System and method for application attestation
US8327441B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Feb 17, 2012 |
| Grant date | Dec 4, 2012 |
| Priority date | — |
| Expiry date | Feb 17, 2032 |
Classification
- Technology area (CPC G)Physics
- CPC primaryG06F2221/033
- WIPO fieldComputer technology
- WIPO sectorElectrical engineering
Abstract
An instrumented machine or platform having a target application thereon is disclosed. An attestation service may generate an application artifact having associated therewith a name and an application statement having at least one of a plurality of attribute value assertions describing the examined runtime local execution and introspection based derived security context. The application statements may represent the level of contextual trustworthiness, at near real time, of a running application on the instrumented target platform. A runtime process and network monitor may examine the local runtime execution context of the target application, and an identity provider may authenticate a user to the web application based on a web services query for attestation of the target application. A physical or logical authorization service may control access of an authenticated user to the target application, based on a dynamic application statement and multi-factor application attestation issued by the attestation service.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.