DE60200323D1 - Verfahren zum Schutz der Integrität von Programmen - Google Patents

Verfahren zum Schutz der Integrität von Programmen

Info

Publication number
DE60200323D1
DE60200323D1 DE60200323T DE60200323T DE60200323D1 DE 60200323 D1 DE60200323 D1 DE 60200323D1 DE 60200323 T DE60200323 T DE 60200323T DE 60200323 T DE60200323 T DE 60200323T DE 60200323 D1 DE60200323 D1 DE 60200323D1
Authority
DE
Germany
Prior art keywords
communication
integrity
modification
communication parties
detected
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
DE60200323T
Other languages
English (en)
Other versions
DE60200323T2 (de
Inventor
Frank Zisowski
Matthias Armgardt
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Soteres GmbH
Original Assignee
Soteres GmbH
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Soteres GmbH filed Critical Soteres GmbH
Application granted granted Critical
Publication of DE60200323D1 publication Critical patent/DE60200323D1/de
Publication of DE60200323T2 publication Critical patent/DE60200323T2/de
Anticipated expiration legal-status Critical
Expired - Fee Related legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
DE60200323T 2002-03-26 2002-03-26 Verfahren zum Schutz der Integrität von Programmen Expired - Fee Related DE60200323T2 (de)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
EP02006935A EP1349033B1 (de) 2002-03-26 2002-03-26 Verfahren zum Schutz der Integrität von Programmen

Publications (2)

Publication Number Publication Date
DE60200323D1 true DE60200323D1 (de) 2004-05-06
DE60200323T2 DE60200323T2 (de) 2005-02-24

Family

ID=27798808

Family Applications (1)

Application Number Title Priority Date Filing Date
DE60200323T Expired - Fee Related DE60200323T2 (de) 2002-03-26 2002-03-26 Verfahren zum Schutz der Integrität von Programmen

Country Status (9)

Country Link
US (1) US7228434B2 (de)
EP (1) EP1349033B1 (de)
JP (1) JP2005535945A (de)
AT (1) ATE263391T1 (de)
AU (1) AU2003219022A1 (de)
DE (1) DE60200323T2 (de)
ES (1) ES2218484T3 (de)
HK (1) HK1055486A1 (de)
WO (1) WO2003081397A2 (de)

Families Citing this family (66)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7331062B2 (en) * 2002-08-30 2008-02-12 Symantec Corporation Method, computer software, and system for providing end to end security protection of an online transaction
FR2857473B1 (fr) * 2003-07-11 2005-09-16 Oberthur Card Syst Sa Procede de securisation de l'execution d'un programme informatique, notamment dans une carte a microcircuit
US8832842B1 (en) * 2003-10-07 2014-09-09 Oracle America, Inc. Storage area network external security device
US7350079B2 (en) 2003-11-20 2008-03-25 International Business Machines Corporation Apparatus and method for inter-program authentication using dynamically-generated public/private key pairs
US7376970B2 (en) * 2004-02-20 2008-05-20 Microsoft Corporation System and method for proactive computer virus protection
US20050223993A1 (en) * 2004-04-08 2005-10-13 Blomiley Eric R Deposition apparatuses; methods for assessing alignments of substrates within deposition apparatuses; and methods for assessing thicknesses of deposited layers within deposition apparatuses
GB2435761B (en) * 2004-09-21 2009-07-08 Snapin Software Inc Secure software such as for use with a cell phone or mobile device
US8015595B2 (en) * 2004-09-23 2011-09-06 Igt Methods and apparatus for negotiating communications within a gaming network
US8156488B2 (en) * 2004-10-20 2012-04-10 Nokia Corporation Terminal, method and computer program product for validating a software application
DE112005002845T5 (de) * 2004-11-12 2007-12-13 Discretix Technologies Ltd. Verfahren, Vorrichtung und System zur sicheren Datenspeicherung
US7827608B2 (en) * 2005-02-08 2010-11-02 International Business Machines Corporation Data leak protection system, method and apparatus
US20060195689A1 (en) * 2005-02-28 2006-08-31 Carsten Blecken Authenticated and confidential communication between software components executing in un-trusted environments
US20060236100A1 (en) * 2005-04-19 2006-10-19 Guruprasad Baskaran System and method for enhanced layer of security to protect a file system from malicious programs
US8015415B1 (en) * 2005-05-31 2011-09-06 Adobe Systems Incorporated Form count licensing
EP1891520B1 (de) * 2005-06-07 2017-09-13 VMware, Inc. Einschränkungsinjektionssystem zum immunisieren von softwareprogrammen gegen anfälligkeiten und attacken
US8984636B2 (en) 2005-07-29 2015-03-17 Bit9, Inc. Content extractor and analysis system
US7895651B2 (en) 2005-07-29 2011-02-22 Bit 9, Inc. Content tracking in a network security system
US8272058B2 (en) 2005-07-29 2012-09-18 Bit 9, Inc. Centralized timed analysis in a network security system
ATE374478T1 (de) * 2005-08-05 2007-10-15 Sap Ag System und verfahren für das erneuern von schlüsseln, welche in public-key kryptographie genutzt werden
US7647636B2 (en) * 2005-08-24 2010-01-12 Microsoft Corporation Generic RootKit detector
US8219829B2 (en) * 2005-12-08 2012-07-10 Intel Corporation Scheme for securing locally generated data with authenticated write operations
WO2007089786A2 (en) * 2006-01-30 2007-08-09 Sudhakar Govindavajhala Identifying unauthorized privilege escalations
US8510596B1 (en) 2006-02-09 2013-08-13 Virsec Systems, Inc. System and methods for run time detection and correction of memory corruption
US8443354B1 (en) * 2006-03-29 2013-05-14 Symantec Corporation Detecting new or modified portions of code
US20080034350A1 (en) * 2006-04-05 2008-02-07 Conti Gregory R System and Method for Checking the Integrity of Computer Program Code
US20080022378A1 (en) * 2006-06-21 2008-01-24 Rolf Repasi Restricting malicious libraries
CN101410847B (zh) * 2006-06-30 2011-11-09 国际商业机器公司 在移动设备处的消息处理方法以及移动设备和智能卡
US8010995B2 (en) 2006-09-08 2011-08-30 International Business Machines Corporation Methods, systems, and computer program products for implementing inter-process integrity serialization
US20100093396A1 (en) * 2006-10-03 2010-04-15 Brian Roundtree Systems and methods for storing or performing functions within removable memory, such as a subscriber identity module of a mobile device
US20080134321A1 (en) * 2006-12-05 2008-06-05 Priya Rajagopal Tamper-resistant method and apparatus for verification and measurement of host agent dynamic data updates
US8126506B2 (en) * 2007-02-14 2012-02-28 Nuance Communications, Inc. System and method for securely managing data stored on mobile devices, such as enterprise mobility data
US8375219B2 (en) * 2007-10-24 2013-02-12 Microsoft Corporation Program and operation verification
US8250475B2 (en) * 2007-12-14 2012-08-21 International Business Machines Corporation Managing icon integrity
JP5050893B2 (ja) * 2008-02-08 2012-10-17 大日本印刷株式会社 Icカードへの攻撃検知方法、icカードおよびicカード用プログラム
US7921195B2 (en) * 2008-06-09 2011-04-05 International Business Machines Corporation Optimizing service processing based on business information, operational intelligence, and self-learning
DE102008046639B4 (de) 2008-09-09 2011-02-24 Adrian Dr. Spalka Verfahren zur Bereitstellung mindestens einer Leistung über ein Serversystem
JP5255991B2 (ja) * 2008-10-24 2013-08-07 株式会社日立製作所 情報処理装置、及びコンピュータプログラム
EP2278514B1 (de) * 2009-07-16 2018-05-30 Alcatel Lucent System und Verfahren zur Bereitstellung von sicheren virtuellen Maschinen
KR101047884B1 (ko) * 2009-08-11 2011-07-08 주식회사 안철수연구소 가상 환경을 이용한 데이터 보호 방법과 장치 및 이 방법을 수행하는 프로그램이 기록된 컴퓨터로 읽을 수 있는 기록매체
JP5440053B2 (ja) * 2009-09-14 2014-03-12 ソニー株式会社 情報処理装置及び情報処理方法、並びにコンピューター・プログラム
KR101089157B1 (ko) * 2010-03-05 2011-12-02 주식회사 안철수연구소 클라이언트 가상화를 이용한 서버의 논리적 망분리 시스템 및 방법
US9098333B1 (en) 2010-05-07 2015-08-04 Ziften Technologies, Inc. Monitoring computer process resource usage
US8904189B1 (en) 2010-07-15 2014-12-02 The Research Foundation For The State University Of New York System and method for validating program execution at run-time using control flow signatures
RU2449348C1 (ru) * 2010-11-01 2012-04-27 Закрытое акционерное общество "Лаборатория Касперского" Система и способ для антивирусной проверки на стороне сервера скачиваемых из сети данных
US20130061328A1 (en) * 2011-09-06 2013-03-07 Broadcom Corporation Integrity checking system
KR101295428B1 (ko) * 2011-09-09 2013-08-23 주식회사 팬택 스마트 단말기에서 어플리케이션의 권한정보 관리 장치 및 제어 방법
JP5964077B2 (ja) 2012-02-27 2016-08-03 三菱重工業株式会社 制御プログラム管理システム、及び制御プログラムの変更方法
WO2014046974A2 (en) 2012-09-20 2014-03-27 Case Paul Sr Case secure computer architecture
DE102013201937A1 (de) * 2013-02-06 2014-08-07 Areva Gmbh Vorrichtung und Verfahren zur Erkennung von unbefugten Manipulationen des Systemzustandes einer Steuer- und Regeleinheit einer kerntechnischen Anlage
EP2979214A4 (de) * 2013-03-28 2016-11-30 Irdeto Bv Erkennung von ausnutzungen einer softwareanwendung
EP3044719B1 (de) 2013-09-12 2019-08-28 Virsec Systems Inc. Automatisierte laufzeiterkennung von malware
AU2015279920B2 (en) 2014-06-24 2018-03-29 Virsec Systems, Inc. Automated root cause analysis of single or N-TIERED applications
CA2953793C (en) 2014-06-24 2021-10-19 Virsec Systems, Inc. System and methods for automated detection of input and output validation and resource management vulnerability
ES2905268T3 (es) 2014-07-30 2022-04-07 Siemens Ag Protección de un componente de automatización contra manipulaciones de programa mediante coincidencia de firmas
US9398019B2 (en) * 2014-08-07 2016-07-19 Vmware, Inc. Verifying caller authorization using secret data embedded in code
US9411979B2 (en) 2014-08-07 2016-08-09 Vmware, Inc. Embedding secret data in code
US10922402B2 (en) 2014-09-29 2021-02-16 Vmware, Inc. Securing secret data embedded in code against compromised interrupt and exception handlers
US9449189B1 (en) 2015-11-03 2016-09-20 International Business Machines Corporation Protection of state data in computer system code
KR102419574B1 (ko) 2016-06-16 2022-07-11 버섹 시스템즈, 인코포레이션 컴퓨터 애플리케이션에서 메모리 손상을 교정하기 위한 시스템 및 방법
DE102016219848A1 (de) * 2016-10-12 2018-04-12 Siemens Aktiengesellschaft Verfahren und Vorrichtung zum Bereitstellen einer gesicherten Kommunikation innerhalb eines echtzeitfähigen Kommunikationsnetzwerkes
WO2020010515A1 (en) * 2018-07-10 2020-01-16 Apple Inc. Identity-based message integrity protection and verification for wireless communication
JP7105640B2 (ja) 2018-07-10 2022-07-25 キヤノン株式会社 画像処理装置、その制御方法、及びプログラム
US20220327203A1 (en) * 2019-09-27 2022-10-13 Nec Corporation Whitelist generation apparatus, whitelist generation method, and non-transitory computer readable medium storing program
WO2022140400A1 (en) * 2020-12-22 2022-06-30 Protectedby.Ai, Inc. System and method for securing computer code using dynamically generated digital signatures
EP4309061A1 (de) * 2021-03-19 2024-01-24 Lexmark International, Inc. Abgleichung der berechnung einer sicherheitsvorrichtung
CN113886862B (zh) * 2021-12-06 2022-04-15 粤港澳大湾区数字经济研究院(福田) 一种可信计算系统及基于可信计算系统的资源处理方法

Family Cites Families (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US4104721A (en) * 1976-12-30 1978-08-01 International Business Machines Corporation Hierarchical security mechanism for dynamically assigning security levels to object programs
US4310720A (en) * 1978-03-31 1982-01-12 Pitney Bowes Inc. Computer accessing system
US4328542A (en) * 1979-11-07 1982-05-04 The Boeing Company Secure implementation of transition machine computer
US4494114B1 (en) * 1983-12-05 1996-10-15 Int Electronic Tech Security arrangement for and method of rendering microprocessor-controlled electronic equipment inoperative after occurrence of disabling event
US4609777A (en) * 1984-02-22 1986-09-02 Gordian Systems, Inc. Solid state key for controlling access to computer software
US5343527A (en) * 1993-10-27 1994-08-30 International Business Machines Corporation Hybrid encryption method and system for protecting reusable software components
JPH07230380A (ja) * 1994-02-15 1995-08-29 Internatl Business Mach Corp <Ibm> 適用業務プログラムの利用管理方法およびシステム
US5638443A (en) * 1994-11-23 1997-06-10 Xerox Corporation System for controlling the distribution and use of composite digital works
CA2225805C (en) * 1995-06-29 2002-11-12 Allan E. Alcorn Electronic casino gaming system with improved play capacity, authentication and security
US5818939A (en) * 1996-12-18 1998-10-06 Intel Corporation Optimized security functionality in an electronic system
US6463535B1 (en) * 1998-10-05 2002-10-08 Intel Corporation System and method for verifying the integrity and authorization of software before execution in a local platform

Also Published As

Publication number Publication date
US20030188174A1 (en) 2003-10-02
ES2218484T3 (es) 2004-11-16
ATE263391T1 (de) 2004-04-15
WO2003081397A3 (en) 2004-09-23
JP2005535945A (ja) 2005-11-24
DE60200323T2 (de) 2005-02-24
EP1349033B1 (de) 2004-03-31
EP1349033A1 (de) 2003-10-01
HK1055486A1 (en) 2004-01-09
AU2003219022A1 (en) 2003-10-08
WO2003081397A2 (en) 2003-10-02
US7228434B2 (en) 2007-06-05

Similar Documents

Publication Publication Date Title
DE60200323D1 (de) Verfahren zum Schutz der Integrität von Programmen
JP4373442B2 (ja) コンピュータ・プログラムをシールする方法、コンピュータ・プログラムを認証する方法、及び、コンピュータ可読媒体
Dwoskin et al. Hardware-rooted trust for secure key management and transient trust
CN102855274B (zh) 一种可疑进程检测的方法和装置
US8285999B1 (en) System and method for authenticating remote execution
US8032940B1 (en) Method and system for generating and employing a secure integrated development environment
EP3455764B1 (de) Verfahren und vorrichtung zur dynamischen ausführbaren verifizierung
CN104991526B (zh) 工业控制系统安全支撑框架及其数据安全传输和存储方法
US7325126B2 (en) System and method for distributed module authentication
US7607122B2 (en) Post build process to record stack and call tree information
WO2015053509A1 (ko) 동적 라이브러리를 보호하는 방법 및 장치
JP2006511877A (ja) ソフトウェアの改ざんを事前に対処することによって検出するためのシステムおよび方法
Chang et al. A blind dynamic fingerprinting technique for sequential circuit intellectual property protection
CN105653905A (zh) 一种基于api安全属性隐藏与攻击威胁监控的软件保护方法
Main et al. Software protection and application security: Understanding the battleground
US7562214B2 (en) Data processing systems
CN108270574A (zh) 一种白名单库文件的安全加载方法及装置
CN110837634A (zh) 基于硬件加密机的电子签章方法
CN116579006B (zh) 一种关键数据销毁方法、系统及电子设备
CN103368926A (zh) 一种防止文件篡改的方法和防止文件篡改的装置
Al-Wosabi et al. Framework for software tampering detection in embedded systems
CN106778286A (zh) 一种用于检测服务器硬件是否被攻击的系统及方法
Bloom et al. Fab forensics: Increasing trust in IC fabrication
Genç et al. Dual-use Research in Ransomware Attacks: A Discussion on Ransomware Defence Intelligence
Suciu et al. Droidsentry: Efficient code integrity and control flow verification on trustzone devices

Legal Events

Date Code Title Description
8364 No opposition during term of opposition
8339 Ceased/non-payment of the annual fee