Bank of America Corporation
Blockchain Validation of Software

Abstract:

Aspects of the disclosure relate to validation of software by private and public blockchains. Hashes for known software are stored in a private blockchain. Hashes for unknown software are compared against the known hashes to determine if the software is known, malware free, and/or an authorized copy. Hashes for known good software and/or malware-containing software can be pre-seeded to the blockchains. Unknown software can be tested in sandboxes. Comparison results are stored in new blocks in the private chain and can be propagated out to the public chain anonymously without company attribution or software name disclosure. Validation servers can control the integrity of the blockchains. Updating blockchains may be controlled by requiring agreement of a majority of validation servers. Third parties can access the public chain to evaluate unknown software that they receive to determine if the software is malware free and/or an authorized copy.