Information security – Prevention of unauthorized use of data including prevention...
Reexamination Certificate
2007-01-08
2010-11-23
Zand, Kambiz (Department: 2434)
Information security
Prevention of unauthorized use of data including prevention...
C713S187000
Reexamination Certificate
active
07841010
ABSTRACT:
An integrity verification process and associated apparatus to detect tampering or other alterations to computer code (software) or other computer files, and especially useful to detect tampering with code by hackers who might try to plant their own malicious code in the software. To make the verification process more robust versus hackers, each e.g., object code file to be protected is first selected using some sort of rule, then partitioned into variable length blocks or portions, the lengths varying in an unpredictable manner. Each portion has its checksum or hash value computed. An accompanying verification file is created which includes a vector for each portion including the portion's start address in memory, length, and the computed checksum or hash value. When the code is later to be run (executed) the verification file is conventionally read and each portion is verified by computing its checksum or hash value using the same algorithm as before, and comparing that to the value in the associated verification file vector. Lack of a match in the two values indicates tampering, so execution of the code can be halted.
REFERENCES:
patent: 5382955 (1995-01-01), Knierim
patent: 5454000 (1995-09-01), Dorfman
patent: 6738932 (2004-05-01), Price
patent: 7225341 (2007-05-01), Yoshino et al.
patent: 2003/0018878 (2003-01-01), Dorward et al.
patent: 2003/0188117 (2003-10-01), Yoshino et al.
patent: 2003/0188231 (2003-10-01), Cronce
patent: 2003/0200207 (2003-10-01), Dickinson
patent: 2003/0221116 (2003-11-01), Futoransky et al.
patent: 2004/0117616 (2004-06-01), Silvester
patent: 2007/0156638 (2007-07-01), Vadekar et al.
patent: WO-99/27450 (1999-06-01), None
patent: WO-2006/116871 (2006-11-01), None
patent: WO-2006/116871 (2006-11-01), None
Arvind Seshadri; verifying code integrity and enforcing untampered code execution on legacy systems; Year of Publication: 2005 ; pp. 1-16.
European Search Report mailed on May, 9, 2008, for EP Application No. EP 08 15 0037, filed on Jan. 3, 2008, 2 pages.
International Search Report mailed on Jun. 20, 2008, for PCT Application No. PCT/US08/00169, filed on Jan. 3, 2008, 1 page.
Written Opinion mailed on Jun. 20, 2008, for PCT Application No. PCT/US08/00169, filed on Jan. 3, 2008, 4 pages.
European Examination Report mailed on Mar. 9, 2010, for EP Application No. EP 08 150 037.3, filed on Jan. 3, 1008, 3 pages.
International Preliminary Report on Patentability, mailed on Feb. 11, 2010, for PCT Application No. PCT/US2008/000169, filed on Jan. 3, 2008, 6 pages.
European Search Report mailed on May, 9, 2008, for EP Application No. EP 08 15 0037, filed on Jan. 3, 2008, 2 pages.
Betouin Pierre
Farrugia Augustin J.
Fasoli Gianpaolo
Lerouge Julien
Apple Inc.
Morrison & Foerster / LLP
Rahim Monjour
Zand Kambiz
LandOfFree
Software or other information integrity verification using... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Software or other information integrity verification using..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Software or other information integrity verification using... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-4227155