Abstract: A software ecosystem includes a software supply chain in which each of the participants in the software supply chain produce software components using reproducible builds. By using deterministic compilation practices, each of the software components produced by a respective participant should be identical. The software ecosystem also includes a set of tamper proof distributed ledgers. Hashes of the software components are generated and securely recorded in the set of distributed ledgers. The software ecosystem also includes an intrusion detection system configured to compare hashes of the software components to determine when one or more of the software components has been generated in a corrupt manner. The secure software ecosystem includes a full-platform approach to integrity which incorporates designing against attacks, rather than patching after them, which creates a paradigm in which computing platforms can be trusted because they have been designed to operate in an untrustworthy environment.

Abstract: Disclosed are a system and a method employing a user's fingerprint to authenticate a wireless communication. The user's personal fingerprint is employed as the secret key in the context of a modified “challenge-response” scenario. The system includes a fingerprint capture module on a mobile personal wireless communication device (e.g., a wireless telephone) and a central authentication system coupled to a conventional mobile switching center. The central authentication system contains information that associates each mobile identification number (“MIN”) with a particular user's fingerprint. When a wireless communication is to be initiated, the central authentication system engages in a challenge-response authentication with the mobile switching station or the wireless phone using the stored fingerprint associated with the MIN through the common air interface.

Abstract: A method is provided for protecting distributed software, either through the internet/telephone networks or via physical storage media like floppy diskettes, magnetic tapes, CD-ROMS, DVD-ROMS, etc., by using biometric information (personal fingerprint information in particular). In one approach, the fingerprint of the software purchaser is embedded into the purchased software at the time of purchase. All subsequent use of the software by the purchaser at his/her home or office is subject to (a) providing his/her fingerprint again and (b) the fingerprint matches that embedded in the purchased software. In another related approach, prior to the use or installation of distributed software, the user's computer calls a central management server station. The software then requests the user to provide his or her fingerprint by any device that would capture such information.