Abstract: A method for a computer to execute an item of software including, the software including one or more security modules. At at least one point during execution of the item of software at which a predetermined function is to be performed, a request is sent to an address system for carrying out the predetermined function, the request including an identifier of the predetermined function. In response to the request, an address generated by the address system based, at least in part, on (a) the identifier and (b) verification data provided to the address system from at least one of the one or more security modules is received from the address system. The address is based, at least in part, on the identifier and verification data provided to the address system from at least one of the security modules. Execution of the item of software is then continued at the address received from the address system.

Abstract: A system and method for a computer to execute an item of software. The computer executes security modules, each performing a respective security-related operation. The computer executes the item of software and, at a point during execution of the item of software at which a predetermined function is to be performed, the computer attempts to perform the predetermined function by sending, to an address system, a request message, including and identifier of the predetermined function, for an address of instructions for carrying out the predetermined function. In response to the request message, the computer receives, from the address system, an address generated by the address system based, at least in part, on (a) the identifier and (b) verification data provided to the address system from at least one of the plurality of security modules. Execution is the continued at the address received from the address system.

Abstract: A method for a computer to execute an item of software, the method comprising: the computer executing one or more security modules; the computer executing the item of software, said executing the item of software comprising, at at least one point during execution of the item of software at which a predetermined function is to be performed, attempting to perform the predetermined function by: sending, to an address system, a request for an address of instructions for carrying out the predetermined function, the request comprising an identifier of the predetermined function; receiving, from the address system in response to the request, an address generated by the address system based, at least in part, on (a) the identifier and (b) verification data provided to the address system from at least one of the one or more security modules; and continuing execution of the item of software at the address received from the address system.

Abstract: A method for a computer to execute an item of software, the method comprising: the computer executing one or more security modules; the computer executing the item of software, said executing the item of software comprising, at at least one point during execution of the item of software at which a predetermined function is to be performed, attempting to perform the predetermined function by: sending, to an address system, a request for an address of instructions for carrying out the predetermined function, the request comprising an identifier of the predetermined function; receiving, from the address system in response to the request, an address generated by the address system based, at least in part, on (a) the identifier and (b) verification data provided to the address system from at least one of the one or more security modules; and continuing execution of the item of software at the address received from the address system.

Abstract: A method for securely executing an item of software. One or more security modules are executed by a computer and a computer executes the item of software. The execution of the item of software includes, at at least one point during execution of the item of software at which a predetermined function is to be performed, attempting to perform the predetermined function. The attempt to perform the predetermined function including sending, to an address system, a request for an address of instructions for carrying out the predetermined function, the request including an identifier of the predetermined function; receiving, from the address system in response to the request, an address generated by the address system based, at least in part, on (a) the identifier and (b) verification data provided to the address system from at least one of the one or more security modules; and continuing execution of the item of software at the address received from the address system.

Abstract: A method of generating a protected item of software, there being an execution path within code for the protected item of software that causes code for one or more second functions to be executed before executing code for a first function, wherein execution of the code for the one or more second functions causes data to be stored at one or more memory locations, the data satisfying a set of one or more predetermined properties, wherein, in the absence of an attack against the protected item of software when the code for the protected item of software is being executed, the first function is arranged to provide first functionality, the method comprising: configuring the code for the first function so that execution, by one or more processors, of the code for the first function provides the first functionality only if the set of one or more predetermined properties is satisfied by data being stored, when the first function is executed, at the one or more memory locations.

Abstract: A method of generating a protected item of software, there being an execution path within code for the protected item of software that causes code for one or more second functions to be executed before executing code for a first function, wherein execution of the code for the one or more second functions causes data to be stored at one or more memory locations, the data satisfying a set of one or more predetermined properties, wherein, in the absence of an attack against the protected item of software when the code for the protected item of software is being executed, the first function is arranged to provide first functionality, the method comprising: configuring the code for the first function so that execution, by one or more processors, of the code for the first function provides the first functionality only if the set of one or more predetermined properties is satisfied by data being stored, when the first function is executed, at the one or more memory locations.

Abstract: A method and apparatus for executing a process on a device, the device including one or more processors for executing the process and a memory, wherein the process has an associated first type of privilege. The method includes obtaining a portion of the memory for use by the process or for use by a further process being created by the process, wherein the portion of the memory is identified as both writable and executable memory, and wherein the portion of the memory has an associated second type of privilege that is different from the first type of privilege.

Abstract: A method for executing a process on a device, the device comprising one or more processors for executing the process and a memory, wherein the process has an associated first type of privilege, the method comprising: obtaining a portion of the memory for use by the process or for use by a further process being created by the process, wherein the portion of the memory is identified as both writable and executable memory, wherein the portion of the memory has an associated second type of privilege that is different from the first type of privilege.

Abstract: The present disclosure provides a description of a computer implemented method and system for protecting a software program from attack during runtime. The system comprises a plurality of software blocks for providing desired functions during execution of a software program and a trusted address server having a table for mapping predetermined source tokens to destination tokens. The trusted address server couples each of the plurality of software blocks for receipt of predetermined source tokens from any one of the plurality of software blocks, while returning a mapped destination token from the predetermined destination tokens to said any one of the plurality of software blocks in dependence upon the table for mapping predetermined source tokens to destination tokens.

Abstract: Techniques are presented for obfuscating programs of virtual machines. On a virtual machine hosted by a physical device, a program is run that is configured to execute one or more operations. At a virtual machine manager hosted by the physical device and configured to manage the virtual machine, execution of the program is monitored to detect a trapping event that causes the virtual machine manager to take over operation of the program. Upon detecting the trapping event, a specific operation of the program is performed that differs from an operation implied by static analysis of the program.

Abstract: A method for a computer to execute an item of software, the method comprising: the computer executing one or more security modules; the computer executing the item of software, said executing the item of software comprising, at at least one point during execution of the item of software at which a predetermined function is to be performed, attempting to perform the predetermined function by: sending, to an address system, a request for an address of instructions for carrying out the predetermined function, the request comprising an identifier of the predetermined function; receiving, from the address system in response to the request, an address generated by the address system based, at least in part, on (a) the identifier and (b) verification data provided to the address system from at least one of the one or more security modules; and continuing execution of the item of software at the address received from the address system.

Abstract: In the present disclosure, a hash function is computed over a known image, for example, an address range in a program. The result of the hash function is known to be the same at two distinct points in time, before the program is run, i.e. signing at build-time, and during the running of the program, i.e. run time. The value that the programmer wishes to hide, i.e. the secret value, is also known at build-time. At build-time, the secret value is combined with the hash in such a way that the combining operation can be reversed at run time. This combined value, i.e. the salt, is stored along with the program. Later, at runtime, the program computes the same hash value as was computed at signing time, and does the reverse combining operation in order to reveal the secret value.

Abstract: Described are various embodiments of a tamper-evident network messaging method and system, and device configured therefor. In some embodiments, tamper-evident messaging is enabled between network-interfacing devices. In general, these devices will each comprise a hardware hasher or the like, operatively configured to compute and supply a hash value to their respective network interface via an independent path distinct from the device's one or more software-accessible paths, where it may be combined with outgoing messages to provide indication of possible code tampering, or again evaluated against incoming hash values associated with incoming messages to verify an authenticity thereof. In some embodiments, such hash values may further or alternatively be used for the encryption/decryption of intercommunicated messages to provide a similar effect.

Abstract: Described are various embodiments of a tamper-evident network messaging method and system, and device configured therefor. In some embodiments, tamper-evident messaging is enabled between network-interfacing devices. In general, these devices will each comprise a hardware hasher or the like, operatively configured to compute and supply a hash value to their respective network interface via an independent path distinct from the device's one or more software-accessible paths, where it may be combined with outgoing messages to provide indication of possible code tampering, or again evaluated against incoming hash values associated with incoming messages to verify an authenticity thereof. In some embodiments, such hash values may further or alternatively be used for the encryption/decryption of intercommunicated messages to provide a similar effect.

Abstract: In the present disclosure, a hash function is computed over a known image, for example, an address range in a program. The result of the hash function is known to be the same at two distinct points in time, before the program is run, i.e. signing at build-time, and during the running of the program, i.e. run time. The value that the programmer wishes to hide, i.e. the secret value, is also known at build-time. At build-time, the secret value is combined with the hash in such a way that the combining operation can be reversed at run time. This combined value, i.e. the salt, is stored along with the program. Later, at runtime, the program computes the same hash value as was computed at signing time, and does the reverse combining operation in order to reveal the secret value.

Abstract: The present disclosure provides a description of a computer implemented method and system for protecting a software program from attack during runtime. The system comprises a plurality of software blocks for providing desired functions during execution of a software program and a trusted address server having a table for mapping predetermined source tokens to destination tokens. The trusted address server couples each of the plurality of software blocks for receipt of predetermined source tokens from any one of the plurality of software blocks, while returning a mapped destination token from the predetermined destination tokens to said any one of the plurality of software blocks in dependence upon the table for mapping predetermined source tokens to destination tokens.

Abstract: Techniques are presented for obfuscating programs of virtual machines. On a virtual machine hosted by a physical device, a program is run that is configured to execute one or more operations. At a virtual machine manager hosted by the physical device and configured to manage the virtual machine, execution of the program is monitored to detect a trapping event that causes the virtual machine manager to take over operation of the program. Upon detecting the trapping event, a specific operation of the program is performed that differs from an operation implied by static analysis of the program.