Patent Application
20170147313
The presently disclosed embodiments are directed to software application security systems particularly useful for embedding and protecting configuration data values, specific to an end user, into a digitally signed package that can be installed on multiple devices.
Software developers create general use applications (“Apps”) for distribution to a wide variety of users. The users of these applications in turn will deploy, or install, these applications on multiple devices. Deployment, or installation, can be done directly on each device or indirectly to each device through a network connected software distribution system. Each user of an application may have specific configuration data that needs to be entered in order for the application to function properly in the user's environment. (i.e., names, a server address, database connection string, digital certificate, data entry constraints, default values, multi-language labels, multi-language help strings, etc.). This is not uncommon. The application would gather this user specific configuration data after it has been deployed, or installed, on each device. If the application is being installed on many devices, perhaps hundreds, the entry of the user specific configuration data becomes time consuming and the information being entered could be incorrect or different from one installation to the next due to a browser error or other system failings. A better solution would allow the user to enter the user specific configuration data values for the application, have the user entered configuration data values embedded into the application, digitally sign the application for security, and then deploy/install the application on multiple devices. The application would not need the user to enter the user specific configuration data at runtime because the configuration data values are embedded and available for use by the application.
In addition, the configuration data must be trustworthy and so must be authenticated and validated at the run time. Merely facilitating the entry of a configuration data in a convenient preloading system would fail to meet such trustworthiness and validation requirements. There is thus a need for a system which can better validate a user entered application configuration data as well as the digital signatures before operation of the corresponding software application.
Application developers will create and upload a variety of operable software applications which are pre-loading then available in a gallery for user acquisition. The developers typically require pre-loading user configuration data to enable a user to operate the App. The subject embodiments enable this requirement by including an optional XML file, called an App Configuration Data Definition File, hereafter referred to as an “ACDDF”, in the App source code. The ACDDF is optional and defines a set of App Configuration data fields that include names, data entry constraints, default values, multi-language labels and multi-language help strings, etc. When the App includes an ACDDF, the present embodiments provide a way for a user to enter the values for the set of App Configuration data fields defined in the ACDDF. The user interface for entering the values is dynamically generated using the data field definitions contained in the ACDDF. In addition, the embodiments will validate the data values entered using the data entry constraints defined in the ACDDF and associate any App Configuration data entered with the logged in user.
When a user initiates the installation process for an App, the embodiments automatically generate the configuration XML file, using the filename specified in the ACDDF, and adds the file to the top-level folder of the weblet source code. The system then digitally signs the App and installs the App on the devices specified by the user. When the App is run on a device, the App reads the configuration XML file and uses the contents during the execution of the App. The digital signature is validated before the execution.
The disclosed embodiments thus allow developers to include an optional file, the ACDDF, in the App source code. The user interface for entering the configuration data values is dynamically generated using the data field definitions contained in the ACDDF. When a user initiates the installation process for an App, the system automatically generates the configuration XML file, using the filename specified in the ACDDF, adds the file to the top-level folder of the weblet source code, and then digitally signs the App and installs the App on the devices specified by the user. When the App is run on a device, the App reads the configuration XML file and uses the contents during the execution of the App.
According to further aspects illustrated herein, there is provided a method for enabling operation of a computer program in a plurality of operating devices. The method includes providing a gallery of software applications to a user for selective installation on the plurality of operating devices, wherein the Apps require application configuration data to be entered in a ConnectKey file for application operability. The ACDDF is included in an application “ConnectKey” file wherein the ACDDF comprises a set of data fields for receiving the application configuration data to be entered by the user. The application configuration data received from the user is validated and stored in response to a selection of one of the plurality of operating devices for executing a one software application from the gallery, and reading the stored application data for enabling execution of the one software application on the selected operating device.
In accordance with other aspects described herein, a security system for protecting software application operability in a selected operating device is presented. The system comprises the ACDDF including predetermined data fields for completion by a user intending use of a software application on the selected operating device. A first validation processor validates user entered application configuration data in the ACDDF. An application configuration file is compiled from the application configuration data file that is embedded in the software application. A digital signature is applied to the application having the embedded application configuration file. A second validation processor validates the digital signature in response to a user installation request of the software application on the selected operating device.
The present description and accompanying FIGURES illustrate the embodiments for a more efficient, secure and trustworthy method and system to allow end users of a software application to embed required configuration data values, specific to the end user, into a digitally signed package that can be installed on multiple devices. Such a method and system enables efficiencies in operation of the software application because the present embodiments do not require the user to enter the user specific configuration data at run time. The configuration data values are thus embedded and available in advance for use by the application, after being validated at the time of data entry, with other embedding in the relevant App configuration file.
Such a system provides internalized protocol to developers to generate the list of data fields with data types, value constraints, language-specific labels, and language specific help text, etc. Configuration data description is thus interpreted by the software application distribution system to automatically generate a user interface for a user to enter and validate the data values required by the App selected by the user. The subject method of saving the “configuration data” user basis is advantageous because it allows the user to configure the same App, in a software distribution system, differently from other users accessing the software distribution system. This is particularly advantageous because even though the configuration of Apps is something that Apps normally do, this is usually done through content that is external to the App (i.e., external file, registry, database, etc.). The method of the subject embodiments employed for adding the configuration data is particularly advantageous because the data is embedded directly into the App so that it cannot be modified.
Although the subject embodiments are described in greater detail with reference to
First, a developer defines the “App Configuration Data Requirements” in a supplemental source file.
Second, the developer submits for user acquisition, the application, along with the supplemental source file, to a software application distribution system.
Third, the software distribution system interprets the App Configuration Data Requirements and provides a mechanism to allow the user of the software distribution system to enter user specific “App Configuration Data” values.
Fourth, the distribution system validates the App Configuration Data Requirements entered by the user, and then embeds the App Configuration Data with the validated values into the App.
Fifth, the software distribution system produces a digitally signed “App Package” that can be installed on a device indicated by the user. The digitally signed App Package is also validated before installation on the device.
With reference to
The memory 12 may represent any type of non-transitory computer-readable medium such as random access memory (RAM), read-only memory (ROM), magnetic disk or tape, optical disk, flash memory, or holographic memory. In one embodiment, the memory 12 comprises a combination of random access memory and read-only memory. In some embodiments, the processor 16 and memory 12 may be combined in a single chip. Memory 12 stores instructions for performing the exemplary method as well the processed data.
The network interface 18 allows the computer to communicate with other devices via computer network, such as a local area network (LAN) or wide area network (WAN), or the Internet, and may comprise a modulator/demodulator (MODEM), a router, a cable, and/or Ethernet port.
The processor device can be variously embodied, such as by a single core processor, a dual core processor (or more generally by a multiple core processor), a digital processor and cooperating math co-processor, a digital controller, or the like. The digital processor 16, in addition to executing instructions 14, may also control the operation of a computer running a software application selected by a user and implemented in accordance with the subject embodiments.
The instructions 14 are especially illustrated to include four items: an App Configuration Data Definition File (ACDDF) 30, a digital signature processor 32, an ACDDF validation processor 34, and an App configuration file digital signature processor 36. Although these elements are shown as software items in the memory instructions, they could alternately be implemented structurally as hardware/firmware in a manner similar to processor 16.
The term “software”, as used herein, is intended to encompass any collection or set of instructions executable by a computer or other digital system so as to configure the computer or other digital system to perform the task that is the intent of the software. Software as used herein is intended to encompass such instructions stored in storage medium such as RAM, a hard disk, optical disk, or so forth, and is also intended to encompass so-called “firmware” that is software stored on a ROM or so forth. Such software may be organized in various ways, and may include software components organized as libraries, Internet-based programs stored on a remote server or so forth, source code, interpretive code, object code, directly executable code, and so forth. It is contemplated that the software may invoke system-level code or calls to other software residing on a server or other location to perform certain functions.
The method illustrated in
Alternatively, the method may be implemented in transitory media, such as a transmittable carrier wave in which the control program is embodied as a data signal using transmission media, such as acoustic or light waves, such as those generated during radio wave and infrared data communications, and the like.
The exemplary method may be implemented on one or more general purpose computers, special purpose computer(s), a programmed microprocessor or microcontroller and peripheral integrated circuit elements, an ASIC or other integrated circuit, a digital signal processor, a hardwired electronic or logic circuit such as a discrete element circuit, a programmable logic device such as a PLD, PLA, FPGA, Graphical card CPU (GPU), or PAL, or the like. In general, any device, capable of implementing a finite state machine that is in turn capable of implementing the flowchart shown in
With reference to
It is noteworthy that the software distribution system validates the App Configuration Data entered by the intended user through the user interface before the user executes an install instruction, and then again the digital signature applied by the system is checked for validation before an operating device accepts installation of the App.
It will be appreciated that variants of the above-disclosed and other features and functions, or alternatives thereof, may be combined into many other different systems or applications. Various presently unforeseen or unanticipated alternatives, modifications, variations or improvements therein may be subsequently made by those skilled in the art which are also intended to be encompassed by the following claims.
