Electrical computers and digital processing systems: support – Data processing protection using cryptography
Reexamination Certificate
1997-06-20
2001-01-16
Swann, Tod R. (Department: 2767)
Electrical computers and digital processing systems: support
Data processing protection using cryptography
C380S282000, C380S201000, C713S188000, C713S191000, C713S193000, C713S194000, C713S152000, C711S147000, C711S150000
Reexamination Certificate
active
06175924
ABSTRACT:
BACKGROUND OF THE INVENTION
1. Field of the Invention
The present invention relates to a method and apparatus for controlling the authenticity of application programs received from unsecured storage and for controlling data access by such programs as they run in a secure environment in a computer in order to preserve system security.
2. Description of Related Art
The use of apparatus and programmed methods to prevent application programs from accessing or modifying protected areas of storage in a data processing system are known in the operating system art. Examples are the U.S. Pat. Nos. 5,144,659 and 5,289,540 to Richard P. Jones. Jones discloses hardware in the form of a programmable auxiliary memory and control unit on a disk drive adapter card which intercepts the control logic, address, and data signal paths between the central processing unit and the file storage. Once the hardware and associated software of the Jones system is installed, the operating system no longer controls or has access to the file system. In Jones, the auxiliary memory stores signatures of all valid files. The file signatures are simple cyclic redundancy code (CRC). Such signatures can protect against virus attack by detecting that the file has been changed by a virus since the CRC was last calculated. Such signature can not protect against hacker attack because it is a simple matter to calculate and append a new CRC after changing a program.
More recently, the hardware central processing unit (CPU) itself has privilege levels built in that protect memory segments having a level zero for example from being directly addressed by application programs running at level 3. An example appears in the Am486 Microprocessor Software Users Manual published January 1994 by Advanced Micro Devices at pages A-28 through A-34. Although these circuits prevent direct addressing of supervisor level memory space by level 3 application programs, there will be times when such access is necessary and there is no mechanism in the microprocessor for determining that the application program is authentic and that the data to be accessed is allocated to the authentic program.
The use of encryption to verify the identity of users and the authenticity of programs or ID Cards is known. An example of such art is the IBM 4755 cryptographic adapter card. The teaching of the current art do not however show how to protect persistent data in a secure area when applications are loaded from non-secure sources.
In computer systems that run multiple application programs, and have the ability to store long-term data for those programs, there is a need to protect each data area from application programs other than the one which created that area. The term “other programs” is meant to include both entirely different programs, and programs which may attempt to masquerade as the program that created the data. New versions of any program, however, must be able to access the data areas created by the earlier versions of that same program.
In this particular scenario, the data is persistent in computer memory, while the application programs themselves are not. The application programs are deleted from memory when they are no longer needed, and then they are reloaded at a later time when their services are again required. The data areas used by each application program remain in the computer, stored on a persistent medium and managed by the computer's operating system. When an application program is reloaded, it must be given access to the data which it owns, but it must not be permitted to access data owned by another application program. In like manner, application programs that are operating concurrently must not be able to access each others data. The program storage medium itself from which application programs are reloaded is not necessarily protected in any way, so the application programs must be structured so that they carry their own protection from alteration, and so that they contain protected information that can be used to securely associate them with the data areas that they own.
SUMMARY OF THE INVENTION
The present invention overcomes the disadvantages and limitations of the related art by providing a method and apparatus for efficiently verifying the authenticity of an application program being loaded into a secure area from a non-secure area and associating the verified application program with its already existing data areas in persistent memory to the exclusion of other application programs.
An advantage of the invented secure access control for persistent data areas is that application programs may be loaded from a non-secure store and be given access to persistent data without compromising security.
Yet another advantage of the invention is that the privilege levels of a processor may be utilized to protect persistent data while allowing application programs access to the data even though such application programs may not be resident in persistent memory.
These and other advantages will become apparent to the reader from the following more detailed description of the invention.
REFERENCES:
patent: 5027397 (1991-06-01), Double et al.
patent: 5048085 (1991-09-01), Abraham et al.
patent: 5148461 (1992-09-01), Abraham et al.
patent: 5159629 (1992-10-01), Double et al.
patent: 5371793 (1994-12-01), Kimura
patent: 5412717 (1995-05-01), Fischer
patent: 5526428 (1996-06-01), Arnold
patent: 5579393 (1996-11-01), Conner et al.
patent: 5604800 (1997-02-01), Johnson et al.
patent: 5724425 (1998-03-01), Chang et al.
patent: 5727061 (1998-03-01), Johnson et al.
patent: 5778070 (1998-07-01), Mattison
patent: 0754999 (1997-01-01), None
patent: 0778520 (1997-06-01), None
patent: 8166879 (1996-06-01), None
Schneier, Applied Cryptography, 2nd edition, p. 39.
IBM Technical Disclosure Bulletin, vol. 39, No. 6; Secure Loading of a Personal Computer Application; Jun. 1996; pp. 131 & 132.
Derwent Publications LTD., London, GB; Database WPI; Week 9803; N 98-023882.
Derwent Publications LTD., London, GB; Database WPI; Week 9803; AN 98-029578.
Name of Article: ActiveX Programming13 Safe Web Surfing with the Internet Component Download Service; Author Mary Kirkland; Name of Journal: Microsoft System Journal, Oct. 1996, ASCII, No. 45, pp. 38-48.
Name of Article: Counterplan for Computer Virus in Internet Age; Author: Tatsu Nakamura; Name of Journal: Nikkei Computer, Feb. 3, 1997, pp. 146-152.
Name of Article: The Status and Counterplan for Computer Virus in Japan; Author: Eiji Okamoto, Tadanao Yamada, Norio Saito Name of Journal: Information Processing, Jul. 1992, vol. 33, No. 7, pp. 811-819.
Callahan Paul E.
Hesse Karl O.
International Business Machines Corp.
Swann Tod R.
LandOfFree
Method and apparatus for protecting application data in... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for protecting application data in..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for protecting application data in... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2494725