CN1868153B - 用于确定设备完整性的方法和装置 - Google Patents

用于确定设备完整性的方法和装置 Download PDF

Info

Publication number
CN1868153B
CN1868153B CN2004800296999A CN200480029699A CN1868153B CN 1868153 B CN1868153 B CN 1868153B CN 2004800296999 A CN2004800296999 A CN 2004800296999A CN 200480029699 A CN200480029699 A CN 200480029699A CN 1868153 B CN1868153 B CN 1868153B
Authority
CN
China
Prior art keywords
integrality
response
integrity
application
predetermined
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN2004800296999A
Other languages
English (en)
Chinese (zh)
Other versions
CN1868153A (zh
Inventor
伊凡·休·麦克莱恩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Qualcomm Inc
Original Assignee
Qualcomm Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Qualcomm Inc filed Critical Qualcomm Inc
Publication of CN1868153A publication Critical patent/CN1868153A/zh
Application granted granted Critical
Publication of CN1868153B publication Critical patent/CN1868153B/zh
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B17/00Monitoring; Testing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/305Authentication, i.e. establishing the identity or authorisation of security principals by remotely controlling device operation
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/316User authentication by observing the pattern of computer usage, e.g. typical user behaviour
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/552Detecting local intrusion or implementing counter-measures involving long-term monitoring or reporting
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • G06F21/56Computer malware detection or handling, e.g. anti-virus arrangements
    • G06F21/562Static detection
    • G06F21/565Static detection by checking file integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B17/00Monitoring; Testing
    • H04B17/40Monitoring; Testing of relay systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • H04W12/104Location integrity, e.g. secure geotagging
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2103Challenge-response
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Virology (AREA)
  • Computing Systems (AREA)
  • Social Psychology (AREA)
  • Electromagnetism (AREA)
  • Mobile Radio Communication Systems (AREA)
  • General Factory Administration (AREA)
  • Information Transfer Between Computers (AREA)
  • Telephonic Communication Services (AREA)
  • Debugging And Monitoring (AREA)
CN2004800296999A 2003-09-10 2004-08-17 用于确定设备完整性的方法和装置 Expired - Fee Related CN1868153B (zh)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US10/659,847 US6973305B2 (en) 2003-09-10 2003-09-10 Methods and apparatus for determining device integrity
US10/659,847 2003-09-10
PCT/US2004/027037 WO2005026877A2 (en) 2003-09-10 2004-08-17 Methods and apparatus for determining device integrity

Publications (2)

Publication Number Publication Date
CN1868153A CN1868153A (zh) 2006-11-22
CN1868153B true CN1868153B (zh) 2012-08-08

Family

ID=34273532

Family Applications (1)

Application Number Title Priority Date Filing Date
CN2004800296999A Expired - Fee Related CN1868153B (zh) 2003-09-10 2004-08-17 用于确定设备完整性的方法和装置

Country Status (17)

Country Link
US (1) US6973305B2 (enExample)
EP (1) EP1665590A4 (enExample)
JP (2) JP2007505394A (enExample)
KR (1) KR101041761B1 (enExample)
CN (1) CN1868153B (enExample)
AR (1) AR047718A1 (enExample)
AU (1) AU2004273429A1 (enExample)
BR (1) BRPI0414228A (enExample)
CA (1) CA2539451A1 (enExample)
IL (1) IL173984A0 (enExample)
MX (1) MXPA06002812A (enExample)
MY (1) MY136940A (enExample)
NZ (1) NZ545555A (enExample)
PE (1) PE20050741A1 (enExample)
RU (1) RU2354054C2 (enExample)
TW (1) TW200514382A (enExample)
WO (1) WO2005026877A2 (enExample)

Families Citing this family (22)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1338938A1 (en) * 2002-02-22 2003-08-27 SCHLUMBERGER Systèmes Protection against unauthorised execution of a program on an IC card
US7752320B2 (en) * 2003-11-25 2010-07-06 Avaya Inc. Method and apparatus for content based authentication for network access
US7558848B1 (en) * 2004-02-27 2009-07-07 F5 Networks, Inc. System and method for determining integrity over a virtual private network tunnel
US8539608B1 (en) * 2004-03-25 2013-09-17 Verizon Corporate Services Group Inc. Integrity checking at high data rates
US7496348B2 (en) * 2005-06-07 2009-02-24 Motorola, Inc. Wireless communication network security method and system
US7907531B2 (en) * 2005-06-13 2011-03-15 Qualcomm Incorporated Apparatus and methods for managing firmware verification on a wireless device
US20070123214A1 (en) * 2005-11-25 2007-05-31 Motorola, Inc. Mobile device system and strategies for determining malicious code activity
US8126507B2 (en) * 2006-03-22 2012-02-28 British Telecommunications Public Limited Company Communications device monitoring
WO2007117567A2 (en) * 2006-04-06 2007-10-18 Smobile Systems Inc. Malware detection system and method for limited access mobile platforms
KR101501418B1 (ko) 2006-05-09 2015-03-10 인터디지탈 테크날러지 코포레이션 무선 장치에 대한 안전 시간 기능
US7734247B2 (en) * 2007-01-25 2010-06-08 Sony Ericsson Mobile Communications Ab Configurable serial memory interface
US8544092B2 (en) * 2009-03-12 2013-09-24 International Business Machines Corporation Integrity verification using a peripheral device
US8850211B2 (en) * 2009-04-27 2014-09-30 Qualcomm Incorporated Method and apparatus for improving code and data signing
US8745747B2 (en) * 2009-12-31 2014-06-03 Fujitsu Limited Data protecting device
US9202049B1 (en) 2010-06-21 2015-12-01 Pulse Secure, Llc Detecting malware on mobile devices
CA2804869C (en) * 2010-07-09 2016-05-24 Research In Motion Limited Microcode-based challenge/response process
US8726338B2 (en) 2012-02-02 2014-05-13 Juniper Networks, Inc. Dynamic threat protection in mobile networks
KR101457086B1 (ko) 2012-11-30 2014-11-12 한국전자통신연구원 임베디드 시스템의 펌웨어 무결성 검증 장치 및 방법
KR102324336B1 (ko) 2015-03-20 2021-11-11 한국전자통신연구원 사용자 장치 및 그것에 대한 무결성 검증 방법
KR102522778B1 (ko) 2016-04-27 2023-04-19 한국전자통신연구원 분산 대리자 기반 무결성 검증을 수행하는 개별 기기, 그를 포함하는 개별 기기 무결성 검증 시스템 및 그 방법
WO2020000173A1 (en) * 2018-06-26 2020-01-02 Nokia Technologies Oy Method and apparatus for attestation
EP3871366B1 (en) 2018-10-23 2025-03-12 Visa International Service Association Validation service for account verification

Family Cites Families (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR2664768B1 (fr) * 1990-07-12 1994-04-01 Alain Charbonnier Regulation de la charge de stations fixes dans un reseau de radiocommunication cellulaire.
DE4101141C1 (enExample) * 1991-01-16 1992-07-02 Siemens Nixdorf Informationssysteme Ag, 4790 Paderborn, De
DE4419805A1 (de) * 1994-06-06 1995-12-07 Giesecke & Devrient Gmbh Verfahren zur Echtheitsprüfung eines Datenträgers
JP3393521B2 (ja) * 1995-10-19 2003-04-07 日本電信電話株式会社 端末プログラム改ざん検出方法、および情報センタ
US6445907B1 (en) * 1998-04-16 2002-09-03 Hughes Electronics Corporation Method and system for remote diagnostics of a satellite receiver
JP2001154840A (ja) * 1999-11-26 2001-06-08 Adores Inc プログラムの改変を認識するシステムおよびその方法
US6459894B1 (en) * 2000-02-22 2002-10-01 Motorola, Inc. Method and apparatus for assisting a user to find a communication resource of sufficient capacity
JP2001331214A (ja) * 2000-05-23 2001-11-30 Yokogawa Electric Corp 遠隔保守システム
US6745011B1 (en) * 2000-09-01 2004-06-01 Telephia, Inc. System and method for measuring wireless device and network usage and performance metrics
JP2002288136A (ja) * 2001-03-26 2002-10-04 Foundation For Nara Institute Of Science & Technology ユーザ情報管理装置、ユーザ情報管理方法、ユーザ情報管理プログラム及び同プログラムを記録した記録媒体
JP2003099142A (ja) * 2001-09-26 2003-04-04 Mitsubishi Electric Corp ソフトウェアのライセンス管理システム
JP2003124866A (ja) * 2001-10-11 2003-04-25 Nec Commun Syst Ltd 移動端末故障探索システム
JP2003131901A (ja) * 2001-10-25 2003-05-09 Ricoh Co Ltd 電子機器の診断システムおよびコンピュータが実行するためのプログラム
US7263351B2 (en) * 2002-07-01 2007-08-28 Qualcomm Incorporated Wireless network optimization through remote device data

Also Published As

Publication number Publication date
RU2354054C2 (ru) 2009-04-27
KR101041761B1 (ko) 2011-06-17
PE20050741A1 (es) 2005-10-18
TW200514382A (en) 2005-04-16
NZ545555A (en) 2008-01-31
JP2007505394A (ja) 2007-03-08
MXPA06002812A (es) 2006-06-14
BRPI0414228A (pt) 2006-10-31
US6973305B2 (en) 2005-12-06
RU2006111468A (ru) 2006-09-10
US20050059352A1 (en) 2005-03-17
WO2005026877A3 (en) 2005-07-21
CN1868153A (zh) 2006-11-22
KR20060119967A (ko) 2006-11-24
CA2539451A1 (en) 2005-03-24
IL173984A0 (en) 2006-07-05
WO2005026877A2 (en) 2005-03-24
EP1665590A4 (en) 2009-12-23
AU2004273429A1 (en) 2005-03-24
MY136940A (en) 2008-11-28
EP1665590A2 (en) 2006-06-07
JP2012141996A (ja) 2012-07-26
JP5591841B2 (ja) 2014-09-17
AR047718A1 (es) 2006-02-15

Similar Documents

Publication Publication Date Title
CN1868153B (zh) 用于确定设备完整性的方法和装置
US12120519B2 (en) Determining a security state based on communication with an authenticity server
CN101694688B (zh) 代码签字系统及方法
US9940454B2 (en) Determining source of side-loaded software using signature of authorship
EP1897074B1 (en) Apparatus and methods for detection and management of unauthorized executable instructions on a wireless device
KR101558715B1 (ko) 서버 결합된 멀웨어 방지를 위한 시스템 및 방법
CN100507907C (zh) 用于无线网络中的内容保护的方法和装置
KR20040028597A (ko) 테스트 인에이블된 애플리케이션 실행
EP2769327A1 (en) System and method for whitelisting applications in a mobile network environment
WO2013059131A1 (en) System and method for whitelisting applications in a mobile network environment
CN101513008A (zh) 在电信终端上实现安全性的系统
Sohr et al. Software security aspects of Java-based mobile phones
HK1096494A (en) Methods and apparatus for determining device integrity
Kukielka Evaluating the Effectiveness of Context-Based Security for Mobile Devices

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
REG Reference to a national code

Ref country code: HK

Ref legal event code: DE

Ref document number: 1096494

Country of ref document: HK

C14 Grant of patent or utility model
GR01 Patent grant
REG Reference to a national code

Ref country code: HK

Ref legal event code: WD

Ref document number: 1096494

Country of ref document: HK

CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20120808

Termination date: 20190817