Browse Prior Art Database

Method and System for Secured Customization of Unattended Installation

IP.com Disclosure Number: IPCOM000202417D
Publication Date: 2010-Dec-15
Document File: 3 page(s) / 48K

Publishing Venue

The IP.com Prior Art Database

Abstract

A method and system for secured customization of an unattended installation is disclosed. The method suggests use of a properties file of which few properties are encrypted. A tool is used for entering the encrypted property values into the properties file. After entering the encrypted property values, an installer determines which of the values in the property file are encrypted and decrypts them before use.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 53% of the total text.

Page 01 of 3

Method and System for Secured Customization of Unattended Installation
In an unattended installation where a user response is stored in a properties file, there

is a possibility that the user response that is entered in the properties file may be

sensitive. Therefore, it is insecure to use the properties file to store sensitive

information such as, passwords. The file may not be deleted automatically after the

installation causing possibilities of it being accessible to other users. Disclosed is a method and system for secured customization of an unattended

installation. A property file is provided of which few properties in the file are encrypted.

A tool may be used for entering the encrypted property values into the properties file.

After entering the encrypted property values, an installer determines which of the values

in the property file are encrypted and decrypts them before use.

For example, consider a scenario where a public key cryptography is used for securing

the data in an installer properties file. A pair of keys is generated that includes a public

key (Pbk) and a private key (Pvk). After generating the public key and the private key,

the public key is announced along with the installer (setup) file. In a scenario, the key

may be included in an installation manual or in a "read me" file.

After announcing the public key, the user enters non-sensitive customization values into

the properties file. Thereafter, the user uses the public key to encrypt the data that the

user wants to be secured into the installer properties file. In a scenario, the process of

entering the encrypted value into properties file may be made easier by providing a tool

that intakes the plain text data, encrypts it, and writes it to the properties file. Further,

the user may also be allowed to edit and enter more non-sensitive customization values

into the properties file.

After encrypting the data that the user wants to be secured into the installer properties

file, the unattended installation process is initiated. The installer reads the properties

file, identifies the encrypted and non-encrypted value and subsequently decrypts the

encrypted values using its private key.

In a scenario, the keys for encrypted values can be designed to be easily identifiable.

For example, if there is a field "ADMIN

_PHONE

encrypted, then a prefix "ENC" may be added to the key. Thus, the installer initially tries

to read a value of "ADMIN

_PHONE

encrypted, the installer will not be able to read the value. Ther...