[go: up one dir, main page]

WO2002021243A3 - Software secure authenticated channel - Google Patents

Software secure authenticated channel Download PDF

Info

Publication number
WO2002021243A3
WO2002021243A3 PCT/GB2001/003962 GB0103962W WO0221243A3 WO 2002021243 A3 WO2002021243 A3 WO 2002021243A3 GB 0103962 W GB0103962 W GB 0103962W WO 0221243 A3 WO0221243 A3 WO 0221243A3
Authority
WO
WIPO (PCT)
Prior art keywords
module
modules
protected area
manufacturers
addresses
Prior art date
Application number
PCT/GB2001/003962
Other languages
French (fr)
Other versions
WO2002021243A2 (en
Inventor
Jeffrey Lotspiech
Stefan Nusser
Original Assignee
Ibm
Ibm Uk
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Ibm, Ibm Uk filed Critical Ibm
Priority to KR1020037003480A priority Critical patent/KR100561497B1/en
Priority to JP2002524793A priority patent/JP2004509392A/en
Priority to AU2001284259A priority patent/AU2001284259A1/en
Priority to EP01963228A priority patent/EP1368737A2/en
Publication of WO2002021243A2 publication Critical patent/WO2002021243A2/en
Publication of WO2002021243A3 publication Critical patent/WO2002021243A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F15/00Digital computers in general; Data processing equipment in general
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/44Program or device authentication
    • G06F21/445Program or device authentication by mutual authentication, e.g. between devices or programs

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)
  • Circuits Of Receivers In General (AREA)
  • Stereophonic System (AREA)
  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)

Abstract

Software manufacturers examine their module and determine a range of addresses in memory which the module occupies. A protected range of addresses in memory is predefined to not allow changes, such as patching by hackers. Each manufacturer delivers the range of addresses describing the protected area and a known good version of their module to other manufacturers that they want to interoperate with. The other manufacturers return digital signatures on the protected area, and these digital signatures are stored in the first manufacturer's module. Correspondingly, the other manufacturers do the same with their own modules. Then, in order to effect a secure communication channel between two modules the modules first pass each other the signatures previously produced. Then, to ensure that communication is being effected with an authentic authorized module, through the use of the signature and the address ranges in the protected area, each module checks that the other module has not been patched. They each further verify that all the entry points in the other module they intend to call are in fact within the protected area. In the event that both modules are verified as being trustworthy, the modules now call each other freely. However, each module, when it is called must verify that it was called from within the protected area of the other module.
PCT/GB2001/003962 2000-09-08 2001-09-05 Software secure authenticated channel WO2002021243A2 (en)

Priority Applications (4)

Application Number Priority Date Filing Date Title
KR1020037003480A KR100561497B1 (en) 2000-09-08 2001-09-05 Software Security Certification Path
JP2002524793A JP2004509392A (en) 2000-09-08 2001-09-05 Software Secure Authenticated Channel
AU2001284259A AU2001284259A1 (en) 2000-09-08 2001-09-05 Software secure authenticated channel
EP01963228A EP1368737A2 (en) 2000-09-08 2001-09-05 Software secure authenticated channel

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US65821800A 2000-09-08 2000-09-08
US09/658,218 2000-09-08

Publications (2)

Publication Number Publication Date
WO2002021243A2 WO2002021243A2 (en) 2002-03-14
WO2002021243A3 true WO2002021243A3 (en) 2003-10-09

Family

ID=24640397

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/GB2001/003962 WO2002021243A2 (en) 2000-09-08 2001-09-05 Software secure authenticated channel

Country Status (6)

Country Link
EP (1) EP1368737A2 (en)
JP (1) JP2004509392A (en)
KR (1) KR100561497B1 (en)
CN (1) CN1516836A (en)
AU (1) AU2001284259A1 (en)
WO (1) WO2002021243A2 (en)

Families Citing this family (18)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100474285C (en) * 2002-12-20 2009-04-01 高通股份有限公司 Method and apparatus for automatically processing components on a device
FR2856815B1 (en) * 2003-06-24 2005-09-16 Omega Technology Ltd METHOD FOR AUTHENTICATING DATA CONTAINED IN A MEMORY OBJECT
US7328340B2 (en) * 2003-06-27 2008-02-05 Intel Corporation Methods and apparatus to provide secure firmware storage and service access
JP4728619B2 (en) * 2004-10-01 2011-07-20 富士通株式会社 Software falsification detection device, falsification prevention device, falsification detection method and falsification prevention method
CN100489728C (en) * 2004-12-02 2009-05-20 联想(北京)有限公司 Method for establishing trustable operational environment in a computer
US20060195689A1 (en) * 2005-02-28 2006-08-31 Carsten Blecken Authenticated and confidential communication between software components executing in un-trusted environments
JP2006260239A (en) * 2005-03-17 2006-09-28 Murata Mach Ltd Document management device and program
EP1877947A4 (en) 2005-05-05 2009-11-25 Certicom Corp Retrofitting authentication onto firmware
JP4844102B2 (en) * 2005-11-30 2011-12-28 富士ゼロックス株式会社 Subprogram and information processing apparatus for executing the subprogram
US7900046B2 (en) * 2006-01-11 2011-03-01 International Business Machines Corporation System and method for establishing mutual trust on a per-deployment basis between two software modules
JP4814319B2 (en) * 2006-04-24 2011-11-16 パナソニック株式会社 Data processing apparatus, method, program, integrated circuit, program generation apparatus
JP4822544B2 (en) * 2006-04-26 2011-11-24 株式会社リコー Image forming apparatus capable of managing a plurality of module configuration information
US7877602B2 (en) * 2007-07-27 2011-01-25 International Business Machines Corporation Transparent aware data transformation at file system level for efficient encryption and integrity validation of network files
JP5177205B2 (en) * 2010-10-29 2013-04-03 富士通株式会社 Software falsification preventing apparatus and falsification preventing method
JP5177206B2 (en) * 2010-10-29 2013-04-03 富士通株式会社 Software falsification detection device and falsification detection method
US10616197B2 (en) * 2016-04-18 2020-04-07 Atmel Corporation Message authentication with secure code verification
DE102017219188A1 (en) * 2017-10-26 2019-05-02 Robert Bosch Gmbh A method for updating software components of a network participant of a network
JP7713148B2 (en) * 2022-02-22 2025-07-25 Ntt株式会社 Authentication system, authentication method, and authentication program

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0770957A2 (en) * 1995-10-26 1997-05-02 Sun Microsystems, Inc. System and method for protecting use of dynamically linked executable modules
US6105137A (en) * 1998-07-02 2000-08-15 Intel Corporation Method and apparatus for integrity verification, authentication, and secure linkage of software modules

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0770957A2 (en) * 1995-10-26 1997-05-02 Sun Microsystems, Inc. System and method for protecting use of dynamically linked executable modules
US6105137A (en) * 1998-07-02 2000-08-15 Intel Corporation Method and apparatus for integrity verification, authentication, and secure linkage of software modules

Also Published As

Publication number Publication date
AU2001284259A1 (en) 2002-03-22
KR20030029957A (en) 2003-04-16
CN1516836A (en) 2004-07-28
WO2002021243A2 (en) 2002-03-14
KR100561497B1 (en) 2006-03-17
EP1368737A2 (en) 2003-12-10
JP2004509392A (en) 2004-03-25

Similar Documents

Publication Publication Date Title
WO2002021243A3 (en) Software secure authenticated channel
US8122244B2 (en) Secure management of configuration parameters in a computing platform
US9501652B2 (en) Validating sensitive data from an application processor to modem processor
EP2484564B1 (en) Method and apparatus for vehicle security
US20040025027A1 (en) Secure protection method for access to protected resources in a processor
KR100786189B1 (en) Reinforcement of authentication protocol
US20050210287A1 (en) Secure mode controlled memory
US20070050622A1 (en) Method, system and apparatus for prevention of flash IC replacement hacking attack
EP2078272A1 (en) Protecting secret information in a programmed electronic device
JP2001500293A (en) Electronic memory tampering prevention system
CN102413221A (en) Method for protecting privacy information and mobile terminal
WO2001010076A3 (en) Systems and methods for protecting secure and insecure computing environments using cryptography
CN110908357B (en) Security vulnerability detection method and device, storage medium and intelligent device
WO2007096871A3 (en) Device, system and method of accessing a security token
CN102420902A (en) Method for classification management over right of using functions and mobile terminal
Ammar et al. Securing the on-board diagnostics port (obd-ii) in vehicles
Kim et al. ShadowAuth: Backward-compatible automatic CAN authentication for legacy ECUs
US6253073B1 (en) Radio telephone hand set network restriction
Spaan et al. Secure updates in automotive systems
CN113709914A (en) Network distribution method of Mesh network, server, Mesh device and storage medium
US20170374063A1 (en) Introducing an Identity into a Secure Element
EP3506559A1 (en) Method, first device, second device and system for authenticating a first device to a second device
US20070234407A1 (en) Method for Authenticating a Communications Unit Using a Permanently Programmed Secret Codeword
KR970031533A (en) Mobile terminal authentication method using password
EP4300885A1 (en) Secure element, trusted authority, device, key management server, backend, method and computer program

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PH PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 2001963228

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 2002524793

Country of ref document: JP

WWE Wipo information: entry into national phase

Ref document number: 1020037003480

Country of ref document: KR

WWE Wipo information: entry into national phase

Ref document number: 2001284259

Country of ref document: AU

Ref document number: 018154034

Country of ref document: CN

WWP Wipo information: published in national office

Ref document number: 1020037003480

Country of ref document: KR

REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

WWP Wipo information: published in national office

Ref document number: 2001963228

Country of ref document: EP

WWR Wipo information: refused in national office

Ref document number: 2001963228

Country of ref document: EP

WWG Wipo information: grant in national office

Ref document number: 1020037003480

Country of ref document: KR

WWW Wipo information: withdrawn in national office

Ref document number: 2001963228

Country of ref document: EP