发明名称 |
SOFTWARE RUN-TIME PROVENANCE |
摘要 |
<p>An executing first computing module verifies the run-time provenance of an unverified second computing module. A signed certificate identifying an author of the second computing module is received at the first computing module. An association between the signed certificate and the second computing module is verified. A first provenance certificate and associated private key signed by the first computing module and identifying a runtime provenance of the second computing module is then generated, and the first provenance certificate is published to the second computing module. A chain of signed certificates, including provenance certificates and a static identification certificates, can be published. Each provenance certificate in the chain verifies the integrity of a layer of execution, and the plurality of static identification certificates identifies a respective author of the computing module associated with each layer of software. The provenance of the second computing module can be recursively traced through the published chain of certificates.</p> |
申请公布号 |
WO2013015910(A1) |
申请公布日期 |
2013.01.31 |
申请号 |
WO2012US43064 |
申请日期 |
2012.06.19 |
申请人 |
ALCATEL LUCENT;MC LELLAN, HUBERT, R.;KOLESNIKOV, VLADIMIR |
发明人 |
MC LELLAN, HUBERT, R.;KOLESNIKOV, VLADIMIR |
分类号 |
G06F21/00 |
主分类号 |
G06F21/00 |
代理机构 |
|
代理人 |
|
主权项 |
|
地址 |
|