Class / Patent application number | Description | Number of patent applications / Date published |
713187000 | COMPUTER PROGRAM MODIFICATION DETECTION BY CRYPTOGRAPHY | 67 |
20080215891 | Systems and Methods for Watermarking Software and Other Media - Systems and methods are disclosed for embedding information in software and/or other electronic content such that the information is difficult for an unauthorized party to detect, remove, insert, forge, and/or corrupt. The embedded information can be used to protect electronic content by identifying the content's source, thus enabling unauthorized copies or derivatives to be reliably traced, and thus facilitating effective legal recourse by the content owner. Systems and methods are also disclosed for protecting, detecting, removing, and decoding information embedded in electronic content, and for using the embedded information to protect software or other media from unauthorized analysis, attack, and/or modification. | 09-04-2008 |
20080235517 | Update System for Cipher System - There is a demand for a device handling information with the use of encryption technology to safely and simply update the encryption schemes. The present invention offers an information security device having a plurality of encryption schemes and handling information safely and reliably, characterized by selecting one of the plurality of encryption schemes as an application encryption scheme and installing a different encryption scheme from the plurality of encryption schemes based on the application encryption scheme. | 09-25-2008 |
20080256363 | Trusted component update system and method - A trusted component update system comprises verify logic configured to validate integrity of an update to a trusted component of a computing device, and logic disposed in the trusted component and configured to validate integrity of the verify logic. | 10-16-2008 |
20080313472 | METHOD AND APPARATUS FOR CHANGING AND ADDING ACTIVATION KEYS FOR FUNCTIONS OF DIGITAL CONTENT WITHOUT HAVING TO CHANGE AND RECOMPILE THE DIGITAL CONTENT - A method and apparatus for changing and adding activation keys for functions of digital content without having to change and recompile the digital content. The rules for validating activation keys, the code for providing instructions for executing the rules for validating the activation keys and a template for identifying possible activation keys, which keys are currently valid and validating rules associated with each currently valid activation key are separated and separately secured. | 12-18-2008 |
20080320311 | APPARATUS AND METHOD FOR AUTHENTICATING FIRMWARE - An apparatus and method to authenticate firmware stored in a firmware storage unit. The apparatus includes a controller to commands an authenticator to start firmware authentication, the authenticator, which performs authentication of the firmware using a signature read from the firmware storage unit, and a bus controller to controls a data transmission bus to a decoder. The authenticator prevents data from being transmitted through the data transmission bus if the firmware authentication fails, and the authenticator controls the bus controller to enable data to be transmitted through the data transmission bus if the firmware authentication succeeds. Using the apparatus, illegal use of content can be prevented. | 12-25-2008 |
20090031141 | COMPUTER PLATFORMS AND THEIR METHODS OF OPERATION - A computer platform ( | 01-29-2009 |
20090049308 | Method for Effective Tamper Resistance - A system, method, and computer program product for preventing a malicious user from analyzing and modifying software content. The one-way functions used in prior art systems using dynamically evolving audit logs or self-modifying applications are replaced with a one-way function based on group theory. With this modification, untampered key evolution will occur inside a defined mathematical group such that all valid key values form a subgroup. However, if the program is altered, the key will evolve incorrectly and will no longer be a member of the subgroup. Once the key value is outside of the subgroup, it is not possible to return it to the subgroup. The present invention provides a limited total number of valid keys. The key evolution points are not restricted to locations along the deterministic path, so the key can be used in various novel ways to regulate the program's behavior, including in non-deterministic execution paths. | 02-19-2009 |
20090055656 | Method of Maintaining Software Integrity - A method of maintaining the integrity of software stored in memory, the method comprising: storing an indicator associated with the memory; calculating a reference value from the stored indicator; storing the reference value; modifying the indicator when the software in the memory is modified; storing the modified indicator; recalculating the reference value from the modified indicator; storing the recalculated reference value; and verifying the integrity of the software by: retrieving the modified indicator; calculating an expected value from the modified indicator; and comparing the expected value with the recalculated reference value. Preferably the integrity of the software is verified without calculating an expected value from the software. The reference and expected values are typically calculated in accordance with a secret key. | 02-26-2009 |
20090063867 | Method, System and Computer Program Product for Preventing Execution of Software Without a Dynamically Generated Key - A method, system and computer program product for partitioning the binary image of a software program, and partially removing code bits to create an encrypted software key, to increase software security. The software program's binary image is partitioned along a random segment length or a byte/nibble segment length, and the code bits removed, and stored, along with their positional data in a software key. The software key is encrypted and is separately distributed from the inoperable binary image to the end user. The encrypted key is stored on a secure remote server. When the end user properly authenticates with the developer's remote servers, the encrypted security key is downloaded from the secure remote server and is locally decrypted. The removed code bits are reinserted into the fractioned binary image utilizing the positional location information. The binary image is then operable to complete execution of the software program. | 03-05-2009 |
20090063868 | Method, System and Computer Program Product for Preventing Execution of Pirated Software - A method, system and computer program product for preventing execution of pirated software. A file is loaded on an end user's computer containing a binary image that is generated by removing one or more code bits from an executable code. A request is sent to a remote server to return a software key required for execution of the executable code from the binary image. The software key is downloaded to the end user's computer on which the binary image is loaded. One or more bits from the software key is inserted into the appropriate location of the binary image to regenerate the executable code. The executable code is enabled for execution on the end user's computer only following the embedding of the one or more bits. | 03-05-2009 |
20090077387 | Authenticating Software Using Protected Master Key - A processing unit includes a read-only encryption key. Software is loaded into a system memory area from a non-volatile storage device. Software code image that resides in the system storage area includes a prefix value and a suffix value. The prefix value is combined with the master key from the processing unit to create a random value that is the seed for a hashing algorithm. The hashing algorithm uses the seed value with a signature formed from the blocks of code to form a result. Finally, after the last block has been processed, a final result remains. The suffix value is combined with the master key, this hash result is compared with the result that was created using the hashing algorithm on the code. If the two results match, the code is authenticated and is executed. If the results do not match, the code is not loaded. | 03-19-2009 |
20090113210 | Program and operation verification - A security module may be used to verify integrity of an executable program and may also be used to verify execution of the executable program on a computer. The security module may directly read a computer memory by asserting bus master control of a system bus. The executable program may be directly verified by calculating a hash or may be indirectly verified by an intermediate program that calculates the hash and passes it to the security module. To verify operation, the executable program may cause an interrupt to be generated when the executable program is in a known state. An interrupt service routine may trigger the security module to read registers in the computer processor via a debug port. If either the verification of the executable program fails or the register values are inconsistent with operation of the executable program, the security module may interrupt operation of the computer. | 04-30-2009 |
20090119513 | Method and System for Remotely Debugging A Failed Computer Machine - A method for conducting a remote debugging session comprises setting a secure connection link with a failed client machine, receiving status information from the client machine through the connection link in response to a debug instruction sent to the client machine, displaying the status information in a readable form, requesting a user to enter a cryptographic key in response to a request for saving the status information, and generating a secured file containing the status information encrypted with the cryptographic key. | 05-07-2009 |
20090132829 | INFORMATION PROCESSOR, METHOD FOR VERIFYING AUTHENTICITY OF COMPUTER PROGRAM, AND COMPUTER PROGRAM PRODUCT - A disc stores therein a computer program and encrypted information. A BIOS is executed at the time of start-up and starts the computer program. A TPM is connected to the BIOS by a low-speed bus. The TPM includes a register for storing data. A blob stores therein true hash values of the computer program and the BIOS in advance. The BIOS includes a hash value calculating unit that calculates hash values of the computer program and the BIOS and stores those hash values in the register. The TPM compares the hash values stored in the register with the hash values stored in the blob and decrypts information in the blob if the hash values agree with each other. | 05-21-2009 |
20090204821 | DATA PROTECTION MECHANISM - A control system in a device allows for installation of application packages to impart different position data processing abilities to the device. The position data may be generated by an electronic pen, and the control system may be arranged in such a pen. Each application package comprises a license specification and an application program. The application program is configured to access the position data and device functions via the control system. The license specification provides for digital rights management and data protection. For example, the license specification may be used by the control system to verify an application program for installation in the device. Further, the license specification may cause the control system to selectively allow the application program to access a specific device function only if it is listed in the license specification. | 08-13-2009 |
20090217053 | IMAGE FORMING APPARATUS, DATA PROCESSING METHOD, AND COMPUTER READABLE RECORDING MEDIUM - An image forming apparatus capable of executing a program in plural program execution environments is disclosed. The disclosed image forming apparatus includes a storage unit storing cryptographic data related to a cryptographic function; a first recording unit configured to obtain the cryptographic data from the storage unit and record the cryptographic data in a first storage area that can be referenced from the plural program execution environments; and plural second recording units provided in the plural program execution environments and configured to obtain the cryptographic data from the first storage area and record the cryptographic data in a second storage area for each of the plural program execution environments so that the cryptographic data can be referenced by the program executed in the plural program execution environments. | 08-27-2009 |
20090249080 | METHODS, APPARATUS AND SYSTEM FOR AUTHENTICATING A PROGRAMMABLE HARDWARE DEVICE AND FOR AUTHENTICATING COMMANDS RECEIVED IN THE PROGRAMMABLE HARDWARE DEVICE FROM A SECURE PROCESSOR - A method, device and system for authenticating a programmable hardware device, such as a programmable hardware chip, and a command received by the programmable hardware device. A secure processor or other trusted source authenticates the programmable hardware chip by verifying, with the secure processor's own verification key, a random number sent to the programmable hardware chip and encrypted using a verification key embedded within the programmable hardware chip, since the nature of the encryption is such that only the original logic function that includes the verification key can encrypt the data correctly. A command received by the programmable hardware chip is authenticated by verifying that a command authentication token received by the programmable hardware chip is generated using the correct command authentication key and consequently verifying that the command is received from the secure processor, as only the party who has the command authentication key can encrypt the data correctly. | 10-01-2009 |
20090307499 | MACHINE, MACHINE MANAGEMENT APPARATUS, SYSTEM, AND METHOD, AND RECORDING MEDIUM - A machine management method includes installing software in a machine including a security device that holds a secret key unextractable from the security device and a public key extractable from the security device, encrypts input data with the public key, and decrypts the input data with the secret key; storing machine identification information of the machine in association with software identification information of the software installed in the machine in an external management apparatus; creating a device-encryption key to encrypt data stored on a first storage device of the machine; storing a device-encryption-key BLOB obtained by encrypting the device-encryption key with the public key on a second storage device of the machine; and storing the device-encryption key in association with the machine identification information in the external management apparatus. | 12-10-2009 |
20090313480 | METHOD AND SYSTEM FOR OBFUSCATING A GRYPTOGRAPHIC FUNCTION - A method of proctecting an integrity of a data processing system. The method comprises determining a data string to be protected, an integrity of the data string being an indication of the integrity of the data protecessing system. Computing a set of parameters representing a predetermined data processing function, using a redundancy in the set of parameters to incorporate the data string into a bit representation of the set of parameters. Enabling the system to process data according to the set of parameters. The set of parameters represents at least part of cryptographic algorithm key. The set of parameters represents a netword of look-up tables. The network of look-up tables comprises a plurality of look-up tables of a white-box implementation of a data processing algorithm. The data processing algorithm comprises a cryptographic algorithm. | 12-17-2009 |
20090327745 | SECURE APPARATUS AND METHOD FOR PROTECTING INTEGRITY OF SOFTWARE SYSTEM AND SYSTEM THEREOF - Provided is a secure apparatus for protecting the integrity of a software system and a method thereof. The apparatus comprises: a template repository for storing templates required for generating an agent template; a template generator for randomly selecting one template from said template repository and generating a new agent template according to the selected template; and a transceiver for sending said new agent module to an external apparatus communicating with said secure apparatus to update a current agent module which is running in said external apparatus, wherein said current agent module is used to verify the integrity of said software system running in said external apparatus. The secure apparatus can protect software in an insecure environment with a high software protection level to prevent the software from being tampered or bypassed. | 12-31-2009 |
20100017620 | SOFTWARE SELF-CHECKING SYSTEMS AND METHODS - Software self-checking mechanisms are described for improving software tamper resistance and/or reliability. Redundant tests are performed to detect modifications to a program while it is running. Modifications are recorded or reported. Embodiments of the software self-checking mechanisms can be implemented such that they are relatively stealthy and robust, and so that it they are compatible with copy-specific static watermarking and other tamper-resistance techniques. | 01-21-2010 |
20100037065 | Method and Apparatus for Transitive Program Verification - A method, apparatus and program storage device for program verification in an information handling system in which an application program runs on an operating system having a signature verification function for verifying a digital signature of the application program. Upon loading of the application program, the signature verification function of the operating system verifies the digital signature of the application program and, if the digital signature is verified, initiates execution of the application program. Upon initiation of execution of the application program, a verification testing function associated with the application program tests the signature verification function of the operating system by presenting to it a sequence of test digital signatures in a specified pattern of true and false signatures. If its test of the signature verification function of the operating system is successful, the application program initiates normal execution. Otherwise, the application program terminates without initiating normal execution. | 02-11-2010 |
20100070775 | METHOD AND SYSTEM FOR DETECTING MODIFIED PAGES - A method for validating program execution. The method involves identifying a program from a second computer system, obtaining, by a first computer system, a first copy of a page for a file of the program from a second computer system, calculating a hash value for the first copy, storing the first copy in a local memory of the first computer system, storing the hash value for the first copy, and executing the program on the first computer system, where the first copy is removed from the local memory during execution of the program. The method further involves obtaining a second copy of the page from the second computer system, calculating a hash for the second copy, determining whether the hash value for the first copy is equal to the hash value for the second copy, and performing an appropriate action in response to the determination. | 03-18-2010 |
20100083001 | Auditor Assisted Extraction And Verification Of Client Data Returned From A Storage Provided While Hiding Client Data From The Auditor - Various approaches for extracting client's data from a storage provider are presented. In one approach, an auditor is initialized with a verification data set that confirms that an initial version of a data set stored by the storage provider is intact. The auditor extracts a second version of the data set from the storage provider; the second version hides information specified by the data set from the auditor. The auditor determines whether the second version matches the initial version. The second version is returned to the client if the initial version matches the second version. The auditor is prevented from recovering the information specified by the data set using the state information, and the client need not store any state information related to the initial and second versions needed to recover the information specified by the data set. If the initial version does not match the second version, the auditor outputs data indicative of data corruption. | 04-01-2010 |
20100095129 | COMPUTER PROGRAM INTEGRITY VERIFICATION - A system and method are disclosed that can extend, by many years, the useful life of currently-trusted integrity verification algorithms, such as hash functions, even when applied to binary executable files and data files, the contents of which are not thoroughly examined by humans in their binary state. Embodiments can efficiently identify whether multiple digital files are substantially similar, even if they are not identical, thus potentially reducing storage space requirements. | 04-15-2010 |
20100100747 | SYSTEMS AND METHODS FOR DOWNLOADING CODE AND DATA INTO A SECURE NON-VOLATILE MEMORY | 04-22-2010 |
20100235647 | Hardware Security for Software Processes - A system and method for secure processing is provided, wherein a monitor application is injected into a secure application binary within the security perimeter of a secure processor. The components of the monitor application are injected into different portions of the application binary utilizing a seed value. In this manner, the positioning of the monitor application in the application binary is altered each time the application binary is booted. After the monitor application is inserted into the application binary, the secure process is passed to the host processor for execution. During execution of the secure process, a system and method is provided for the monitor application to communicate, to the secure processor, attempts to tamper with or attack the secure process. | 09-16-2010 |
20100293388 | PROTECTING SECRET INFORMATION IN A PROGRAMMED ELECTRONIC DEVICE - This disclosure provides a way for securely protecting secret information—for example, a secret key—in a programmed electronic device. A technique is disclosed for protecting secret information in a programmed electronic device that includes a non-trusted memory containing software, a data memory containing the secret information, and an access restriction logic unit that is adapted to allow or block access to the secret information wherein the secret information is adapted to be used for verifying the integrity of the software. In one embodiment, when starting up the programmed electronic device, the access restriction logic unit allows access to the secret information. Then the secret information is accessed for use in verifying the integrity of the software, and subsequently the access restriction logic unit blocks further access to the secret information. Embodiments of a semiconductor device and a programmed electronic device comprising similar features are also disclosed. | 11-18-2010 |
20110055587 | Alert options for electronic-paper verification - A system and method to control the writing on electronic paper (e-paper). An e-paper device may incorporate authentication indicia as part of informational data written on e-paper material. The informational data is protected by a security methodology that is accessible to authorized entities. A reader device may be used to help make a verification determination of whether encrypted or encoded data has been altered. In some instances an output alert operably coupled to the reader device serves as a verification status indicator. | 03-03-2011 |
20110087892 | Eliminating False Reports of Security Vulnerabilities when Testing Computer Software - A system for eliminating false reports of security vulnerabilities when testing computer software, including a taint analysis engine configured to identify a tainted variable v in a computer application, a data mapping identification engine configured to identify a variable x within the application that holds data derived from v, where x is in a different format than v, an AddData identification engine configured to identify an AddData operation within the application that is performed on x, a signature identification engine configured to identify a Sign operation within the application that is performed on the results of the AddData operation on x, a signature comparison identification engine configured to identify an operation within the application that compares the results of the Sign operation with another value | 04-14-2011 |
20110138188 | METHOD AND SYSTEM FOR VERIFYING SOFTWARE PLATFORM OF VEHICLE - A system for verifying a software platform of a vehicle including at least one electronic control unit receives a first final confirmation value corresponding to a hash value of software measured in the electronic control unit from an integrated security apparatus inside the vehicle and extends a hash value of normally operated software received from a software manufacturer of the electronic control unit to generate a second final confirmation value. Next, the system verifies the software platform of the vehicle based on results obtained by comparing the first final confirmation value with the second final confirmation value. | 06-09-2011 |
20110213986 | Method for Activating Content and Content Reproduction Apparatus - A firmware verification section verifies whether a firmware for controlling the activating of contents has been falsified or not, prior to the activating of the contents; a decoding key setting section sets a key to the firmware; the key is used to decode an encrypted activation program for activating the contents, when the firmware has not been falsified; and an activation program decoding section decodes the encrypted activation program by using the firmware with the key set to the firmware. | 09-01-2011 |
20110231668 | Signed Manifest for Run-Time Verification of Software Program Identity and Integrity - A measurement engine performs active platform observation. A program includes an integrity manifest to indicate an integrity check value for a section of the program's source code. The measurement engine computes a comparison value on the program's image in memory and determines if the comparison value matches the expected integrity check value. If the values do not match, the program's image is determined to be modified, and appropriate remedial action can be triggered. The integrity manifest can include a secure signature to verify the validity of the integrity manifest. | 09-22-2011 |
20110246783 | INFORMATION PROCESSING DEVICE, MANAGEMENT DEVICE, ILLEGAL MODULE DETECTION SYSTEM, ILLEGAL MODULE DETECTION METHOD, RECORDING MEDIUM ON WHICH ILLEGAL MODULE DETECTION PROGRAM IS RECORDED, MANAGEMENT METHOD, RECORDING MEDIUM AND INTEGRATED CIRCUIT ON WHICH MANAGEMENT METHOD IS RECORDED - The present invention aims to perform tamper detection on a protection control module without having detection modules come to know the key data and functions thereof. The detection modules of the present invention perform tamper detection by verifying whether or not the correspondence between the input and output data of the application decryption process performed by the protection control module is correct. Furthermore, the present invention offers improved security against leaks of the application output data by the detection modules by having a plurality of detection modules verify different data blocks. | 10-06-2011 |
20110289323 | Signing program data payload sequence in progrm loading - Communicating program data between a first device and a second device comprises disassembling a first program file comprising program data into at least one logical data unit, partitioning each of the at least one logical data unit into at least one protocol data unit and computing a first fingerprint over the payload portion of the at least one protocol data unit of the at least one logical data unit. The format of the at least one protocol data unit is defined by a communication protocol and includes a payload portion. | 11-24-2011 |
20110302424 | Software Self-Checking Systems and Methods - Software self-checking mechanisms are described for improving software tamper resistance and/or reliability. Redundant tests are performed to detect modifications to a program while it is running. Modifications are recorded or reported. Embodiments of the software self-checking mechanisms can be implemented such that they are relatively stealthy and robust, and so that it they are compatible with copy-specific static watermarking and other tamper-resistance techniques. | 12-08-2011 |
20120079279 | Generation of SW Encryption Key During Silicon Manufacturing Process - A method of generating an encryption key during the manufacturing process of a device includes randomly generating a seed, encrypting a unique identifier disposed in the device to obtain a first encryption key, encrypting the first encryption key using a public key to obtain a second encryption key, and sending the second encryption key and the seed to a software provider. The method further includes receiving the second encryption key and the seed by the software provider and decrypting the second encryption key using a private key to recover the first encryption key. The manufacturer then encrypts a program code using the recovered first encryption key and installs the seed in a certificate that is associated with the encrypted program code. | 03-29-2012 |
20120166811 | System and Method for Efficiently Detecting Additions and Alterations to Individual Application Elements for Multiple Releases of Applications in the Environments where the Applications can be Altered - Systems, methods and computer readable media for detecting customization of an application running on a customer's environment are described. An application's original source can maintain a master hash registry for an application. The master hash registry includes valid and invalid hash codes for all objects in the application across all versions of the application. This master hash registry may be provided to the customer. A customization detection system loads a master hash registry to memory. The customization detection system may then retrieve an application object from the application, generate hash values for the object and compare these values with the object's master hash registry values to determine whether the application object is new or whether it has been customized in a supportable or unsupportable manner. The customization detection system may then set the object's customization status based on the results of the comparison. | 06-28-2012 |
20120265998 | Methods And Apparatus For Authenticating Components Of Processing Systems - When a processing system boots, it may retrieve an encrypted version of a cryptographic key from nonvolatile memory to a processing unit, which may decrypt the cryptographic key. The processing system may also retrieve a predetermined authentication code for software of the processing system, and the processing system may use the cryptographic key to compute a current authentication code for the software. The processing system may then determine whether the software should be trusted, by comparing the predetermined authentication code with the current authentication code. In various embodiments, the processing unit may use a key stored in nonvolatile storage of the processing unit to decrypt the encrypted version of the cryptographic key, a hashed message authentication code (HMAC) may be used as the authentication code, and/or the software to be authenticated may be boot firmware, a virtual machine monitor (VMM), or other software. Other embodiments are described and claimed. | 10-18-2012 |
20130036310 | LOW-LEVEL CODE SIGNING MECHANISM - Before an application is allowed to execute a secure function, code signing keys associated with the application are analyzed for correspondence with the class that contains the secure function as well as correspondence with the secure function. Optionally, code signing keys associated with the application are analyzed for correspondence with the input parameters to the function. | 02-07-2013 |
20130111215 | SOFTWARE SELF-CHECKING SYSTEMS AND METHODS | 05-02-2013 |
20130111216 | METHOD AND APPARATUS FOR INCREMENTAL CODE SIGNING | 05-02-2013 |
20130124871 | APPLICATION EXECUTION SYSTEM AND METHOD OF TERMINAL - An application execution system and a method for executing applications, at a terminal, with security check on the application package are provided. The system includes an application creator including an enabler, for creating an application package including a plurality of binary codes and content files, and for adding a checksum file generated by ciphering, at the enabler, information on a main binary of the application package, and a terminal storing the application, for determining a validity of the application package, and for executing an application according to the validity of the application package, and a subsystem including a checker, for ciphering the main binary of the application package using the checker added to the open function in response to the call, for notifying, when the result of the ciphering and the checksum file match with each other, the operating system of the successful validation. | 05-16-2013 |
20130138969 | PREVENTING GLITCHING OF A FIRMWARE IMAGE USING ONE OR MORE LAYERS OF RANDOMNESS - Layers and elements of randomness are introduced to the firmware image comparison process to prevent hackers from glitching or tampering with the firmware image on a computing device. A hash function is applied to the firmware image thereby obtaining a first hash value. Random blocks of data are selected from the firmware image before it is hashed. Each or some of the random blocks of the firmware image are hashed thereby providing a hash value for the random blocks. The hash values are combined to derive a second hash value. The first hash value and the second hash value are combined to derive a final hash value. The final hash value is digitally signed and compared to a stored hash value. If the two match, a random non-zero value is stored in the relevant register. | 05-30-2013 |
20130238904 | PROTECTION AGAINST SIDE CHANNEL ATTACKS WITH AN INTEGRITY CHECK - The invention relates to a method for protecting a sensitive operation by checking the integrity of at least a subset of the data manipulated by the sensitive operation. Data to be checked are divided into blocks, an intermediate integrity check value being computed for each block, the intermediate integrity check values being computed in random order. The invention also relates to a cryptographic device wherein at least one sensitive operation of the cryptographic device is protected by a method according to the invention. | 09-12-2013 |
20130290729 | SYSTEMS AND METHODS FOR CONTROLLING FILE EXECUTION FOR INDUSTRIAL CONTROL SYSTEMS - A system includes a controller configured to control a process, and store at least one binary file, wherein the at least one binary files is generated from at least one source file, wherein the at least one source file comprises instructions configured to be executed by a processor in the controller. The controller may also be configured to retrieve a whitelist file comprising a first hash key value derived from the at least one binary file, and execute an executable file based on the whitelist file, wherein the executable file comprises the source file. | 10-31-2013 |
20140006796 | SYSTEM AND METHOD FOR IDENTIFYING SOFTWARE CHANGES | 01-02-2014 |
20140040630 | SYSTEM AND METHOD FOR DETECTING A SECURITY COMPROMISE ON A DEVICE - Embodiments of a system and method for detecting a security compromise on a device are described. Embodiments may be implemented by a content consumption application configured to protect content decryption keys on a device, such as a computer system (e.g., a desktop or notebook computer) or a mobile device (e.g., a smartphone or tablet). For instance, the content consumption application may be configured to provide decryption keys for respective content to a media component (or another component of the operating system) if multiple conditions have been met. For instance, in various embodiments, the content consumption application may pass the key to the media component after ensuring that i) one or more security mechanisms of the device operating system have not been compromised and ii) one or more executable instructions of the content consumption application have not been tampered (e.g., instructions corresponding to a function that handles the decryption key(s)). | 02-06-2014 |
20140095886 | METHODS, SYSTEMS AND APPARATUS TO SELF AUTHORIZE PLATFORM CODE - Methods and apparatus are disclosed to self authorize platform code. A disclosed example method includes storing a hash of a first public key in a policy data structure of a platform at a first time, extracting a second public key from a signature block associated with a data structure to be authenticated at a second time, when a hash of the second public key matches the hash of the first public key, extracting an encrypted hash from that signature block, decrypting the encrypted hash using the second public key to determine a decrypted value, and comparing the decrypted value with a hash of the data structure to verify the data structure integrity. | 04-03-2014 |
20140108812 | SYSTEM AND METHOD ENABLING PARALLEL PROCESSING OF HASH FUNCTIONS USING AUTHENTICATION CHECKPOINT HASHES - Systems and methods enabling parallel processing of hash functions are provided. A data string including a plurality of pieces arranged in an order is hashed using a hash function to determine a plurality of authentication checkpoint hashes associated with the pieces. To authenticate the data string, the pieces are grouped into sets, and the authentication checkpoint hash associated with the piece following all other pieces of that set in the order is associated with that set. The system simultaneously performs a separate hash process on each set. That is, the system hashes the pieces of that set using the hash function to determine a result hash, and compares that result hash with the authentication checkpoint hash associated with that set. The initial input to the hash function for the hash process for each set includes one of the pieces and either a default seed or an authentication checkpoint hash. | 04-17-2014 |
20140115342 | INFORMATION PROCESSING APPARATUS, INFORMATION STORAGE MEDIUM, CONTENT MANAGEMENT SYSTEM, DATA PROCESSING METHOD, AND COMPUTER PROGRAM - A configuration for achieving efficient content verification processing based on hash values is provided. Hash values of hash units set as segmented data of a content stored on an information storage medium are recorded in a content hash table and are stored on the information storage medium together with the content. An information processing apparatus for executing content playback executes hash-value comparison processing based on one or more randomly selected hash values. Regardless of the data amount of content, the configuration can perform hash-value determination and comparison processing based on hash units having a small amount of data, so that user equipment for executing content playback can perform efficient content verification. | 04-24-2014 |
20140115343 | INFORMATION PROCESSOR, METHOD FOR VERIFYING AUTHENTICITY OF COMPUTER PROGRAM, AND COMPUTER PROGRAM PRODUCT - A disc stores therein a computer program and encrypted information. A BIOS is executed at the time of start-up and starts the computer program. A TPM is connected to the BIOS by a low-speed bus. The TPM includes a register for storing data. A blob stores therein true hash values of the computer program and the BIOS in advance. The BIOS includes a hash value calculating unit that calculates hash values of the computer program and the BIOS and stores those hash values in the register. The TPM compares the hash values stored in the register with the hash values stored in the blob and decrypts information in the blob if the hash values agree with each other. | 04-24-2014 |
20140181530 | System and Method for Protecting Cloud Services from Unauthorized Access and Malware Attacks - Disclosed are systems, methods and computer program products for protecting cloud security services from unauthorized access and malware attacks. In one example, a cloud server receives one or more queries from security software of the user device. The server analyzes a system state and configuration of the user device to determine the level of trust associated with the user device. The server also analyzes the one or more queries received from the security software to determine whether to update the level of trust associated with the user device. The server determines, based on the level of trust, how to process the one or more queries. Finally, the server provides responses to the one or more queries from the security software based on the determination of how to process the one or more queries. | 06-26-2014 |
20140304520 | DETECTION OF SECURE VARIABLE ALTERATION IN A COMPUTING DEVICE EQUIPPED WITH UNIFIED EXTENSIBLE FIRMWARE INTERFACE (UEFI)-COMPLIANT FIRMWARE - A firmware-based mechanism for protecting against physical attacks on ROM areas holding Authenticated Variables. A first hash of contents of at least one Authenticated Variable is created by a computing device's UEFI-compliant firmware and stored in a non-volatile storage location. Subsequently a second hash of contents of the at least one Authenticated Variable is created by the firmware and compared by the firmware to the stored hash to identify unauthorized modifications of the at least one Authenticated Variable occurring after the creation of the first hash. | 10-09-2014 |
20150033030 | SECURELY RECOVERING A COMPUTING DEVICE - A method and an apparatus for establishing an operating environment by certifying a code image received from a host over a communication link are described. The code image may be digitally signed through a central authority server. Certification of the code image may be determined by a fingerprint embedded within a secure storage area such as a read only memory (ROM) of the portable device based on a public key certification process. A certified code image may be assigned a hash signature to be stored in a storage of the portable device. An operating environment of the portable device may be established after executing the certified code. | 01-29-2015 |
20150033031 | System and Method for Detecting a Security Compromise on a Device - Embodiments of a system and method for detecting a security compromise on a device are described. Embodiments may be implemented by a content consumption application configured to protect content decryption keys on a device, such as a computer system (e.g., a desktop or notebook computer) or a mobile device (e.g., a smartphone or tablet). For instance, the content consumption application may be configured to provide decryption keys for respective content to a media component (or another component of the operating system) if multiple conditions have been met. For instance, in various embodiments, the content consumption application may pass the key to the media component after ensuring that i) one or more security mechanisms of the device operating system have not been compromised and ii) one or more executable instructions of the content consumption application have not been tampered (e.g., instructions corresponding to a function that handles the decryption key(s)). | 01-29-2015 |
20150039900 | PROGRAM EXECUTION METHOD AND DECRYPTION APPARATUS - A method for program execution in a system including a decryption apparatus that prevents external referencing and an information processing apparatus communicating therewith and accessing first and third storage areas, includes: the decryption apparatus detecting a series of commands from a command group obtained by decrypting at least a portion of a program stored in the first storage area; obfuscating and storing the series of commands to a second storage area storing the decrypted portion and within the first storage area; assigning, when an execution request is received from the information processing apparatus, the third storage area having a capacity equivalent to any one series of commands; and storing to the third storage area, a series of certain commands stored in the second area and obtained by canceling obfuscation of the commands that correspond to the execution request; and the information processing unit executing the series of certain commands. | 02-05-2015 |
20150046717 | SEMICONDUCTOR APPARATUS - A semiconductor apparatus of an embodiment is provided with: a NAND memory configured to store a startup program; a ROM configured to store firmware activating the startup program; an OTP memory configured to store a hash value of the startup program; and a CPU configured to perform falsification detection of the startup program by comparing the hash value stored in the OTP memory and a hash value calculated from the startup program stored in the NAND memory, to execute the startup program if falsification is not detected, and to stop a startup process if falsification is detected. | 02-12-2015 |
20150074419 | SECURE VAULT SERVICE FOR SOFTWARE COMPONENTS WITHIN AN EXECUTION ENVIRONMENT - Embodiments of apparatuses, articles, methods, and systems for secure vault service for software components within an execution environment are generally described herein. An embodiment includes the ability for a Virtual Machine Monitor, Operating System Monitor, or other underlying platform capability to restrict memory regions for access only by specifically authenticated, authorized and verified software components, even when part of an otherwise compromised operating system environment. The underlying platform to lock and unlock secrets on behalf of the authenticated/authorized/verified software component provided in protected memory regions only accessible to the authenticated/authorized/verified software component. Other embodiments may be described and claimed. | 03-12-2015 |
20150074420 | EMBEDDED SYSTEM, INFORMATION PROCESSING UNIT, AND IMAGE FORMING APPARATUS - An embedded system includes a nonvolatile memory, a control section, and a firmware update section. The nonvolatile memory stores firmware and a public key in a normal area, and stores a hash value concerning the public key in an access restricted area. The control section reads and executes the firmware from the nonvolatile memory. The firmware update section receives new firmware in which the hash value is encrypted and given as an electronic signature, and updates the firmware to the new firmware. The firmware update section is configured to: read the public key from the nonvolatile memory to calculate the hash value concerning the public key; when the hash value is identical to the hash value stored in the nonvolatile memory, calculate a hash value of the new firmware; decrypt the electronic signature with the public key to restore the hash value; and when these hash values are identical to each other, update the firmware. | 03-12-2015 |
20150113284 | METHOD AND APPARATUS FOR PROTECTING APPLICATION PROGRAM - An application creating apparatus generates first authentication information using an authentication element is provided. The apparatus includes an application module when the application module is created, inserts the first authentication information into the application module, and distributes the application module. A user digital device that executes the application module checks the authentication element and the first authentication information included in the application module, generates second authentication information for the authentication element, and determines whether to execute the application module based on a result of comparison between the first authentication information and the second authentication information. | 04-23-2015 |
20160036841 | Database Queries Integrity and External Security Mechanisms in Database Forensic Examinations - A method, system and computer-usable medium are disclosed for performing forensic database security operations to verify database query integrity. A database protocol packet is intercepted, inspected and then processed by an external database security mechanism (EDSM) system to extract a database query. The database query is then processed with a secret key to generate a first keyed-hash message authentication code (HMAC) value, which is then inserted into the intercepted database protocol packet according to database protocol rules to generate a modified database protocol packet in a way that HMAC values and database query will be stored in predetermined database server session tracking tables. The modified database protocol packet is then provided to a database server, where database server subsequently accessed by the EDSM system to retrieve the database query and the first HMAC value. The EDSM system then uses the same secret key to calculate a second HMAC value for the retrieved database query, which is compared to the first HMAC value to determine whether they match. If not, then the database query is marked as having been modified after being inspected by the EDSM system. | 02-04-2016 |
20160098555 | PROGRAM CODE ATTESTATION CIRCUITRY, A DATA PROCESSING APPARATUS INCLUDING SUCH PROGRAM CODE ATTESTATION CIRCUITRY AND A PROGRAM ATTESTATION METHOD - Program code attestation circuitry and a method of operating such circuitry are provided. The program code attestation circuitry includes first storage, and measurement value generation circuitry that is arranged to store within that first storage a measurement value that is determined by applying a first hash algorithm to input data determined from a code block of the program code. Within a second storage a private key is stored. Further, signature generator circuitry is responsive to an attestation request from a request source external to the program code attestation circuitry to apply, to a derived value derived from the measurement value, a signature algorithm using the private key, in order to generate a signature for output to the request source. From this signature, the request source can then derive information about the stored measurement value sufficient to enable it to ascertain whether that stored measurement value agrees with an expected measurement value for the code block in question. This provides a simple and secure mechanism for attesting as to the correctness of code blocks of program code within a data processing apparatus. | 04-07-2016 |
20160154949 | ENFORCING RESTRICTIONS RELATED TO A VIRTUALIZED COMPUTER ENVIRONMENT | 06-02-2016 |
20160162686 | METHOD FOR VERIFYING INTEGRITY OF DYNAMIC CODE USING HASH BACKGROUND OF THE INVENTION - Disclosed are methods for verifying the integrity of a dynamic code using a hash and for generating a hash registry for the verification. Provided is the method for generating a hash registry for verification of the integrity of a dynamic code using a hash, comprising: a step for setting a security tag only for a specific function which is a part of program and requires security; a binary generation step for generating a binary by compiling a source code including at least one function to which the security tag is applied; a hash code extraction step for extracting a hash code for a code block of the specific function, if the binary is searched and the security tag is detected; and a hash registry generation step for generating a hash registry including the hash codes for at least one function generated in the has code extraction step. | 06-09-2016 |
20160171218 | MEMORY DEVICE AND SCRIPT-EXECUTION CONTROL METHOD | 06-16-2016 |
20160380771 | BINARY CODE AUTHENTICATION - The description particularly relates to methods for authenticating binary code stored in a smart card. The description also relates to systems and a computer program capable of implementing said methods, as well as to storage media containing such a computer program. | 12-29-2016 |