WO2002044850A3 - System and method for securing an application for execution on a computer - Google Patents

System and method for securing an application for execution on a computer Download PDF

Info

Publication number
WO2002044850A3
WO2002044850A3 PCT/US2001/044531 US0144531W WO0244850A3 WO 2002044850 A3 WO2002044850 A3 WO 2002044850A3 US 0144531 W US0144531 W US 0144531W WO 0244850 A3 WO0244850 A3 WO 0244850A3
Authority
WO
WIPO (PCT)
Prior art keywords
application
computer
interception module
securing
execution
Prior art date
Application number
PCT/US2001/044531
Other languages
French (fr)
Other versions
WO2002044850A8 (en
WO2002044850A2 (en
Inventor
Andrew Chien
Brad Calder
Ju Wang
Steve Pujia
Ying-Hung Chen
Shawn Marlin
Kang Su Gatlin
Original Assignee
Entropia Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US09/727,107 external-priority patent/US20020092003A1/en
Priority claimed from US09/727,295 external-priority patent/US20020065876A1/en
Priority claimed from US09/727,305 external-priority patent/US20020066022A1/en
Priority claimed from US09/727,105 external-priority patent/US20020066021A1/en
Priority claimed from US09/727,395 external-priority patent/US20020065776A1/en
Priority claimed from US09/727,108 external-priority patent/US20020065874A1/en
Priority claimed from US09/727,106 external-priority patent/US20020065945A1/en
Priority claimed from US09/727,294 external-priority patent/US20020065869A1/en
Priority to AU2002230508A priority Critical patent/AU2002230508A1/en
Application filed by Entropia Inc filed Critical Entropia Inc
Publication of WO2002044850A2 publication Critical patent/WO2002044850A2/en
Publication of WO2002044850A3 publication Critical patent/WO2002044850A3/en
Publication of WO2002044850A8 publication Critical patent/WO2002044850A8/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/121Restricting unauthorised execution of programs
    • G06F21/125Restricting unauthorised execution of programs by manipulating the program code, e.g. source code, compiled code, interpreted code, machine code
    • G06F21/126Interacting with the operating system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/54Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/30Definitions, standards or architectural aspects of layered protocol stacks
    • H04L69/32Architecture of open systems interconnection [OSI] 7-layer type protocol stacks, e.g. the interfaces between the data link level and the physical level
    • H04L69/322Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions
    • H04L69/329Intralayer communication protocols among peer entities or protocol data unit [PDU] definitions in the application layer [OSI layer 7]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Data Mining & Analysis (AREA)
  • Databases & Information Systems (AREA)
  • Storage Device Security (AREA)

Abstract

A system for securing an application (405) for execution in a computer (140). In one embodiment, a preprocessor module (110) modifies an application binary (405) such that the application (405) invokes an interception module (415) in response to invoking certain system calls. The interception module (415) prevents the application from adversely affecting the operating of a computer that is executing the application. Furthermore, the interception module (415) protects the contents of the application from improper access by a user of the computer (140). For example, in one embodiment, the interception module (415) transparently encrypts all files that are used by the application such that a user of the computer cannot improperly access these files.
PCT/US2001/044531 2000-11-29 2001-11-29 System and method for securing an application for execution on a computer WO2002044850A2 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2002230508A AU2002230508A1 (en) 2000-11-29 2001-11-29 System and method for securing an application for execution on a computer

Applications Claiming Priority (16)

Application Number Priority Date Filing Date Title
US09/727,295 US20020065876A1 (en) 2000-11-29 2000-11-29 Method and process for the virtualization of system databases and stored information
US09/727,305 2000-11-29
US09/727,295 2000-11-29
US09/727,305 US20020066022A1 (en) 2000-11-29 2000-11-29 System and method for securing an application for execution on a computer
US09/727,105 2000-11-29
US09/727,107 2000-11-29
US09/727,105 US20020066021A1 (en) 2000-11-29 2000-11-29 Method and process for securing an application program to execute in a remote environment
US09/727,106 2000-11-29
US09/727,395 US20020065776A1 (en) 2000-11-29 2000-11-29 Method and process for virtualizing file system interfaces
US09/727,107 US20020092003A1 (en) 2000-11-29 2000-11-29 Method and process for the rewriting of binaries to intercept system calls in a secure execution environment
US09/727,108 US20020065874A1 (en) 2000-11-29 2000-11-29 Method and process for virtualizing network interfaces
US09/727,106 US20020065945A1 (en) 2000-11-29 2000-11-29 System and method for communicating and controlling the behavior of an application executing on a computer
US09/727,395 2000-11-29
US09/727,294 2000-11-29
US09/727,294 US20020065869A1 (en) 2000-11-29 2000-11-29 Method and process for virtualizing user interfaces
US09/727,108 2000-11-29

Publications (3)

Publication Number Publication Date
WO2002044850A2 WO2002044850A2 (en) 2002-06-06
WO2002044850A3 true WO2002044850A3 (en) 2002-08-15
WO2002044850A8 WO2002044850A8 (en) 2003-11-20

Family

ID=27575512

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2001/044531 WO2002044850A2 (en) 2000-11-29 2001-11-29 System and method for securing an application for execution on a computer

Country Status (2)

Country Link
AU (1) AU2002230508A1 (en)
WO (1) WO2002044850A2 (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB201708340D0 (en) * 2017-05-24 2017-07-05 Petagene Ltd Data processing system and method
US11263316B2 (en) * 2019-08-20 2022-03-01 Irdeto B.V. Securing software routines
US20210281548A1 (en) * 2020-02-27 2021-09-09 Virtru Corporation Methods and systems for securing containerized applications
CN112468611B (en) * 2020-11-27 2023-04-21 深圳市欢太科技有限公司 Application program starting method, terminal equipment and computer storage medium
CN114124880B (en) * 2021-11-29 2023-07-18 北京天融信网络安全技术有限公司 Secret communication method and device based on public cloud, computer equipment and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5586260A (en) * 1993-02-12 1996-12-17 Digital Equipment Corporation Method and apparatus for authenticating a client to a server in computer systems which support different security mechanisms
US6029246A (en) * 1997-03-31 2000-02-22 Symantec Corporation Network distributed system for updating locally secured objects in client machines
US6295607B1 (en) * 1998-04-06 2001-09-25 Bindview Development Corporation System and method for security control in a data processing system
US6314458B1 (en) * 1998-04-15 2001-11-06 Hewlett-Packard Company Apparatus and method for communication between multiple browsers

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5586260A (en) * 1993-02-12 1996-12-17 Digital Equipment Corporation Method and apparatus for authenticating a client to a server in computer systems which support different security mechanisms
US6029246A (en) * 1997-03-31 2000-02-22 Symantec Corporation Network distributed system for updating locally secured objects in client machines
US6295607B1 (en) * 1998-04-06 2001-09-25 Bindview Development Corporation System and method for security control in a data processing system
US6314458B1 (en) * 1998-04-15 2001-11-06 Hewlett-Packard Company Apparatus and method for communication between multiple browsers

Also Published As

Publication number Publication date
WO2002044850A8 (en) 2003-11-20
WO2002044850A2 (en) 2002-06-06
AU2002230508A1 (en) 2002-06-11

Similar Documents

Publication Publication Date Title
WO2000068816A3 (en) Method for migrating from one computer to another
EP2831790B1 (en) Secured execution of a web application
WO2003038545A3 (en) Dynamic allocation of processing tasks using variable performance hardware platforms
AU7791794A (en) Application programming interface system and technique
MY139962A (en) Identity-based distributed computing for device resources
IL157542A0 (en) System and method for restoring computer systems damaged by a malicious computer program
WO2001086442A3 (en) Communication handling in integrated modular avionics
TW345649B (en) Method for executing different sets of instructions that cause a processor to perform different data type operations
KR970024763A (en) Method and apparatus for handling various protocol method calls of subscriber / server system
WO2004019204A3 (en) Processing application data
WO1998040805A3 (en) Method of synchronizing independently distributed software and database schema
WO2001082075A3 (en) System and method for scheduling execution of cross-platform computer processes
WO2002051099A3 (en) Method and system to accelerate cryptographic functions for secure e-commerce applications using cpu and dsp to calculate the cryptographic functions
WO2004040442A3 (en) Creating software applications
US20040123308A1 (en) Hybird of implicit and explicit linkage of windows dynamic link labraries
WO2002044850A8 (en) System and method for securing an application for execution on a computer
WO2002057971A3 (en) Arrangement, facilitating device, first user device and method
WO2002006951A3 (en) Computer software installation
GB2316782A (en) Communication device sharing on a local area network
US6829575B2 (en) Enterprise javabeans container
WO2000072112A3 (en) Obfuscation of executable code
WO2004012029A3 (en) Restricting access to a method in a component
WO2004074989A3 (en) Electronic document active content assurance
WO2002033572A3 (en) Method and apparatus for passing information between applications on a computer system
MXPA03010975A (en) A mobile communications device application processing system.

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ CZ DE DE DK DK DM DZ EC EE EE ES FI FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SD SE SG SI SK SK SL TJ TM TR TT TZ UA UG UZ VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
121 Ep: the epo has been informed by wipo that ep was designated in this application
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

CFP Corrected version of a pamphlet front page
CR1 Correction of entry in section i

Free format text: IN PCT GAZETTE 23/2002 DUE TO A TECHNICAL PROBLEM AT THE TIME OF INTERNATIONAL PUBLICATION, SOME INFORMATION WAS MISSING (81). THE MISSING INFORMATION NOW APPEARS IN THE CORRECTED VERSION

Free format text: IN PCT GAZETTE 23/2002 DUE TO A TECHNICAL PROBLEM AT THE TIME OF INTERNATIONAL PUBLICATION, SOME INFORMATION WAS MISSING (81). THE MISSING INFORMATION NOW APPEARS IN THE CORRECTED VERSION

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP