Secure repository with layers of tamper resistance and system and method for providing same
원문보기
IPC분류정보
국가/구분
United States(US) Patent
등록
국제특허분류(IPC7판)
G06F-012/14
출원번호
US-0153782
(2011-06-06)
등록번호
US-8417968
(2013-04-09)
발명자
/ 주소
Manferdelli, John L.
Marr, Michael David
Krishnaswamy, Vinay
Jakubowski, Mariusz H.
출원인 / 주소
Microsoft Corporation
대리인 / 주소
Woodcock Washburn LLP
인용정보
피인용 횟수 :
0인용 특허 :
75
초록▼
A secure repository individualized for a hardware environment and a method and system for providing the same. The secure repository includes a hidden cryptographic key and code that applies the key without requiring access to a copy of the key. The code that implements the secure repository is gener
A secure repository individualized for a hardware environment and a method and system for providing the same. The secure repository includes a hidden cryptographic key and code that applies the key without requiring access to a copy of the key. The code that implements the secure repository is generated in a manner that is at least partly based on a hardware ID associated with the hardware environment in which the secure repository is to be installed, and may also be based on a random number. Cryptographic functions implemented by the secure repository include decryption of encrypted information and validation of cryptographically signed information. The secure repository may be coupled to an application program, which uses cryptographic services provided by the secure repository, by way of a decoupling interface that provides a common communication and authentication interface for diverse types of secure repositories. The decoupling interface may take the form of a single application programmer interface (API) usable with multiple dynamically linkable libraries.
대표청구항▼
1. A method of performing an action on a computing device in a manner that is at least partly resistant to modification or analysis, said method comprising: executing on said computing device a first set of computer-executable instructions storable on a computer-readable medium that implements a sub
1. A method of performing an action on a computing device in a manner that is at least partly resistant to modification or analysis, said method comprising: executing on said computing device a first set of computer-executable instructions storable on a computer-readable medium that implements a sub-action, wherein: performance of said action is in at least some way furthered by performance of said sub-action;said action comprises computing results of applying a cryptographic key to first data using attributes of the cryptographic key but without access to, storing in memory, or exposing a whole or segment of the cryptographic key; andexecuting on said computing device a second set of computer-executable instructions that implements said sub-action, said second set of computer-executable instructions being different from said first set of computer-executable instructions. 2. The method of claim 1, wherein said action comprises using said cryptographic key to decrypt said first data. 3. The method of claim 1, wherein said action comprises using said cryptographic key to authenticate said first data. 4. The method of claim 1, further comprising the act of executing a diversionary third set of computer-executable instructions different from said first and second sets of computer-executable instructions. 5. The method of claim 4, wherein neither said first or second sets of computer-executable instructions relies for its correct performance on said diversionary third set of computer-executable instructions. 6. The method of claim 1, further comprising the acts of: detecting a modification or deletion of at least a portion of said first or second sets of computer-executable instructions; andrestoring the modified or deleted instructions to their state prior to said modification or deletion. 7. The method of claim 1, further comprises the act of decrypting at least a portion of said first or second sets of computer-executable instructions prior to executing said portion. 8. The method of claim 7, further comprising the act of encrypting said portion subsequent to executing said portion. 9. The method of claim 1, further comprising the acts of deriving a value based on at least a portion of said first or second sets of computer-executable instructions; andcomparing the derived value to a stored value. 10. The method of claim 9, wherein said act of deriving comprises the act of hashing said portion. 11. The method of claim 1, further comprising the act of moving at least some of said first or second set of computer-executable instructions to a randomly or pseudo-randomly selected memory location prior to their execution on said computing device. 12. A computer-readable storage medium, wherein the computer-readable storage medium is not a signal, encoded with computer-executable instructions to perform the method of claim 1. 13. A method of generating a computer program storable on a computer-readable storage medium, wherein the computer-readable storage medium is not a signal, that is at least partly resistant to modification or analysis wherein said computer program performs a first action on at least two different occasions, said method comprising: generating a first set of computer-executable instructions which performs said first action, said first action comprises computing results of applying a cryptographic key to first data using attributes of the cryptographic key but without access to, storing in memory, or exposing a whole or segment of the cryptographic key;including said first set of computer-executable instructions at a first location in said computer program;generating a second set of computer-executable instructions which performs said first action, said second set of computer-executable instructions being at least in part different from said first set of computer executable instructions; andincluding said second set of computer-executable instructions at a second location in said computer program. 14. The method of claim 13, wherein said first location is inline with code that requires performance of said action. 15. The method of claim 13, further comprising the action of receiving second data which in some way identifies or relates to a computing device on which said computer program runs, and wherein said first set of computer-executable instructions is based on said second data. 16. The method of claim 13, further comprising the act of randomly or pseudo-randomly generating a number, wherein said first set of computer-executable instructions is based on said number. 17. The method of claim 13, further comprising the act of: creating a diversionary third set of computer-executable instructions; andincluding said diversionary third set of computer-executable instructions in said computer program. 18. The method of claim 13, further comprising the act of creating a third set of computer-executable instructions which detects modification or deletion of at least a portion of said computer program, and which restores said portion to its state prior to modification or deletion. 19. The method of claim 13, further comprising the act of reorganizing said first or second sets computer-executable instructions or a combination thereof. 20. The method of claim 13, further comprising the acts of:: delimiting a segment of said computer program;obtaining a first hash of the code inside the delimited segment;including said first hash of the delimited segment within said computer program; andcreating a third set of computer-executable instructions which obtains a second hash of the delimited segment and which compares said second hash with first hash.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (75)
Rohatgi Pankaj (Sunnyvale CA) Dureau Vincent (Vemas CA), Apparatus and method for authenticating transmitting applications in an interactive TV system.
Reed Drummond Shattuck ; Heymann Peter Earnshaw ; Mushero Steven Mark ; Jones Kevin Benard ; Oberlander Jeffrey Todd, Computer-based communication system and method using metadata defining a control-structure.
Downs Edgar ; Gruse George Gregory ; Hurtado Marco M. ; Lehman Christopher T. ; Milsted Kenneth Louis ; Lotspiech Jeffrey B., Electronic content delivery system.
Mischenko Valentin Alexandrovich,BYX ; Zakharau Uladzimir Uladzimirovich,BYX, Encoding and decoding information using randomization with an alphabet of high dimensionality.
Dutta, Rabindranath, Incremental updates of items and prices on a customer's computer to reduce download times for frequently purchased items in e-commerce transactions in a method, system and program.
Stefik Mark J. (Woodside CA) Bobrow Daniel G. (Palo Alto CA) Card Stuart K. (Los Altos CA) Casey Michalene M. (Morgan Hill CA) Goldstein Richard J. (San Francisco CA) Lamming Michael G. (Cambridge CA, Interactive contents revealing storage device.
Levergood Thomas Mark ; Stewart Lawrence C. ; Morris Stephen Jeffrey ; Payne Andrew C. ; Treese George Winfield, Internet server access control and monitoring systems.
Hershey Antoinette F. (Acton MA) French Andrew H. (Lexington MA) Boire Christopher P. (Westborough MA), License mangagement system and license storage key.
Khan Raheel Ahmed ; Burleson David Brent ; Filion John Thomas ; Cheek Donald Scott, Method and apparatus for a game delivery service including flash memory and a game back-up module.
Sachs James ; Pomeroy Thomas W. ; Novicov Aleksey ; Conboy Garth ; Walter Erik ; Leshner William S. ; Duga Brady ; Wotiz Richard, Method and apparatus for electronically distributing and viewing digital contents.
White Christopher M. ; Matheny John ; Bonnaure Patrick P. ; Perlman Stephen G., Method and apparatus for providing physical security for a user account and providing access to the user's environment a.
Basani, Vijay R.; Mangiapudi, Krishna; Murach, Lynne M.; Karge, Leroy R.; Revsin, Vitaly S.; Bestavros, Azer; Crovella, Mark E.; LaRosa, Domenic J., Method and apparatus for reliable and scalable distribution of data files in distributed networks.
Lambert, Mark L.; van der Rijn, Daniel J. G.; Kemper, David J.; Verkler, Jay L., Method and apparatus for storing and delivering documents on the internet.
Graunke Gary L. ; Carbajal John ; Maliszewski Richard L. ; Rozas Carlos V., Method for securely distributing a conditional use private key to a trusted entity on a remote system.
Rabne Michael W. ; Barker James A. ; Alrashid Tareq M.T. ; Christian Brian S. ; Cox Steven C. ; Slotta Elizabeth A. ; Upthegrove Luella R., Rights management system for digital media.
McMullan ; Jr. Jay C. (Doraville GA) Burleson David B. (Roswell GA) Borsetti ; Jr. Paul (Alpharetta GA) Filion John T. (Lawrenceville GA), Secure authorization and control method and apparatus for a game delivery service.
Manferdelli, John L.; Marr, Michael David; Krishnaswamy, Vinay; Jakubowski, Mariusz H., Secure repository with layers of tamper resistance and system and method for providing same.
Manferdelli, John L.; Marr, Michael David; Krishnaswamy, Vinay; Jakubowski, Mariusz H., Secure repository with layers of tamper resistance and system and method for providing same.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., System and methods for secure transaction management and electronic rights protection.
Stefik Mark J. (Woodside CA) Bobrow Daniel G. (Palo Alto CA) Pirolli Peter L. T. (El Cerrito CA), System for controlling the distribution and use of composite digital works.
Stefik Mark J. (Woodside CA) Merkle Ralph C. (Sunnyvale CA) Pirolli Peter L. T. (El Cerrito CA), System for controlling the distribution and use of digital works having a fee reporting mechanism.
Kenneth L. Nash, System for monitoring the association of digitized information having identification indicia with more than one of uniquely identified computers in a network for illegal use detection.
Saigh Michael M. ; Chang Edward H. ; Brockhouse Douglas B. ; Chang Hsiao-Shih, Systems and apparatus for electronic communication and storage of information.
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Hall Edwin J. ; Shear Victor H. ; Tomasello Luke S. ; Van Wie David M. ; Weber Robert P. ; Worsencroft Kim ; Xu Xuejun, Techniques for defining using and manipulating rights management data structures.
Granger, Mark J.; Smith, Cyrus E.; Hoffman, Matthew I., Use of code obfuscation to inhibit generation of non-use-restricted versions of copy protected software applications.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.