Apple Inc (AAPL)

[2bStealthy]

Apple files patent: system and method for creating tamper-resistant code (updated)
Posted on Nov 3, 2005 at 3:43pm by Neo
On Nov. 3, the US Patent & Trademark Office revealed that Apple = has filed patent application 20050246554 titled “system and method for creating tamper-resistant code.” James D. Batson is listed as the sole inventor for application 837413 originally filed in April 2004. This appears to be related to Apple’s forthcoming Tiger-Intel platform.

Summary

A system and method for creating tamper-resistant code are described herein. In one embodiment, the method comprises receiving a first object code block. The method also comprises translating the first object code block into a second object code block, wherein the translating includes applying to the first object code block or the second object code block tamper-resistance techniques. The method also comprises executing the second object code block.

In one embodiment the system comprises a processor and a memory unit coupled with the processor. In the system, the memory unit includes a translator unit to translate at runtime blocks of a first object code program into a blocks of a second object code program, wherein the blocks of the second object code program are to be obfuscated as a result of the translation, and wherein the blocks of the second object code program include system calls. The memory unit also includes a runtime support unit to provide service for some of the system calls, wherein the runtime support unit is to deny service for others of the system calls, and wherein service is denied based on a tamper resistance policy.

Background

Tamper-resistant software is software that is difficult to change, tamper with, and/or attack. Code obfuscation is one technique for achieving tamper-resistant software. Generally, the goal of code obfuscation is to make it difficult for attackers to determine what is happening in a block of code. If attackers use debuggers or emulators to trace instructions, code obfuscation can make the code difficult to understand or change.

According to one code obfuscation technique, additional instructions are added to a program. The instructions are added to confuse attackers and/or produce ancillary results, which must be verified before execution can continue past certain points. One problem with this method of code obfuscation is that it typically requires code to be modified by hand. Moreover, it may require existing software to be completely restructured, especially if parts of the software must run in a tamper resistant interpretive environment with system service restrictions.

See part two for descriptions of 11 associated illustrations: A system for creating tamper-resistant code using Dynamic and Static translation is revealed.

References to Mac OS X, Linux and Microsoft Windows

Under claims for Apple’s patent application 20050246554, there’s a consistent reference to a first or second operating system selected from a set consisting of Mac OS X, Linux, and Microsoft Windows. Note the following:

Patent Point # 20: A method comprising: receiving a system call, wherein the system call is formatted for requesting a service from a first operating system, wherein the system call is included in a first object code block, wherein the first object code block is a run-time translation of a second object code block; determining which system call services of a second operating system are needed for providing the service; determining whether system call services for servicing the system call have been disabled, wherein the determining is based on a tamper-resistance policy; servicing the system call, if the system call services for servicing the system call have not been disabled.

22: The method of claim 20, wherein the first operating system is selected from the set consisting of Mac OS X, Linux, and Microsoft Windows.
23: The method of claim 20, wherein the second operating system is selected from the set consisting of Mac OS X, Linux, and Microsoft Windows.
Patent Point # 24: A method comprising: installing a first object code program, wherein the installing includes, statically translating the first object code program into a second object code program that is executable on a machine, wherein the statically translating includes, determining an identifier based on a state of the machine or a user attribute; and obfuscating the first object code program or the second object code program, wherein the obfuscating depends on the identifier; and storing the second object code program for execution by the machine.

29: The method of claim 24, wherein the machine includes an operating system selected from the set consisting of Microsoft Windows, Linux, and Mac OS X.
35: The apparatus of claim 33, wherein the second object code program is executable on an Apple Macintosh or Windows PC.
Patent Point # 64: A machine-readable medium that provides instructions, which when executed by a machine, cause the machine to perform operations comprising: receiving a system call, wherein the system call is formatted for requesting a service from a first operating system, wherein the system call is included in a first object code block, wherein the first object code block is a run-time translation of a second object code block; determining which system call services of a second operating system are needed for providing the service; determining whether system call services for servicing the system call have been disabled, wherein the determining is based on a tamper-resistance policy; servicing the system call, if the system call services for servicing the system call have not been disabled.

66: The machine-readable medium of claim 64, wherein the first operating system is selected from the set consisting of Microsoft Window, Linux, and Mac OS X.
67: The machine-readable medium of claim 64, wherein the second operating system is selected from the set consisting of an Apple Macintosh Operating System, Linux, and Microsoft Windows.
Patent Point # 68: a machine-readable medium that provides instructions, which when executed by a machine, cause the machine to perform operations comprising: installing a first object code program, wherein the installing includes, statically translating the first object code program into a second object code program that is executable on a machine, wherein the statically translating includes, determining an identifier based on a state of the machine or a user attribute; and obfuscating the first object code program or the second object code program, wherein the obfuscating depends on the identifier; and storing the second object code program for execution by the machine.

#72: The machine-readable medium of claim 68, wherein the machine is selected from a set consisting of Apple Macintosh and Windows PC.

Notice

Macsimum News presents only a brief summary of patents with associated graphic(s) for journalistic news purposes as each such patent application and/or grant is revealed by the U.S. Patent & Trade Office. Readers are cautioned that the full text of any patent applications and/or grants should be read in its entirety for further details.

Patent Application: 20050246554
neo@macsimumnews.com



http://www.macsimumnews.com/index.php/archive/apple_files_patent_system_and_method_for_creating_tamp...