[go: up one dir, main page]

WO2011162591A1 - System and method for verifying and executing software applications from a trusted server linked to a service provider server - Google Patents

System and method for verifying and executing software applications from a trusted server linked to a service provider server Download PDF

Info

Publication number
WO2011162591A1
WO2011162591A1 PCT/MY2010/000277 MY2010000277W WO2011162591A1 WO 2011162591 A1 WO2011162591 A1 WO 2011162591A1 MY 2010000277 W MY2010000277 W MY 2010000277W WO 2011162591 A1 WO2011162591 A1 WO 2011162591A1
Authority
WO
WIPO (PCT)
Prior art keywords
server
service provider
trusted server
software application
trusted
Prior art date
Application number
PCT/MY2010/000277
Other languages
French (fr)
Inventor
Ahmad Abdu Muthana Abdulrahman
Mahmod Ramlan
Abd Manan Jamalul-Lail
Original Assignee
Mimos Bhd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mimos Bhd. filed Critical Mimos Bhd.
Publication of WO2011162591A1 publication Critical patent/WO2011162591A1/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/305Authentication, i.e. establishing the identity or authorisation of security principals by remotely controlling device operation
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2153Using hardware token as a secondary aspect
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/105Multiple levels of security

Definitions

  • the present invention relates to system and method that allow a computer to access software applications stored in a remote server, and more particularly, to system and method that allow clients to access and execute software applications stored at a server site via a trusted third party.
  • the Internet is a global system of interconnected computer networks, such as local area networks (LAN), wide area networks (WAN), and virtual private networks (VPN) formed into a single global network.
  • LAN local area networks
  • WAN wide area networks
  • VPN virtual private networks
  • a computer user by using the Internet, is able to interactively communicate with users located in different countries.
  • a computer user resides in one particular country can access files stored in a server located in another country. For example, a user in Malaysia is able to access and download a document file from a university in U.S.
  • the Internet acts like a universal library by providing electronic access to resources and information throughout the world.
  • a user is able to view information or download files from the Internet, the user lacks a suitable system for providing the user to remotely execute software applications through the Internet.
  • One advantage of providing such system is to prevent the user's computer from being attacked, as it is not required for the user to download any files or executable software applications from the Internet.
  • Another advantage of providing such system is the improvement in efficiency, as the system can be implemented via a relatively slow network given that only data related to the software application are sent via the Internet.
  • it is another advantage of providing such system in which it can be implemented even if the user's computer is low in performance, as the software application is not required to run on the user's computer.
  • the object of the present invention is to provide a system for verifying and executing software application from a trusted third party server.
  • the trusted server provides security analysis mechanisms, such as a language-based security mechanism to verify the security level of a software application or service based on predefined security policies and provides an environment for executing the software application in the trusted server.
  • the system for verifying and executing software application from a remote server comprises of a server located at the service provider site, hereinafter refer to as “service provider server”, another server located at the trusted third party site, hereinafter refer to as “trusted server”, for connection to the service provider server, and a remote user terminal, hereinafter refer to as “client system”, for connection to the trusted server.
  • the client system comprises of preferably but not limited to any devices that are capable of establishing a network connection, such as desktop computers, laptop computers, personal digital assistants (PDA), and cellular devices.
  • the service provider server having means for storing at least one software application, means for duplicating a mirror copy of the software application, means for transmitting the image copy of the software application upon receiving a remote access request, and means for transmitting a proof-carrying result (PCR) value upon receiving a PCR request from the trusted server;
  • the trusted server having means for establishing a trustworthy connection link between the trusted server and service provider server, means for receiving a verification request from the client system, a verification agent for verifying security properties of the software application, means for requesting input data from the client system, means for requesting the image copy of the software application from the service provider server, means for executing the software application using the input data, means for obtaining an output data from the executed software application, means for transmitting the output data to the client system, and an internal database for storing a list of available service provider server;
  • the client system having means for transmitting user access request to the trusted server, means for transmitting input data to the trusted server upon receiving a request from the same, and means for receiving the output data from the
  • the trustworthy connection link between the trusted server and service provider server further comprises of using Trusted Platform Module (TPM) to evaluate the trustworthiness of the service provider server and deciding whether or not to establish the connection link.
  • TPM Trusted Platform Module
  • the trusted server further comprises of verifying and executing a plurality of software applications from a plurality of service provider servers simultaneously.
  • the network connection between the trusted server and service provider server, and client system and trusted server are established via preferably but not limited to the Local Area Network (LAN), Wide Area Network (WAN), Virtual Private Network (VPN), and Internet.
  • LAN Local Area Network
  • WAN Wide Area Network
  • VPN Virtual Private Network
  • Internet preferably but not limited to the Internet.
  • the client system further comprises of an optional verification means for verifying the security properties of the software application.
  • Another object of the present invention is to provide a method for verifying and executing software application from a trusted third party server.
  • the trusted server provides the end-user (client) to use a software application or a service on a remote platform.
  • the trusted server provides security analysis to verify the security level of the software application and an environment for executing the software application in the trusted server host machine.
  • the method for verifying and executing software application from a remote server comprises of transmitting a verification request to a trusted server by the client system, requesting proof-carrying result (PCR) values from the service provider server by the trusted server, transmitting the PCR values to the trusted server by the service provider server, evaluating the trustworthiness of the service provider server using the PCR values by the trusted server, forwarding the verification request to the service provider server by the trusted server, duplicating at least an image copy of the software application by the service provider, transmitting at least an image copy of the software application to the trusted server, verifying the security properties of the software application by the trusted server, transmitting a signed acknowledgement to the client system and requesting the input data for software application execution by the trusted server, transmitting the input data to the trusted server by the client system, executing the mirror copy of the software application using the input data in the trusted server, and transmitting the output data obtained from executing the mirror copy of the software application to the client system by the trusted server.
  • PCR proof-carrying result
  • the PCR values are evaluated using the verification agent in the trusted system. Furthermore, the security properties of the software application are verified by comparing the security properties with a set of pre-defined security policy defined by the trusted server or the client system.
  • the verification request further comprises of providing the trusted server with an identity (ID) of the service provider server by the client system.
  • ID an identity of the service provider server by the client system.
  • the verification request further comprises of providing at least a set of predefined security policy for verifying the security properties of the software application.
  • the trusted server further comprises of generating at least a verification certificate and forward said certificate to the client system.
  • the client system further comprises of verifying the verification certificate using the verification means.
  • the trusted server further comprises of searching the internal database for determining a suitable service provider server for software application execution.
  • Figure 1 is a block diagram of a system in accordance with the present invention
  • Figure 2 is a block diagram of a service provider server in accordance with the system of the present invention
  • FIG. 3 is a block diagram of a trusted server in accordance with the system of the present invention.
  • Figure 4 is a block diagram of a client system in accordance with the system of the present invention
  • Figure 5 is a data flow diagram for the system shown in Figure 1 in accordance with an embodiment of the present invention
  • FIG. 6 is a data flow diagram for the system shown in Figure 1 in accordance with another embodiment of the present invention.
  • FIG 7 is a data flow diagram for the system shown in Figure 1 in accordance with yet another embodiment of the present invention.
  • Figure 8 is a data flow diagram for the system shown in Figure 1 in accordance with still yet another embodiment of the present invention.
  • the system (100) comprises a service provider server (200) having at least one software application (210), a trusted server (300) having a network connection (500) with the service provider server (200), and a client system (400) having a network connection (500) with the trusted server (300).
  • the network connection (500) comprises of preferably but not limited to Local Area Network (LAN), Wide Area Network (WAN), Virtual Private Network (VPN), and the Internet.
  • the software applications (210) are stored in a media storage (220) having a direct connection to the service provider server (200).
  • the media storage (220) comprises of any computer storage means, such as an internal hard disk, external hard disk, and USB thumb drive.
  • a processing means (230), such as a CPU or a microcontroller unit having a built-in trusted platform module (TPM) chip is connected to the media storage (220) for creating a duplicate image copy of the required software application (210) and transfer the same to a network adapter (240).
  • TPM trusted platform module
  • the image copy of the software application (210) is then forwarded to the trusted server (300) via the network adapter (240), which is having a direct connection to the network (500).
  • the built-in TPM chip will not be further described in this specification, as it is a common knowledge for a person having ordinary skill in the art of computer security.
  • a processing means (330) such as a CPU or a microcontroller unit for executing the image copy of the software application (210) to obtain an output data.
  • the processing means (330) further comprises of a verification agent (350) for verifying the security level of the software application (210).
  • the verification agent (350) is a software-based verification program stored in the processing means (330), e.g. a verification firmware stored in the BIOS of the processing means.
  • a network adapter (320) having direct connection to the network (500) and secured network (510) is connected to the processing means (330).
  • the network adapter (320) further comprises of a TPM verification module (310) for verifying the trusted level of the service provider server (200). If the TPM of the service provider server (200) satisfies the pre-defined trusted level, the secured network (510) will be established between the service provider server (200) and the trusted server (300); otherwise no network connection will be established between the two parties (200, 300).
  • the trusted server (300) further comprises of an internal database (340) for storing a list of trusted service provider servers (200). Also, the trusted server (300) is able to verify and execute a plurality of software applications (210) from a plurality of service provider servers (200) simultaneously.
  • An input data (440) required for executing the software application (210) is stored in a media storage (430) having a direct connection to the client system (400).
  • the media storage (430) comprises of any computer storage means, such as an internal hard disk, external hard disk, USB thumb drive, and any of the market available memory cards.
  • a processing means (420), such as a CPU or a microcontroller unit is connected to the media storage (430) for retrieving the input data (440) required to execute the software application (210) and transfer to a network adapter (410).
  • the input data (440) is then forwarded to the trusted server (300) via the network adapter (410), which is having a direct connection to the network (500).
  • the client system (400) comprises of preferably but not limited to personal computers, laptop computers, personal digital assistants (PDA), and cellular devices. Furthermore, the client system (400) further comprises of verification means for verifying the security level of the software application (210). In another word, the security level of the software application (210) can be optionally verified by the client system (400) for the second time. Referring to figure 5, a preferred embodiment of a method for verifying and executing a software application (210) from a trusted server (300) linked to a service provider server (200) is provided.
  • the client system (400) having the input data (440) sends the trusted server (300) a user access request.
  • the trusted server (300) sends a request for PCR values to the service provider server (200).
  • the service provider server (200) returns the trusted server (300) with the PCR values for evaluating the trustworthy level of the service provider server (200).
  • the trusted server (300) evaluates the trustworthy level of the service provider server (200) by using the verification agent (310).
  • the trusted server (300) forwards the user access request to the service provider server (200) requesting an image copy of the required software application (210).
  • the service provider server (200) duplicates and image copy of the software application (210) and transmits the same to the trusted server (300).
  • the trusted server (300) verifies the security properties of the software application (210) through checking the application code by means of language-based security technique.
  • the language-based security technique will not be further described in this specification, as it is a common knowledge for a person having ordinary skill in the art of computer security.
  • the trusted server (300) transmits a signed acknowledgement to the client system (400) informing the user that the software application (210) is safe to use and requests a copy of the input data (440) for software application (210) execution from the client system (400).
  • the client system (400) forwards a copy of the input data (440) to the trusted server (300).
  • the trusted server (300) executes the software application (210) by inputting the input data (440).
  • the trusted server (300) upon completion of the software application execution process, the trusted server (300) returns to the client system (400) with a copy of output data obtained from the execution process.
  • the user access request from the client system (400) comprises of the identification (ID) of the service provider server (200) and information of the software application (210) of user's interest. Furthermore, the client system (400) further comprises of verifying the trustworthiness of the signed acknowledgement from the trusted server (300) by using the verification means (450). Referring to figure 6, another preferred embodiment of the method for verifying and executing a software application (210) from a trusted server (300) linked to a service provider server (200) is provided. In this embodiment, at step 640, the user access request from the client system (400) further comprises of providing the trusted server (300) a user pre-defined security policy for verifying the security level of the software application (210).
  • the security level of the software application (210) is verified in accordance with the user pre-defined security policy at step 612.
  • the trusted server (300) further comprises of an internal database (340) having a complete list of available service provider servers (200).
  • the trusted server (300) may browse through the internal database (340) at step 622 for determining a service provider server (200) having the software application (210) of user interest.
  • the user access request from the client system (400) further comprises of providing the trusted server (300) a user pre-defined security policy for verifying the security level of the software application (210).
  • the trusted server (300) further comprises of an internal database (340) having a complete list of available service provider servers (200).
  • the trusted server (300) may browse through the internal database (340) at step 622 for determining a service provider server (200) having the software application (210) of user interest.
  • a summary then of what has been hereinbefore described by way of example of the present invention is a system (100) for verifying and executing software applications (210) from a trusted server (300) linked to a service provider server (200), comprising a service provider server (200); a trusted server (300) having a network (500) connection to the service provider server (200); and a client system (400) having a network (500) connection to the trusted server (300);
  • the service provider server (200) having means (220) for storing at least one software application (210), means (230) for duplicating an image copy of the software application (210), means (240) for transmitting the image copy of the software application (210) upon receiving a remote access request, and means (240) for transmitting a proof-carrying result (PCR) value upon receiving a PCR request from the trusted server (300);
  • the trusted server (300) having means (310, 320) for establishing a trustworthy connection link between the trusted server (300) and service provider server (200), means (320) for

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Information Transfer Between Computers (AREA)
  • Computer And Data Communications (AREA)

Abstract

A system (100) and method for verifying and executing remote software applications (210) having a service provider server (200), a trusted third party server (300) having a network (500) connection to the service provider server (200), and a client system (400) having a network (500) connection to the trusted server (300). The service provider server (200) stores software applications (210), which are duplicated and transmitted to the trusted server (300) upon receiving of a user access request from the same. The trusted server (300) having means (350) for verifying the security level of the software application (210) and means (330) for executing the same. The client system (400) having means for transmitting user access request to the trusted server (300), means (410) for transmitting input data (440) to the trusted server (300), and means (410) for receiving output data from the same.

Description

SYSTEM AND METHOD FOR VERIFYING AND EXECUTING SOFTWARE APPLICATIONS FROM A TRUSTED SERVER LINKED TO A SERVICE
PROVIDER SERVER TECHNICAL FIELD
The present invention relates to system and method that allow a computer to access software applications stored in a remote server, and more particularly, to system and method that allow clients to access and execute software applications stored at a server site via a trusted third party.
BACKGROUND OF INVENTION
The growing dependence of society and economy on networked information systems makes organizations as well as individuals a potential target to computer security attacks. Also, the number of sources and targets of these attacks are growing fast in these days. Not only has the advancement of computer networks complicated the task of protection mechanisms against computer security attacks but also made performing such task much easier than ever. Computer security attacks take a variety of forms, such as leakage of sensitive information, corruption of system integrity, and interruption of online services. Most of the computer security attacks happened when the users download software applications from untrusted network in which the malicious applications, such as Trojans or computer viruses might be incorporated into the software applications. It is difficult for a user to differentiate between a trusted software application and malicious application, as both applications are in executable file format.
One of the most widely accepted and heavily used computer networks is the Internet. The Internet is a global system of interconnected computer networks, such as local area networks (LAN), wide area networks (WAN), and virtual private networks (VPN) formed into a single global network. A computer user, by using the Internet, is able to interactively communicate with users located in different countries. Similarly, a computer user resides in one particular country can access files stored in a server located in another country. For example, a user in Malaysia is able to access and download a document file from a university in U.S. Thus, the Internet acts like a universal library by providing electronic access to resources and information throughout the world.
Although a user is able to view information or download files from the Internet, the user lacks a suitable system for providing the user to remotely execute software applications through the Internet. One advantage of providing such system is to prevent the user's computer from being attacked, as it is not required for the user to download any files or executable software applications from the Internet. Another advantage of providing such system is the improvement in efficiency, as the system can be implemented via a relatively slow network given that only data related to the software application are sent via the Internet. Furthermore, it is another advantage of providing such system in which it can be implemented even if the user's computer is low in performance, as the software application is not required to run on the user's computer.
Hence, there is a need to provide a system and method that allow users to remotely execute software applications across the Internet.
SUMMARY OF INVENTION
The object of the present invention is to provide a system for verifying and executing software application from a trusted third party server. The trusted server provides security analysis mechanisms, such as a language-based security mechanism to verify the security level of a software application or service based on predefined security policies and provides an environment for executing the software application in the trusted server.
In one embodiment of the present invention, the system for verifying and executing software application from a remote server comprises of a server located at the service provider site, hereinafter refer to as "service provider server", another server located at the trusted third party site, hereinafter refer to as "trusted server", for connection to the service provider server, and a remote user terminal, hereinafter refer to as "client system", for connection to the trusted server. The client system comprises of preferably but not limited to any devices that are capable of establishing a network connection, such as desktop computers, laptop computers, personal digital assistants (PDA), and cellular devices.
According to this embodiment, the service provider server having means for storing at least one software application, means for duplicating a mirror copy of the software application, means for transmitting the image copy of the software application upon receiving a remote access request, and means for transmitting a proof-carrying result (PCR) value upon receiving a PCR request from the trusted server; the trusted server having means for establishing a trustworthy connection link between the trusted server and service provider server, means for receiving a verification request from the client system, a verification agent for verifying security properties of the software application, means for requesting input data from the client system, means for requesting the image copy of the software application from the service provider server, means for executing the software application using the input data, means for obtaining an output data from the executed software application, means for transmitting the output data to the client system, and an internal database for storing a list of available service provider server; the client system having means for transmitting user access request to the trusted server, means for transmitting input data to the trusted server upon receiving a request from the same, and means for receiving the output data from the trusted server.
This advantageously provides a system, which can be implemented via a relatively slow network with improved efficiency for the client system. The improvement in efficiency is accomplished by sending only the input data and output data directly related to the software application via the network. Furthermore, it is another advantage of providing a system, which can be implemented via a low performance computer for the client system, as the software application is not required to run on the client system. Preferably, the trustworthy connection link between the trusted server and service provider server further comprises of using Trusted Platform Module (TPM) to evaluate the trustworthiness of the service provider server and deciding whether or not to establish the connection link.
Preferably, the trusted server further comprises of verifying and executing a plurality of software applications from a plurality of service provider servers simultaneously.
Preferably, the network connection between the trusted server and service provider server, and client system and trusted server are established via preferably but not limited to the Local Area Network (LAN), Wide Area Network (WAN), Virtual Private Network (VPN), and Internet.
Preferably, the client system further comprises of an optional verification means for verifying the security properties of the software application.
Another object of the present invention is to provide a method for verifying and executing software application from a trusted third party server. The trusted server provides the end-user (client) to use a software application or a service on a remote platform. The trusted server provides security analysis to verify the security level of the software application and an environment for executing the software application in the trusted server host machine.
In another embodiment of the present invention, the method for verifying and executing software application from a remote server comprises of transmitting a verification request to a trusted server by the client system, requesting proof-carrying result (PCR) values from the service provider server by the trusted server, transmitting the PCR values to the trusted server by the service provider server, evaluating the trustworthiness of the service provider server using the PCR values by the trusted server, forwarding the verification request to the service provider server by the trusted server, duplicating at least an image copy of the software application by the service provider, transmitting at least an image copy of the software application to the trusted server, verifying the security properties of the software application by the trusted server, transmitting a signed acknowledgement to the client system and requesting the input data for software application execution by the trusted server, transmitting the input data to the trusted server by the client system, executing the mirror copy of the software application using the input data in the trusted server, and transmitting the output data obtained from executing the mirror copy of the software application to the client system by the trusted server.
In this embodiment, the PCR values are evaluated using the verification agent in the trusted system. Furthermore, the security properties of the software application are verified by comparing the security properties with a set of pre-defined security policy defined by the trusted server or the client system.
Preferably, the verification request further comprises of providing the trusted server with an identity (ID) of the service provider server by the client system.
Preferably, the verification request further comprises of providing at least a set of predefined security policy for verifying the security properties of the software application. Preferably, the trusted server further comprises of generating at least a verification certificate and forward said certificate to the client system.
Preferably, the client system further comprises of verifying the verification certificate using the verification means.
Preferably, the trusted server further comprises of searching the internal database for determining a suitable service provider server for software application execution.
BRIEF DESCRIPTION OF DRAWINGS
Figure 1 is a block diagram of a system in accordance with the present invention; Figure 2 is a block diagram of a service provider server in accordance with the system of the present invention;
Figure 3 is a block diagram of a trusted server in accordance with the system of the present invention;
Figure 4 is a block diagram of a client system in accordance with the system of the present invention; Figure 5 is a data flow diagram for the system shown in Figure 1 in accordance with an embodiment of the present invention;
Figure 6 is a data flow diagram for the system shown in Figure 1 in accordance with another embodiment of the present invention;
Figure 7 is a data flow diagram for the system shown in Figure 1 in accordance with yet another embodiment of the present invention; and
Figure 8 is a data flow diagram for the system shown in Figure 1 in accordance with still yet another embodiment of the present invention.
DETAILED DESCRIPTION OF EMBODIMENTS
Described below are preferred embodiments of the present invention with reference to the accompanying drawings. Each of the following preferred embodiments describes an example in which the system improves over existing prior art.
The configuration of the invention is not limited to the modules mentioned in the following description.
Referring to figure 1, a preferred embodiment of a system (100) for verifying and executing a software application is provided. The system (100) comprises a service provider server (200) having at least one software application (210), a trusted server (300) having a network connection (500) with the service provider server (200), and a client system (400) having a network connection (500) with the trusted server (300). The network connection (500) comprises of preferably but not limited to Local Area Network (LAN), Wide Area Network (WAN), Virtual Private Network (VPN), and the Internet.
Referring to figure 2, a detailed description of the service provider server (200) in accordance with the system (100) of the present invention is provided. The software applications (210) are stored in a media storage (220) having a direct connection to the service provider server (200). The media storage (220) comprises of any computer storage means, such as an internal hard disk, external hard disk, and USB thumb drive. A processing means (230), such as a CPU or a microcontroller unit having a built-in trusted platform module (TPM) chip is connected to the media storage (220) for creating a duplicate image copy of the required software application (210) and transfer the same to a network adapter (240). The image copy of the software application (210) is then forwarded to the trusted server (300) via the network adapter (240), which is having a direct connection to the network (500). The built-in TPM chip will not be further described in this specification, as it is a common knowledge for a person having ordinary skill in the art of computer security.
Referring to figure 3, a detailed description of the trusted server (300) in accordance with the system (100) of the present invention is provided. A processing means (330), such as a CPU or a microcontroller unit for executing the image copy of the software application (210) to obtain an output data. The processing means (330) further comprises of a verification agent (350) for verifying the security level of the software application (210). The verification agent (350) is a software-based verification program stored in the processing means (330), e.g. a verification firmware stored in the BIOS of the processing means. A network adapter (320) having direct connection to the network (500) and secured network (510) is connected to the processing means (330). The network adapter (320) further comprises of a TPM verification module (310) for verifying the trusted level of the service provider server (200). If the TPM of the service provider server (200) satisfies the pre-defined trusted level, the secured network (510) will be established between the service provider server (200) and the trusted server (300); otherwise no network connection will be established between the two parties (200, 300). The trusted server (300) further comprises of an internal database (340) for storing a list of trusted service provider servers (200). Also, the trusted server (300) is able to verify and execute a plurality of software applications (210) from a plurality of service provider servers (200) simultaneously.
Referring to figure 4, a detailed description of the client system (400) in accordance with the system (100) of the present invention is provided. An input data (440) required for executing the software application (210) is stored in a media storage (430) having a direct connection to the client system (400). The media storage (430) comprises of any computer storage means, such as an internal hard disk, external hard disk, USB thumb drive, and any of the market available memory cards. A processing means (420), such as a CPU or a microcontroller unit is connected to the media storage (430) for retrieving the input data (440) required to execute the software application (210) and transfer to a network adapter (410). The input data (440) is then forwarded to the trusted server (300) via the network adapter (410), which is having a direct connection to the network (500). The client system (400) comprises of preferably but not limited to personal computers, laptop computers, personal digital assistants (PDA), and cellular devices. Furthermore, the client system (400) further comprises of verification means for verifying the security level of the software application (210). In another word, the security level of the software application (210) can be optionally verified by the client system (400) for the second time. Referring to figure 5, a preferred embodiment of a method for verifying and executing a software application (210) from a trusted server (300) linked to a service provider server (200) is provided. The method involving the service provider server (200), trusted server (300), and client system (400) will now be described with reference to the data flows represented by the arrows in figure 5. At step 600, the client system (400), having the input data (440) sends the trusted server (300) a user access request. At step 602, on receipt of the user access request, the trusted server (300) sends a request for PCR values to the service provider server (200). At step 604, the service provider server (200) returns the trusted server (300) with the PCR values for evaluating the trustworthy level of the service provider server (200). At step 606, the trusted server (300) evaluates the trustworthy level of the service provider server (200) by using the verification agent (310). At step 608, upon completion of the trustworthiness evaluation process, the trusted server (300) forwards the user access request to the service provider server (200) requesting an image copy of the required software application (210). At step 610, the service provider server (200) duplicates and image copy of the software application (210) and transmits the same to the trusted server (300). At step 612, on receipt of the software application (210), the trusted server (300) verifies the security properties of the software application (210) through checking the application code by means of language-based security technique. The language-based security technique will not be further described in this specification, as it is a common knowledge for a person having ordinary skill in the art of computer security. At step 614, upon completion of the security verification process, the trusted server (300) transmits a signed acknowledgement to the client system (400) informing the user that the software application (210) is safe to use and requests a copy of the input data (440) for software application (210) execution from the client system (400). At step 616, the client system (400) forwards a copy of the input data (440) to the trusted server (300). At step 618, on receipt of the input data (440), the trusted server (300) executes the software application (210) by inputting the input data (440). At step 620, upon completion of the software application execution process, the trusted server (300) returns to the client system (400) with a copy of output data obtained from the execution process.
In this embodiment, the user access request from the client system (400) comprises of the identification (ID) of the service provider server (200) and information of the software application (210) of user's interest. Furthermore, the client system (400) further comprises of verifying the trustworthiness of the signed acknowledgement from the trusted server (300) by using the verification means (450). Referring to figure 6, another preferred embodiment of the method for verifying and executing a software application (210) from a trusted server (300) linked to a service provider server (200) is provided. In this embodiment, at step 640, the user access request from the client system (400) further comprises of providing the trusted server (300) a user pre-defined security policy for verifying the security level of the software application (210). Hence, the security level of the software application (210) is verified in accordance with the user pre-defined security policy at step 612. Referring to figure 7, yet another preferred embodiment of the method for verifying and executing a software application (210) from a trusted server (300) linked to a service provider server (200) is provided. In this embodiment, the trusted server (300) further comprises of an internal database (340) having a complete list of available service provider servers (200). On receipt of the user access request at step 600, the trusted server (300) may browse through the internal database (340) at step 622 for determining a service provider server (200) having the software application (210) of user interest.
Referring to figure 8, still yet another preferred embodiment of the method for verifying and executing a software application (210) from a trusted server (300) linked to a service provider server (200) is provided. In this embodiment, at step 640, the user access request from the client system (400) further comprises of providing the trusted server (300) a user pre-defined security policy for verifying the security level of the software application (210). Furthermore, the trusted server (300) further comprises of an internal database (340) having a complete list of available service provider servers (200). On receipt of the user access request at step 600, the trusted server (300) may browse through the internal database (340) at step 622 for determining a service provider server (200) having the software application (210) of user interest.
A summary then of what has been hereinbefore described by way of example of the present invention is a system (100) for verifying and executing software applications (210) from a trusted server (300) linked to a service provider server (200), comprising a service provider server (200); a trusted server (300) having a network (500) connection to the service provider server (200); and a client system (400) having a network (500) connection to the trusted server (300); the service provider server (200) having means (220) for storing at least one software application (210), means (230) for duplicating an image copy of the software application (210), means (240) for transmitting the image copy of the software application (210) upon receiving a remote access request, and means (240) for transmitting a proof-carrying result (PCR) value upon receiving a PCR request from the trusted server (300); the trusted server (300) having means (310, 320) for establishing a trustworthy connection link between the trusted server (300) and service provider server (200), means (320) for receiving a user access request from the client system (400), a verification agent (350) for verifying security properties of the software application (210), means (320) for requesting input data (440) from the client system (400), means (320) for requesting the image copy of the software application (210) from the service provider server (200), means (330) for executing the software application (210) using the input data (440) to obtain an output data, means (320) for transmitting the output data to the client system (400), and an internal database (340) for storing a list of service provider servers (200); and the client system (400) having means (410) for transmitting user access request to the trusted server (300), means (410) for transmitting input data to the trusted server (300) upon receiving a request from the same, and means (410) for receiving the output data from the trusted server (300).
In as much as the present invention is subject to many variations, modifications and changes in detail, it is intended that all matter contained in the foregoing description or shown in the accompanying drawings shall be interpreted as illustrative and not in a limiting sense.

Claims

1. A system (100) for verifying and executing software applications (210) from a trusted server (300) linked to a service provider server (200), comprising: a service provider server (200);
a trusted server (300) having a network (500) connection to the service provider server (200); and
a client system (400) having a network (500) connection to the trusted server (300);
wherein, the service provider server (200) having means (220) for storing at least one software application (210), means (230) for duplicating an image copy of the software application (210), means (240) for transmitting the image copy of the software application (210) upon receiving a user access request, and means (240) for transmitting a proof-carrying result (PCR) value upon receiving a PCR request from the trusted server (300);
wherein, the trusted server (300) having means (310, 320) for establishing a trustworthy connection link between the trusted server (300) and service provider server (200), means (320) for receiving a user access request from the client system (400), a verification agent (350) for verifying security properties of the software application (210), means (320) for requesting input data (440) from the client system (400), means (320) for requesting the image copy of the software application (210) from the service provider server (200), means (330) for executing the software application (210) using the input data (440) to obtain an output data, and means (320) for transmitting the output data to the client system (400);
wherein, the client system (400) having means (410) for transmitting user access request to the trusted server (300), means (410) for transmitting input data (440) to the trusted server (300) upon receiving a request from the same, and means (410) for receiving the output data from the trusted server (300).
2. The system (100) in accordance with claim 1, wherein the trustworthy connection link comprises of using Trusted Platform Module (TPM) to evaluate the trustworthiness of the service provider server (200).
3. The system (100) in accordance with anyone of claims 1 to 2, wherein the trusted server (300) comprises of verifying and executing a plurality of software applications (210) from a plurality of service provider servers (200) simultaneously.
4. The system (100) in accordance with anyone of claims 1 to 3, wherein the client system (400) comprises of preferably but not limited to personal computers, laptop computers, personal digital assistants (PDA), and cellular devices.
5. The system (100) in accordance with anyone of claims 1 to 4, whereby the network (500) connection between the trusted server (300) and service provider server (200) are established via preferably but not limited to the Local Area Network (LAN), Wide Area Network (WAN), Virtual Private Network (VPN), and Internet.
6. The system (100) in accordance with anyone of claims 1 to 5, whereby the network (500) connection between the client system (400) and trusted server (300) are established via preferably but not limited to the Local Area Network (LAN), Wide Area Network (WAN), Virtual Private Network (VPN), and Internet.
7. The system (100) in accordance with anyone of claims 1 to 6, wherein the client system (400) further comprises of a verification means (450) for verifying the security properties of the software application (210).
8. The system (100) in accordance with anyone of claims 1 to 7, wherein the trusted server (300) further comprises of an internal database (340) for storing a list of service provider servers (200).
9. A method for verifying and executing software applications from a trusted server linked to a service provider server, comprising:
transmitting a user access request to a trusted server (300) by the client system (400) (step 600);
requesting proof-carrying result (PCR) values from the service provider server (200) by the trusted server (300) (step 602);
transmitting the PCR values to the trusted server (300) by the service provider server (200) (step 604);
evaluating the trustworthiness of the service provider server (200) using the PCR values by the trusted server (300) (step 606);
forwarding the user access request to the service provider server (200) by the trusted server (300) (step 608);
duplicating and transmitting at least an image copy of the software application (210) to the trusted server (300) by the service provider server (200) (step 610);
verifying the security properties of the software application (210) by the trusted server (300) (step 612);
transmitting a signed acknowledgement to the client system (400) and requesting the input data (440) for software application (210) execution by the trusted server (300) (step 614);
transmitting the input data (440) to the trusted server (300) by the client system (300) (step 616);
executing the mirror copy of the software application (210) using the input data (440) in the trusted server (300) (step 618); and
transmitting the output data obtained from executing the mirror copy of the software application (210) to the client system (400) by the trusted server (300) (step 620);
wherein, the PCR values are evaluated using the verification agent
(350);
wherein, the security properties of the software application (210) are verified by comparing the security properties with a set of pre-defined security policy.
10. The method in accordance with claim 8, wherein the user access request (step 600) further comprises of providing the trusted server (300) with an identity (ID) of the service provider server (200).
11. The method in accordance with anyone of claims 8 to 9, wherein the user access request further comprises of at least a set of user pre-defined security policy for verifying the security properties of the software application (210).
12. The method in accordance with claim 11, wherein the client system (300) further comprises of verifying the signed acknowledgement using the verification means (450).
13. The method in accordance with anyone of claims 8 to 12, wherein the trusted server (300) further comprises of searching the internal database (340) for determining a suitable service provider server (200) for software application (210) execution.
PCT/MY2010/000277 2010-06-22 2010-11-15 System and method for verifying and executing software applications from a trusted server linked to a service provider server WO2011162591A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
MYPI2010002964 2010-06-22
MYPI2010002964A MY164406A (en) 2010-06-22 2010-06-22 System and method for verifying and executing software applications from a trusted server linked to a service provider server

Publications (1)

Publication Number Publication Date
WO2011162591A1 true WO2011162591A1 (en) 2011-12-29

Family

ID=45371617

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/MY2010/000277 WO2011162591A1 (en) 2010-06-22 2010-11-15 System and method for verifying and executing software applications from a trusted server linked to a service provider server

Country Status (2)

Country Link
MY (1) MY164406A (en)
WO (1) WO2011162591A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018052256A1 (en) * 2016-09-16 2018-03-22 Samsung Electronics Co., Ltd. Method of providing secure access to hotel iot services through mobile devices

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6295607B1 (en) * 1998-04-06 2001-09-25 Bindview Development Corporation System and method for security control in a data processing system
US20020129277A1 (en) * 2001-03-12 2002-09-12 Caccavale Frank S. Using a virus checker in one file server to check for viruses in another file server
US20090320115A1 (en) * 2008-06-24 2009-12-24 Dean Irvin L Secure Network Portal
US20100083376A1 (en) * 2008-09-26 2010-04-01 Symantec Corporation Method and apparatus for reducing false positive detection of malware

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6295607B1 (en) * 1998-04-06 2001-09-25 Bindview Development Corporation System and method for security control in a data processing system
US20020129277A1 (en) * 2001-03-12 2002-09-12 Caccavale Frank S. Using a virus checker in one file server to check for viruses in another file server
US20090320115A1 (en) * 2008-06-24 2009-12-24 Dean Irvin L Secure Network Portal
US20100083376A1 (en) * 2008-09-26 2010-04-01 Symantec Corporation Method and apparatus for reducing false positive detection of malware

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2018052256A1 (en) * 2016-09-16 2018-03-22 Samsung Electronics Co., Ltd. Method of providing secure access to hotel iot services through mobile devices
EP3497913A4 (en) * 2016-09-16 2019-06-19 Samsung Electronics Co., Ltd. METHOD FOR PROVIDING SECURE ACCESS TO HOTEL IDO SERVICES THROUGH MOBILE DEVICES
US10477398B2 (en) 2016-09-16 2019-11-12 Samsung Electronics Co., Ltd. Method of providing secure access to hotel IoT services through mobile devices

Also Published As

Publication number Publication date
MY164406A (en) 2017-12-15

Similar Documents

Publication Publication Date Title
US11874921B2 (en) Digital protection that travels with data
US11165811B2 (en) Computer security vulnerability assessment
US9356965B2 (en) Method and system for providing transparent trusted computing
Oberheide et al. CloudAV: N-Version Antivirus in the Network Cloud.
JP5396051B2 (en) Method and system for creating and updating a database of authorized files and trusted domains
CN109074452B (en) System and method for generating tripwire files
US20190199711A1 (en) System and method for secure online authentication
US20180234234A1 (en) System for describing and tracking the creation and evolution of digital files
US9455994B1 (en) Techniques for intelligently executing a digital signature
US8307276B2 (en) Distributed content verification and indexing
US11522901B2 (en) Computer security vulnerability assessment
US20190238560A1 (en) Systems and methods to provide secure storage
US9860230B1 (en) Systems and methods for digitally signing executables with reputation information
WO2023174389A1 (en) Security state assessment method and apparatus, electronic device, and readable storage medium
JP4934860B2 (en) Method for controlling access between multiple network endpoints based on trust score calculated from information system component analysis
Abdullah et al. Achieving consistency of software updates against strong attackers
Kimak An investigation into possible attacks on HTML5 indexedDB and their prevention
US11144636B2 (en) Systems and methods for identifying unknown attributes of web data fragments when launching a web page in a browser
Lakhe Practical Hadoop Security
WO2011162591A1 (en) System and method for verifying and executing software applications from a trusted server linked to a service provider server
Moreaux et al. Blockchain assisted near-duplicated content detection
Collins et al. A Model for Opportunistic Network Exploits: The Case of P2P Worms.
US20240323187A1 (en) Fine-grained segmentation and traffic isolation in data confidence fabric networks
Jenkins Defense in Depth of Resource-Constrained Devices
CN110347941B (en) System and method for identifying unknown attributes of web page data fragments

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10853749

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 10853749

Country of ref document: EP

Kind code of ref document: A1