Electrical computers and digital processing systems: support – Computer program modification detection by cryptography
Reexamination Certificate
2011-03-22
2011-03-22
Smithers, Matthew B (Department: 2437)
Electrical computers and digital processing systems: support
Computer program modification detection by cryptography
C726S001000
Reexamination Certificate
active
07913092
ABSTRACT:
Disclosed is an approach to system call monitoring in which authenticated system calls from an application are easily verified by an operating system kernel. The authenticated system call may be a system call augmented with extra arguments, which specify the policy for that call as well as a cryptographic message authentication code (MAC) that guarantees the integrity of the policy and the system call arguments. This extra information is used by the operating system kernel to verify the system call with little processing overhead. Versions of the applications in which regular system calls have been replaced by authenticated calls are generated automatically by a trusted installer program that reads the application binary, uses static analysis to generate policies, and then rewrites the binary with the authenticated calls. As a result, hacker attacks, malicious software and the like are less likely to be successful in compromising any computers or networks that employ such authenticated system calls.
REFERENCES:
patent: 5485409 (1996-01-01), Gupta et al.
patent: 5909577 (1999-06-01), Devanbu
patent: 6006328 (1999-12-01), Drake
patent: 6381738 (2002-04-01), Choi et al.
patent: 6823460 (2004-11-01), Hollander et al.
patent: 2002/0007456 (2002-01-01), Peinado et al.
patent: 2004/0031030 (2004-02-01), Kidder et al.
patent: 2004/0139342 (2004-07-01), Aho et al.
patent: 2004/0205411 (2004-10-01), Hong et al.
patent: 2005/0060568 (2005-03-01), Beresnevichiene et al.
patent: 2005/0193428 (2005-09-01), Ring et al.
patent: 2005/0246554 (2005-11-01), Batson
patent: 2005/0257243 (2005-11-01), Baker
patent: 2006/0053492 (2006-03-01), Wallace
patent: 2006/0059335 (2006-03-01), Bernardi et al.
patent: 2006/0090193 (2006-04-01), Johnson et al.
patent: 2006/0101413 (2006-05-01), Kinno et al.
patent: 2007/0016914 (2007-01-01), Yeap
Jesus Molina and William Arbaugh, Using Indepentend Auditors as intrusion detection systems, ICICS 2002, Spinrger-verlag Berlin Heidelberg 2002, p. 291-302.
Hiltunen Matti Aarno
Jim Trevor
Rajagopalan Mohan
Schlichting Richard Dale
AT&T Intellectual Property II L.P.
Sholeman Abu
Smithers Matthew B
LandOfFree
System and method for enforcing application security... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with System and method for enforcing application security..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and System and method for enforcing application security... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2765891