Data processing: financial – business practice – management – or co – Automated electrical financial or business practice or... – Finance
Patent
1998-02-14
2000-05-02
Pham, Chi H.
Data processing: financial, business practice, management, or co
Automated electrical financial or business practice or...
Finance
380 21, 705 39, H04L 900
Patent
active
060583835
DESCRIPTION:
BRIEF SUMMARY
FIELD OF THE INVENTION
The present invention relates to the field of data processing and digital communication, and in particular, to a method for trusted and dynamic dissemination of digital objects which is computationally efficient.
BACKGROUND OF THE INVENTION
Distribution of digital objects, or objects in short-whether be it text, graphics, animation, video, audio or software (such as source code or machine code) written in various programming languages--in magnetic, electronic, optical or any other medium is becoming popular. However, because such objects are in digital format, they are susceptible to third-party tampering which is difficult to detect. In many situations it is necessary for an end user to check an object received from another party, called information provider in the present invention, against certain trust criteria before accepting and using the object. Trust criteria may include authentication of date of creation, originality, integrity, type, and usage safety of the object.
Most of the current practices in digital information dissemination do not provide end users with means of reliably checking whether an object meets certain trust criteria. Popular but very dangerous ways of distributing software over Internet are downloading software files using file transfer protocol or electronic mail. Malicious attacker may modify the software or replace it with malicious software during transit. Malicious attacker may even post malicious software on a newsgroup or on a compromised machine. When the software is downloaded and run at an end user's machine, it has all the access rights entitled to the user. For example, the malicious software may be designed to read user's private files and send them to a designated network address. The malicious software may also infect the user's system if it contains a virus or network worm.
The danger of unchecked software distribution is aggregated with the advent of new programming language environments which allow for architecturally neutral code to be dynamically loaded and run on a heterogeneous network of computers such as the Internet. In such an environment, a user's machine may dynamically download executable digital objects from various information providers and execute them locally. Without proper checking on such executable digital objects, it is like opening the door and inviting crimes to one's house.
In response to this problem a method for trusted software digital object distribution has been developed, and is published in Aviel D. Rubin, "Trusted distribution of software over the Internet", pp. 47-53, Proceeding of the Symposium on Network and Distributed System Security, Feb. 16-17, 1995, San Diego. Calif. This method relies on a trusted third party, called certification authority, to certify the originality and integrity of a software object where each individual object produced by an information provider is issued a separate certificate. In this method, an author, A, of a program registers a public key, K.sub.pub, with a trusted third party, T. T verifies the registration information by calling A on the telephone. To distribute a file, A sends a signed message using a private key, K.sub.pri, associated with K.sub.pub, to T containing the hash of the file, H, and other relevant information. T issues a signed certificate containing the name of the file and its hash value. When A receives the certificate, he stores it along with the file. This certificate is sent whenever a user retrieves the file. The user then uses the certificate to verify the integrity of the file.
This method suffers from the fact that each time a digital object is downloaded, the corresponding certificate must be downloaded as well and verified by the end user. Certificate verification is a computationally intensive process requiring much processing time. Not only is this method computationally costly but it introduces additional delays in code execution which may be un-acceptable in certain applications. Furthermore, this prior art scheme is restrictive in that i
REFERENCES:
patent: 4903296 (1990-02-01), Chandra et al.
patent: 4999806 (1991-03-01), Chernow et al.
patent: 5412718 (1995-05-01), Narasimhalu et al.
patent: 5499298 (1996-03-01), Narasimhula et al.
Deng Huijie
Narasimhalu Arcot Desai
Wang Weiguo
Bayard Emmanuel
Kent Ridge Digital Labs
Pham Chi H.
LandOfFree
Computationally efficient method for trusted and dynamic digital does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Computationally efficient method for trusted and dynamic digital, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Computationally efficient method for trusted and dynamic digital will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-1601826