公开(公告)号：EP3828748B1

公开(公告)日：2024-06-26

申请号：EP20178816.3

申请日：2020-06-08

IPC分类号： G06F21/62 ,  H04L9/40

CPC分类号： G06F21/6236 ,  H04L63/10 ,  G06F21/6218 ,  G06F21/6281

公开(公告)号：EP3847568B1

公开(公告)日：2024-05-01

申请号：EP19787551.1

申请日：2019-10-01

IPC分类号： G06F21/62 ,  G06F21/80 ,  H04L9/40 ,  G06F21/78

CPC分类号： G06F21/6281 ,  H04L63/101 ,  G06F21/78

公开(公告)号：EP4354334A2

公开(公告)日：2024-04-17

申请号：EP24159742.6

申请日：2019-10-01

申请人： Microsoft Technology Licensing, LLC

发明人： RAMAKRISHNAPPA, Dhananjay ,  THIEL, Gregory Irving ,  KUPPUSAMY, Manoharan ,  BANSAL, Yogesh

IPC分类号： G06F21/78

CPC分类号： G06F21/6281 ,  H04L63/101 ,  G06F21/78

摘要： A server kernel processing system receives an input/output (I/O) request from a user mode computing environment. The I/O request is analyzed to determine whether it is a modification request to modify data in a target volume. If so, target analysis logic determines whether the request is for a target volume that is within a first or second protected volume. If the request is to modify data stored in the first protected volume, the request is blocked. If the request is to modify data in a second protected volume, then a whitelist is examined to determine whether the requesting process and user are on the whitelist. If not, the request is also blocked.

公开(公告)号：EP2581853B1

公开(公告)日：2018-05-30

申请号：EP12188436.5

申请日：2012-10-12

申请人： Samsung Electronics Co., Ltd.

发明人： Onur, Aciicmez ,  Blaich, Andrew C

IPC分类号： G06F21/54 ,  G06F21/62

CPC分类号： G06F21/54 ,  G06F21/6281

摘要： The security of web widgets is improved by transferring a set of access control decisions conventionally handled by the Web Runtime system (WRT) to a more secure portion of the computing system, such as a kernel in the operating system. Access control rules are extracted and provided to the more secure portion. This may be performed during widget installation or at invocation of a widget. During runtime, the more secure portion performs security checking functions for the widget instead of the WRT.

公开(公告)号：EP1842317B1

公开(公告)日：2018-05-23

申请号：EP06734006.7

申请日：2006-01-27

申请人： Cisco Technology, Inc.

发明人： MALVER, Debra, L. ,  KRAEMER, Jeffrey, Albin

IPC分类号： H04L9/00 ,  G06F21/56 ,  G06F21/53 ,  G06F21/57 ,  G06F21/62

CPC分类号： G06F21/6281 ,  G06F21/53 ,  G06F21/56 ,  G06F21/57 ,  G06F21/6218 ,  G06F2221/2105

摘要： A system controls security during operation of a computerized device by enforcing a first security policy during first operational state of the computerized device. Enforcement of the first security policy provides a first level access to resources within the computerized device by processes operating in the computerized device. The system detects a transition operation of the computerized device that occurs during enforcement of the first security policy indicating that operation of the computerized device is transitioning from the first operational state to a second operational state and in response, enforces a second security policy corresponding to the second operational state to provide a level of access to the resources within the computerized device that corresponds to the second operational state during operation of the second operational state. This can be repeated for many different states including boot time, normal runtime, installation, shutdown, and a compromised state.

公开(公告)号：EP3210337A4

公开(公告)日：2018-05-16

申请号：EP15852905

申请日：2015-10-14

申请人： SECURE ISLANDS TECH LTD

发明人： ELDAR YUVAL ,  OZ ROEE ,  REZNITSKY SLAVA

IPC分类号： H04L9/32 ,  G06F9/445 ,  G06F17/30 ,  G06F21/00 ,  G06F21/10 ,  G06F21/54 ,  G06F21/60 ,  G06F21/62 ,  H04W12/04

CPC分类号： G06F21/602 ,  G06F9/44521 ,  G06F21/10 ,  G06F21/54 ,  G06F21/6281 ,  H04L2463/101 ,  H04W12/04

摘要： A method for enabling data classification and′ or enforcement of Information Rights Management (IRM) capabilities and′or encryption in a software application according to which, an agent is installed on each terminal device that runs the application and a central management module which includes the IRM, encryption and classification policy to be enforced, communicates with agents that are installed on each terminal device. The central management module distributes the appropriate IRM and′or classification policy to each agent and applies the policy to any application that runs on the terminal device.

公开(公告)号：EP3312756A1

公开(公告)日：2018-04-25

申请号：EP17193379.9

申请日：2017-09-27

申请人： Trustonic Limited

发明人： EKBERG, Jan-Erik Gustav

IPC分类号： G06F21/57 ,  H04L9/00 ,  H04L9/32 ,  H04L9/08 ,  G06F21/44 ,  G06F21/62 ,  G06F21/73

CPC分类号： G06Q20/3829 ,  G06F21/44 ,  G06F21/57 ,  G06F21/6281 ,  G06F21/73 ,  G06Q20/4014 ,  G06Q2220/00 ,  H04L9/007 ,  H04L9/0869 ,  H04L9/3247 ,  H04L9/3265 ,  H04L63/061 ,  H04L63/0807 ,  H04L2209/38

摘要： A method for establishing a new cryptographic identity for an electronic device 2 comprises providing in the electronic device 2 at least one device key 62 for encryption or decryption of data or commands or for proving the identity of the electronic device 2 according to the new cryptographic identity; and uploading, to a public ledger 64 for tracking a chain of cryptographic identities established for said electronic device, information indicative of an identity of a stakeholder establishing the new cryptographic identity and an order in which the new cryptographic identity was established with respect to other cryptographic identities in said chain.

摘要翻译： 用于为电子设备2建立新的密码身份的方法包括在电子设备2中提供至少一个设备密钥62，用于加密或解密数据或命令或者用于根据新的密码身份验证电子设备2的身份 ; 并上载到公共总帐64以跟踪为所述电子设备建立的密码身份链，指示建立新密码身份的利益相关者的身份的信息以及关于其他密码建立新密码身份的顺序的信息 在上述链条中的身份。

公开(公告)号：EP3304408A1

公开(公告)日：2018-04-11

申请号：EP16730646.3

申请日：2016-06-08

申请人： Microsoft Technology Licensing, LLC

发明人： RIVA, Oriana ,  NATH, Suman Kumar ,  OLUWAFEMI, Temitope ,  ROESNER, Franziska ,  KOHNO, Tadayoshi

IPC分类号： G06F21/62 ,  H04W12/04 ,  H04W12/08

CPC分类号： H04L63/102 ,  G06F21/126 ,  G06F21/6218 ,  G06F21/6281 ,  G06F21/629 ,  G06F2221/2143 ,  H04W12/08

摘要： Systems and methods for creating and managing per-application profiles are disclosed. A method may include receiving input designating at least a first profile policy and a second profile policy. At least a first application profile and a second application profile may be created based on the received first profile policy and the second profile policy. An application of the plurality of applications may be associated with both the first application profile and the second application profile. A first storage partition and a second storage partition may be created within a storage space of the computing device. The storage space may be associated with the application. The first storage partition may store application data while the application is running under the first application profile. The second storage partition may store application data while the application is running under the second application profile.

公开(公告)号：EP1630679B1

公开(公告)日：2018-04-04

申请号：EP04733090.7

申请日：2004-05-14

申请人： Vodafone Group PLC

发明人： OTAKA, Osamu ,  MOROTO, Mineko ,  WATANABE, Norioki ,  MURAKAMI, Toshihiko ,  OGAWA, Satoshi ,  NISHIKATA, Naomi

IPC分类号： G06F12/14 ,  G06F9/06 ,  H04W12/08 ,  G06F21/62 ,  H04L29/06 ,  H04L29/08

CPC分类号： H04L67/34 ,  G06F21/6281 ,  H04L63/10

摘要： When an application activation instruction is input, it is decided whether the application is expected to access a high-level protection resource or low-level protection resource (step S31). If the decision is affirmative, display is done to prompt the user to select whether to permit activation of the application (step S32). When the user inputs an activation permission instruction, the application is activated (steps S33 to S36). As a result, only when the user permits an application, which is expected to access a high-level protection resource or low-level protection resource, to access a predetermined resource immediately before its execution, the application is executed. Hence, the basic processing part and application can operate in cooperation with each other while limiting access to various kinds of resources by the application in a reasonable range.

公开(公告)号：EP3296906A1

公开(公告)日：2018-03-21

申请号：EP15896181.3

申请日：2015-11-20

申请人： Phicomm (Shanghai) Co., Ltd.

发明人： LIU, Yunfeng

IPC分类号： G06F21/14

CPC分类号： G06F21/14 ,  G06F9/44521 ,  G06F21/6281 ,  G06F2221/0748

摘要： The present disclosure provides a method for protecting a dex file from being decompiled in an Android system. The method comprises the following content: 1) loading a dex file into an inaccessible memory of an Android system; and 2) during execution, by performing reference execution, preventing the dex file from being found. In the method for protecting a dex file from be ing decompiled in an Android system in the present disclosure, a dex file is loaded into an inaccessible memory by means of a reference method, so that the dex file is prevented from being locally downloaded tor being copied and propagated; during execution, by means of reference execution, a decompiling person is prevented from finding the dex file so that the decompiling person cannot perform reverse engineering, thereby protecting an Android program from being decompiled.

摘要翻译： 本公开提供了一种用于保护dex文件免于在Android系统中反编译的方法。 该方法包括以下内容：1）将dex文件加载到Android系统的不可访问的存储器中; 2）在执行过程中，通过执行参考执行，防止找到dex文件。 在本公开中，在Android系统中用于保护分布式文件不被反编译的方法中，通过参考方法将分布式文件加载到不可访问的存储器中，从而防止分布式文件被本地下载 复制和传播; 在执行过程中，通过参考执行，防止了反编译人员查找到dex文件，使得反编译人员无法进行逆向工程，从而保护Android程序不被反编译。