-
公开(公告)号:US20140157002A1
公开(公告)日:2014-06-05
申请号:US13996453
申请日:2011-12-21
申请人: Steven L. Grobman , Jason W. Brandt
发明人: Steven L. Grobman , Jason W. Brandt
IPC分类号: G06F21/60
CPC分类号: H04L9/0861 , G06F21/60 , H04L9/0631 , H04L9/0822 , H04L9/0877 , H04L2209/127 , H04L2209/24
摘要: Systems and methods for protecting symmetric encryption keys when performing encryption are described. In one embodiment, a computer-implemented method includes retrieving at least one real key from a secure area and executing, with a processor, a key transform instruction to generate at least one transformed key based on receiving the at least one real key. The at least one transformed key is an encrypted version of at least one round key that is encrypted by the processor using the at least one real key. The processor is able to decrypt the at least one transformed key and encrypt the at least one round key.
摘要翻译: 描述在执行加密时保护对称加密密钥的系统和方法。 在一个实施例中,计算机实现的方法包括从安全区域检索至少一个真实密钥,并且利用处理器执行密钥变换指令,以基于接收所述至少一个真实密钥来生成至少一个变换密钥。 至少一个变换密钥是由处理器使用至少一个真实密钥加密的至少一个循环密钥的加密版本。 处理器能够对至少一个变换的密钥进行解密并加密至少一个循环密钥。
-
公开(公告)号:US20150381358A1
公开(公告)日:2015-12-31
申请号:US14827004
申请日:2015-08-14
申请人: Steven L. Grobman , Jason W. Brandt
发明人: Steven L. Grobman , Jason W. Brandt
IPC分类号: H04L9/08
CPC分类号: H04L9/0861 , G06F21/60 , H04L9/0631 , H04L9/0822 , H04L9/0877 , H04L2209/127 , H04L2209/24
摘要: Systems and methods for protecting symmetric encryption keys when performing encryption are described. In one embodiment, a computer-implemented method includes retrieving at least one real key from a secure area and executing, with a processor, a key transform instruction to generate at least one transformed key based on receiving the at least one real key. The at least one transformed key is an encrypted version of at least one round key that is encrypted by the processor using the at least one real key. The processor is able to decrypt the at least one transformed key and encrypt the at least one round key.
摘要翻译: 描述在执行加密时保护对称加密密钥的系统和方法。 在一个实施例中,计算机实现的方法包括从安全区域检索至少一个真实密钥,并且利用处理器执行密钥变换指令,以基于接收所述至少一个真实密钥来生成至少一个变换密钥。 至少一个变换密钥是由处理器使用至少一个真实密钥加密的至少一个循环密钥的加密版本。 处理器能够对至少一个变换的密钥进行解密并加密至少一个循环密钥。
-
13.发明申请DEVICES, SYSTEMS, AND METHODS FOR MONITORING AND ASSERTING TRUST LEVEL USING PERSISTENT TRUST LOG 有权使用信任记录监控和评估信任级别的设备,系统和方法公开(公告)号:US20140006789A1
公开(公告)日:2014-01-02
申请号:US13534321
申请日:2012-06-27
CPC分类号: G06F21/316 , G06F21/552 , G06F21/57
摘要: Devices, systems, and methods for monitoring and asserting a trust level of a computing device are disclosed. In one illustrative embodiment, a computing device may include a memory having stored therein a persistent trust log, the persistent trust log comprising data relating to historic events influencing a trust level of the computing device, and a security controller configured to detect an event that influences the trust level of the computing device and to write data relating to the event to the persistent trust log.
摘要翻译: 公开了用于监视和断言计算设备的信任级别的设备,系统和方法。 在一个说明性实施例中,计算设备可以包括其中存储有持久信任日志的存储器,持久信任日志包括与影响计算设备的信任级别的历史事件相关的数据,以及安全控制器,其被配置为检测影响 计算设备的信任级别,并将与事件有关的数据写入持久信任日志。
-
公开(公告)号:US20130337827A1
公开(公告)日:2013-12-19
申请号:US13523819
申请日:2012-06-14
申请人: Steven L. Grobman
发明人: Steven L. Grobman
IPC分类号: H04W24/00
摘要: A system for determining reliability for location resources. A device may be configured to determine device location based on location information received from a location information source, the device including secure systems configured to provide a reliability rating of the location information source. The secure systems may be configured to compare a device location based on the location information to a secondary device location based on secondary information to determine the reliability rating. For example, location information based on location signals received by the device may be compared to sensor information in the device to determine whether the movement described by location information and sensor information agrees. In the same or a different embodiment, a refined reliability rating may be requested from a secure resource in the device or accessible via a network. The secure resource may refine the reliability rating using tertiary information available to the secure resource.
摘要翻译: 一种确定位置资源可靠性的系统。 设备可以被配置为基于从位置信息源接收的位置信息来确定设备位置,该设备包括被配置为提供位置信息源的可靠性等级的安全系统。 安全系统可以被配置为基于次要信息将基于位置信息的设备位置与辅助设备位置进行比较,以确定可靠性等级。 例如,可以将基于设备接收的位置信号的位置信息与设备中的传感器信息进行比较,以确定位置信息和传感器信息所描述的移动是否一致。 在相同或不同的实施例中,可以从设备中的安全资源或经由网络访问的精确可靠性等级。 安全资源可以使用可用于安全资源的三级信息来提高可靠性评级。
-
公开(公告)号:US08239933B2
公开(公告)日:2012-08-07
申请号:US12711031
申请日:2010-02-23
申请人: Steven L. Grobman
发明人: Steven L. Grobman
IPC分类号: G06F15/16
CPC分类号: H04L63/1458 , H04L9/3213 , H04L63/0272 , H04L63/0807 , H04L63/0884 , H04L2209/805
摘要: It is convenient to allow access to a private network, such as a corporate intranet, or outward facing extranet application, from an external network, such as the Internet. Unfortunately, if an internal authentication system is used to control access from the external network, it may be attacked, such as by a malicious party intentionally attempting multiple invalid authentications to ultimately result in an attacked account being locked out. To circumvent this, an authentication front-end, proxy, wrapper, etc. may be employed which checks for lockout conditions prior to attempting to authenticate security credentials with the internal authentication system.
摘要翻译: 允许从外部网络(例如因特网)访问诸如公司内联网或面向外部的外部网应用的专用网络。 不幸的是,如果使用内部认证系统来控制来自外部网络的访问,则可能会受到攻击,例如恶意方有意尝试多次无效验证,最终导致受到攻击的帐户被锁定。 为了规避这一点,可以采用认证前端,代理,包装等来在尝试用内部认证系统认证安全证书之前检查锁定条件。
-
公开(公告)号:US07739532B2
公开(公告)日:2010-06-15
申请号:US11518004
申请日:2006-09-07
申请人: Steven L. Grobman
发明人: Steven L. Grobman
CPC分类号: G06F1/3203 , G06F1/324 , G06F1/3287 , G06F1/3296 , G06F9/45533 , Y02D10/126 , Y02D10/171 , Y02D10/172
摘要: A method, apparatus and system enable enhanced processor frequency governors to comprehend virtualized platforms and utilize predictive information to enhance performance in virtualized platforms. Specifically, in one embodiment, an enhanced frequency governor in a virtual host may run within a virtual machine on the host and interact with a virtual machine manager to collect predictive information from application(s) running within each virtual machine on the host. The enhanced frequency governor may then utilize the predictive information to determine future CPU frequency requirements and raise or lower the CPU frequency and/or voltage in anticipation of the needs of the various applications.
摘要翻译: 一种方法,装置和系统使得增强的处理器调频器能够理解虚拟平台并利用预测信息来增强虚拟平台中的性能。 具体地说,在一个实施例中,虚拟主机中的增强型频率调节器可以在主机上的虚拟机内运行,并且与虚拟机管理器交互以从主机上的每个虚拟机内运行的应用收集预测信息。 然后,增强的调速器可以利用预测信息来确定未来的CPU频率要求,并且可以在预期各种应用的需要的情况下提高或降低CPU频率和/或电压。
-
公开(公告)号:US07669229B2
公开(公告)日:2010-02-23
申请号:US10294126
申请日:2002-11-13
申请人: Steven L. Grobman
发明人: Steven L. Grobman
IPC分类号: H04L9/32
CPC分类号: H04L63/1458 , H04L9/3213 , H04L63/0272 , H04L63/0807 , H04L63/0884 , H04L2209/805
摘要: It is convenient to allow access to a private network, such as a corporate intranet, or outward facing extranet application, from an external network, such as the Internet. Unfortunately, if an internal authentication system is used to control access from the external network, it may be attacked, such as by a malicious party intentionally attempting multiple invalid authentications to ultimately result in an attacked account being locked out. To circumvent this, an authentication front-end, proxy, wrapper, etc. may be employed which checks for lockout conditions prior to attempting to authenticate security credentials with the internal authentication system.
摘要翻译: 允许从外部网络(例如因特网)访问诸如公司内联网或面向外部的外部网应用的专用网络。 不幸的是,如果使用内部认证系统来控制来自外部网络的访问,则可能会受到攻击,例如恶意方有意尝试多次无效验证,最终导致受到攻击的帐户被锁定。 为了规避这一点,可以采用认证前端,代理,包装等来在尝试用内部认证系统认证安全证书之前检查锁定条件。
-
公开(公告)号:US09635557B2
公开(公告)日:2017-04-25
申请号:US13523819
申请日:2012-06-14
申请人: Steven L. Grobman
发明人: Steven L. Grobman
摘要: A system for determining reliability for location resources. A device may be configured to determine device location based on location information received from a location information source, the device including secure systems configured to provide a reliability rating of the location information source. The secure systems may be configured to compare a device location based on the location information to a secondary device location based on secondary information to determine the reliability rating. For example, location information based on location signals received by the device may be compared to sensor information in the device to determine whether the movement described by location information and sensor information agrees. In the same or a different embodiment, a refined reliability rating may be requested from a secure resource in the device or accessible via a network. The secure resource may refine the reliability rating using tertiary information available to the secure resource.
-
公开(公告)号:US09602275B2
公开(公告)日:2017-03-21
申请号:US10696443
申请日:2003-10-28
申请人: Steven L. Grobman
发明人: Steven L. Grobman
CPC分类号: H04L9/0822 , G06F21/33 , G06Q20/382 , H04L9/083 , H04L9/3213 , H04L63/045 , H04L63/065 , H04L63/0807 , H04L63/0823
摘要: The present disclosure relates to the authenticating a client against a pool of servers utilizing a secure authentication protocol, and, more specifically, to the authenticating a client against a pool of servers providing a common service, utilizing the Kerberos secure authentication protocol.
-
公开(公告)号:US20150067343A1
公开(公告)日:2015-03-05
申请号:US14125391
申请日:2013-08-30
申请人: Steven L. Grobman
发明人: Steven L. Grobman
CPC分类号: G06F21/53 , G06F21/604 , G06F21/64 , H04L9/3247 , H04L63/123
摘要: By processing aggregated data in a trusted environment, a system can reduce opportunities for tampering with aggregated data that is processed in a peer-to-peer chain. Each device may pass the predecessor aggregated data to a trusted environment in that device, which obtains local data for that device and aggregates it with the predecessor aggregated data, producing an output aggregated data. Optionally, the system can identify when a device has previously processed the aggregated data, reducing the possibility that the device can be used to aggregate data repeatedly. The aggregated data may be digitally signed or encrypted to enhance the tamper resistance of the data payload.
摘要翻译: 通过在受信任的环境中处理聚合数据,系统可以减少篡改在对等链中处理的聚合数据的机会。 每个设备可以将先前的聚合数据传递到该设备中的受信任环境,该环境获得该设备的本地数据,并将其与先前聚合数据进行聚合,从而产生输出聚合数据。 可选地,系统可以识别设备何时先前处理了聚合数据,从而减少了设备可以重复聚合数据的可能性。 聚合数据可以被数字签名或加密,以增强数据有效载荷的防篡改。
-
-
-
-
-
-
-
-
-
搜索结果
25 条记录 (耗时 0.068 秒)