公开(公告)号：US08352740B2

公开(公告)日：2013-01-08

申请号：US12125929

申请日：2008-05-23

申请人： Paul England

发明人： Paul England

IPC分类号： G06F21/00

CPC分类号： H04L9/0897 ,  H04L9/3234 ,  H04L9/3263 ,  H04L9/3271 ,  H04L2209/76

摘要： A device, such as a smartcard, may be externally-connected to a host platform and may be used to enhance or extend security services provided by the host platform's Trusted Platform Module (TPM). The device and the platform exchange keys in order to facilitate reliable identification of the platform by the device and vice versa, and to support cryptographic tunneling. A proxy component on the host device tunnels information between the platform and the device, and also provides the device with access to the TPM's services such as sealing and attestation. The device can provide secure services to the platform, and may condition provision of these services on conditions such as confirming the platform's identity through the exchanged keys, or platform state measurements reported by the TPM.

摘要翻译： 诸如智能卡的设备可以被外部连接到主机平台，并且可以用于增强或扩展由主机平台的可信平台模块（TPM）提供的安全服务。 设备和平台交换密钥，以便于设备对平台的可靠识别，反之亦然，并支持加密隧道。 主机上的代理组件可以在平台和设备之间隧道传输信息，还可以让设备访问TPM的服务，如密封和认证。 该设备可以向平台提供安全服务，并且可以在诸如通过交换的密钥确认平台的身份或由TPM报告的平台状态测量的条件下对这些服务的提供进行调节。

公开(公告)号：US07975117B2

公开(公告)日：2011-07-05

申请号：US10741629

申请日：2003-12-19

申请人： Marcus Peinado ,  Paul England ,  Bryan Mark Willman ,  Yuqun Chen ,  Andrew John Thornton

发明人： Marcus Peinado ,  Paul England ,  Bryan Mark Willman ,  Yuqun Chen ,  Andrew John Thornton

IPC分类号： G06F13/00

CPC分类号： G06F21/78 ,  G06F12/1425 ,  G06F12/1483

摘要： Plural guest operating systems run on a computer, where a security kernel enforces a policy of isolation among the guest operating systems. An exclusion vector defines a set of pages that cannot be accessed by direct memory access (DMA) devices. The security kernel enforces an isolation policy by causing certain pages to be excluded from direct access. Thus, device drivers in guest operating systems are permitted to control DMA devices directly without virtualization of those devices, while each guest is prevented from using DMA devices to access pages that the guest is not permitted to access under the policy.

摘要翻译： 多个客户机操作系统在计算机上运行，​​其中安全内核在客户机操作系统之间执行隔离策略。 排除向量定义了一组不能被直接存储器访问（DMA）设备访问的页面。 安全内核通过使某些页面被排除在直接访问之外来执行隔离策略。 因此，允许来宾操作系统中的设备驱动程序直接控制DMA设备，而不会对这些设备进行虚拟化，同时阻止每个客户端使用DMA设备来访问访客不允许访问策略下的页面。

公开(公告)号：US20090313397A1

公开(公告)日：2009-12-17

申请号：US12348487

申请日：2009-01-05

申请人： Paul England ,  Kenneth D. Ray ,  Marcus Peinado ,  John C. Dunn ,  Glen Slick ,  Bryan Willman

发明人： Paul England ,  Kenneth D. Ray ,  Marcus Peinado ,  John C. Dunn ,  Glen Slick ,  Bryan Willman

IPC分类号： G06F13/28

CPC分类号： G06F12/1408 ,  G06F3/065 ,  G06F13/28 ,  G06F13/362 ,  G06F13/4282 ,  G06F21/606 ,  G06F21/72 ,  G06F21/73 ,  G06F21/78 ,  G06F21/85 ,  G06F2212/1052 ,  G06F2221/0704 ,  G06F2221/2105 ,  G06F2221/2129 ,  G06F2221/2147 ,  G06F2221/2153

摘要： The various embodiments described below are directed to providing authenticated and confidential messaging from software executing on a host (e.g. a secure software application or security kernel) to and from I/O devices operating on a USB bus. The embodiments can protect against attacks that are levied by software executing on a host computer. In some embodiments, a secure functional component or module is provided and can use encryption techniques to provide protection against observation and manipulation of USB data. In other embodiments, USB data can be protected through techniques that do not utilized (or are not required to utilize) encryption techniques. In accordance with these embodiments, USB devices can be designated as “secure” and, hence, data sent over the USB to and from such designated devices can be provided into protected memory. Memory indirection techniques can be utilized to ensure that data to and from secure devices is protected.

摘要翻译： 下面描述的各种实施例旨在从在USB总线上操作的I / O设备到主机（例如安全软件应用或安全内核）上执行的软件提供经认证和保密的消息传递。 这些实施例可以防止在主计算机上执行的软件所征收的攻击。 在一些实施例中，提供了安全的功能部件或模块，并且可以使用加密技术来提供对USB数据的观察和操纵的保护。 在其他实施例中，USB数据可以通过不被利用（或不需要利用）加密技术的技术来保护。 根据这些实施例，USB设备可以被指定为“安全”，因此，可以通过USB向这些指定设备发送和从这些指定设备发送的数据提供到受保护的存储器中。 可以利用内存间接技术来确保进出安全设备的数据受到保护。

公开(公告)号：US20090292919A1

公开(公告)日：2009-11-26

申请号：US12125929

申请日：2008-05-23

申请人： Paul England

发明人： Paul England

IPC分类号： H04L9/32

CPC分类号： H04L9/0897 ,  H04L9/3234 ,  H04L9/3263 ,  H04L9/3271 ,  H04L2209/76

摘要： A device, such as a smartcard, may be externally-connected to a host platform and may be used to enhance or extend security services provided by the host platform's Trusted Platform Module (TPM). The device and the platform exchange keys in order to facilitate reliable identification of the platform by the device and vice versa, and to support cryptographic tunneling. A proxy component on the host device tunnels information between the platform and the device, and also provides the device with access to the TPM's services such as sealing and attestation. The device can provide secure services to the platform, and may condition provision of these services on conditions such as confirming the platform's identity through the exchanged keys, or platform state measurements reported by the TPM.

摘要翻译： 诸如智能卡的设备可以被外部连接到主机平台，并且可以用于增强或扩展由主机平台的可信平台模块（TPM）提供的安全服务。 设备和平台交换密钥，以便于设备对平台的可靠识别，反之亦然，并支持加密隧道。 主机上的代理组件可以在平台和设备之间隧道传输信息，还可以让设备访问TPM的服务，如密封和认证。 该设备可以向平台提供安全服务，并且可以在诸如通过交换的密钥确认平台的身份或由TPM报告的平台状态测量的条件下对这些服务的提供进行调节。

公开(公告)号：US07587589B2

公开(公告)日：2009-09-08

申请号：US11557641

申请日：2006-11-08

申请人： Paul England ,  Marcus Peinado

发明人： Paul England ,  Marcus Peinado

IPC分类号： H04L29/06

CPC分类号： G06F21/6218

摘要： In accordance with certain aspects, data is received from a calling program. Ciphertext that includes the data is generated, using a symmetric cipher, in a manner that allows only one or more target programs to be able to obtain the data from the ciphertext. In accordance with other aspects, a bit string is received from a calling program. An identifier of the calling program is checked to determine whether the calling program is allowed to access data encrypted in ciphertext of the bit string. The integrity of the data is also verified, and the data is decrypted using a symmetric key. The data is returned to the calling program only if the calling program is allowed to access the data and if the integrity of the data is successfully verified.

摘要翻译： 根据某些方面，从呼叫程序接收数据。 使用对称密码，以允许只有一个或多个目标程序能够从密文获得数据的方式生成包含数据的密文。 根据其他方面，从呼叫程序接收到位串。 检查调用程序的标识符以确定是否允许调用程序访问以位串的密文加密的数据。 还验证数据的完整性，并使用对称密钥对数据进行解密。 只有当主叫程序被允许访问数据并且数据的完整性被成功验证时，才将数据返回给调用程序。

公开(公告)号：US07580526B2

公开(公告)日：2009-08-25

申请号：US11134111

申请日：2005-05-20

申请人： Paul England ,  Andrew D. Rosen ,  Yacov Yacobi ,  Gideon A. Yuval

发明人： Paul England ,  Andrew D. Rosen ,  Yacov Yacobi ,  Gideon A. Yuval

IPC分类号： H04K1/00 ,  H04N7/167

CPC分类号： H04N9/641 ,  H04N5/765 ,  H04N5/775 ,  H04N5/913 ,  H04N7/163 ,  H04N7/1675 ,  H04N9/8042 ,  H04N21/2541 ,  H04N21/4122 ,  H04N21/4367 ,  H04N21/835 ,  H04N2005/91328 ,  H04N2005/91364

摘要： Methods and apparatus for protecting copyrighted information, e.g., video signals, from unauthorized use are described. Encrypted video signals are transmitted from a source device, e.g., display adapter, to a display device, e.g., monitor, over analog signal lines after the identity of the destination device is confirmed by receipt of a certificate assigned to the destination device. A session key, used for encrypting the analog signals, is generated and exchanged between the source and destination devices. The source and destination devices each include a pseudo-random number generator driven by the session key. As part of the encryption process a false video signal is generated. The false video signal and R, G, B video signals are transmitted to the display device over four lines. The lines used to transmit the R, G, B and false video signals are periodically swapped as a function of the output of the pseudo random number generator to encrypt, e.g., scramble, the video signals. To avoid having to provide an additional line between the display adapter and the display device beyond those used in conventional displays, horizontal synchronization information is combined with, e.g., modulated on, one or more of the other signals transmitted to the display. The horizontal sync line is then used to convey one of the four video signals. The display device extracts the horizontal timing information from the received video signals and decrypts the signals using the output of its pseudo random number generator to reverse the scrambling process used to encrypt the transmitted video signals.

摘要翻译： 描述用于保护未经授权的使用的受版权保护的信息（例如，视频信号）的方法和装置。 在通过接收到分配给目的地设备的证书来确认目的地设备的身份之后，加密的视频信号通过模拟信号线从源设备（例如，显示适配器）发送到显示设备，例如监视器。 用于加密模拟信号的会话密钥在源设备和目的设备之间生成和交换。 源和目的地设备每个都包括由会话密钥驱动的伪随机数发生器。 作为加密处理的一部分，生成假视频信号。 伪视频信号和R，G，B视频信号通过四行传输到显示设备。 用于传输R，G，B和假视频信号的线路作为伪随机数发生器的输出的周期性交换，以加密（例如）加扰视频信号。 为了避免在显示适配器和显示设备之间提供除了传统显示器中使用的显示适配器和显示设备之外的附加线路，水平同步信息与例如调制在传输到显示器的其它信号中的一个或多个相结合。 然后，水平同步线用于传送四个视频信号中的一个。 显示装置从接收到的视频信号中提取水平定时信息，并使用其伪随机数发生器的输出对信号进行解密，以反转用于加密所发送的视频信号的加扰处理。

公开(公告)号：US07457412B2

公开(公告)日：2008-11-25

申请号：US11615266

申请日：2006-12-22

申请人： Paul England ,  Butler W. Lampson ,  John D. DeTreville

发明人： Paul England ,  Butler W. Lampson ,  John D. DeTreville

IPC分类号： H04L9/00

CPC分类号： G06F21/10 ,  G06F9/4406 ,  G06F9/468 ,  G06F21/445 ,  G06F21/57 ,  G06F21/575 ,  G06F2221/0704 ,  G06F2221/2103 ,  G06F2221/2113 ,  G06F2221/2129

摘要： In accordance with certain aspects, a computer system has a central processing unit (CPU) and an operating system (OS), the CPU having a pair of private and public keys and a software identity register that holds an identity of the operating system. An OS certificate is created including the identity from the software identity register, information describing the operating system, and the CPU public key. The created OS certificate is signed using the CPU private key.

摘要翻译： 根据某些方面，计算机系统具有中央处理单元（CPU）和操作系统（OS），所述CPU具有一对专用和公共密钥以及保存操作系统的身份的软件身份寄存器。 创建一个OS证书，包括软件身份登记器的身份，描述操作系统的信息和CPU公钥。 创建的OS证书使用CPU私钥进行签名。

公开(公告)号：US07418512B2

公开(公告)日：2008-08-26

申请号：US10692224

申请日：2003-10-23

申请人： Paul England ,  Anshul Dhir ,  Thekkthalackal Varugis Kurien ,  Kenneth D. Ray

发明人： Paul England ,  Anshul Dhir ,  Thekkthalackal Varugis Kurien ,  Kenneth D. Ray

IPC分类号： G06F15/16

CPC分类号： G06F21/62

摘要： A resource is obtained from a resource provider (RP) for a resource requester (RR) operating on a computing device. The RR has an identity descriptor (id) associated therewith, where the id including security-related information specifying an environment in which the RR operates. A code identity (code-ID) is calculated corresponding to and based on the loaded RR and loaded id. The RP verifies that the calculated code-ID in a request for the resource matches one of one or more valid code-IDs for the identified RR to conclude that the RR and id can be trusted, and the RP responds to the forwarded request by providing the requested resource to the RR.

摘要翻译： 从用于在计算设备上操作的资源请求者（RR）的资源提供者（RP）获得资源。 RR具有与其相关联的身份描述符（id），其中id包括指定RR操作的环境的安全相关信息。 代码标识（代码ID）是根据加载的RR和加载的id来计算的。 RP验证在资源请求中计算的代码ID与所识别的RR的一个或多个有效代码ID中的一个匹配，以得出可以信任的RR和ID，并且RP通过提供转发的请求来响应转发的请求 向RR请求的资源。

公开(公告)号：US07409719B2

公开(公告)日：2008-08-05

申请号：US11019094

申请日：2004-12-21

申请人： Benjamin Armstrong ,  Paul England ,  Scott A. Field ,  Jason Garms ,  Michael Kramer ,  Kenneth D. Ray

发明人： Benjamin Armstrong ,  Paul England ,  Scott A. Field ,  Jason Garms ,  Michael Kramer ,  Kenneth D. Ray

IPC分类号： G06F21/00

CPC分类号： G06F21/53 ,  G06F21/56 ,  G06F21/566

摘要： A security scheme provides security to one or more self-contained operating environment instances executing on a computer. The security scheme may include implementing a set of security applications that may be controlled by a supervisory process, or the like. Both the set of security applications and the supervisory process may operate on a host system of the computer, which may also provide a platform for execution of the one or more self-contained operating environments. The security scheme protects processes running in the one or more self-contained operating environment and processes running on the computer outside of the self-contained operating environments.

摘要翻译： 安全方案为在计算机上执行的一个或多个自包含的操作环境实例提供安全性。 安全方案可以包括实现可由监督过程等控制的一组安全应用。 所述一组安全应用程序和监督过程可以在计算机的主机系统上操作，其还可以提供用于执行一个或多个独立操作环境的平台。 安全性方案保护在独立操作环境中运行的进程和在独立操作环境之外的计算机上运行的进程。

公开(公告)号：US20070282757A1

公开(公告)日：2007-12-06

申请号：US11445821

申请日：2006-06-02

申请人： Ravindra N. Pandya ,  Paul England

发明人： Ravindra N. Pandya ,  Paul England

IPC分类号： G06Q99/00

CPC分类号： G06F21/32 ,  G06F21/31 ,  G06F21/34 ,  G06Q20/3821 ,  G06Q20/4012

摘要： A method of avoiding a second login of user information in an encrypted disk computer system includes a communications path for transferring user login information. The login information is acquired and used by a first software module which authenticates the user to decrypt a disk with an encrypted operating system. The same login information is transferred using the communications channel to a second use which logs the user into the decrypted operating system. The method also supports multiple users through maintenance of multiple users credentials.

摘要翻译： 在加密的磁盘计算机系统中避免用户信息的第二次登录的方法包括用于传送用户登录信息的通信路径。 登录信息由第一软件模块获取和使用，该软件模块验证用户使用加密的操作系统对磁盘进行解密。 使用通信信道将相同的登录信息传送到用户登录到解密的操作系统中的第二种使用。 该方法还通过维护多个用户的凭据来支持多个用户。