Method and system for execution monitor-based trusted computing

Assignees

• AT&T Intellectual Property I, L.P. · US
• Rutgers, the State University of New Jersey · US

Inventors

• Liviu Iftode · Princeton, US
• Gang Xu · Beijing, CN

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F2221/2103
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

A system and method of providing trusted service transactions includes associating a commitment with a remote service. The commitment includes a trusted list of runtime dependencies to execute a transaction. The method includes monitoring an actual list of runtime dependencies invoked during execution of the transaction using a trusted monitor. Execution is blocked if a deviation of the actual list from the trusted list is detected. Therefore, a completed transaction is allowed only if no deviation is found between the trusted and invoked list of runtime dependencies. A certificate authority in cooperation with software vendors preferably provide a signed commitment. The commitment is delivered by the provider to a user upon request and verified by the requester. The transaction is then executed by the user. Therefore, trust is verified before and during the transaction and privacy of data is guaranteed after completion.