Browse Prior Art Database

Secure Loading of a Personal Computer Application

IP.com Disclosure Number: IPCOM000117817D
Original Publication Date: 1996-Jun-01
Included in the Prior Art Database: 2005-Mar-31
Document File: 2 page(s) / 84K

Publishing Venue

IBM

Related People

Holloway, CJ: AUTHOR [+2]

Abstract

It is often desirable to prevent unauthorised use of personal computer applications. The approach described below, using the IBM* 4755 cryptographic adapter, prevents use of the application concerned unless a known software environment is initialized and unmodified, and is of particular value in preventing fraudulent use of financial applications.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 52% of the total text.

Secure Loading of a Personal Computer Application

      It is often desirable to prevent unauthorised use of personal
computer applications.  The approach described below, using the IBM*
4755 cryptographic adapter, prevents use of the application concerned
unless a known software environment is initialized and unmodified,
and is of particular value in preventing fraudulent use of financial
applications.

Implementation
  1.  On the workstation running the protected application, the
       CONFIG.SYS file is used to invoke an Authentication Module.
        Loading of the Authentication module is controlled using
       the Transaction Security System (TSS) 'Manage Objects'
functions:
       a Modification Detection Code (MDC) for the Authentication
Module
       is "registered" in the 4755.  The "verify" function is invoked
       within the 4755 to re-generate the Authentication Module's MDC
       and compare it with the original MDC.  If this is successful
the
       "load" function is invoked and the Authentication Module is
       loaded.
  2.  The Authentication Module authenticates a list of critical
       software components (including the Boot Sector Record of the
       drive used to IPL the personal computer, the AUTOEXEC.BAT file
       and any critical application programs which will be used on
this
       workstation), by issuing MDC VERIFY requests to the 4755.

    The MDC for each component is held encrypted in a file whose
header record contains:
  o  an MDC for the rest of the file;
  o  the number of records the file contains;
  o  an encrypted password.

          The key under which the MDCs are encrypted is held in
the 4755 in a form which allows it to be used only for decryption,
the corresponding encrypting version being held only at the
key-issuing site.
  3.  If all the objects in the list of critical software components
       pass their MDC checks, the Authentication Module issues an
       ACTIVATE PROFILE command to the 4755 for a profile which
grants
       access to those cryptographic functions required in production
       use by the protected application.

          Activation of this profile requires the use of the
encrypted password which is held in the header of the file of
encrypted MDCs.  T...