US 12,147,509 B2
System protection using verification of software digital identity values
Yevgeni Gehtman, Modi'in (IL); Tomer Shachar, Omer (IL); and Maxim Balin, Gan-Yavne (IL)
Assigned to EMC IP Holding Company LLC, Hopkinton, MA (US)
Filed by EMC IP Holding Company LLC, Hopkinton, MA (US)
Filed on Mar. 24, 2021, as Appl. No. 17/210,799.
Prior Publication US 2022/0309132 A1, Sep. 29, 2022
Int. Cl. G06F 21/00 (2013.01); G06F 21/12 (2013.01); G06F 21/44 (2013.01); G06F 21/64 (2013.01); G06F 21/71 (2013.01)
CPC G06F 21/12 (2013.01) [G06F 21/44 (2013.01); G06F 21/64 (2013.01); G06F 21/71 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A method, comprising:
obtaining a first software digital identity value for a system of a first entity, wherein the first software digital identity value is generated, by at least one processing device of at least one second entity, by applying a hash function to one or more of: (i) a respective software identifier and (ii) a respective code representation of a plurality of software components of the system at a first time;
comparing, by the at least one processing device of the at least one second entity, wherein the at least one second entity is different than the first entity, a second software digital identity value to the first software digital identity value, wherein the second software digital identity value is generated by applying the hash function to the one or more of: (i) the respective software identifier and (ii) the respective code representation of the plurality of software components of the system at a second time that is subsequent to the first time, wherein the comparison of the first software digital identity value and the second software digital identity value detects a change in one or more of the plurality of software components of the system between the first time and the second time, wherein the second time, for generating the second software digital identity value used in the comparison, corresponds to a time of the system being one or more of installed, configured and activated at a location of the first entity, wherein the first software digital identity value is stored, by the at least one processing device of the at least one second entity, remotely from the location of the first entity, wherein the system of the first entity, at the second time, sends the at least one processing device of the at least one second entity one or more of: (i) one or more of the respective software identifier and the respective code representation of respective ones of the plurality of software components of the system at the second time, for computation of the second software digital identity value of the system at the second time by the at least one processing device of the at least one second entity using the hash function and the one or more of the respective software identifier and the respective code representation of respective ones of the plurality of software components of the system at the second time and (ii) the second software digital identity value of the system, computed by at least one processing device of the first entity at the second time, using the hash function and the one or more of the respective software identifier and the respective code representation of respective ones of the plurality of software components of the system at the second time, wherein the at least one processing device of the at least one second entity (a) obtains the first software digital identity value stored remotely from the location of the first entity and (b) performs the comparison that detects the change in the one or more software components of the system between the first time and the second time; and
performing one or more automated actions based at least in part on a result of the comparison;
wherein the at least one processing device comprises a processor coupled to a memory.