Referring to FIG. 1, in a networked computer system 100, a first device 102 may download a computer program 103 residing on another device 104 or 105. In this example, the first device 102 will typically be a computer controlled device, such as a conventional computer workstation, or a telephone, pager, toy or even an industrial device. The first device 102 will generally have a central processing unit 106, memory 110 for storing an operating system 112, programs, documents and other data, and a communications interface 114 for connecting to a communications network 101 such as the Internet, a local area network or a wide area network. The network 101 and interface 114 may include a wired or wireless connection to the network. Memory 110 typically includes random access memory and possibly other types of memory such as read only memory. The first device 102 may or may not include a user interface 108. The devices 102, 104 are often called “nodes on the network” or “network nodes.”
The second device 104 or 105 will often be a network server, but may be a user workstation or other computer.
The purpose of the verifier of the present invention is enable the first computer to verify the integrity of a downloaded program 103, prior to execution of the program. More specifically, the verifier determines whether the downloaded program 103 will underflow or overflow its operand stack, or whether the downloaded program 103 will violate files and other resources on the user's computer.