving, by a platform device manufactured by a platform developer, a first software package signed by a first software development entity with a first certificate of a first certificate hierarchy created by the first software development entity, wherein the first certificate is granted to the first software development entity by a certificate authority of the platform developer, wherein the first certificate comprises a root of the first certificate hierarchy, wherein the first certificate hierarchy conforms to a first hierarchical structure of entities within the first software development entity, and wherein the first software development entity is separate from the platform developer;
executing, by a control unit of the platform device, the first software package only after traversing the first certificate hierarchy to the root of the first certificate hierarchy and verifying that the root of the first certificate hierarchy corresponds to the certificate authority of the platform developer;
receiving, by the platform device, a second software package signed by a second software development entity with a second certificate of a second certificate hierarchy created by the second software development entity, wherein the second certificate is granted to the second software development entity by the certificate authority of the platform developer and wherein the second certificate comprises a root of the second certificate hierarchy, wherein the second certificate hierarchy conforms to a second hierarchical structure of entities within the second software development entity, wherein the second certificate hierarchy is different than the first certificate hierarchy, wherein the second software development entity is separate from the first software development entity, and wherein the second software development entity is separate from the platform developer; and
executing, by the control unit of the platform device, the second software package only after traversing the verifying certificate hierarchy to the root of the second certificate hierarchy and verifying that the root of the second certificate hierarchy corresponds to the certificate authority of the platform developer.
1 Assignment
0 Petitions
Accused Products
Abstract
In one example, a platform device includes a control unit configured to receive a first software package signed by a first software development entity with a first certificate of a first certificate hierarchy associated with the first software development entity, execute the first software package only after determining that a root of the first certificate hierarchy corresponds to a certificate authority of a developer of the platform device, receive a second software package signed by a second software development entity with a second certificate of a second certificate hierarchy associated with the second software development entity, wherein the second certificate hierarchy is different than the first certificate hierarchy, and execute the second software package only after determining that a root of the second certificate hierarchy corresponds to the certificate authority of the developer of the platform device.
133 Citations
20 Claims
-
1. A method comprising:
-
receiving, by a platform device manufactured by a platform developer, a first software package signed by a first software development entity with a first certificate of a first certificate hierarchy created by the first software development entity, wherein the first certificate is granted to the first software development entity by a certificate authority of the platform developer, wherein the first certificate comprises a root of the first certificate hierarchy, wherein the first certificate hierarchy conforms to a first hierarchical structure of entities within the first software development entity, and wherein the first software development entity is separate from the platform developer; executing, by a control unit of the platform device, the first software package only after traversing the first certificate hierarchy to the root of the first certificate hierarchy and verifying that the root of the first certificate hierarchy corresponds to the certificate authority of the platform developer; receiving, by the platform device, a second software package signed by a second software development entity with a second certificate of a second certificate hierarchy created by the second software development entity, wherein the second certificate is granted to the second software development entity by the certificate authority of the platform developer and wherein the second certificate comprises a root of the second certificate hierarchy, wherein the second certificate hierarchy conforms to a second hierarchical structure of entities within the second software development entity, wherein the second certificate hierarchy is different than the first certificate hierarchy, wherein the second software development entity is separate from the first software development entity, and wherein the second software development entity is separate from the platform developer; and executing, by the control unit of the platform device, the second software package only after traversing the verifying certificate hierarchy to the root of the second certificate hierarchy and verifying that the root of the second certificate hierarchy corresponds to the certificate authority of the platform developer. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A platform device manufactured by a platform developer, the platform device comprising a control unit configured to:
-
receive a first software package signed by a first software development entity with a first certificate of a first certificate hierarchy created by the first software development entity, wherein the first certificate is granted to the first software development entity by a certificate authority of the platform developer and wherein the first certificate comprises a root of the first certificate hierarchy, wherein the first certificate hierarchy conforms to a first hierarchical structure of entities within the first software development entity, and wherein the first software development entity is separate from the platform developer, execute the first software package only after traversing the first certificate hierarchy to the root of the first certificate hierarchy and verifying that the root of the first certificate hierarchy corresponds to the certificate authority of the platform developer, receive a second software package signed by a second software development entity with a second certificate of a second certificate hierarchy created by the second software development entity, wherein the second certificate is granted to the second software development entity by the certificate authority of the platform developer and wherein the second certificate comprises a root of the second certificate hierarchy, wherein the second certificate hierarchy conforms to a second hierarchical structure of entities within the second software development entity, wherein the second certificate hierarchy is different than the first certificate hierarchy, wherein the second software development entity is separate from the first software development entity, and wherein the second software development entity is separate from the platform developer, and execute the second software package only after traversing the second certificate hierarchy to the root of the second certificate hierarchy and verifying that the root of the second certificate hierarchy corresponds to the certificate authority of the platform developer. - View Dependent Claims (7, 8, 9, 10)
-
-
11. A computer-readable storage medium comprising instructions that, when executed, cause a processor of a platform device manufactured by a platform developer to:
-
receive a first software package signed by a first software development entity with a first certificate of a first certificate hierarchy created by the first software development entity, wherein the first certificate is granted to the first software development entity by a certificate authority of the platform developer and wherein the first certificate comprises a root of the first certificate hierarchy, wherein the first certificate hierarchy conforms to a first hierarchical structure of entities within the first software development entity, and wherein the first software development entity is separate from the platform developer; execute the first software package only after traversing the first certificate hierarchy to the root of the first certificate hierarchy and verifying that the root of the first certificate hierarchy corresponds to the certificate authority of the platform developer; receive a second software package signed by a second software development entity with a second certificate of a second certificate hierarchy created by the second software development entity, wherein the second certificate is granted to the second software development entity by the certificate authority of the platform developer and wherein the second certificate comprises a root of the second certificate hierarchy, wherein the second certificate hierarchy conforms to a second hierarchical structure of entities within the second software development entity, wherein the second certificate hierarchy is different than the first certificate hierarchy, wherein the second software development entity is separate from the first software development entity, and wherein the second software development entity is separate from the platform developer; and execute the second software package only after traversing the second certificate hierarchy to the root of the second certificate hierarchy and verifying that the root of the second certificate hierarchy corresponds to the certificate authority of the developer of the platform device, wherein the developer of the platform device is separate from the second software development entity. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A method comprising:
-
receiving, by one or more hardware-based processors of a computing device of a software development entity, a certificate from a certificate authority associated with a developer of a platform device; constructing, by the one or more hardware-based processors using the certificate from the certificate authority, a certificate hierarchy including a plurality of hierarchically arranged certificates including, as a root of the certificate hierarchy, the certificate from the certificate authority associated with the developer of the platform device, wherein the certificate hierarchy conforms to a hierarchical structure of entities within the software development entity, and wherein the software development entity is separate from the developer of the platform device; after determining that a software package was developed for the platform device by one or more of the entities within the software development entity, signing, by the one or more hardware-based processors, data of the software package using the certificate from the certificate authority; and providing, by the one or more hardware-based processors, the signed software package and data for the certificate hierarchy to one or more platform devices of the platform device developed by the developer. - View Dependent Claims (17, 18, 19, 20)
-
Specification