公开(公告)号：US07424606B2

公开(公告)日：2008-09-09

申请号：US10430999

申请日：2003-05-07

申请人： Butler W. Lampson ,  John D. DeTreville ,  Paul England

发明人： Butler W. Lampson ,  John D. DeTreville ,  Paul England

IPC分类号： H04L9/00 ,  G06F7/04

CPC分类号： G06F9/468 ,  G06F9/4406 ,  G06F21/10 ,  G06F21/575 ,  G06F2221/2113 ,  H04L63/0435 ,  H04L63/0442 ,  H04L63/166

摘要： A system and method for authenticating an operating system includes, in accordance with one aspect, a method in a computer system having a processor, an operating system (OS), and a software identity register that holds an identity of the operating system, the processor having a private key. The method comprises forming an OS certificate containing the identity from the software identity register and signing the OS certificate using the private key. In accordance with another aspect, the signed identity is submitted to a recipient to prove an identity of the operating system to the recipient.

摘要翻译： 根据一个方面，用于认证操作系统的系统和方法包括具有处理器，操作系统（OS）和保存操作系统的身份的软件身份寄存器的计算机系统中的方法，所述处理器 有私钥。 该方法包括从软件身份寄存器形成包含身份的OS证书，并使用私钥对OS证书进行签名。 根据另一方面，将签名的身份提交给接收者以向接收者证明操作系统的身份。

公开(公告)号：US07305553B2

公开(公告)日：2007-12-04

申请号：US11206578

申请日：2005-08-18

申请人： Paul England ,  Marcus Peinado ,  Daniel R. Simon ,  Josh D. Benaloh

发明人： Paul England ,  Marcus Peinado ,  Daniel R. Simon ,  Josh D. Benaloh

IPC分类号： H04L29/00

CPC分类号： G06F21/54 ,  G06F21/53 ,  G06F21/57

摘要： Manifest-based trusted agent management in a trusted operating system environment includes receiving a request to execute a process is received and setting up a virtual memory space for the process. Additionally, a manifest corresponding to the process is accessed, and which of a plurality of binaries can be executed in the virtual memory space is limited based on indicators, of the binaries, that are included in the manifest.

公开(公告)号：US20070226492A1

公开(公告)日：2007-09-27

申请号：US11754856

申请日：2007-05-29

申请人： Marcus Peinado ,  Paul England

发明人： Marcus Peinado ,  Paul England

IPC分类号： H04L9/00

CPC分类号： H04L63/0442 ,  G06F21/10 ,  G06F21/71 ,  G06F2221/2105 ,  H04L9/0897 ,  H04L9/3236 ,  H04L9/3263 ,  H04L63/068 ,  H04L63/0823 ,  H04L63/12 ,  H04L2209/603

摘要： A secure processor is operable in normal and preferred modes, and includes a security kernel instantiated when the processor enters into preferred mode and a security key accessible by the security kernel during preferred mode. The security kernel employs the accessed security key to authenticate a secure application, and allows the processor to be trusted to keep hidden a secret of the application. To instantiate the application, the processor enters preferred mode where the security key is accessible, and instantiates and runs the security kernel. The security kernel accesses the security key and applies same to decrypt a key for the application, stores the decrypted key in a location where the application will expect same, and instantiates the application. The processor then enters the normal mode, where the security key is not accessible.

摘要翻译： 安全处理器在正常和优选模式下可操作，并且包括当处理器进入优选模式时实例化的安全内核以及在优选模式期间由安全内核访问的安全密钥。 安全内核使用访问的安全密钥来认证安全应用程序，并允许处理器被信任以隐藏应用程序的秘密。 为了实例化应用程序，处理器进入可访问安全密钥的首选模式，并实例化和运行安全内核。 安全内核访问安全密钥并应用该密钥对应用程序的密钥进行解密，将解密的密钥存储在应用程序期望相同的位置，并实例化应用程序。 然后，处理器进入正常模式，其中安全密钥不可访问。

公开(公告)号：US07257707B2

公开(公告)日：2007-08-14

申请号：US11206579

申请日：2005-08-18

申请人： Paul England ,  Marcus Peinado ,  Daniel R. Simon ,  Josh D. Benaloh

发明人： Paul England ,  Marcus Peinado ,  Daniel R. Simon ,  Josh D. Benaloh

IPC分类号： H04L29/00

CPC分类号： G06F21/54 ,  G06F21/53 ,  G06F21/57

摘要： Manifest-based trusted agent management in a trusted operating system environment includes receiving a request to execute a process is received and setting up a virtual memory space for the process. Additionally, a manifest corresponding to the process is accessed, and which of a plurality of binaries can be executed in the virtual memory space is limited based on indicators, of the binaries, that are included in the manifest.

摘要翻译： 在受信任的操作系统环境中的基于清单的可信代理管理包括接收接收到的执行进程的请求，并为进程设置虚拟内存空间。 此外，访问对应于进程的清单，并且可以基于二进制文件中包括在清单中的指示符限制在虚拟存储器空间中执行多个二进制文件中的哪一个。

公开(公告)号：US20070174600A1

公开(公告)日：2007-07-26

申请号：US11292768

申请日：2005-12-02

申请人： Mark Williams ,  Paul England ,  Xian Ke

发明人： Mark Williams ,  Paul England ,  Xian Ke

IPC分类号： G06F9/00

CPC分类号： G06F21/316 ,  G06F21/629 ,  G06F2221/2149

摘要： In order to facilitate the execution of a command in a pre-OS environment, functionality is provided in the OS environment which allows information regarding a requested command to be communicated to the pre-OS environment. A user request for a command is received, and the user is given information regarding the procedure for execution of the command. The OS communicates to the pre-OS environment certain information, for example by writing to specific memory locations accessible by the pre-OS environment. When the pre-OS environment is activated, the information is used in order to facilitate the user's execution of the command. Information can be transmitted back to the OS, for presentation to the user or further action by the pre-OS environment.

摘要翻译： 为了便于在OS前环境中执行命令，在OS环境中提供功能，其允许关于所请求命令的信息被传送到OS前的环境。 接收到用户对命令的请求，并向用户提供关于执行命令的过程的信息。 操作系统通过写入到操作系统之前的环境可访问的特定存储器位置来向操作系统前的操作环境通信某些信息。 当前OS环境被激活时，使用该信息以便于用户执行该命令。 信息可以被传送回操作系统，用于呈现给用户或者由操作系统之前的环境进一步的动作。

公开(公告)号：US20070104329A1

公开(公告)日：2007-05-10

申请号：US11615195

申请日：2006-12-22

申请人： Paul England ,  John Detreville ,  Butler Lampson

发明人： Paul England ,  John Detreville ,  Butler Lampson

IPC分类号： H04K1/00

CPC分类号： G06F21/10 ,  G06F9/4406 ,  G06F9/468 ,  G06F21/445 ,  G06F21/57 ,  G06F21/575 ,  G06F2221/0704 ,  G06F2221/2103 ,  G06F2221/2113 ,  G06F2221/2129

摘要： In accordance with certain aspects, an operating system is booted for execution on a central processing unit (CPU). An atomic operation is executed, and if the atomic operation completes correctly then a software identity register of the CPU is set to an identity of the operating system.

摘要翻译： 根据某些方面，引导操作系统以在中央处理单元（CPU）上执行。 执行原子操作，如果原子操作正确完成，则将CPU的软件标识寄存器设置为操作系统的标识。

公开(公告)号：US20070088949A1

公开(公告)日：2007-04-19

申请号：US11557581

申请日：2006-11-08

申请人： Paul England ,  Marcus Peinado

发明人： Paul England ,  Marcus Peinado

IPC分类号： H04L9/00

CPC分类号： G06F21/6218

摘要： In accordance with certain aspects, data is received from a calling program. Ciphertext that includes the data is generated, using public key encryption, in a manner that allows only one or more target programs to be able to obtain the data from the ciphertext. In accordance with another aspect, a bit string is received from a calling program. An identifier of the calling program is checked to determine whether the calling program is allowed to access data encrypted in ciphertext of the bit string. The data is decrypted using public key decryption and returned to the calling program only if the calling program is allowed to access the data.

摘要翻译： 根据某些方面，从呼叫程序接收数据。 使用公钥加密来生成包含数据的密文，只允许一个或多个目标程序能够从密文获得数据。 根据另一方面，从调用程序接收位串。 检查调用程序的标识符以确定是否允许调用程序访问以位串的密文加密的数据。 数据使用公开密钥解密解密，只有在允许调用程序访问数据的情况下才能返回到调用程序。

公开(公告)号：US20070088946A1

公开(公告)日：2007-04-19

申请号：US11557620

申请日：2006-11-08

申请人： Paul England ,  Marcus Peinado

发明人： Paul England ,  Marcus Peinado

IPC分类号： H04L9/00

CPC分类号： G06F21/6218

摘要： In accordance with certain aspects, data is received from a calling program. Ciphertext that includes the data is generated, using a symmetric cipher, in a manner that allows only one or more target programs to be able to obtain the data from the ciphertext. In accordance with other aspects, a bit string is received from a calling program. An identifier of the calling program is checked to determine whether the calling program is allowed to access data encrypted in ciphertext of the bit string. The integrity of the data is also verified, and the data is decrypted using a symmetric key. The data is returned to the calling program only if the calling program is allowed to access the data and if the integrity of the data is successfully verified.

公开(公告)号：US20070086588A1

公开(公告)日：2007-04-19

申请号：US11557595

申请日：2006-11-08

申请人： Paul England ,  Marcus Peinado

发明人： Paul England ,  Marcus Peinado

IPC分类号： H04L9/28

CPC分类号： G06F21/6218

摘要： In accordance with certain aspects, data is received from a calling program. Ciphertext that includes the data is generated, using a symmetric cipher, in a manner that allows only one or more target programs to be able to obtain the data from the ciphertext. In accordance with other aspects, a bit string is received from a calling program. An identifier of the calling program is checked to determine whether the calling program is allowed to access data encrypted in ciphertext of the bit string. The integrity of the data is also verified, and the data is decrypted using a symmetric key. The data is returned to the calling program only if the calling program is allowed to access the data and if the integrity of the data is successfully verified.

摘要翻译： 根据某些方面，从呼叫程序接收数据。 使用对称密码，以允许只有一个或多个目标程序能够从密文获得数据的方式生成包含数据的密文。 根据其他方面，从呼叫程序接收到位串。 检查调用程序的标识符以确定是否允许调用程序访问以位串的密文加密的数据。 还验证数据的完整性，并使用对称密钥对数据进行解密。 只有当主叫程序被允许访问数据并且数据的完整性被成功验证时，才将数据返回给调用程序。

公开(公告)号：US07194092B1

公开(公告)日：2007-03-20

申请号：US09227568

申请日：1999-01-08

申请人： Paul England ,  John D. DeTreville ,  Butler W. Lampson

发明人： Paul England ,  John D. DeTreville ,  Butler W. Lampson

IPC分类号： H04L9/00

CPC分类号： G06F9/468 ,  G06F9/4406 ,  G06F21/10 ,  G06F21/575 ,  G06F2221/2113 ,  H04L63/0435 ,  H04L63/0442 ,  H04L63/166

摘要： Secure storage for downloaded content on a subscriber computer is keyed to a trusted digital rights management operating system, a trusted application, a trusted user or a combination thereof. A one-way hash function is applied to a seed supplied by an application to produce a hashed seed that is used to generate the application storage key. A one-way hash function is applied to a seed supplied by a user to produce a first hashed seed that is passed to a keyed hash function, which is keyed to an identity for the user, to produce a second hashed seed. The second hashed seed is used to generate the user storage key. An operating system storage key is generated from an unhashed seed. One of the storage keys is used to encrypt the downloaded content. An access predicate attached to the content when it is downloaded is associated with the storage key to enforce certain limitations on the access of the content.

摘要翻译： 用户计算机上的下载内容的安全存储被锁定到可信赖的数字版权管理操作系统，可信应用程序，可信用户或其组合。 单向散列函数应用于由应用程序提供的种子以产生用于生成应用程序存储密钥的散列种子。 单向散列函数被应用于由用户提供的种子以产生第一散列种子，该第一散列种子被传递给键入的哈希函数，其被键入用户的身份，以产生第二散列种子。 第二个散列种子用于生成用户存储密钥。 从未分解的种子生成操作系统存储密钥。 其中一个存储密钥用于加密下载的内容。 在下载时附加到内容的访问谓词与存储密钥相关联，以对内容的访问执行某些限制。