Browse Prior Art Database

Using Public Key Certificates to Ensure Subsystem Component Level Compatibility

IP.com Disclosure Number: IPCOM000014639D
Original Publication Date: 2000-Mar-01
Included in the Prior Art Database: 2003-Jun-20
Document File: 3 page(s) / 47K

Publishing Venue

IBM

Abstract

Using Public Key Certificates to Ensure Subsystem Component Level Compatibility

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 54% of the total text.

Page 1 of 3

Using Public Key Certificates to Ensure Subsystem Component Level

Compatibility

This disclosure describes a methodology in which a subsystem (or group of
related programs) may ensure its components are at a compatible level to one
another by using Public Key Signatures. This methodology creates a signature
of the programs at compile time and allows the subsystem to verify itself
during runtime.

With computer applications becoming increasingly
complex, they are being split into interdependent
components in order to simplify the development and
support processes. This split makes the process of
ensuring each component on a computer system is at
a compatible level more complex. Without this
verification, an application may fail to function
as designed.

Public Key Signatures are commonly used to verify
that data is both created from a known sender and
has not been altered since its creation. The
methodology described in this document builds on
this fact to allow applications to verify that they
were created at the same time by the same source.
This is done by generating a new public/private
key pair for each version of the subsystem. These
keys are stored in the build environment and a
public key object is created. This object will be
linked into the compiled subsystem to be used in
the verification process. During the compilation
process, each of the components has a signature
generated for it. These signatures are part of the
final package delivered with the application. See
Figure 1 for a...