Software self-checking mechanisms are described for improving software tamper resistance and/or reliability. Redundant tests are performed to detect modifications to a program while it is running. Modifications are recorded or reported. Embodiments of the software self-checking mechanisms can be imp
Software self-checking mechanisms are described for improving software tamper resistance and/or reliability. Redundant tests are performed to detect modifications to a program while it is running. Modifications are recorded or reported. Embodiments of the software self-checking mechanisms can be implemented such that they are relatively stealthy and robust, and so that it they are compatible with copy-specific static watermarking and other tamper-resistance techniques.
대표청구항▼
1. A non-transitory computer-readable storage medium, the computer-readable storage medium storing programming instructions that, if executed by a processor of a computer system, are operable to cause the computer system to perform a method comprising: loading a memory address obfuscating value; cal
1. A non-transitory computer-readable storage medium, the computer-readable storage medium storing programming instructions that, if executed by a processor of a computer system, are operable to cause the computer system to perform a method comprising: loading a memory address obfuscating value; calculating an address locator value at least in part based on said memory address obfuscating value;reading a first portion of memory beginning at an address determined by said calculated address locator value, said first portion of memory at least in part used to store instructions associated with a currently executing program;calculating a first integrity check value based on the contents of said first portion of memory;comparing said first calculated integrity check value to a first expected check value; andinitiating one or more response actions at least in part based on the results of said step of comparing said first calculated check value. 2. The non-transitory computer readable storage medium of claim 1, wherein the instructions further cause the computer to perform the operation of: calculating a second address locator value at least in part based on a memory address obfuscating value;reading a second portion of memory beginning at an address determined by said second calculated address locator value, said second portion of memory at least in part used to store instructions associated with said currently executing program;calculating a second integrity check value based on the contents of said second portion of memory;comparing said second calculated integrity check value to a second expected check value; andinitiating one or more response actions at least based on the results of said step of comparing said second calculated integrity check value. 3. The non-transitory computer readable storage medium of claim 2, wherein said memory address obfuscating value used to calculate the second address locator is equal to the memory address obfuscating value used to calculate the first address locator value. 4. The non-transitory computer readable storage medium of claim 2, wherein said initiating steps comprise initiating the at least one or more response actions via different access paths. 5. The non-transitory computer readable storage medium of claim 2, wherein said obfuscating memory value used to calculate the second address locator value is the same obfuscating memory value used to calculate the first address locator value. 6. The non-transitory computer readable storage medium of claim 2, said second portion of memory at least in part different from said first portion. 7. The non-transitory computer readable storage medium of claim 2, said second portion of memory at least including a portion of said first portion of memory. 8. The non-transitory computer readable storage medium of claim 2, wherein said second expected check value is equal to the first expected check value. 9. The non-transitory computer readable storage medium of claim 2, wherein said first expected check value is equal to zero. 10. The non-transitory computer readable storage medium of claim 9, wherein the second expected check value is equal to the first expected check value. 11. The non-transitory computer readable storage medium of claim 2, wherein the step of calculating an integrity check value based on said first portion of memory is performed by instructions contained within the second portion of memory. 12. The non-transitory computer readable storage medium of claim 11, wherein the step of calculating an integrity check value based on said second portion of memory is performed by instructions contained within the first portion of memory. 13. The non-transitory computer readable storage medium of claim 12, wherein the instructions are configured such that no code section addresses appear in general-purpose registers during the execution of the program. 14. The non-transitory computer readable storage medium of claim 2, wherein one or more of the triggering steps includes a delay before initiating the one or more response actions. 15. The non-transitory computer readable storage medium of claim 2, wherein the running time to initiate the one or more response actions is configured to be of variable duration. 16. The non-transitory computer readable storage medium of claim 2, wherein the instructions are configured to at repeat each of the reading steps, the calculating an integrity check value steps, and the comparing steps a plurality of times during the execution of said program. 17. The non-transitory computer readable storage medium of claim 2, wherein the second portion of memory includes at least a portion of the instructions for performing said steps of reading a first portion of memory, calculating an integrity check value based on said first portion of memory, and comparing said calculated integrity check value to a first expected check value. 18. The non-transitory computer readable storage medium of claim 2, wherein the second portion of memory includes all of the instructions for performing said steps of reading a first portion of memory, calculating an integrity check value based on said first portion of memory, and comparing said calculated integrity check value to a first expected check value. 19. The non-transitory computer readable storage medium of claim 2, wherein said first integrity check value is calculated using a first coding of a first integrity verification algorithm and said second integrity check value is calculated using a second coding of said first integrity verification algorithm, said first coding and second coding being different but functionally equivalent implementations of said first integrity verification algorithm. 20. The non-transitory computer readable storage medium of claim 19, wherein said first integrity verification algorithm is a chained hash function. 21. The non-transitory computer readable storage medium of claim 2, wherein said first integrity check value is calculated using a first integrity verification algorithm and said second integrity check value is calculated using a second integrity verification algorithm. 22. The non-transitory computer readable storage medium of claim 21, wherein said first integrity verification algorithm is a chained hash function. 23. The non-transitory computer readable storage medium of claim 1, wherein said memory address obfuscating value is a randomly-generated or pseudorandomly-generated value. 24. The non-transitory computer readable storage medium of claim 1, wherein said memory address obfuscating value was randomly-generated or pseudorandomly-generated prior to execution of the said currently executing program. 25. The non-transitory computer readable storage medium of claim 1, wherein the memory address obfuscating value was determined at time of installation of said program. 26. The non-transitory computer readable storage medium of claim 1, wherein said one or more response actions includes halting execution of the program. 27. The non-transitory computer readable storage medium of claim 1, wherein said one or more response actions includes restricting execution of a portion of the program. 28. The non-transitory computer readable storage medium of claim 1, wherein said one or more response actions includes denying access to one or or more functions of the program. 29. The non-transitory computer readable storage medium of claim 1, wherein said one or more response actions includes erasing or denying the use of data. 30. The non-transitory computer readable storage medium of claim 1, wherein the initiating step comprises initiating the at least one or more response actions via one of a plurality of alternative access paths. 31. The non-transitory computer readable storage medium of claim 1, wherein the running time to initiate the one or more response actions is configured to be of variable duration. 32. The non-transitory computer readable storage medium of claim 1, wherein the instructions are configured to at repeat each of the reading step, the calculating an integrity check value step, and the comparing step a plurality of times during the execution of said program. 33. The non-transitory computer readable storage medium of claim 32, wherein the first portion of memory includes at least a portion of the instructions for performing said steps of reading a second portion of memory, calculating an integrity check value based on said second portion of memory, and comparing said calculated integrity check value to a second expected check value. 34. A method comprising: calculating an address locator value at least in part based on said memory address obfuscating value;reading a first portion of memory beginning at an address determined by said calculated address locator value, said first portion of memory at least in part used to store instructions associated with a currently executing program;calculating a first integrity check value based on the contents of said first portion of memory;comparing said first calculated integrity check value to a first expected check value; andinitiating one or more response actions at least in part based on the results of said step of comparing said first calculated check value. 35. The method of claim 34, wherein the instructions further cause the computer to perform the operation of: calculating a second address locator value at least in part based on a memory address obfuscating value;reading a second portion of memory beginning at an address determined by said second calculated address locator value, said second portion of memory at least in part used to store instructions associated with said currently executing program;calculating a second integrity check value based on the contents of said second portion of memory;comparing said second calculated integrity check value to a second expected check value; andinitiating one or more response actions at least based on the results of said step of comparing said second calculated integrity check value. 36. The method of claim 35, wherein said memory address obfuscating value used to calculate the second address locator is equal to the memory address obfuscating value used to calculate the first address locator value. 37. The method of claim 35, wherein said initiating steps comprise initiating the at least one or more response actions via different access paths. 38. The method of claim 35, wherein said obfuscating memory value used to calculate the second address locator value is the same obfuscating memory value used to calculate the first address locator value. 39. The method of claim 35, said second portion of memory at least in part different from said first portion. 40. The method of claim 35, said second portion of memory at least including a portion of said first portion of memory. 41. The method of claim 35, wherein said second expected check value is equal to the first expected check value. 42. The method of claim 35, wherein said first expected check value is equal to zero. 43. The method of claim 42, wherein the second expected check value is equal to the first expected check value. 44. The method of claim 35, wherein the step of calculating an integrity check value based on said first portion of memory is performed by instructions contained within the second portion of memory. 45. The method of claim 44, wherein the step of calculating an integrity check value based on said second portion of memory is performed by instructions contained within the first portion of memory. 46. The method of claim 45, wherein the instructions are configured such that no code section addresses appear in general-purpose registers during the execution of the program. 47. The method of claim 35, wherein one or more of the triggering steps includes a delay before initiating the one or more response actions. 48. The method of claim 35, wherein the running time to initiate the one or more response actions is configured to be of variable duration. 49. The method of claim 35, wherein the instructions are configured to at repeat each of the reading steps, the calculating an integrity check value steps, and the comparing steps a plurality of times during the execution of said program. 50. The method of claim 35, wherein the second portion of memory includes at least a portion of the instructions for performing said steps of reading a first portion of memory, calculating an integrity check value based on said first portion of memory, and comparing said calculated integrity check value to a first expected check value. 51. The method of claim 35, wherein the second portion of memory includes all of the instructions for performing said steps of reading a first portion of memory, calculating an integrity check value based on said first portion of memory, and comparing said calculated integrity check value to a first expected check value. 52. The method of claim 35, wherein said first integrity check value is calculated using a first coding of a first integrity verification algorithm and said second integrity check value is calculated using a second coding of said first integrity verification algorithm, said first coding and second coding being different but functionally equivalent implementations of said first integrity verification algorithm. 53. The method of claim 52, wherein said first integrity verification algorithm is a chained hash function. 54. The method of claim 35, wherein said first integrity check value is calculated using a first integrity verification algorithm and said second integrity check value is calculated using a second integrity verification algorithm. 55. The method of claim 54, wherein said first integrity verification algorithm is a chained hash function. 56. The method of claim 34, wherein said memory address obfuscating value is a randomly-generated or pseudorandomly-generated value. 57. The method of claim 34, wherein said memory address obfuscating value was randomly-generated or pseudorandomly-generated prior to execution of the said currently executing program. 58. The method of claim 34, wherein the memory address obfuscating value was determined at time of installation of said program. 59. The method of claim 34, wherein said one or more response actions includes halting execution of the program. 60. The method of claim 34, wherein said one or more response actions includes restricting execution of a portion of the program. 61. The method of claim 34, wherein said one or more response actions includes denying access to one or or more functions of the program. 62. The method of claim 34, wherein said one or more response actions includes erasing or denying the use of data. 63. The method of claim 34, wherein the initiating step comprises initiating the at least one or more response actions via one of a plurality of alternative access paths. 64. The method of claim 34, wherein the running time to initiate the one or more response actions is configured to be of variable duration. 65. The method of claim 34, wherein the instructions are configured to at repeat each of the reading step, the calculating an integrity check value step, and the comparing step a plurality of times during the execution of said program. 66. The method of claim 65, wherein the first portion of memory includes at least a portion of the instructions for performing said steps of reading a second portion of memory, calculating an integrity check value based on said second portion of memory, and comparing said calculated integrity check value to a second expected check value.
연구과제 타임라인
LOADING...
LOADING...
LOADING...
LOADING...
LOADING...
이 특허에 인용된 특허 (71)
Spyker, Andrew W.; Williams, Byron Allen, Apparatus and method for ensuring data integrity of unauthenticated code.
Henzinger Monika Hildegard ; Leung Shun-Tak Albert ; Sites Richard L. ; Vandevoorde Mark T. ; Weihl William Edward, Computer method and apparatus for analyzing program instructions executing in a computer system.
Stefik Mark J. (Woodside CA) Russell Daniel M. (Palo Alto CA) Bobrow Daniel G. (Palo Alto CA) Henderson ; Jr. D. Austin (La Honda CA), Document processing system utilizing document service cards to provide document processing services.
Alcorn Allan E. ; Barnett Michael ; Giacalone ; Jr. Louis D. ; Levinthal Adam E., Electronic casino gaming system with improved play capacity, authentication and security.
Stefik Mark J. (Woodside CA) Bobrow Daniel G. (Palo Alto CA) Card Stuart K. (Los Altos CA) Casey Michalene M. (Morgan Hill CA) Goldstein Richard J. (San Francisco CA) Lamming Michael G. (Cambridge CA, Interactive contents revealing storage device.
Graziano James M. (4662 Weld County Road 34 Platteville CO 80651) Dziewit Halina S. (5260 Centennial Trail Boulder CO 80302), Knowledge based system for document authentication (apparatus).
McIntosh, Suzanne; Brand, Daniel; Kaplan, Matthew; Karger, Paul A.; McIntosh, Michael G.; Palmer, Elaine R.; Paradkar, Amitkumar M.; Toll, David; Weber, Samuel M., Method and system for hardware based program flow monitor for embedded software.
Arnold, Matthew R.; Fink, Stephen J.; Grove, David P.; Hind, Michael J.; Sweeney, Peter F.; Whaley, John, Method for characterizing program execution by periodic call stack inspection.
Horning, James J.; Sibert, W. Olin; Tarjan, Robert E.; Maheshwari, Umesh; Horne, William G.; Wright, Andrew K.; Matheson, Lesley R.; Owicki, Susan, Software self-defense systems and methods.
Kobus ; Jr. Paul (Phoenix AZ), Software usage authorization system with key for decrypting/re-encrypting/re-transmitting moving target security codes f.
Van Wie David M. ; Weber Robert P., Steganographic techniques for securely delivering electronic digital rights management control information over insecure.
David M. Van Wie ; Robert P. Weber, Steganographic techniques for securely delivering electronic digital rights management control information over insecure communication channels.
Van Wie David M. ; Weber Robert P., Steganographic techniques for securely delivering electronic digital rights management control information over insecure communication channels.
Van Wie, David M.; Weber, Robert P., Steganographic techniques for securely delivering electronic digital rights management control information over insecure communication channels.
Manferdelli,John L.; Marr,Michael David; Krishnaswamy,Vinay; Jakubowski,Mariusz H., System and method for interfacing a software process to secure repositories.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., System and methods for secure transaction management and electronic rights protection.
Stefik Mark J. (Woodside CA) Bobrow Daniel G. (Palo Alto CA) Pirolli Peter L. T. (El Cerrito CA), System for controlling the distribution and use of composite digital works.
Stefik Mark J. (Woodside CA) Merkle Ralph C. (Sunnyvale CA) Pirolli Peter L. T. (El Cerrito CA), System for controlling the distribution and use of digital works having a fee reporting mechanism.
Shear Victor H. ; Van Wie David M. ; Weber Robert P., Systems and methods for matching, selecting, narrowcasting, and/or classifying based on rights management and/or other information.
Ginter Karl L. ; Shear Victor H. ; Sibert W. Olin ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for secure transaction management and electronic rights protection.
Ginter, Karl L.; Shear, Victor H.; Spahn, Francis J.; Van Wie, David M., Systems and methods for secure transaction management and electronic rights protection.
Karl L. Ginter ; Victor H. Shear ; Francis J. Spahn ; David M. Van Wie, Systems and methods for secure transaction management and electronic rights protection.
Karl L. Ginter ; Victor H. Shear ; Francis J. Spahn ; David M. Van Wie, Systems and methods for secure transaction management and electronic rights protection.
Karl L. Ginter ; Victor H. Shear ; Francis J. Spahn ; David M. Van Wie, Systems and methods for secure transaction management and electronic rights protection.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M., Systems and methods for the secure transaction management and electronic rights protection.
Venkatesan, Ramarathnam; Vazirani, Vijay, Technique for producing, through watermarking, highly tamper-resistant executable code and resulting “watermarked” code so formed.
Hall Edwin J. ; Shear Victor H. ; Tomasello Luke S. ; Van Wie David M. ; Weber Robert P. ; Worsencroft Kim ; Xu Xuejun, Techniques for defining using and manipulating rights management data structures.
Hall Edwin J. ; Shear Victor H. ; Tomasello Luke S. ; Van Wie David M. ; Weber Robert P. ; Worsencroft Kim ; Xu Xuejun, Techniques for defining, using and manipulating rights management data structures.
Ginter Karl L. ; Shear Victor H. ; Spahn Francis J. ; Van Wie David M. ; Weber Robert P., Trusted and secure techniques, systems and methods for item delivery and execution.
Ginter, Karl L.; Shear, Victor H.; Spahn, Francis J.; Van Wie, David M.; Weber, Robert P., Trusted infrastructure support system, methods and techniques for secure electronic commerce transaction and rights management.
※ AI-Helper는 부적절한 답변을 할 수 있습니다.