-
公开(公告)号:US20130283267A1
公开(公告)日:2013-10-24
申请号:US13453285
申请日:2012-04-23
CPC分类号: G06F9/45558 , G06F2009/45562
摘要: A virtual machine is constructed using a first file received at an endpoint from at least one remote server across a wide area network and a second file received at the endpoint from a local network of the endpoint.
摘要翻译: 使用在来自至少一个远程服务器的端点从广域网接收的第一文件和从端点的本地网络在端点处接收的第二文件来构建虚拟机。
-
公开(公告)号:US20120054741A1
公开(公告)日:2012-03-01
申请号:US12873197
申请日:2010-08-31
申请人: Valiuddin Y. Ali , Manuel Novoa , Christopher I. Dalton , Boris Balacheff , Shab H. Madina , Lan Wang , Jeffrey C. Parker
发明人: Valiuddin Y. Ali , Manuel Novoa , Christopher I. Dalton , Boris Balacheff , Shab H. Madina , Lan Wang , Jeffrey C. Parker
CPC分类号: H04L9/3234 , G06F9/45545 , G06F2009/45587 , H04L9/3231
摘要: A computer system includes an authentication service running in a virtual machine. The authentication service uses the hardware components of the computer system in performing a user authentication process and responds to a remote call from another virtual machine by performing the user authentication process and returning a result.
摘要翻译: 计算机系统包括在虚拟机中运行的认证服务。 验证服务使用计算机系统的硬件组件执行用户认证过程,并通过执行用户认证过程并返回结果来响应来自另一个虚拟机的远程呼叫。
-
公开(公告)号:US20060265598A1
公开(公告)日:2006-11-23
申请号:US11389336
申请日:2006-03-23
申请人: David Plaquin , Marco Ricca , Boris Balacheff
发明人: David Plaquin , Marco Ricca , Boris Balacheff
IPC分类号: G06K9/00 , G06F12/14 , H04L9/00 , H04L9/32 , G06F17/30 , G06F12/00 , G06F11/00 , H04K1/00 , G06F11/30 , G06F15/16 , G06F13/00 , G06F12/16 , G06F7/04 , G06F15/18 , G06F7/58 , G08B23/00 , G06K19/00 , G11C7/00
CPC分类号: H04L63/0853 , H04L63/0892
摘要: A method for managing access to a computing environment by a computing device includes providing at least one credential that identifies both the computing device and a user of the computing device, storing data at the computing environment relating to the computing device and the user in association with the credential, and selectively granting an access request received from the computing device using the credential in accordance with the data stored at the computing environment.
-
公开(公告)号:US09129103B2
公开(公告)日:2015-09-08
申请号:US13824530
申请日:2011-01-28
申请人: Lan Wang , Boris Balacheff , Chris I. Dalton
发明人: Lan Wang , Boris Balacheff , Chris I. Dalton
CPC分类号: G06F21/44 , G06F9/45558 , G06F21/57 , G06F21/575 , G06F2009/45587
摘要: Disclosed embodiments relate to authenticating a hypervisor with encoded hypervisor information. In one embodiment, booting firmware 112 includes instructions to determine whether a received hypervisor 108 is an authentic hypervisor. In one embodiment, booting firmware 112 includes instructions to determine whether the received hypervisor 108 is in a selected configuration. In one embodiment, booting firmware 112 includes instructions to determine whether the receive hypervisor 108 is a selected version.
摘要翻译: 公开的实施例涉及用编码的管理程序信息验证管理程序。 在一个实施例中,启动固件112包括用于确定接收到的管理程序108是否是真正的管理程序的指令。 在一个实施例中,引导固件112包括用于确定接收到的管理程序108是否处于所选配置的指令。 在一个实施例中,引导固件112包括用于确定接收管理程序108是否是所选版本的指令。
-
公开(公告)号:US09053323B2
公开(公告)日:2015-06-09
申请号:US11786874
申请日:2007-04-13
申请人: Boris Balacheff , Valiuddin Y. Ali , Lan Wang
发明人: Boris Balacheff , Valiuddin Y. Ali , Lan Wang
CPC分类号: G06F21/572
摘要: A trusted component update system comprises verify logic configured to validate integrity of an update to a trusted component of a computing device, and logic disposed in the trusted component and configured to validate integrity of the verify logic.
摘要翻译: 受信任的组件更新系统包括被配置为验证对计算设备的可信组件的更新的完整性的验证逻辑,以及布置在所述可信组件中并被配置为验证所述验证逻辑的完整性的逻辑。
-
公开(公告)号:US20140359259A1
公开(公告)日:2014-12-04
申请号:US14238729
申请日:2011-09-29
CPC分类号: G06F21/572 , G06F9/4401 , G06F9/45541 , G06F9/45558 , G06F21/57 , G06F21/575 , G06F2009/45587 , H04L9/0877 , H04L63/0435 , H04L63/0442 , H04L63/0823
摘要: A computing system and a method of communicating with a virtual trusted runtime BIOS. The computing system can include hardware and a virtual machine monitor. A virtual trusted runtime BIOS can be managed by the virtual machine monitor. A communication channel can communicate with the virtual trusted runtime BIOS. The communication channel can be secured by a secure socket layer.
摘要翻译: 计算系统和与虚拟可信运行时BIOS进行通信的方法。 计算系统可以包括硬件和虚拟机监视器。 虚拟可信运行时BIOS可以由虚拟机监视器管理。 通信通道可以与虚拟可信运行时BIOS进行通信。 通信通道可以通过安全的插座层来保护。
-
公开(公告)号:US20140068699A1
公开(公告)日:2014-03-06
申请号:US13601050
申请日:2012-08-31
IPC分类号: H04L29/06
CPC分类号: H04L63/20 , H04L41/5045 , H04L41/5096
摘要: A network system for implementing a cloud platform within a network to which a device defining a computing environment for a user has access comprises an application management module, a community management module, and a user enrolment portal. The application management module enables access to an abstract application associated with a concrete application defining an implementation of the abstract application for the computing environment. The community management module manages a community comprised of a user credential and the abstract application, the community defines at least one of: a policy, a management process, and a service, under which the user can access the abstract application. The user enrolment portal supports an enrolment of the user in the community from the device and orchestrates a policy management mechanism to support an enforcement of the policy under which the user has access to the concrete application from the device.
摘要翻译: 一种用于在网络内实现云平台的网络系统,定义用户的计算环境的设备可以访问到该平台,包括应用管理模块,社区管理模块和用户注册门户。 应用管理模块使得能够访问与定义用于计算环境的抽象应用的实现的具体应用相关联的抽象应用。 社区管理模块管理由用户凭证和抽象应用程序组成的社区,社区定义了以下至少一个:策略,管理过程和服务,用户可以在其下访问抽象应用程序。 用户注册门户支持从设备注册社区中的用户,并且协调策略管理机制以支持强制用户可以从该设备访问具体应用的策略。
-
公开(公告)号:US08218765B2
公开(公告)日:2012-07-10
申请号:US10080476
申请日:2002-02-22
IPC分类号: H04K1/00
CPC分类号: H04L63/08 , G06F21/57 , H04L63/0492 , H04L63/0853 , H04L67/18
摘要: A trusted service which publishes information describing security attributes of computing platforms in a defined physical area, for use by a visitor to a building, for example, who is unfamiliar with the computing platforms available for use therein. In a preferred embodiment, the system provides only details and/or a list of public keys of genuine trusted computing platforms within the area.In another embodiment of the invention, the information system comprises a trusted computing platform for providing selected information to a user's portable computing apparatus.
摘要翻译: 一种可信任的服务,其将描述计算平台的安全属性的信息发布在定义的物理区域中,供建筑物的访问者使用,例如不熟悉可用于其中的计算平台。 在优选实施例中,系统仅提供该区域内的真实可信计算平台的细节和/或公钥列表。 在本发明的另一个实施例中,信息系统包括用于向用户的便携式计算设备提供选定信息的可信计算平台。
-
公开(公告)号:US07457951B1
公开(公告)日:2008-11-25
申请号:US09979903
申请日:2000-05-25
IPC分类号: H04L9/00
CPC分类号: G06F21/567 , G06F21/566 , G06F21/57 , G06F21/64 , G06F2207/7219 , G06F2211/009 , G06F2211/1097
摘要: A method of security monitoring of data files in a computer platform is carried out by a trusted component having a processor and trusted memory area. The method comprises creating one or a plurality of data files in an untrusted memory area of said computing platform, for each created data file, periodically generating a digest data by applying a hash function to each data file, storing the digest data in a trusted memory area and for each file periodically comparing a current digest data of the file with a previously generated digest data of the file. Any differences between a previous and a current digest data indicate that a file in the untrusted memory area has been corrupted.
摘要翻译: 由计算机平台中的数据文件进行安全监控的方法由具有处理器和可信存储器区域的可信部件执行。 该方法包括在每个创建的数据文件的所述计算平台的不受信任的存储器区域中创建一个或多个数据文件,通过对每个数据文件应用散列函数来周期性地生成摘要数据,将摘要数据存储在可信存储器 区域,并且对于每个文件,周期性地将文件的当前摘要数据与先前生成的文件的摘要数据进行比较。 之前和当前摘要数据之间的任何差异表明不可信内存区域中的文件已损坏。
-
公开(公告)号:US20060259782A1
公开(公告)日:2006-11-16
申请号:US11130057
申请日:2005-05-16
申请人: Lan Wang , Jennifer Rios , Valiuddin Ali , Boris Balacheff
发明人: Lan Wang , Jennifer Rios , Valiuddin Ali , Boris Balacheff
IPC分类号: G06F12/14
CPC分类号: G06F21/62 , G06F21/6245 , G06F2221/2117 , G06F2221/2153
摘要: A computer security system comprises a secure platform adapted to receive sensitive data from an agent. The secure platform is also adapted to cooperate with a trusted platform module (TPM) to encrypt the sensitive data via a TPM storage key associated with the agent.
-
-
-
-
-
-
-
-
-