公开(公告)号：WO2017105326A1

公开(公告)日：2017-06-22

申请号：PCT/SE2016/051259

申请日：2016-12-15

Applicant: SAAB AB

Inventor： JONSSON, Mats

IPC: G06F21/32 ,  G06F21/55 ,  G06F21/57 ,  G06F21/44 ,  G06F21/50 ,  G06F21/53

CPC classification number: G06F21/57 ,  G06F21/44 ,  G06F21/53 ,  G06F21/554 ,  G06F2201/865 ,  G06F2221/033 ,  H04L2209/127

Abstract: The present invention relates to a method for authenticating software. The method comprises defining 41 a set of parameters to use for trace mapping the software, wherein the set of parameters represents the software functionality when executed. The method further comprises: a) creating 42 a trusted fingerprint that is created by trace mapping the software using the set of parameters when executed in a trusted environment; b) creating 43 an operating fingerprint that is created by trace mapping the software using the set of parameters when executed in an operating environment; c) comparing 44 the operating fingerprint with the trusted fingerprint, and identifying 45 any difference between the trusted fingerprint and the operating fingerprint; and d) when said operating fingerprint is non-identical with the trusted fingerprint, initiating 46 predefined action(s) in response to the identified differences between the trusted fingerprint and the operating fingerprint.

Abstract translation: 本发明涉及一种用于认证软件的方法。 该方法包括定义41一组参数以用于跟踪映射软件，其中该组参数表示执行时的软件功能。 该方法进一步包括：a）创建42通过在可信环境中执行时使用该组参数跟踪映射软件而创建的可信指纹; b）创建43通过在操作环境中执行时使用该组参数跟踪映射软件而创建的操作指纹; c）将操作指纹与可信指纹进行比较44，并且识别可信指纹和操作指纹之间的任何差异; 以及d）当所述操作指纹与所述可信指纹不相同时，响应于所述可信指纹与所述操作指纹之间所识别的差异，发起46个预定义动作。

公开(公告)号：WO2016144217A1

公开(公告)日：2016-09-15

申请号：PCT/SE2015/050260

申请日：2015-03-09

Applicant: SAAB AB

Inventor： JONSSON, Mats

IPC: H04L29/06

CPC classification number: H04L9/3226 ,  H04L9/14 ,  H04L61/2007 ,  H04L63/04 ,  H04L63/0428 ,  H04L63/061 ,  H04L69/162

Abstract: The disclosure relates to a system, devices and methods for distributing and using a communication scheme for way to enable secure communication between communication nodes in a network. A method comprises determining (S1), in the network node, a set of available IP addresses and a set of ports, dividing (S2), in the network node, a time frame in time slots, associating (S3), in the network node, each time slot with an IP address, with a port associated with the IP address and with a unique cryptographic key, distributing (S4), from the network node, the communication scheme to the communication node, receiving (S100), in the communication node, the communication scheme and communicating (S300), in the communication node, with another communication node in possession of a corresponding communication scheme by hopping between the IP addresses and ports according to the communication scheme and encrypting the communication using the unique cryptographic key.

Abstract translation: 本公开涉及用于分发和使用通信方案以用于实现网络中的通信节点之间的安全通信的方式的系统，设备和方法。 一种方法，包括：在网络节点中确定（S1）一组可用的IP地址和一组端口，在网络节点中划分（S2）时隙中的时间帧，在网络中关联（S3） 节点，具有IP地址的每个时隙，具有与所述IP地址相关联的端口和独特的加密密钥，从所述网络节点将所述通信方案分发（S4）到所述通信节点，在所述通信节点中接收（S100） 通信节点，通信方案和通信（S300）中，通过根据通信方案在IP地址和端口之间跳过而拥有相应通信方案的另一通信节点，并使用唯一密码密钥加密通信 。