WO2014088395A1 - A system and method for establishing trustworthiness of an application - Google Patents
A system and method for establishing trustworthiness of an application Download PDFInfo
- Publication number
- WO2014088395A1 WO2014088395A1 PCT/MY2013/000215 MY2013000215W WO2014088395A1 WO 2014088395 A1 WO2014088395 A1 WO 2014088395A1 MY 2013000215 W MY2013000215 W MY 2013000215W WO 2014088395 A1 WO2014088395 A1 WO 2014088395A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- application
- module
- integrity
- code
- interceptor
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
Definitions
- the present invention relates to a system and method for establishing trustworthiness of an application.
- the system and method of the invention employ an interceptor module adapted to intercept the application, the interceptor module being in communication with a secure container within which properties of the application, such as executable code, may be verified.
- IDSs Software integrity checking systems used in Integrity Detection Systems (IDSs) are capable of detecting any changes in applications or attempts of malicious codes during execution processes. Unfortunately, such systems do not prevent any malicious code from infecting the system. IDSs, such as Integrity Measurement Architecture (IMA), are designed to be able to convince a remote party that a system's platform is running in accordance with a set of known and approved executables. In other words, the remote party can determine the system's trustworthiness by measuring the integrity of a program on the platform. The integrity of a program is a binary property that indicates whether the program has been modified in an unauthorized manner, such as by malicious software. However, IDSs cannot prevent the malicious software from infecting the system as they are only capable of detecting the malicious software after it has infected the system.
- IMA Integrity Measurement Architecture
- the present invention relates to a system and method for establishing trustworthiness of an application.
- the system and method of the invention employ an interceptor module adapted to intercept the application, the interceptor module being in communication with a secure container within which properties of the application, such as executable code, may be verified.
- One aspect of the present invention provides a system (10) for establishing trustworthiness of an application comprising at least one trusted host platform (12); at least one interceptor module (14) associated with the trusted host platform (12); at least one secure container (16) in communication with the interceptor module (14), the secure container (16) being embedded with a formal proof code module (18); and at least one integrity detection system (20) in communication with the interceptor module (14).
- the interceptor module (14) is provided with means for intercepting the application to hold the executable process of the application and communicate executable code of the application to said secure container (16), and in that the formal proof code module (18) is provided with means for checking and verifying the executable code to determine trustworthiness of the application.
- the said secure container (16) is only visible to said interceptor module (14).
- Another aspect of the present invention provides a system (10) wherein the interceptor module (14) is adapted to allow the integrity detection system (20) access to the secure container (16) to conduct an initial check of the integrity of the application.
- a further aspect of the invention provides a system (10) wherein the formal proof code module (18) comprises proof carrying code for checking and verifying vulnerabilities of code and properties of application.
- Another aspect of the present invention provides a method (100) for establishing trustworthiness of an application. The method comprising steps of intercepting the application with at least one interceptor module (102) to hold the executable process of the application; opening access control permission of at least one secure container which is only visible to the interceptor module (103); communicating executable code of said application to at least one secure container in communication with the interceptor module (104); allowing an integrity detection system access to the secure container (105) and conducting an initial check of the integrity of the application (106); and verifying vulnerabilities of the executable code with a formal proof code module embedded in the secure chamber (110).
- the method for allowing at least one integrity detection system access to said secure container further comprising conducting initial check to identify integrity measurement of said application wherein formal proof code module checks and verifies executable code to determine trustworthiness of said application.
- a further aspect of the invention provides a method (200) wherein if the integrity detection system successfully identifies an integrity measurement of the application, the method comprises communicating success status from the integrity detection system to the interceptor module (107); releasing the executable process of the application from the interceptor module (108); and resuming execution process of said application (109).
- Another aspect of the invention provides a method (200) wherein if said formal proof code module identifies that the application does not have vulnerabilities, the method comprises communicating success status from the formal proof code module to the interceptor module (111); through the interceptor module, instructing the integrity detection system to generate a new integrity measurement for the application and append the new integrity measurement to integrity measurements listed by the integrity detection system (112); releasing the executable process of the application from the interceptor module (108); and resuming said executable process of said application.
- a further aspect of the invention provides a method (200) wherein if the formal proof code module identifies that the application has vulnerabilities, the method comprises communicating failure status from the formal proof code module to the interceptor module (113); and halting said application (114).
- FIG. 1.0 illustrates the system of an embodiment of the invention.
- FIG. 2.0 illustrates process flow of a method of and embodiment of the invention.
- FIG. 3.0 illustrates continued process flow of the method of Figure 2.0.
- the present invention provides a system and method for establishing trustworthiness of an application.
- the system and method of the invention employ an interceptor module adapted to intercept the application, the interceptor module being in communication with a secure container within which properties of the application, such as executable code, may be verified.
- Figure 1.0 illustrates the diagram of system architecture according to various embodiments of the invention which include an Interceptor Module (IM) (14), Secure Container (SC) (16), Formal Proof Code Module (FPCM) (18), Integrity Detection System (IDS) (20) and Trusted Component (TC) (12).
- IM Interceptor Module
- SC Secure Container
- FPCM Formal Proof Code Module
- IDS Integrity Detection System
- TC Trusted Component
- the IM (14) is secured and trustworthy using an IDS (20) validation.
- the main function of the trusted IM (14) is to intercept all applications during application start-up to hold the executable process.
- the IM (14) then issues permission for the SC (16) to pass the signal of the application to the FPCM (18).
- the IM (14) permits the IDS (20) to access the SC (16).
- the SC (16) is only visible to the IM (14) and access is controlled by the IM (14).
- the SC (16) is embedded with the FPCM (18).
- the FPCM (18) is used to check and verify the application's executable code and whether it is compromised of not.
- the FPCM (18) contains algorithms, such as Proof Carrying Code (PCC), and generates reports based on the status of the application's executable code.
- PCC Proof Carrying Code
- the FPCM (18) then sends the status with or without report to the IM (14) to further process the application.
- the process of this embodiment of the invention begins with an application request to execute (101).
- the trusted IM intercepts all of the application's executable process (102).
- the IM then opens access control permission of the SC which is only visible in the IM (103).
- the IM passes the signal to the FPCM by redirecting the application's process execution to the SC (104).
- the IM also allows the IDS to access the SC (105). Since the IDS receives permission to run in the SC, firstly, the IDS checks for an existing integrity measurement of the application (106).
- Figure 3.0 illustrates the continuing process of Figure 2.0, based on whether there are any integrity measurements of the application held in the IDS list (process from 107-114).
- process step 107 if the integrity measurement of the application exists, then the IDS sends success status to the IM. The IM then releases the application's executable process (108). After that, the application can resume its normal execution process (109).
- Process step 110 starts if no integrity measurements of the application exist in the IDS list. In this situation, the IM instructs the FPCM to start its process.
- the FPCM runs its algorithms, such as Proof Carrying Code (PCC), to check and verify vulnerabilities of the application's code and properties. If the application is clean from vulnerabilities (i.e.
- PCC Proof Carrying Code
- the FPCM sends success status to the IM (111). While the IM receives the status, it instructs the IDS to generate integrity measurements of the application. The IDS performs the process and appends it list by storing the new integrity measurement of the application (112). The process 108 to 109 has then been performed. However, if the application has vulnerabilities the FPCM generates a report. It then sends failed status and the report to the IM (113). Based on the failed status, the IM halts the application request and emails the report (114).
- the Secure Container used in the invention may be accessed faster compared with a virtualization based container which is dependent on a virtualization system.
- This invention needs only a single based container and easy to manage compared to multiple-based container.
- the FPCM in this invention only needs to verify unidentified applications while other applications are easily verified by the IDS. 5) Integrity of the interceptor module is monitored by the IDS and which is stored in a tamper-resistant chip.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Virology (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Multi Processors (AREA)
- Storage Device Security (AREA)
Abstract
A system (10) for establishing trustworthiness of an application is provided. The system comprises: a trusted host platform (12); an interceptor module (14) associated with said trusted host platform (12); a secure container (16) in communication with said interceptor module(14), said secure container (16) being embedded with a formal proof code module(18); and an integrity detection system (20) in communication with said interceptor module (14); characterised in that said interceptor module (14) is provided with means for intercepting said application to hold the executable process of the application and communicate executable code of said application to said secure container (16), and in that said formal proof code module (18) is provided with means for checking and verifying said executable code to determine trustworthiness of said application.
Description
A SYSTEM AND METHOD FOR ESTABLISHING TRUSTWORTHINESS OF AN
APPLICATION
FIELD OF INVENTION
The present invention relates to a system and method for establishing trustworthiness of an application. In particular, the system and method of the invention employ an interceptor module adapted to intercept the application, the interceptor module being in communication with a secure container within which properties of the application, such as executable code, may be verified.
BACKGROUND ART
Software integrity checking systems used in Integrity Detection Systems (IDSs) are capable of detecting any changes in applications or attempts of malicious codes during execution processes. Unfortunately, such systems do not prevent any malicious code from infecting the system. IDSs, such as Integrity Measurement Architecture (IMA), are designed to be able to convince a remote party that a system's platform is running in accordance with a set of known and approved executables. In other words, the remote party can determine the system's trustworthiness by measuring the integrity of a program on the platform. The integrity of a program is a binary property that indicates whether the program has been modified in an unauthorized manner, such as by malicious software. However, IDSs cannot prevent the malicious software from infecting the system as they are only capable of detecting the malicious software after it has infected the system.
The subject matter claimed herein is not limited to embodiments that solve any disadvantages or that operate only in environments such as those described above. Rather, this background is only provided to illustrate one exemplary technology area where some embodiments described herein may be practice.
SUMMARY OF INVENTION
The present invention relates to a system and method for establishing trustworthiness of an application. In particular, the system and method of the invention employ an interceptor module adapted to intercept the application, the interceptor module being in communication with a secure container within which properties of the application, such as executable code, may be verified.
One aspect of the present invention provides a system (10) for establishing trustworthiness of an application comprising at least one trusted host platform (12); at least one interceptor module (14) associated with the trusted host platform (12); at least one secure container (16) in communication with the interceptor module (14), the secure container (16) being embedded with a formal proof code module (18); and at least one integrity detection system (20) in communication with the interceptor module (14). The interceptor module (14) is provided with means for intercepting the application to hold the executable process of the application and communicate executable code of the application to said secure container (16), and in that the formal proof code module (18) is provided with means for checking and verifying the executable code to determine trustworthiness of the application. The said secure container (16) is only visible to said interceptor module (14).
Another aspect of the present invention provides a system (10) wherein the interceptor module (14) is adapted to allow the integrity detection system (20) access to the secure container (16) to conduct an initial check of the integrity of the application.
A further aspect of the invention provides a system (10) wherein the formal proof code module (18) comprises proof carrying code for checking and verifying vulnerabilities of code and properties of application. Another aspect of the present invention provides a method (100) for establishing trustworthiness of an application. The method comprising steps of intercepting the application with at least one interceptor module (102) to hold the executable process of the application; opening access control permission of at least one secure container which is only visible to the interceptor module (103); communicating executable code of
said application to at least one secure container in communication with the interceptor module (104); allowing an integrity detection system access to the secure container (105) and conducting an initial check of the integrity of the application (106); and verifying vulnerabilities of the executable code with a formal proof code module embedded in the secure chamber (110). The method for allowing at least one integrity detection system access to said secure container further comprising conducting initial check to identify integrity measurement of said application wherein formal proof code module checks and verifies executable code to determine trustworthiness of said application.
A further aspect of the invention provides a method (200) wherein if the integrity detection system successfully identifies an integrity measurement of the application, the method comprises communicating success status from the integrity detection system to the interceptor module (107); releasing the executable process of the application from the interceptor module (108); and resuming execution process of said application (109).
Another aspect of the invention provides a method (200) wherein if said formal proof code module identifies that the application does not have vulnerabilities, the method comprises communicating success status from the formal proof code module to the interceptor module (111); through the interceptor module, instructing the integrity detection system to generate a new integrity measurement for the application and append the new integrity measurement to integrity measurements listed by the integrity detection system (112); releasing the executable process of the application from the interceptor module (108); and resuming said executable process of said application.
A further aspect of the invention provides a method (200) wherein if the formal proof code module identifies that the application has vulnerabilities, the method comprises communicating failure status from the formal proof code module to the interceptor module (113); and halting said application (114).
The present invention consists of features and a combination of parts hereinafter fully described and illustrated in the accompanying drawings, it being understood that various
changes in the details may be made without departing from the scope of the invention sacrificing any of the advantages of the present invention.
BRIEF DESCRIPTION OF ACCOMPANYING DRAWINGS
To further clarify various aspects of some embodiments of the present invention, a more particular description of the invention will be rendered by references to specific embodiments thereof, which are illustrated in the appended drawings. It is appreciated that these drawings depict only typical embodiments of the invention and are therefore not to be considered limiting of its scope. The invention will be described and explained with additional specificity and detail through the accompanying drawings in which:
FIG. 1.0 illustrates the system of an embodiment of the invention.
FIG. 2.0 illustrates process flow of a method of and embodiment of the invention.
FIG. 3.0 illustrates continued process flow of the method of Figure 2.0.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
The present invention provides a system and method for establishing trustworthiness of an application. In particular, the system and method of the invention employ an interceptor module adapted to intercept the application, the interceptor module being in communication with a secure container within which properties of the application, such as executable code, may be verified.
Hereinafter, this specification will describe the present invention according to the preferred embodiments. It is to be understood that limiting the description to the preferred embodiments of the invention is merely to facilitate discussion of the present invention and it is envisioned without departing from the scope of the appended claims.
Figure 1.0 illustrates the diagram of system architecture according to various embodiments of the invention which include an Interceptor Module (IM) (14), Secure Container (SC) (16), Formal Proof Code Module (FPCM) (18), Integrity Detection System (IDS) (20) and Trusted Component (TC) (12).
The IM (14) is secured and trustworthy using an IDS (20) validation. The main function of the trusted IM (14) is to intercept all applications during application start-up to hold the executable process. The IM (14) then issues permission for the SC (16) to pass the signal of the application to the FPCM (18). At the same time, the IM (14) permits the IDS (20) to access the SC (16). The SC (16) is only visible to the IM (14) and access is controlled by the IM (14). The SC (16) is embedded with the FPCM (18). The FPCM (18) is used to check and verify the application's executable code and whether it is compromised of not. The FPCM (18) contains algorithms, such as Proof Carrying Code (PCC), and generates reports based on the status of the application's executable code. The FPCM (18) then sends the status with or without report to the IM (14) to further process the application.
Referring to Figure 2.0, the process of this embodiment of the invention begins with an application request to execute (101). The trusted IM intercepts all of the application's executable process (102). The IM then opens access control permission of the SC
which is only visible in the IM (103). After the IM enables access to the SC, it passes the signal to the FPCM by redirecting the application's process execution to the SC (104). At the same time, the IM also allows the IDS to access the SC (105). Since the IDS receives permission to run in the SC, firstly, the IDS checks for an existing integrity measurement of the application (106).
Figure 3.0 illustrates the continuing process of Figure 2.0, based on whether there are any integrity measurements of the application held in the IDS list (process from 107-114). In accordance with process step 107, if the integrity measurement of the application exists, then the IDS sends success status to the IM. The IM then releases the application's executable process (108). After that, the application can resume its normal execution process (109). Process step 110 starts if no integrity measurements of the application exist in the IDS list. In this situation, the IM instructs the FPCM to start its process. The FPCM runs its algorithms, such as Proof Carrying Code (PCC), to check and verify vulnerabilities of the application's code and properties. If the application is clean from vulnerabilities (i.e. is trustworthy), the FPCM sends success status to the IM (111). While the IM receives the status, it instructs the IDS to generate integrity measurements of the application. The IDS performs the process and appends it list by storing the new integrity measurement of the application (112). The process 108 to 109 has then been performed. However, if the application has vulnerabilities the FPCM generates a report. It then sends failed status and the report to the IM (113). Based on the failed status, the IM halts the application request and emails the report (114).
Some advantages of various embodiments of the invention are:
1) The prevention of any malicious code attempting to attack the host platform.
2) The Secure Container used in the invention may be accessed faster compared with a virtualization based container which is dependent on a virtualization system.
3) This invention needs only a single based container and easy to manage compared to multiple-based container.
4) The FPCM in this invention only needs to verify unidentified applications while other applications are easily verified by the IDS.
5) Integrity of the interceptor module is monitored by the IDS and which is stored in a tamper-resistant chip.
Unless the context requires otherwise or specifically stated to the contrary, integers, steps or elements of the invention recited herein as singular integers, steps or elements clearly encompass both singular and plural forms of the recited integers, steps or elements.
Throughout this specification, unless the context requires otherwise, the word "comprise", or variations such as "comprises" or "comprising", will be understood to imply the inclusion of a stated step or element or integer or group of steps or elements or integers, but not the exclusion of any other step or element or integer or group of steps, elements or integers. Thus, in the context of this specification, the term "comprising" is used in an inclusive sense and thus should be understood as meaning "including principally, but not necessarily solely".
It will be appreciated that the foregoing description has been given by way of illustrative example of the invention and that all such modifications and variations thereto as would be apparent to persons of skill in the art are deemed to fall within the broad scope and ambit of the invention as herein set forth.
Claims
1. A system (10) for establishing trustworthiness of an application comprising:
at least one trusted host platform (12);
at least one interceptor module (14) associated with said trusted host platform (12);
at least one secure container (16) in communication with said interceptor module(14); and
at least one integrity detection system (20) in communication with said interceptor module (14);
characterised in that said interceptor module (14) is provided for intercepting said application to hold the executable process of the application and communicate executable code of said application to said secure container (16).
2. A system (10) according to claim 1 , wherein said secure container (16) is only visible to said interceptor module (14).
3. A system (10) according to claim 1 , wherein said interceptor module (14) is adapted to allow said integrity detection system (20) access to said secure container (16) to conduct an initial check of the integrity of the application.
4. A system (10) according to claim 1 , wherein said secure container is further embedded with at least one formal proof code module (18) wherein said formal proof code module (18) is provided with means for checking and verifying said executable code to determine trustworthiness of said application.
5. A system (10) according to claim 4, wherein said formal proof code module (18) further comprises at least one proof carrying code for checking and verifying vulnerabilities of code and properties of said application.
6. A method (100) for establishing trustworthiness of an application comprising:
intercepting application with at least one interceptor module (102) to hold the executable process of said application;
opening access control permission of at least one secure container which is only visible to said interceptor module (103);
communicating executable code of said application to at least one secure container in communication with said interceptor module (104);
allowing at least one integrity detection system access to said secure container (105) and conducting an initial check of the integrity of the application (106); and
checking and verifying vulnerabilities of said executable code with a formal proof code module embedded in said secure chamber (110) characterized in that
conducting an initial check of the integrity of the application (106) further comprises checking and verifying executable code utilizing formal proof code module to determine trustworthiness of said application.
A method (200) according to claim 5, wherein if said integrity detection system successfully identifies an integrity measurement of said application, said method comprises:
communicating success status from said integrity detection system to said interceptor module (107);
releasing said executable process of said application from said interceptor module (108); and
resuming execution process of said application ( 09).
A method (200) according to claim 5, wherein if said formal proof code module identifies that the application does not have vulnerabilities, said method comprises:
communicating success status from said formal proof code module to said interceptor module (111);
through said interceptor module, instructing said integrity detection system to generate a new integrity measurement for said application and append said new integrity measurement to integrity measurements listed by said integrity detection system (112);
releasing said executable process of the application from said interceptor module (108); and
resuming said executable process of said application (109).
A method (200) according to claim 5, wherein if said formal proof code module identifies that the application has vulnerabilities, said method comprises:
communicating failure status from said formal proof code module to said interceptor module (113); and
halting said application (114).
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
MYPI2012005264A MY188366A (en) | 2012-12-05 | 2012-12-05 | A system and method for establishing trustworthiness of an application |
MYPI2012005264 | 2012-12-05 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2014088395A1 true WO2014088395A1 (en) | 2014-06-12 |
Family
ID=50029180
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/MY2013/000215 WO2014088395A1 (en) | 2012-12-05 | 2013-11-29 | A system and method for establishing trustworthiness of an application |
Country Status (2)
Country | Link |
---|---|
MY (1) | MY188366A (en) |
WO (1) | WO2014088395A1 (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105138904A (en) * | 2015-08-25 | 2015-12-09 | 华为技术有限公司 | Access control method and device |
US10853090B2 (en) * | 2018-01-22 | 2020-12-01 | Hewlett Packard Enterprise Development Lp | Integrity verification of an entity |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6092194A (en) * | 1996-11-08 | 2000-07-18 | Finjan Software, Ltd. | System and method for protecting a computer and a network from hostile downloadables |
WO2003058451A1 (en) * | 2002-01-04 | 2003-07-17 | Internet Security Systems, Inc. | System and method for the managed security control of processes on a computer system |
US6694434B1 (en) * | 1998-12-23 | 2004-02-17 | Entrust Technologies Limited | Method and apparatus for controlling program execution and program distribution |
-
2012
- 2012-12-05 MY MYPI2012005264A patent/MY188366A/en unknown
-
2013
- 2013-11-29 WO PCT/MY2013/000215 patent/WO2014088395A1/en active Application Filing
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6092194A (en) * | 1996-11-08 | 2000-07-18 | Finjan Software, Ltd. | System and method for protecting a computer and a network from hostile downloadables |
US6694434B1 (en) * | 1998-12-23 | 2004-02-17 | Entrust Technologies Limited | Method and apparatus for controlling program execution and program distribution |
WO2003058451A1 (en) * | 2002-01-04 | 2003-07-17 | Internet Security Systems, Inc. | System and method for the managed security control of processes on a computer system |
Non-Patent Citations (1)
Title |
---|
DAVIDA G I ET AL: "Defending systems against viruses through cryptographic authentication", PROCEEDINGS OF THE SYMPOSIUM ON SECURITY AND PRIVACY. OAKLAND, MAY 1 - 3, 1989; [PROCEEDINGS OF THE SYMPOSIUM ON SECURITY AND PRIVACY], WASHINGTON, IEEE COMP. SOC. PRESS, US, vol. -, 1 May 1989 (1989-05-01), pages 312 - 318, XP010016032, ISBN: 978-0-8186-1939-7, DOI: 10.1109/SECPRI.1989.36305 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105138904A (en) * | 2015-08-25 | 2015-12-09 | 华为技术有限公司 | Access control method and device |
US10853090B2 (en) * | 2018-01-22 | 2020-12-01 | Hewlett Packard Enterprise Development Lp | Integrity verification of an entity |
Also Published As
Publication number | Publication date |
---|---|
MY188366A (en) | 2021-12-06 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10380344B1 (en) | Secure controller operation and malware prevention | |
US11574043B2 (en) | Context-based secure controller operation and malware prevention | |
US8966624B2 (en) | System and method for securing an input/output path of an application against malware with a below-operating system security agent | |
RU2390836C2 (en) | Authenticity display from highly reliable medium to non-secure medium | |
US8966629B2 (en) | System and method for below-operating system trapping of driver loading and unloading | |
TWI402691B (en) | Network security module and method for protecting a computing device or a network device from an inentified security threat on the network | |
US8701187B2 (en) | Runtime integrity chain verification | |
US9015481B2 (en) | Methods and systems for access security for dataloading | |
US9836611B1 (en) | Verifying the integrity of a computing platform | |
WO2017021683A1 (en) | Controlling configuration data storage | |
Capobianco et al. | Employing attack graphs for intrusion detection | |
US11416604B2 (en) | Enclave handling on an execution platform | |
US8763121B2 (en) | Mitigating multiple advanced evasion technique attacks | |
Kim et al. | Shadowauth: Backward-compatible automatic can authentication for legacy ecus | |
WO2014088395A1 (en) | A system and method for establishing trustworthiness of an application | |
JP2016010031A (en) | Remote integrity verification system, method and program | |
KR102034934B1 (en) | Securing the network access of local devices by using TPM | |
Qin et al. | RIPTE: runtime integrity protection based on trusted execution for IoT device | |
Msgna et al. | Secure application execution in mobile devices | |
KR20150089696A (en) | Integrity Verification System and the method based on Access Control and Priority Level | |
Zhou et al. | Using asynchronous collaborative attestation to build a trusted computing environment for mobile applications | |
Booth | Draft NISTIR 8138, Vulnerability Description Ontology (VDO) | |
Mappings | CWE-421: Race Condition During Access to Alternate Channel | |
Rechie et al. | The Implementation of Hardware Security Based Zymkey 4i in HDVA | |
Cox | Security tenets for life critical embedded systems |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 13824671 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 13824671 Country of ref document: EP Kind code of ref document: A1 |