| 发明名称 | Updating software components in a program | ||
| 摘要 | A method and system for renewing software at the component-level is provided. A client program includes a base component for loading a software component into at least one loadable region of the program to update the program. Code in the software component is for writing state data associating the state of the update in storage, upon execution of the software component, and testing the state data to verify condition of the updated program and disallowing rollback and roll-forward attacks, the state data comprising hash chain values. The state data for verifying the correctness of the updated program is entangled with application data used for the program functionality. A server includes: an update pool having a plurality of software updates deployed in each client, and a policy control for monitoring and controlling at least one of: the length of time the client runs until the software update is invoked, a chain of the updates; and the granularity of the update. | ||
| 申请公布号 | US9588756(B2) | 申请公布日期 | 2017.03.07 |
| 申请号 | US201214387215 | 申请日期 | 2012.03.22 |
| 申请人 | Irdeto B.V. | 发明人 | Liem Clifford;Dong Hongrui;Martin Sam;Gu Yuan Xiang;Weiner Michael |
| 分类号 | G06F9/44;G06F9/445;G06F21/57 | 主分类号 | G06F9/44 |
| 代理机构 | Reed Smith LLP | 代理人 | Kaufman Marc S.;Grewal Amardeep S.;Reed Smith LLP |
| 主权项 | 1. A method executed by one or more computing devices for software renewal, comprising: loading, by at least one of the one or more computing devices, a software component into at least one loadable region of a program by a base component in the program to update the program, wherein the software component is dynamically swapped at run-time of the program in accordance with an update schedule; writing, by at least one of the one or more computing devices, state data encoding the state of the updated program in a storage upon execution of the software component, wherein the state data comprises a sequence of values corresponding to a sequence of updates applied to the program; entangling, by at least one of the one or more computing devices, the state data with application data corresponding to a functionality of the program; testing, by at least one of the one or more computing devices, the state data to verify a condition of the updated program by comparing one or more values in the sequence of values with one or more values in a predetermined sequence of values corresponding to a correct sequence of updates for the program; and detecting, by at least one of the one or more computing devices, one or more of: a roll-back condition or a roll-forward condition based on the testing. | ||
| 地址 | Hoofddorp NL | ||