SG11201803707PA - Method to verify the execution integrity of an application in a target device - Google Patents
Method to verify the execution integrity of an application in a target deviceInfo
- Publication number
- SG11201803707PA SG11201803707PA SG11201803707PA SG11201803707PA SG11201803707PA SG 11201803707P A SG11201803707P A SG 11201803707PA SG 11201803707P A SG11201803707P A SG 11201803707PA SG 11201803707P A SG11201803707P A SG 11201803707PA SG 11201803707P A SG11201803707P A SG 11201803707PA
- Authority
- SG
- Singapore
- Prior art keywords
- application
- international
- target device
- challenge
- function
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/577—Assessing vulnerabilities and evaluating computer system security
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/53—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/54—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computing Systems (AREA)
- Mobile Radio Communication Systems (AREA)
- Debugging And Monitoring (AREA)
- Storage Device Security (AREA)
- Stored Programmes (AREA)
- Measuring Or Testing Involving Enzymes Or Micro-Organisms (AREA)
Abstract
INTERNATIONAL APPLICATION PUBLISHED UNDER THE PATENT COOPERATION TREATY (PCT) (19) World Intellectual Property - Organization International Bureau ires.. 00) (43) International Publication Date ..... ..sr ,„,„. 26 May 2017(26.05.2017) WIPO I PCT (10) WO International 111111111111311111111111111111111111111111111111111111111111111111111311111111111111111 2017/085159 Publication Number Al (51) International Patent Classification: AO, AT, AU, AZ, BA, BB, GOOF 21/57 (2013.01) BZ, CA, CH, CL, CN, CO, DO, DZ, EC, EE, EG, ES, (21) International Application Number: HN HR HU ID IL, IN, PCT/EP2016/077932 KW, KZ, LA, LC, LK, LR, (22) International Filing Date: MG, MK, MN, MW, MX, MY, MZ, NA, NG, NI, NO, NZ, 17 November 2016 (17.11.2016) OM, PA, PE, PG, PH, PL, SC, SD, SE, SG, SK, SL, SM, ST, SV, SY, TH, TJ, TM, (25) Filing Language: English TN, TR, TT, TZ, UA, UG, (26) Publication Language: English ZW. (30) Priority Data: (84) Designated States (unless 15195379.1 19 November 2015 (19.11.2015) EP kind of regional protection GM, KE, LR, LS, MW, (71) Applicant: NAGRAVISION S.A. [CH/CH]; Route de TZ, UG, ZM, ZW), Eurasian GenOve 22-24, 1033 Cheseaux-sur-Lausanne (CH). TJ, TM), European (AL, (72) Inventor: WYSEUR, Brecht; Chemin des Vignettes 18, DK, EE, ES, FI, FR, GB, GR, HR, HU, IE, IS, IT, LT, LU, LV, MC, MK, MT, NL, 1305 Penthalaz (CH). SM, TR), OAPI (BF, BJ, (74) Agent: LEMAN CONSULTING S.A. 284; Chemin de GW, KM, ML, MR, NE, Precossy 31, 1260 Nyon (CH). Published: (81) Designated States (unless otherwise indicated, for every BG, BH, BN, BR, BW, BY, CR, CU, CZ, DE, DJ, DK, DM, FI, GB, GD, GE, GH, GM, GT, IR, IS JP KE KG KN KP KR, LS, LU, LY, MA, MD, ME, PT, QA, RO, RS, RU, RW, SA, US, UZ, VC, VN, ZA, ZM, otherwise indicated, for every available): ARIPO (BW, GH, MZ, NA, RW, SD, SL, ST, SZ, (AM, AZ, BY, KG, KZ, RU, AT, BE, BG, CH, CY, CZ, DE, NO, PL, PT, RO, RS, SE, SI, SK, CF, CG, CI, CM, GA, GN, GQ, SN, TD, TG). with international search report (Art 21(3)) kind of national protection available): AE, AG, AL, AM, (54) Title: METHOD TO VERIFY THE EXECUTION INTEGRITY OF AN APPLICATION IN A TARGET DEVICE HE TD VE RAF APP A 1 0 CH ii D E 4 II VE RAF APP F ig. 1 Il .4 t (57) : The present invention concerns the field of software verification, in particular to check whether the run-time integrity a \ in of a software application can be demonstrated. It is therefore proposed a method to verify, by a verification server, the execution in - 11 tegrity of an application in a target device wherein the verification server receives an application signature generated from run time l a n e application information on the target device, said signature being used to verify the execution integrity of the application in the target o device, said application comprising an array of blocks, each block producing a digest, thus producing an array of digests related to ---. the an - ay of blocks, comprising the steps of : - sending to the target device a message comprising a challenge and a first function, I N IN said first function defining an aggregation method, said challenge defining an aggregation instruction, - receiving an attestation from c:::, the target device, this attestation being generated by the target device by determining for each block, the corresponding digest for ei said block, aggregating the digests of the blocks according to the aggregation method of the first function and the challenge to pro - 0 duce the attestation related to the application, - applying a second function to the attestation by the verification server, said second function undoing the effect of the challenge thus producing an application signature independent of the challenge, - verifying the ex- ecution integrity of the application by comparing the produced application signature with a reference signature.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP15195379 | 2015-11-19 | ||
PCT/EP2016/077932 WO2017085159A1 (en) | 2015-11-19 | 2016-11-17 | Method to verify the execution integrity of an application in a target device |
Publications (1)
Publication Number | Publication Date |
---|---|
SG11201803707PA true SG11201803707PA (en) | 2018-06-28 |
Family
ID=54843588
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
SG11201803707PA SG11201803707PA (en) | 2015-11-19 | 2016-11-17 | Method to verify the execution integrity of an application in a target device |
Country Status (9)
Country | Link |
---|---|
US (2) | US10846409B2 (en) |
EP (1) | EP3378005B1 (en) |
KR (1) | KR102603797B1 (en) |
CN (1) | CN108292341B (en) |
BR (1) | BR112018010120B1 (en) |
ES (1) | ES2774487T3 (en) |
MX (1) | MX2018006204A (en) |
SG (1) | SG11201803707PA (en) |
WO (1) | WO2017085159A1 (en) |
Families Citing this family (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11790119B2 (en) * | 2018-11-16 | 2023-10-17 | Apple Inc. | Application integrity attestation |
KR102036618B1 (en) * | 2019-01-31 | 2019-10-28 | 주식회사그린존시큐리티 | Integrity vertfication chain for verifying integrity of device and method for verifying integrity of device using the same |
US11271721B2 (en) * | 2019-03-25 | 2022-03-08 | Micron Technology, Inc. | Distributed secure array using intra-dice communications to perform data attestation |
US11740970B2 (en) | 2020-03-02 | 2023-08-29 | Micron Technology, Inc. | Dynamic adjustment of data integrity operations of a memory system based on error rate classification |
US11221800B2 (en) | 2020-03-02 | 2022-01-11 | Micron Technology, Inc. | Adaptive and/or iterative operations in executing a read command to retrieve data from memory cells |
US11086572B1 (en) | 2020-03-02 | 2021-08-10 | Micron Technology, Inc. | Self adapting iterative read calibration to retrieve data from memory cells |
US12009034B2 (en) | 2020-03-02 | 2024-06-11 | Micron Technology, Inc. | Classification of error rate of data retrieved from memory cells |
US11029890B1 (en) | 2020-03-02 | 2021-06-08 | Micron Technology, Inc. | Compound feature generation in classification of error rate of data retrieved from memory cells |
US11081200B1 (en) | 2020-05-07 | 2021-08-03 | Micron Technology, Inc. | Intelligent proactive responses to operations to read data from memory cells |
US11257546B2 (en) | 2020-05-07 | 2022-02-22 | Micron Technology, Inc. | Reading of soft bits and hard bits from memory cells |
CN114760061B (en) * | 2020-12-29 | 2023-09-05 | 深信服科技股份有限公司 | Method, device, equipment and storage medium for uploading data |
Family Cites Families (23)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
NZ509018A (en) * | 1998-06-17 | 2002-06-28 | Aristocrat Technologies Au | Software verification and authentication |
US7581103B2 (en) * | 2001-06-13 | 2009-08-25 | Intertrust Technologies Corporation | Software self-checking systems and methods |
US7103779B2 (en) * | 2003-09-18 | 2006-09-05 | Apple Computer, Inc. | Method and apparatus for incremental code signing |
JP4064914B2 (en) * | 2003-12-02 | 2008-03-19 | インターナショナル・ビジネス・マシーンズ・コーポレーション | Information processing apparatus, server apparatus, method for information processing apparatus, method for server apparatus, and apparatus executable program |
US20050132031A1 (en) | 2003-12-12 | 2005-06-16 | Reiner Sailer | Method and system for measuring status and state of remotely executing programs |
US8688991B1 (en) * | 2007-06-01 | 2014-04-01 | Adobe Systems Incorporated | Media player embodiments and secure playlist packaging |
KR101495535B1 (en) * | 2007-06-22 | 2015-02-25 | 삼성전자주식회사 | Method and system for transmitting data through checking revocation of contents device and data server thereof |
KR101426270B1 (en) * | 2008-02-13 | 2014-08-05 | 삼성전자주식회사 | Method and apparatus for generating and verifying electronic signature of software, and computer readable medium thereof |
AU2009222007A1 (en) * | 2008-03-04 | 2009-09-11 | Apple Inc. | System and method of authorizing execution of software code based on accessible entitlements |
US20090300348A1 (en) * | 2008-06-02 | 2009-12-03 | Samsung Electronics Co., Ltd. | Preventing abuse of services in trusted computing environments |
CN102246179A (en) | 2008-10-10 | 2011-11-16 | 松下电器产业株式会社 | Using transient PCRs to realise trust in application space of a secure processing system |
US8544092B2 (en) * | 2009-03-12 | 2013-09-24 | International Business Machines Corporation | Integrity verification using a peripheral device |
US8213907B2 (en) | 2009-07-08 | 2012-07-03 | Uniloc Luxembourg S. A. | System and method for secured mobile communication |
EP2372592B1 (en) * | 2009-12-14 | 2016-08-24 | Nxp B.V. | integrated circuit and system for installing computer code thereon |
JP5443599B2 (en) * | 2009-12-22 | 2014-03-19 | インテル・コーポレーション | Method and apparatus for providing secure application execution |
EP2438511B1 (en) | 2010-03-22 | 2019-07-03 | LRDC Systems, LLC | A method of identifying and protecting the integrity of a set of source data |
EP2378452B1 (en) * | 2010-04-16 | 2012-12-19 | Thomson Licensing | Method, device and computer program support for verification of checksums for self-modified computer code |
US20120324557A1 (en) * | 2011-06-17 | 2012-12-20 | Raytheon Bbn Technologies Corp | System and method for remote integrity verification |
US9569618B2 (en) * | 2013-08-28 | 2017-02-14 | Korea University Research And Business Foundation | Server and method for attesting application in smart device using random executable code |
CN103810421B (en) * | 2014-02-19 | 2017-01-04 | 北京视博数字电视科技有限公司 | The method of calibration of application program, device and terminal unit |
CN103995992A (en) * | 2014-05-28 | 2014-08-20 | 全联斯泰克科技有限公司 | Method and device for protecting software |
US10936720B2 (en) * | 2015-07-10 | 2021-03-02 | Nec Corporation | Method and system for reliable computation of a program |
US20170068955A1 (en) * | 2015-09-04 | 2017-03-09 | Ca, Inc. | Verification and provisioning of mobile payment applications |
-
2016
- 2016-11-17 WO PCT/EP2016/077932 patent/WO2017085159A1/en active Application Filing
- 2016-11-17 SG SG11201803707PA patent/SG11201803707PA/en unknown
- 2016-11-17 ES ES16797889T patent/ES2774487T3/en active Active
- 2016-11-17 EP EP16797889.9A patent/EP3378005B1/en active Active
- 2016-11-17 MX MX2018006204A patent/MX2018006204A/en unknown
- 2016-11-17 CN CN201680067368.7A patent/CN108292341B/en active Active
- 2016-11-17 BR BR112018010120-6A patent/BR112018010120B1/en active IP Right Grant
- 2016-11-17 US US15/774,673 patent/US10846409B2/en active Active
- 2016-11-17 KR KR1020187014060A patent/KR102603797B1/en active IP Right Grant
-
2020
- 2020-11-17 US US17/099,814 patent/US11526616B1/en active Active
Also Published As
Publication number | Publication date |
---|---|
US11526616B1 (en) | 2022-12-13 |
WO2017085159A1 (en) | 2017-05-26 |
ES2774487T3 (en) | 2020-07-21 |
CN108292341A (en) | 2018-07-17 |
BR112018010120B1 (en) | 2023-12-05 |
KR20180084053A (en) | 2018-07-24 |
EP3378005A1 (en) | 2018-09-26 |
MX2018006204A (en) | 2018-08-01 |
EP3378005B1 (en) | 2020-01-08 |
US20180330098A1 (en) | 2018-11-15 |
BR112018010120A2 (en) | 2018-11-21 |
KR102603797B1 (en) | 2023-11-16 |
US10846409B2 (en) | 2020-11-24 |
CN108292341B (en) | 2022-03-29 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
SG11201803707PA (en) | Method to verify the execution integrity of an application in a target device | |
SG11201804807VA (en) | Computer architecture and method for modifying data intake parameters based on a predictive model | |
SG11201903141QA (en) | Business processing method and apparatus | |
SG11201904942YA (en) | Blockchain-based service execution method and apparatus, and electronic device | |
SG11201908288XA (en) | Configurable annotations for privacy-sensitive user content | |
SG11201906755VA (en) | Digital certificate management method, apparatus, and system | |
SG11201909946UA (en) | Logistic regression modeling scheme using secrete sharing | |
SG11201804696RA (en) | Techniques for metadata processing | |
SG11201906753UA (en) | Digital certificate management method and apparatus, and electronic device | |
SG11201804771WA (en) | Systems and methods for providing financial data to financial instruments in a distributed ledger system | |
SG11201903787YA (en) | Exploiting input data sparsity in neural network compute units | |
SG11201901550WA (en) | Method and apparatus for data processing | |
SG11201908336XA (en) | Smart plans | |
SG11201803742YA (en) | Method and system for processing of a blockchain transaction in a transaction processing network | |
SG11201809963XA (en) | Application framework using blockchain-based asset ownership | |
SG11201809115RA (en) | Implementing logic gate functionality using a blockchain | |
SG11201905461VA (en) | Data sealing with a sealing enclave | |
SG11201900116RA (en) | Communication flow for verification and identification check | |
SG11201905460SA (en) | Data unsealing with a sealing enclave | |
SG11201806653SA (en) | Systems and methods for providing identity scores | |
SG11201805390WA (en) | System and methods for auditing a virtual machine | |
SG11201902981RA (en) | Iot provisioning service | |
SG11201903631XA (en) | Neural network instruction set architecture | |
SG11201906418PA (en) | Blockchain-based data processing method and device | |
SG11201811009VA (en) | Blockchain-implemented method and system |