WO2001010076A3 - Systems and methods for protecting secure and insecure computing environments using cryptography - Google Patents

Systems and methods for protecting secure and insecure computing environments using cryptography Download PDF

Info

Publication number
WO2001010076A3
WO2001010076A3 PCT/US2000/020736 US0020736W WO0110076A3 WO 2001010076 A3 WO2001010076 A3 WO 2001010076A3 US 0020736 W US0020736 W US 0020736W WO 0110076 A3 WO0110076 A3 WO 0110076A3
Authority
WO
WIPO (PCT)
Prior art keywords
tamper resistance
resistance work
different
load modules
application
Prior art date
Application number
PCT/US2000/020736
Other languages
French (fr)
Other versions
WO2001010076A2 (en
Inventor
W Olin Sibert
Original Assignee
Intertrust Tech Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Intertrust Tech Corp filed Critical Intertrust Tech Corp
Priority to AU66146/00A priority Critical patent/AU6614600A/en
Publication of WO2001010076A2 publication Critical patent/WO2001010076A2/en
Publication of WO2001010076A3 publication Critical patent/WO2001010076A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2211/00Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
    • G06F2211/007Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2145Inheriting rights or properties, e.g., propagation of permissions or restrictions within a hierarchy

Abstract

Computation environments are protected from bogus or rogue load modules, executables, and other data elements through use of digital signatures, seals, and certificates issued by a verifying authority. A verifying authority - which may be a trusted independent third party - tests the load modules and/or other items to verify that their corresponding specifications are accurate and complete, and then digitally signs them based on a tamper resistance work factor classification. Secure computation environments with different tamper resistance work factors use different digital signature authentication techniques (e.g., different signature algorithms and/or signature verification keys), allowing one tamper resistance work factor environment to protect itself against load modules from another tamper resistance work factor environment. The verifying authority can provide an application intended for insecure environments with a credential having multiple elements covering different parts of the application. To verify the application, a trusted element can issue challenges based on different parts of the authenticated credential that the trusted element selects in an unpredictable (e.g., random) way, and deny service (or take other appropriate action) if the responses do not match the authenticated credential.
PCT/US2000/020736 1999-07-29 2000-07-31 Systems and methods for protecting secure and insecure computing environments using cryptography WO2001010076A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU66146/00A AU6614600A (en) 1999-07-29 2000-07-31 Systems and methods for using cryptography to protect secure and insecure computing environments

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US14642699P 1999-07-29 1999-07-29
US60/146,426 1999-07-29

Publications (2)

Publication Number Publication Date
WO2001010076A2 WO2001010076A2 (en) 2001-02-08
WO2001010076A3 true WO2001010076A3 (en) 2001-06-07

Family

ID=22517306

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2000/020736 WO2001010076A2 (en) 1999-07-29 2000-07-31 Systems and methods for protecting secure and insecure computing environments using cryptography

Country Status (2)

Country Link
AU (1) AU6614600A (en)
WO (1) WO2001010076A2 (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8874477B2 (en) 2005-10-04 2014-10-28 Steven Mark Hoffberg Multifactorial optimization system and method
US8880897B2 (en) 2003-09-18 2014-11-04 Apple Inc. Method and apparatus for incremental code signing
US9235833B2 (en) 2003-06-05 2016-01-12 Intertrust Technologies Corporation Interoperable systems and methods for peer-to-peer service orchestration
US9311670B2 (en) 2004-09-10 2016-04-12 Steven M. Hoffberg Game theoretic prioritization system and method
US9589110B2 (en) 2011-04-11 2017-03-07 Intertrust Technologies Corporation Information security systems and methods

Families Citing this family (31)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5892900A (en) 1996-08-30 1999-04-06 Intertrust Technologies Corp. Systems and methods for secure transaction management and electronic rights protection
US6157721A (en) 1996-08-12 2000-12-05 Intertrust Technologies Corp. Systems and methods using cryptography to protect secure computing environments
EP1555591B1 (en) 1995-02-13 2013-08-14 Intertrust Technologies Corp. Secure transaction management
US6959384B1 (en) 1999-12-14 2005-10-25 Intertrust Technologies Corporation Systems and methods for authenticating and protecting the integrity of data streams and other data
US7430670B1 (en) 1999-07-29 2008-09-30 Intertrust Technologies Corp. Software self-defense systems and methods
US7124170B1 (en) 1999-08-20 2006-10-17 Intertrust Technologies Corp. Secure processing unit systems and methods
US7406603B1 (en) 1999-08-31 2008-07-29 Intertrust Technologies Corp. Data protection systems and methods
US6985885B1 (en) 1999-09-21 2006-01-10 Intertrust Technologies Corp. Systems and methods for pricing and selling digital goods
US6832316B1 (en) 1999-12-22 2004-12-14 Intertrust Technologies, Corp. Systems and methods for protecting data secrecy and integrity
US7085839B1 (en) 2000-04-07 2006-08-01 Intertrust Technologies Corporation Network content management
US7313692B2 (en) 2000-05-19 2007-12-25 Intertrust Technologies Corp. Trust management systems and methods
US7107448B1 (en) 2000-06-04 2006-09-12 Intertrust Technologies Corporation Systems and methods for governing content rendering, protection, and management applications
US7213266B1 (en) 2000-06-09 2007-05-01 Intertrust Technologies Corp. Systems and methods for managing and protecting electronic content and applications
US7050586B1 (en) 2000-06-19 2006-05-23 Intertrust Technologies Corporation Systems and methods for retrofitting electronic appliances to accept different content formats
JP4067757B2 (en) * 2000-10-31 2008-03-26 株式会社東芝 Program distribution system
US7580988B2 (en) 2001-04-05 2009-08-25 Intertrust Technologies Corporation System and methods for managing the distribution of electronic content
US7136840B2 (en) 2001-04-20 2006-11-14 Intertrust Technologies Corp. Systems and methods for conducting transactions and communications using a trusted third party
US7581103B2 (en) 2001-06-13 2009-08-25 Intertrust Technologies Corporation Software self-checking systems and methods
US7383570B2 (en) 2002-04-25 2008-06-03 Intertrust Technologies, Corp. Secure authentication systems and methods
US7149899B2 (en) 2002-04-25 2006-12-12 Intertrust Technologies Corp. Establishing a secure channel with a human user
US9818136B1 (en) 2003-02-05 2017-11-14 Steven M. Hoffberg System and method for determining contingent relevance
GB2426837A (en) * 2005-06-01 2006-12-06 Hewlett Packard Development Co Checking the integrity of a software component
US9626667B2 (en) 2005-10-18 2017-04-18 Intertrust Technologies Corporation Digital rights management engine systems and methods
FR2895545B1 (en) * 2005-12-23 2008-05-30 Trusted Logic Sa METHOD FOR AUTHENTICATING APPLICATIONS OF A COMPUTER SYSTEM
US8364965B2 (en) 2006-03-15 2013-01-29 Apple Inc. Optimized integrity verification procedures
US7987514B2 (en) 2006-04-04 2011-07-26 Intertrust Technologies Corp. Systems and methods for retrofitting electronic appliances to accept different content formats
US7934197B2 (en) 2006-12-19 2011-04-26 Telefonaktiebolaget Lm Ericsson (Publ) Maintaining code integrity in a central software development system
DE102006061935A1 (en) * 2006-12-29 2008-07-03 Robert Bosch Gmbh Method for protecting microcomputer from manipulation, involves determining multiple access levels for test software and test software is only executed on microcomputer at determined access level
KR101239012B1 (en) 2008-03-04 2013-03-11 애플 인크. System and method of authorizing execution of software code based on at least one installed profile
US8639943B2 (en) 2008-06-16 2014-01-28 Qualcomm Incorporated Methods and systems for checking run-time integrity of secure code cross-reference to related applications
CN115708339B (en) * 2021-08-20 2024-03-12 清华大学 Data processing method, device and storage medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5745678A (en) * 1994-12-13 1998-04-28 International Business Machines Corporation Method and system for the secured distribution of multimedia titles
WO1998045768A1 (en) * 1997-04-10 1998-10-15 Nortel Networks Corporation Method and system for networked installation of uniquely customized, authenticable, and traceable software applications
EP0913757A2 (en) * 1997-10-30 1999-05-06 Xerox Corporation Protected software

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5745678A (en) * 1994-12-13 1998-04-28 International Business Machines Corporation Method and system for the secured distribution of multimedia titles
WO1998045768A1 (en) * 1997-04-10 1998-10-15 Nortel Networks Corporation Method and system for networked installation of uniquely customized, authenticable, and traceable software applications
EP0913757A2 (en) * 1997-10-30 1999-05-06 Xerox Corporation Protected software

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9235833B2 (en) 2003-06-05 2016-01-12 Intertrust Technologies Corporation Interoperable systems and methods for peer-to-peer service orchestration
US9235834B2 (en) 2003-06-05 2016-01-12 Intertrust Technologies Corporation Interoperable systems and methods for peer-to-peer service orchestration
US9317843B2 (en) 2003-06-05 2016-04-19 Intertrust Technologies Corporation Interoperable systems and methods for peer-to-peer service orchestration
US9424564B2 (en) 2003-06-05 2016-08-23 Intertrust Technologies Corporation Interoperable systems and methods for peer-to-peer service orchestration
US9466054B1 (en) 2003-06-05 2016-10-11 Intertrust Technologies Corporation Interoperable systems and methods for peer-to-peer service orchestration
US8880897B2 (en) 2003-09-18 2014-11-04 Apple Inc. Method and apparatus for incremental code signing
US9311670B2 (en) 2004-09-10 2016-04-12 Steven M. Hoffberg Game theoretic prioritization system and method
US8874477B2 (en) 2005-10-04 2014-10-28 Steven Mark Hoffberg Multifactorial optimization system and method
US9589110B2 (en) 2011-04-11 2017-03-07 Intertrust Technologies Corporation Information security systems and methods

Also Published As

Publication number Publication date
WO2001010076A2 (en) 2001-02-08
AU6614600A (en) 2001-02-19

Similar Documents

Publication Publication Date Title
WO2001010076A3 (en) Systems and methods for protecting secure and insecure computing environments using cryptography
US10447486B2 (en) Remote attestation of a security module's assurance level
ES2554491T3 (en) Devices and method of applying a computer policy
Leavitt Internet security under attack: The undermining of digital certificates
CN104184743B (en) Towards three layers of Verification System and authentication method of cloud computing platform
Burr et al. Electronic authentication guideline
US10608828B2 (en) Revocation status using other credentials
WO2006017757A3 (en) Enhanced security using service provider authentication
US20090271618A1 (en) Attestation of computing platforms
US20080260152A1 (en) Proofs of Vicinity Using Cpufs
EP3320662B1 (en) Method of securing authentication in electronic communication
WO2008039582A3 (en) System and method for securing software applications
EP2158719B1 (en) Method of generating a public key for an electronic device and electronic device
JP2008538146A (en) Architecture for privacy protection of biometric templates
WO2007125486A3 (en) Improved access to authorized domains
EP1032176A3 (en) Detecting and locating a misbehaving device in a network domain
EP2484564B1 (en) Method and apparatus for vehicle security
CN101296075A (en) Identity authentication system based on elliptic curve
Alzomai et al. The mobile phone as a multi OTP device using trusted computing
Burr et al. Sp 800-63-1. electronic authentication guideline
US6882730B1 (en) Method for secure distribution and configuration of asymmetric keying material into semiconductor devices
JP2007157161A5 (en)
Furtado et al. Threat analysis of the security credential management system for vehicular communications
KR20130100032A (en) Method for distributting smartphone application by using code-signing scheme
CN105894076A (en) Credible authentication interconnection and intercommunication PSAM card

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
AK Designated states

Kind code of ref document: A3

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A3

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP