1. Field
The present invention relates to the field of data security. More particularly, this invention relates to a platform and corresponding method for detecting changes in data stored within a platform.
2. General Background
Due to advances in signal processing technology and increased usage of the Internet, the distribution of digital information is increasing in popularity. In general, many computer users are now using the Internet to purchase and download software. Examples of this software include executable applications, JAVA(trademark) scripts, software games, audio recordings, and the like. While the Internet provides a vehicle for users to knowingly download data, it also provides a vehicle for computer viruses or macro programs unknowingly downloaded to a user""s computer.
It is well understood that a xe2x80x9ccomputer virusxe2x80x9d is software that is executed by a computer without the knowledge or authorization of the computer user. Upon execution, the virus software initiates an attack by making unauthorized and unwanted modifications to one or more components of the computer or to information stored on the computer. In particular, some computer viruses are capable of altering or destroying data stored on disk, scrambling characters or symbols on a monitor screen, displaying messages, and other damaging acts. Also, the computer virus may initiate an attack by attempting to propagate itself to other computers. This may be accomplished by making copies of itself on any accessible other non-volatile memory such as a diskette or hard disk.
To overcome the problems created by computer viruses, users have developed a variety of xe2x80x9canti-virusxe2x80x9d programs that both detect and remove known computer viruses. Most anti-virus software programs search for certain characteristic behaviors of the known computer viruses. Once detected, the computer viruses are removed. Examples of commercially available anti-virus programs include VirusScan(trademark) by McAfee Software, Inc. of Santa Clara, Calif.
While these anti-virus programs offer users some protection against computer viruses, they suffer from a number of disadvantages. For example, an anti-virus program is only effective against xe2x80x9cknownxe2x80x9d computer viruses. Thus, the program is unable to detect and remove recently detected and unknown computer viruses. Another disadvantage is that intelligent computer viruses may be able to disguise their functionality or alter data to disguise their presence. Hence, it would be desirable to develop a method and platform for detecting changes in the integrity of data stored therein.
Briefly, in one embodiment, the invention relates to a method comprising (i) producing and storing a manifest associated with a plurality of software components stored within a platform; and (ii) verifying the integrity of the plurality of software components in response to an event.