公开(公告)号：US20130036314A1

公开(公告)日：2013-02-07

申请号：US13136666

申请日：2011-08-04

Applicant: Andrew F. Glew ,  Daniel A. Gerrity ,  Clarence T. Tegreene

Inventor： Andrew F. Glew ,  Daniel A. Gerrity ,  Clarence T. Tegreene

IPC: G06F12/14

CPC classification number: G06F12/1408 ,  G06F21/602 ,  G06F21/71 ,  G06F21/78 ,  G06F21/79 ,  G06F21/86 ,  G06F2221/2149

Abstract: Embodiments of memory devices, computer systems, security apparatus, data handling systems, and the like, and associated methods facilitate security in a system incorporating the concept of a security perimeter which combines cryptographic and physical security. The memory device can comprise a memory operable to store information communicated with a processor, and a logic operable to create at least one cryptographic security perimeter enclosing at least one selected region of the memory and operable to manage information communication between the processor and the at least one selected region of the memory.

Abstract translation: 存储设备，计算机系统，安全设备，数据处理系统等的实施例以及相关联的方法有助于系统中的安全性，该系统结合了加密和物理安全性的安全周界的概念。 存储器设备可以包括可操作以存储与处理器通信的信息的存储器，以及可操作用于创建至少一个包围存储器的至少一个选定区域的密码安全周界的逻辑，并可操作以管理处理器与至少 一个选择的记忆区域。

公开(公告)号：US09825967B2

公开(公告)日：2017-11-21

申请号：US13602061

申请日：2012-08-31

Applicant: Marc E. Davis ,  Matthew G. Dyor ,  Daniel A. Gerrity ,  Xuedong Huang ,  Roderick A. Hyde ,  Royce A. Levien ,  Richard T. Lord ,  Robert W. Lord ,  Mark A. Malamud ,  Nathan P. Myhrvold ,  Clarence T. Tegreene

Inventor： Marc E. Davis ,  Matthew G. Dyor ,  Daniel A. Gerrity ,  Xuedong Huang ,  Roderick A. Hyde ,  Royce A. Levien ,  Richard T. Lord ,  Robert W. Lord ,  Mark A. Malamud ,  Nathan P. Myhrvold ,  Clarence T. Tegreene

IPC: H04L29/06 ,  G06Q20/40 ,  G06Q20/32 ,  G06Q50/00

CPC classification number: G06F17/30595 ,  G06Q20/3224 ,  G06Q20/4016 ,  G06Q50/01 ,  H04L63/107

Abstract: Disclosed herein are example embodiments for behavioral fingerprinting via social networking interaction. For certain example embodiments, at least one indication of family relation for at least one authorized user may be obtained via at least one social networking interaction, and the at least one indication of family relation may be incorporated into at least one behavioral fingerprint that is associated with the at least one authorized user, the at least one behavioral fingerprint including one or more indicators of utilization of one or more user devices by the at least one authorized user.

公开(公告)号：US09798873B2

公开(公告)日：2017-10-24

申请号：US13136670

申请日：2011-08-04

Applicant: Daniel A. Gerrity ,  Clarence T. Tegreene

Inventor： Andrew F. Glew ,  Daniel A. Gerrity ,  Clarence T. Tegreene

IPC: G06F21/00 ,  G06F9/00 ,  G06F21/52 ,  G06F9/32 ,  G06F21/50 ,  G06F21/71

CPC classification number: G06F21/52 ,  G06F9/32 ,  G06F9/322 ,  G06F21/50 ,  G06F21/71

Abstract: A processor can be used to ensure that program code can only be used for a designed purpose and not exploited by malware. Embodiments of an illustrative processor can comprise logic operable to execute a program instruction and to distinguish whether the program instruction is a legitimate branch instruction or a non-legitimate branch instruction.

公开(公告)号：US09465657B2

公开(公告)日：2016-10-11

申请号：US13200551

申请日：2011-09-24

Applicant: Daniel A. Gerrity ,  Clarence T. Tegreene

Inventor： Andrew F. Glew ,  Daniel A. Gerrity ,  Clarence T. Tegreene

IPC: G06F9/455 ,  G06F9/46 ,  G06F9/48 ,  G06F3/12 ,  G06F9/50

CPC classification number: G06F9/4881 ,  G06F3/1263 ,  G06F9/50 ,  G06F9/5011 ,  G06F9/5027

Abstract: An entitlement vector may be used when selecting a thread for execution in a multi-threading environment in terms of aspects such as priority. An embodiment or embodiments of an information handling apparatus can comprise a library comprising a plurality of functions operable to handle a plurality of objects. The information handling apparatus can further comprise an entitlement vector operable to assign entitlement to at least one of a plurality of resources to selected ones of the plurality of functions.

Abstract translation: 在多线程环境中选择用于执行的线程时，可以使用授权向量，例如优先级。 信息处理装置的一个或多个实施例可以包括一个库，该库包括可操作以处理多个对象的多个功能。 信息处理装置还可以包括授权矢量，其可操作以将多个资源中的至少一个的授权分配给多个功能中的选定的资源。

公开(公告)号：US08555077B2

公开(公告)日：2013-10-08

申请号：US13373685

申请日：2011-11-23

Applicant: Marc E. Davis ,  Matthew G. Dyor ,  Daniel A. Gerrity ,  Xuedong Huang ,  Roderick A. Hyde ,  Royce A. Levien ,  Richard T. Lord ,  Robert W. Lord ,  Mark A. Malamud ,  Nathan P. Myhrvold ,  Clarence T. Tegreene

Inventor： Marc E. Davis ,  Matthew G. Dyor ,  Daniel A. Gerrity ,  Xuedong Huang ,  Roderick A. Hyde ,  Royce A. Levien ,  Richard T. Lord ,  Robert W. Lord ,  Mark A. Malamud ,  Nathan P. Myhrvold ,  Clarence T. Tegreene

IPC: H04L9/32

CPC classification number: G06F21/316 ,  G06F21/32 ,  G06F2221/2111 ,  H04L63/0861

Abstract: Behavioral fingerprints hold gathered data related to users' interactions with a device or devices, inter alia. Behavioral fingerprints may be used to at least partially determine a level of accessibility of the device or of an aspect of the device for the user; provide a current status of a network-accessible user associated with the device; activate or deactivate functions, programs or features of the device; generate alerts regarding the user's interaction with the device; assist in identifying a current device as a device being currently used by a network-accessible user, etc. Behavioral fingerprints may include statistical calculations on social network collected data, user input, sensor-provided data as provided by GPS, accelerometers, microphones, cameras, timers, touch-panels, or other indication or combination of the foregoing, whether originating from the device or the network. Anomalous activity associated with the device may be detected without user intervention at least in part with behavioral fingerprints.

Abstract translation: 行为指纹保存与用户与设备或设备的交互相关的收集的数据，特别是。 可以使用行为指纹来至少部分地确定设备的可访问性水平或用户的设备的一个方面; 提供与该设备相关联的网络可访问用户的当前状态; 启动或停用设备的功能，程序或功能; 生成关于用户与设备的交互的警报; 协助将当前设备识别为当前由网络可访问用户使用的设备等。行为指纹可以包括对社交网络收集的数据，用户输入，由GPS，加速度计，麦克风，摄像机提供的传感器提供的数据的统计计算 ，定时器，触摸面板或前述的其他指示或组合，无论是来自设备还是网络。 可以在没有用户至少部分地用行为指纹进行干预的情况下检测与设备相关联的异常活动。

公开(公告)号：US20130191887A1

公开(公告)日：2013-07-25

申请号：US13373682

申请日：2011-11-23

Applicant: Marc E. Davis ,  Matthew G. Dyor ,  Daniel A. Gerrity ,  Xuedong Huang ,  Roderick A. Hyde ,  Royce A. Levien ,  Robert W. Lord ,  Mark A. Malamud ,  Nathan P. Myhrvold ,  Clarence T. Tegreene

Inventor： Marc E. Davis ,  Matthew G. Dyor ,  Daniel A. Gerrity ,  Xuedong Huang ,  Roderick A. Hyde ,  Royce A. Levien ,  Robert W. Lord ,  Mark A. Malamud ,  Nathan P. Myhrvold ,  Clarence T. Tegreene

IPC: H04L29/06

CPC classification number: H04L63/08 ,  G06F21/316 ,  H04L63/0823 ,  H04L63/0861 ,  H04L63/126

Abstract: A computationally implemented method includes, but is not limited to: for receiving at a computing device one or more behavioral fingerprints associated with one or more network accessible users; receiving an authentication request at the computing device, the authentication request associated with one or more proposed transactions of the one or more network accessible users; and transmitting from the computing device a decision associated with the authentication request, the decision based on a trust verification schema generated by relationally mapping the one or more behavioral fingerprints associated with the one or more network accessible users. In addition to the foregoing, other method aspects are described in the claims, drawings, and text forming a part of the present disclosure.

Abstract translation: 计算实现的方法包括但不限于：用于在计算设备处接收与一个或多个网络可访问用户相关联的一个或多个行为指纹; 在所述计算设备处接收认证请求，所述认证请求与所述一个或多个网络可访问用户的一个或多个所提议的事务相关联; 以及从所述计算设备发送与所述认证请求相关联的决定，所述决定基于通过关联地映射与所述一个或多个网络可访问用户相关联的所述一个或多个行为指纹而产生的信任验证模式。 除了上述之外，在权利要求，附图和形成本公开的一部分的文本中描述了其它方法方面。

公开(公告)号：US20130139262A1

公开(公告)日：2013-05-30

申请号：US13373832

申请日：2011-11-30

Applicant: Daniel A. Gerrity ,  Clarence T. Tegreene

Inventor： Andrew F. Glew ,  Daniel A. Gerrity ,  Clarence T. Tegreene

IPC: G06F21/00

CPC classification number: H04L63/1466 ,  G06F21/56

Abstract: An embodiment or embodiments of an electronic device can comprise an input interface and a hardware component coupled to the input interface. The input interface can be operable to receive a plurality of taint indicators corresponding to at least one of a plurality of taints indicative of potential security risk which are injected from at least one of a plurality of resources. The hardware component can be operable to track the plurality of taints.

Abstract translation: 电子设备的实施例或实施例可以包括耦合到输入接口的输入接口和硬件组件。 所述输入接口可操作用于接收与从多个资源中的至少一个注入的指示潜在的安全风险的多个指示中的至少一个相对应的多个污点指示符。 硬件组件可以用于跟踪多个画面。

公开(公告)号：US20130036464A1

公开(公告)日：2013-02-07

申请号：US13136670

申请日：2011-08-04

Applicant: Andrew F. Glew ,  Daniel A. Gerrity ,  Clarence T. Tegreene

Inventor： Andrew F. Glew ,  Daniel A. Gerrity ,  Clarence T. Tegreene

IPC: G06F21/00

CPC classification number: G06F21/52 ,  G06F9/32 ,  G06F9/322 ,  G06F21/50 ,  G06F21/71

Abstract: A processor can be used to ensure that program code can only be used for a designed purpose and not exploited by malware. Embodiments of an illustrative processor can comprise logic operable to execute a program instruction and to distinguish whether the program instruction is a legitimate branch instruction or a non-legitimate branch instruction.

Abstract translation: 处理器可用于确保程序代码只能用于设计目的而不被恶意软件利用。 说明性处理器的实施例可以包括可操作以执行程序指令并区分程序指令是否为合法分支指令还是非合法分支指令的逻辑。

公开(公告)号：US20130031364A1

公开(公告)日：2013-01-31

申请号：US13136401

申请日：2011-07-29

Applicant: Daniel A. Gerrity ,  Clarence T. Tegreene

Inventor： Andrew F. Glew ,  Daniel A. Gerrity ,  Clarence T. Tegreene

IPC: G06F21/00 ,  H04L29/06

CPC classification number: G06F21/52 ,  G06F21/606 ,  G06F21/62 ,  G06F21/72

Abstract: A data processing system, a server such as a federated server, a computer system, and like devices, and associated operating methods can be configured to support fine-grained security including resource allocation and resource scheduling. A data processing system can comprise a federated server operable to access data distributed among a plurality of remote data sources upon request from a plurality of client users and applications; and logic executable on the federated server. The logic can be operable to enforce fine-grained security operations on a plurality of federated shared data sets distributed among the plurality of remote data sources.

公开(公告)号：US09083687B2

公开(公告)日：2015-07-14

申请号：US13563599

申请日：2012-07-31

Applicant: Marc E. Davis ,  Matthew G. Dyor ,  Daniel A. Gerrity ,  Xuedong Huang ,  Roderick A. Hyde ,  Royce A. Levien ,  Richard T. Lord ,  Robert W. Lord ,  Mark A. Malamud ,  Nathan P. Myhrvold ,  Clarence T. Tegreene

Inventor： Marc E. Davis ,  Matthew G. Dyor ,  Daniel A. Gerrity ,  Xuedong Huang ,  Roderick A. Hyde ,  Royce A. Levien ,  Richard T. Lord ,  Robert W. Lord ,  Mark A. Malamud ,  Nathan P. Myhrvold ,  Clarence T. Tegreene

IPC: G06F21/00 ,  H04L29/06 ,  G06F21/62 ,  G06F21/31 ,  G06F21/30

CPC classification number: H04L63/08 ,  G06F21/30 ,  G06F21/31 ,  G06F21/62 ,  H04L63/0861 ,  H04L63/0876 ,  H04L63/10 ,  H04L63/102

Abstract: Disclosed herein are example embodiments for multi-device behavioral fingerprinting by a user device or a server device. For certain example embodiments, at least one device may obtain at least one behavioral fingerprint that is associated with at least one authorized user, with the at least one behavioral fingerprint including one or more indicators of utilization of two or more user devices by the at least one authorized user. The at least one device may perform at least one authentication-related operation based at least partially on the at least one behavioral fingerprint.

Abstract translation: 这里公开了用户设备或服务器设备的多设备行为指纹的示例实施例。 对于某些示例性实施例，至少一个设备可以获得与至少一个授权用户相关联的至少一个行为指纹，其中所述至少一个行为指纹包括至少一个或多个用户设备的一个或多个使用指示符 一个授权用户。 至少一个设备可以至少部分地基于至少一个行为指纹来执行至少一个认证相关操作。