Virtual machine security
US-2017235951-A1 · Aug 17, 2017 · US
Updating software
US2016162285A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2016162285-A1 |
| Application number | US-201614994105-A |
| Country | US |
| Kind code | A1 |
| Filing date | Jan 12, 2016 |
| Priority date | Jan 19, 2011 |
| Publication date | Jun 9, 2016 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
This invention relates to a method and apparatus for updating software. In particular this invention relates to a method, system and computer program for updating an operating system in a hypervisor comprising: determining a new version of a component of the operating system; installing the new component version; measuring an identifying characteristic of the component and making it available to an attestation system; notifying the attestation system that a component has been updated to a new version whereby, when the attestation system finds that the identifying characteristic of the new component does not match a pre-stored attestation value it is aware that a legitimate mis-match could have occurred. The installing of the new version of the component comprises: identifying an updater associated with new version of the component; measuring an identifying characteristic of the identified updater; loading and installing the new version of the component; and making both the identifying measurement of the updater and the new version of the component available to the attestation system.
First claim
Opening claim text (preview).
1 . A method for updating and attesting code in a execution environment comprising: installing new code; measuring an identifying characteristic of the new code and making it available to an attestation system; notifying the attestation system that code has been updated to a new version whereby; and whereby when the attestation system finds that the identifying characteristic of the new code does not match a pre-stored attestation value it is aware that a legitimate mis-match could have occurred. 2 . A system for updating and attesting code in a execution environment comprising: installation means for installing new code; measuring means for measuring an identifying characteristic of the new code and making it available to an attestation system; notifying means for notifying the attestation system that code has been updated to a new version whereby; and whereby when the attestation system finds that the identifying characteristic of the new code does not match a pre-stored attestation value it is aware that a legitimate mis-match could have occurred. 3 . A system of testing the integrity of a program comprising: extracting a code measurement stored by the program installation process; testing means for testing the code measurement with reference measurements stored by the testing system and failing the measurement if it does not match; further testing means for testing the failed code measurement and failing it again if the measurement does not originate from a component known to the testing system; and indicating means for indicating a pass if the code measurement passes a test and a fail if one code measurement does not pass either of the tests. 4 . A computer program product for creating a first computer resource at a client computer, the computer program product comprising: a computer readable storage medium readable by a processing circuit and storing instructions for execution by the processing circuit for performing a method according to claim 1 . 5 . A computer program stored on a computer readable medium and loadable into the internal memory of a digital computer, comprising software code portions, when said program is run on a computer, for performing the method of claim 1 .
Assignees
Inventors
Classifications
while running · CPC title
Loading of operating system · CPC title
Secure boot · CPC title
Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities · CPC title
- G06F8/65Primary
Updates (security arrangements therefor G06F21/57) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2016162285A1 cover?
- This invention relates to a method and apparatus for updating software. In particular this invention relates to a method, system and computer program for updating an operating system in a hypervisor comprising: determining a new version of a component of the operating system; installing the new component version; measuring an identifying characteristic of the component and making it avail…
- Who is the assignee on this patent?
- IBM
- What technology area does this patent fall under?
- Primary CPC classification G06F8/65. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Thu Jun 09 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 7 related publications on this page (citations in our corpus or others sharing the same primary CPC).