Data processing: software development – installation – and managem – Software program development tool – Translation of code
Reexamination Certificate
2007-04-24
2007-04-24
An, Meng-Al T. (Department: 2193)
Data processing: software development, installation, and managem
Software program development tool
Translation of code
C717S127000, C713S193000, C713S194000, C712S202000, C712S300000
Reexamination Certificate
active
10237515
ABSTRACT:
A given software process is composed on one or more threads of execution. Each thread possesses its own stack, a region of memory set aside by the operating system for that thread to store data. Popular programming languages rely heavily on stack-based data (frequently referred to as “local” or “automatic” data). It is a characteristic of deterministic machines like computers that, given the same problem to process with the same data, the same results, both intermediate and final, will result. This even extends to the sequence the software running on the computer will take to process the problem or data. This in turn means that for each thread making up the program, the data layout in the thread's stack will be relatively consistent each time the program gets to a similar point in the processing of the problem and/or data. This represents a potential “point of repeatability” that a hacker can take advantage of. Embodiments of the current invention address this by introducing random amounts of “padding” into a thread's stack, such that all data objects that exist “below” that point in the stack are offset by the amount of this random padding. A thread could have several points in its stack where the padding is introduced, resulting in better (more difficult to hack) randomization.
REFERENCES:
patent: 4218582 (1980-08-01), Hellman et al.
patent: 4309569 (1982-01-01), Merkle
patent: 5123045 (1992-06-01), Ostrovsky et al.
patent: 5321828 (1994-06-01), Phillips et al.
patent: 5335332 (1994-08-01), Christopher et al.
patent: 5373561 (1994-12-01), Haber et al.
patent: 5689565 (1997-11-01), Spies et al.
patent: 5699428 (1997-12-01), McDonnal et al.
patent: 5835595 (1998-11-01), Fraser et al.
patent: 5892899 (1999-04-01), Aucsmith et al.
patent: 5892904 (1999-04-01), Atkinson et al.
patent: 5913038 (1999-06-01), Griffiths
patent: 6009176 (1999-12-01), Gennaro et al.
patent: 6122742 (2000-09-01), Young et al.
patent: 6161181 (2000-12-01), Haynes et al.
patent: 6226750 (2001-05-01), Trieger
patent: 6401208 (2002-06-01), Davis et al.
patent: 6463538 (2002-10-01), Elteto
patent: 6643775 (2003-11-01), Granger et al.
patent: 6654883 (2003-11-01), Tatebayashi
patent: 6668325 (2003-12-01), Collberg et al.
patent: 6779114 (2004-08-01), Chow et al.
patent: 6785815 (2004-08-01), Serret-Avila et al.
patent: 6792536 (2004-09-01), Teppler
patent: 6842862 (2005-01-01), Chow et al.
patent: 6952697 (2005-10-01), Rothschild
patent: 6959384 (2005-10-01), Serret-Avila
patent: 2002/0029337 (2002-03-01), Sudia et al.
patent: 2002/0112161 (2002-08-01), Thomas et al.
patent: 2002/0157003 (2002-10-01), Beletski
patent: 2002/0178360 (2002-11-01), Wenocur et al.
patent: 2003/0140178 (2003-07-01), Evans
Mambo et al. “A Tentative Approach to Constructing Tamper Resistant Software” 1997, New Security Paradigms Workshop, ACM, p. 23-33.
Forrest, Somayaji, Ackley “Building Diverse Computer Systems” 1997, IEEE Computer Society Press, pp. 1-6.
U.S. Appl. No. 10/237,454, filed Sep. 6, 2002, Langer.
U.S. Appl. No. 10/237,393, filed Sep. 6, 2002, Langer.
U.S. Appl. No. 10/238,053, filed Sep. 6, 2002, Langer.
Tran, Tongoc; Office Action dated Mar. 28, 2006; U.S. Appl. No. 10/238,053, filed Sep. 6, 2002.
Loving, Jaric E.; Office Action dated Feb. 23, 2006; U.S. Appl. No. 10/237,393, filed Sep. 6, 2002.
Tolentino, Roderick; Office Action dated Feb. 2, 2006; U.S. Appl. No. 10/237,454, filed Sep. 6, 2002.
An Meng-Al T.
Mitchell Jason
Sonic Solutions
LandOfFree
Deterring reverse-engineering of software systems by... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Deterring reverse-engineering of software systems by..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Deterring reverse-engineering of software systems by... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3738327