| 发明名称 |
Support for trusted software distribution |
| 摘要 |
A form of authentication is provided wherein a trusted third party signs a certificate to identify the author of a program and to secure its integrity. The program code is encapsulated or otherwise associated with the certificate and an access control list (ACL). The access control list describes the permissions and resources required by the code. An enforcement mechanism which allocates system permissions and resources in accordance with the ACL. In a preferred embodiment, a code production system communicates with a certification agency, which is a trusted third party. The certification agency issues a certificate for the code and a certificate for the access list of that code. Once the certificate is issued it is not possible for any party to modify the code or access list without invalidating the certificate. The code and its ACL, along with their certificates are stored on a server. A client downloading the code or access list can verify the integrity of the code/access list and the system can enforce the access list such that the permissions and resources are not exceeded. <IMAGE>
|
| 申请公布号 |
EP0813132(A2) |
申请公布日期 |
1997.12.17 |
| 申请号 |
EP19970303443 |
申请日期 |
1997.05.20 |
| 申请人 |
INTERNATIONAL BUSINESS MACHINES CORPORATION |
发明人 |
DAN, ASIT;RAMASWAMI, RAJIV;SITARAM, DINKAR |
| 分类号 |
G06F12/14;G06F1/00;G06F9/445;G06F21/00;G06F21/22;G06F21/24;H04L9/32;H04L29/06;(IPC1-7):G06F1/00;G06F9/46 |
主分类号 |
G06F12/14 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
|
| 地址 |
|
