CN101366035A - 保护便携装置中的中间语言软件代码执行的安全的方法 - Google Patents
保护便携装置中的中间语言软件代码执行的安全的方法 Download PDFInfo
- Publication number
- CN101366035A CN101366035A CNA2006800525319A CN200680052531A CN101366035A CN 101366035 A CN101366035 A CN 101366035A CN A2006800525319 A CNA2006800525319 A CN A2006800525319A CN 200680052531 A CN200680052531 A CN 200680052531A CN 101366035 A CN101366035 A CN 101366035A
- Authority
- CN
- China
- Prior art keywords
- code
- virtual machine
- computing
- data item
- verification
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 39
- 238000012795 verification Methods 0.000 claims description 42
- 230000006870 function Effects 0.000 claims description 25
- 230000008520 organization Effects 0.000 claims description 5
- 230000000295 complement effect Effects 0.000 description 3
- 230000009466 transformation Effects 0.000 description 3
- 239000011800 void material Substances 0.000 description 2
- 230000009471 action Effects 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000001143 conditioned effect Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000003455 independent Effects 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000035945 sensitivity Effects 0.000 description 1
- 238000013519 translation Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/53—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Devices For Executing Special Programs (AREA)
- Stored Programmes (AREA)
Abstract
Description
Claims (17)
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
FR0512627 | 2005-12-13 | ||
FR0512627 | 2005-12-13 | ||
PCT/EP2006/069623 WO2007068706A1 (fr) | 2005-12-13 | 2006-12-12 | Procede pour securiser l'execution d'un code logiciel en langage intermediaire dans un appareil portatif |
Publications (2)
Publication Number | Publication Date |
---|---|
CN101366035A true CN101366035A (zh) | 2009-02-11 |
CN101366035B CN101366035B (zh) | 2012-09-05 |
Family
ID=36764534
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2006800525319A Active CN101366035B (zh) | 2005-12-13 | 2006-12-12 | 用于执行中间代码编译的应用程序的方法 |
Country Status (5)
Country | Link |
---|---|
US (1) | US8661535B2 (zh) |
EP (1) | EP1960934B1 (zh) |
CN (1) | CN101366035B (zh) |
AT (1) | ATE550725T1 (zh) |
WO (1) | WO2007068706A1 (zh) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107341372A (zh) * | 2017-07-25 | 2017-11-10 | 北京深思数盾科技股份有限公司 | 一种软件保护方法和装置 |
CN109313685A (zh) * | 2016-06-06 | 2019-02-05 | 微软技术许可有限责任公司 | 区块链系统的加密应用 |
Families Citing this family (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8832682B2 (en) * | 2008-03-28 | 2014-09-09 | Vmware, Inc. | Trace collection for a virtual machine |
EP2332088B1 (en) * | 2008-08-22 | 2020-10-28 | Titan Automotive Solutions | Verification of process integrity |
FR2967275B1 (fr) | 2010-11-10 | 2012-12-28 | Oberthur Technologies | Procede, programme d'ordinateur et dispositif de securisation de code intermediaire de programmation pour son execution par une machine virtuelle |
FR3047584B1 (fr) * | 2016-02-05 | 2018-03-02 | Morpho | Procede d'execution d'instructions d'applications orientees objet par un interpreteur |
FR3059119B1 (fr) * | 2016-11-21 | 2018-11-23 | Safran Identity & Security | Procede de protection d'un dispositif electronique executant un programme contre des attaques par injection de faute et par confusion de type. |
FR3068151B1 (fr) * | 2017-06-27 | 2022-01-28 | Safran Identity & Security | Procede de protection d'un dispositif electronique executant un programme contre des attaques par injection de faute |
Family Cites Families (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5748964A (en) * | 1994-12-20 | 1998-05-05 | Sun Microsystems, Inc. | Bytecode program interpreter apparatus and method with pre-verification of data type restrictions |
US6760907B2 (en) * | 1998-06-30 | 2004-07-06 | Sun Microsystems, Inc. | Code generation for a bytecode compiler |
US6618769B1 (en) * | 1999-05-27 | 2003-09-09 | Sun Microsystems, Inc. | Module-by-module verification |
US6651186B1 (en) * | 2000-04-28 | 2003-11-18 | Sun Microsystems, Inc. | Remote incremental program verification using API definitions |
GB2367654B (en) * | 2000-10-05 | 2004-10-27 | Advanced Risc Mach Ltd | Storing stack operands in registers |
DE10136335B4 (de) * | 2001-07-26 | 2007-03-22 | Infineon Technologies Ag | Prozessor mit mehreren Rechenwerken |
US20030126590A1 (en) * | 2001-12-28 | 2003-07-03 | Michael Burrows | System and method for dynamic data-type checking |
US7660985B2 (en) * | 2003-04-30 | 2010-02-09 | At&T Corp. | Program security through stack segregation |
US7516442B2 (en) * | 2003-10-23 | 2009-04-07 | Microsoft Corporation | Resource manifest |
FR2867929B1 (fr) * | 2004-03-19 | 2007-03-02 | Gemplus Card Int | Procede d'authentification dynamique de programmes par un objet portable electronique |
-
2006
- 2006-12-12 CN CN2006800525319A patent/CN101366035B/zh active Active
- 2006-12-12 AT AT06847029T patent/ATE550725T1/de active
- 2006-12-12 WO PCT/EP2006/069623 patent/WO2007068706A1/fr active Application Filing
- 2006-12-12 US US12/086,250 patent/US8661535B2/en active Active
- 2006-12-12 EP EP06847029A patent/EP1960934B1/fr active Active
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109313685A (zh) * | 2016-06-06 | 2019-02-05 | 微软技术许可有限责任公司 | 区块链系统的加密应用 |
CN109313685B (zh) * | 2016-06-06 | 2021-06-08 | 微软技术许可有限责任公司 | 区块链系统的加密应用 |
CN107341372A (zh) * | 2017-07-25 | 2017-11-10 | 北京深思数盾科技股份有限公司 | 一种软件保护方法和装置 |
CN107341372B (zh) * | 2017-07-25 | 2018-12-07 | 北京深思数盾科技股份有限公司 | 一种软件保护方法和装置 |
Also Published As
Publication number | Publication date |
---|---|
ATE550725T1 (de) | 2012-04-15 |
CN101366035B (zh) | 2012-09-05 |
EP1960934B1 (fr) | 2012-03-21 |
US20090165149A1 (en) | 2009-06-25 |
US8661535B2 (en) | 2014-02-25 |
WO2007068706A1 (fr) | 2007-06-21 |
EP1960934A1 (fr) | 2008-08-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN101366035B (zh) | 用于执行中间代码编译的应用程序的方法 | |
Leroy | Bytecode verification on Java smart cards | |
US7210127B1 (en) | Methods and apparatus for executing instructions in parallel | |
Mullen et al. | Verified peephole optimizations for CompCert | |
US7380242B2 (en) | Compiler and software product for compiling intermediate language bytecodes into Java bytecodes | |
Brooks | Survey of automated vulnerability detection and exploit generation techniques in cyber reasoning systems | |
EP1118940A2 (en) | Bytecode program interpreter apparatus and method with pre-verification of data type restrictions | |
Jacobs et al. | Featherweight verifast | |
US20080288921A1 (en) | Transformations for Software Obfuscation and Individualization | |
Gagnon et al. | Efficient inference of static types for Java bytecode | |
US9129137B2 (en) | Method, computer program and device for providing security for intermediate programming code for its execution by a virtual machine | |
Zhao et al. | Haepg: An automatic multi-hop exploitation generation framework | |
Li et al. | Bytecode testability transformation | |
Avvenuti et al. | Java bytecode verification for secure information flow | |
Batchelder et al. | Obfuscating Java: The most pain for the least gain | |
JP4754635B2 (ja) | 制御フロー保護機構 | |
Hojjat et al. | On strings in software model checking | |
League et al. | Precision in practice: A type-preserving Java compiler | |
Singh et al. | Parallel chopped symbolic execution | |
Yan et al. | Fast PokeEMU: Scaling generated instruction tests using aggregation and state chaining | |
Julliand et al. | Test generation from event system abstractions to cover their states and transitions | |
Lounas et al. | An approach for formal verification of updated java bytecode programs | |
US7155351B2 (en) | Method for verifying the calculator core of a microprocessor or a microcontroller | |
Leitold | Mathematical model of computer viruses | |
Nikolić et al. | Inferring complete initialization of arrays |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
ASS | Succession or assignment of patent right |
Owner name: GEMPLUS CARD INT Free format text: FORMER OWNER: GEMPLUS CO. Effective date: 20111202 |
|
C41 | Transfer of patent application or patent right or utility model | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20111202 Address after: French Meudon Applicant after: GEMALTO S.A. Address before: French based Minos Applicant before: GEMPLUS |
|
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CP01 | Change in the name or title of a patent holder | ||
CP01 | Change in the name or title of a patent holder |
Address after: French Meudon Patentee after: Thales Digital Security France Address before: French Meudon Patentee before: GEMALTO S.A. |
|
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20230403 Address after: French Meudon Patentee after: Thales Digital Security France Easy Stock Co. Address before: French Meudon Patentee before: Thales Digital Security France |