公开(公告)号：US08108519B2

公开(公告)日：2012-01-31

申请号：US12364303

申请日：2009-02-02

申请人： Xinwen Zhang ,  Wenjuan Xu ,  Onur Aciicmez ,  Jean-Pierre Seifert

发明人： Xinwen Zhang ,  Wenjuan Xu ,  Onur Aciicmez ,  Jean-Pierre Seifert

IPC分类号： G06F13/00

CPC分类号： G06F9/54 ,  G06F9/468

摘要： Techniques for Inter-Process Communication (IPC) in a more secure manner are disclosed. A communication component operating outside of an operating system can obtain operating-system data pertaining to processes that also operate outside of the operating system. The operating-system data can be more reliable than information that may have been provided by the processes, thereby allowing more secure IPC and consequently a more secure computing environment and/or system. A communication component can also be operable to make control decisions regarding the IPC data (e.g., IPC messages) based on the information provided and/or originated by the operating system (or operating-system data) and/or effectively provide the operating-system data pertaining to a sender process to its intended recipient process. A recipient process can also be operable to obtain the operating-system data pertaining to a sender process. Moreover, a recipient process can make control decisions regarding the IPC data originated by the sender process based on the operating-system data effectively provided and/or originated by the operating system rather than the sender process, thereby allowing the recipient process to make control decisions based on information provided by a more reliable (e.g., Trusted) source.

摘要翻译： 公开了以更安全的方式进行进程间通信（IPC）的技术。 在操作系统外部操作的通信组件可以获得与在操作系统外部操作的处理有关的操作系统数据。 操作系统数据可能比由过程可能​​提供的信息更可靠，从而允许更安全的IPC，从而允许更安全的计算环境和/或系统。 通信组件还可以用于基于由操作系统（或操作系统数据）提供和/或发起的信息和/或有效地提供操作系统来进行关于IPC数据（例如，IPC消息）的控制决定 与发送者进程有关的数据到其预期收件人进程。 接收者进程也可以用于获得与发送者进程有关的操作系统数据。 此外，接收者进程可以基于由操作系统而不是发送者进程有效提供和/或发起的操作系统数据来发起关于由发送者进程发起的IPC数据的控制决定，从而允许接收者进程作出控制决定 基于由更可靠的（例如，可信赖的）源提供的信息。

公开(公告)号：US07903814B2

公开(公告)日：2011-03-08

申请号：US11828849

申请日：2007-07-26

申请人： Onur Aciicmez ,  Jean-Pierre Seifert ,  Qingwei Ma ,  Xinwen Zhang

发明人： Onur Aciicmez ,  Jean-Pierre Seifert ,  Qingwei Ma ,  Xinwen Zhang

IPC分类号： H04L9/00 ,  G06F11/30

CPC分类号： H04L9/302

摘要： In one embodiment, cryptographic transformation of a message is performed by first performing a table initiation phase to populate a data structure. Then, a first random number multiplied by a public key is added to each value in the data structure, in modulo of a second random number multiplied by the public key. Then an exponentiation phase is performed, wherein each modular multiplication and square operation in the exponentiation phase is performed in modulo of the second random number multiplied by the public key, producing a result. Then the result of the exponentiation phase is reduced in modulo of the public key. The introduction of the random numbers aids in the prevention of potential security breaches from the deduction of operands in the table initiation phase by malicious individuals.

摘要翻译： 在一个实施例中，通过首先执行表起始阶段来填充数据结构来执行消息的密码学变换。 然后，乘以公开密钥的第一随机数被加到数据结构中的每个值上，以第二随机数乘以公钥的模数。 然后执行取幂阶段，其中乘幂相位中的每个模乘和平方运算以第二随机数乘以公钥进行模拟，产生结果。 然后，乘法相位的结果以公钥的模数减少。 随机数的引入有助于防止潜在的安全漏洞在恶意个人的桌面启动阶段扣除操作数。

公开(公告)号：US20090319801A1

公开(公告)日：2009-12-24

申请号：US12132862

申请日：2008-06-04

申请人： Onur Aciicmez ,  Xinwen Zhang ,  Jean-Pierre Seifert

发明人： Onur Aciicmez ,  Xinwen Zhang ,  Jean-Pierre Seifert

IPC分类号： G06F12/14 ,  H04L9/28

CPC分类号： H04L9/0872

摘要： Methods and devices for increasing or hardening the security of data stored in a storage device, such as a hard disk drive, are described. A storage device provides for increased or hardened security of data stored in hidden and non-hidden partitions of a storage medium in the device. An algorithm may be utilized for deriving a key that is used to encrypt or decrypt text before it is read from or written to the hard disk. The algorithm accepts as input a specific media location factor, such as an end address or start address of the block where the text is being read from or written to, and a secret key of the storage component. The output of the algorithm is a final key that may be used in the encryption and decryption process. Thus, in this manner, the final key is dependent on the location of the block where the data is being written or read, thereby making it more difficult to tamper with the data, which may be stored in a hidden or non-hidden partition of a hard disk.

摘要翻译： 描述用于增加或加强存储在诸如硬盘驱动器的存储设备中的数据的安全性的方法和设备。 存储设备提供存储在设备中的存储介质的隐藏和非隐藏分区中的数据的增加或加强的安全性。 可以使用算法来导出用于在从硬盘读取或写入硬盘之前加密或解密文本的密钥。 该算法接受特定媒体位置因子的输入，诸如文本被读取或写入的块的结束地址或起始地址以及存储组件的秘密密钥。 算法的输出是可以在加密和解密过程中使用的最终密钥。 因此，以这种方式，最终密钥取决于数据被写入或读取的块的位置，从而使得更难以篡改可以存储在隐藏或非隐藏分区中的数据 一个硬盘。

公开(公告)号：US20090165081A1

公开(公告)日：2009-06-25

申请号：US11963363

申请日：2007-12-21

申请人： Xinwen Zhang ,  Jean-Pierre Seifert ,  Wookhee Min ,  Onur Aciicmez

发明人： Xinwen Zhang ,  Jean-Pierre Seifert ,  Wookhee Min ,  Onur Aciicmez

IPC分类号： G06F21/00

CPC分类号： G06F21/6218 ,  G06F2221/2141

摘要： In one embodiment, a multi-stakeholder environment is controlled by first assigning a first domain to a first stakeholder and a second domain to a second stakeholder. Then a first access policy is defined for the first domain and access is restricted to the first domain for the second stakeholder according to the first access policy. In another embodiment, an access request is handled in a multi-stakeholder environment by first receiving parameters forwarded by hooks in system call functions in a kernel of the multi-stakeholder environment, wherein the parameters contain information about a first stakeholder requesting access to a domain corresponding to a second stakeholder. Then it is determined whether to allow the first stakeholder to access the domain based at least partially upon security settings corresponding to the domain.

摘要翻译： 在一个实施例中，通过首先将第一域分配给第一利益相关者，将第二域分配给第二利益相关者来控制多利害关系者环境。 然后为第一个域定义第一个访问策略，根据第一个访问策略，访问被限制到第二个利益相关者的第一个域。 在另一个实施例中，通过首先在多方利益相关者环境的内核中接收由钩子在系统调用函数中转发的参数来处理访问请求，其中参数包含关于请求访问域的第一个利益相关者的信息 对应于第二个利益相关者。 然后确定是否允许第一利益相关者至少部分地基于对应于域的安全设置来访问域。

公开(公告)号：US08201232B2

公开(公告)日：2012-06-12

申请号：US12147246

申请日：2008-06-26

申请人： Xinwen Zhang ,  Jean-Pierre Seifert ,  Onur Aciicmez

发明人： Xinwen Zhang ,  Jean-Pierre Seifert ,  Onur Aciicmez

IPC分类号： H04L29/06

CPC分类号： H04L63/0884 ,  G06F21/31 ,  H04L63/08 ,  H04L63/102

摘要： Improved techniques for obtaining authentication identifiers, authentication, and receiving services are disclosed. Multiple devices can be used for receiving service from a servicing entity (e.g., Service Providers). More particularly, a first device can be used to authenticate a first entity (e.g., one or more persons) for receiving services from the servicing entity, but the services can be received by a second device. Generally, the first device can be a device better suited, more preferred and/or more secure for authentication related activates including “Identity Management.” The second device can be generally more preferred for receiving and/or using the services. In addition, a device can be designated for authentication of an entity. The device releases an authentication identifier only if the entity has effectively authorized its release, thereby allowing “User Centric” approaches to “Identity Management.” A device can be designated for obtaining authentication identifiers from an identity assigning entity (e.g., an Identity Provider). The authentication identifiers can be used to authenticate an entity for receiving services from a servicing entity (e.g., a Service Provider) that provides the services to a second device. The same device can also be designated for authentication of the entity. The device can, for example, be a mobile phone allowing a mobile solution and providing a generally more secure computing environment than the device (e.g., a Personal Computer) used to receive and use the services.

摘要翻译： 公开了用于获得认证标识符，认证和接收服务的改进的技术。 多个设备可用于从服务实体（例如，服务提供商）接收服务。 更具体地，可以使用第一设备来认证用于从服务实体接收服务的第一实体（例如，一个或多个人），但是可以由第二设备接收服务。 通常，第一设备可以是对于包括“身份管理”的认证相关激活更适合，更优选和/或更安全的设备。第二设备通常可以更优选用于接收和/或使用服务。 另外，可以指定一个设备来认证一个实体。 只有当实体有效地授权其发布时，才能释放认证标识符，从而允许以“用户为中心”的方式进行“身份管理”。设备可以被指定用于从身份分配实体（例如，身份提供者）获取认证标识符， 。 认证标识符可用于认证用于从向第二设备提供服务的服务实体（例如，服务提供商）接收服务的实体。 同样的设备也可以被指定为实体的认证。 例如，设备可以是允许移动解决方案并且提供比用于接收和使用服务的设备（例如，个人计算机）通常更安全的计算环境的移动电话。

公开(公告)号：US07936871B2

公开(公告)日：2011-05-03

申请号：US11849765

申请日：2007-09-04

申请人： Onur Aciicmez ,  Jean-Pierre Seifert ,  Xinwen Zhang

发明人： Onur Aciicmez ,  Jean-Pierre Seifert ,  Xinwen Zhang

IPC分类号： H04K1/00 ,  H04L9/00 ,  H04L9/30 ,  H04L12/58 ,  H04L9/08 ,  G06F15/00 ,  G06F13/00 ,  G09C1/00

CPC分类号： G06F7/723 ,  G06F2207/7242 ,  G06F2207/7252 ,  H04L9/002 ,  H04L9/302

摘要： In one embodiment, cryptographic transformation of a message is performed by first performing a table initiation phase. Then an exponentiation phase is performed, wherein the exponentiation phase includes two or more parsing steps, wherein each of the parsing steps includes parsing a part of a cryptographic key into a window of size n, wherein n is a difficult to predict number.

摘要翻译： 在一个实施例中，通过首先执行表起始阶段来执行消息的密码学变换。 然后执行取幂阶段，其中求幂阶段包括两个或多个解析步骤，其中每个解析步骤包括将密钥的一部分解析为大小为n的窗口，其中n是难以预测的数目。

公开(公告)号：US20100257514A1

公开(公告)日：2010-10-07

申请号：US12417999

申请日：2009-04-03

申请人： Onur Aciicmez ,  Xinwen Zhang ,  Jean-Pierre Seifert

发明人： Onur Aciicmez ,  Xinwen Zhang ,  Jean-Pierre Seifert

IPC分类号： G06F9/45 ,  G06F12/00

CPC分类号： G06F21/125 ,  G06F12/0875 ,  G06F21/14

摘要： Executable computer code sections can be stored in the same section of secondary memory (e.g., instruction cache) during execution time in order to reduce the observable changes to the state of the secondary memory, thereby enhancing the security of computing systems that use secondary memory in addition the primary (main) memory to support execution of computer code. In addition, size of code sections can also be effectively adjusted so that code sections that are mapped to the same section of the secondary memory appear to have the same size, thereby further reducing the observable changes to the state of the secondary memory. As a result, the security of computing system can be further enhanced. It should be noted that code sections can be effectively relocated to cause them to map to the same section of secondary memory. It will be appreciated that mapping code sections considered to be critical to security can be especially useful to improving security. For example, codes sections considered to be critical to security can be identified and effectively mapped to the same section of an instruction cache (I-cache) as provided in more modern computing systems in order to improve the efficiency of execution, thereby allowing use of the I-cache in a more secure manner.

摘要翻译： 可执行的计算机代码部分可以在执行时间期间存储在次要存储器（例如，指令高速缓存）的相同部分中，以便减少对次要存储器的状态的可观察到的改变，从而增强使用辅助存储器的计算系统的安全性 添加主（主）内存以支持执行计算机代码。 此外，还可以有效地调整代码段的大小，使得映射到辅助存储器的相同部分的代码段看起来具有相同的大小，从而进一步减少对次级存储器的状态的可观察的改变。 结果，可以进一步提高计算系统的安全性。 应该注意的是，代码段可以被有效地重新定位，以使它们映射到相同的辅助存储器部分。 应当理解，被认为对安全性至关重要的映射代码部分对于提高安全性尤其有用。 例如，被认为对安全性至关重要的代码部分可以被识别并有效地映射到更现代的计算系统中提供的指令高速缓存（I缓存）的相同部分，以便提高执行的效率，从而允许使用 I缓存以更安全的方式。

公开(公告)号：US20100257318A1

公开(公告)日：2010-10-07

申请号：US12418033

申请日：2009-04-03

申请人： Onur Aciicmez ,  Xinwen Zhang ,  Jean-Pierre Seifert

发明人： Onur Aciicmez ,  Xinwen Zhang ,  Jean-Pierre Seifert

IPC分类号： G06F12/08 ,  G06F9/44

CPC分类号： G06F21/14 ,  G06F12/0808 ,  G06F12/0842 ,  G06F21/79 ,  G06F2212/1052 ,  G06F2221/2105 ,  G06F2221/2149

摘要： Executable computer code sections can be effectively evicted from secondary memory (e.g., instruction cache) during execution time in order to reduce the observable changes to the state of the secondary memory, thereby enhancing the security of computing systems that use secondary memory in addition the primary (main) memory to support execution of computer code. In particular, codes sections considered to be critical to security can be identified and effectively mapped to the same section of an instruction cache (I-cache) as provided in more modern computing systems in order to improve the efficiency of execution, thereby allowing use of the I-cache in a more secure manner.

摘要翻译： 可执行的计算机代码部分可以在执行时间期间从次要存储器（例如，指令高速缓存）中被有效地驱逐，以便减少对次要存储器的状态的可观察的改变，从而增强使用辅助存储器的计算系统的安全性 （主）内存支持执行计算机代码。 特别地，被认为对于安全性至关重要的代码部分可以被识别并且被有效地映射到更现代的计算系统中提供的指令高速缓存（I-cache）的相同部分，以便提高执行的效率，从而允许使用 I缓存以更安全的方式。

公开(公告)号：US20090300348A1

公开(公告)日：2009-12-03

申请号：US12131711

申请日：2008-06-02

申请人： Onur Aciicmez ,  Xinwen Zhang ,  Jean-Pierre Seifert

发明人： Onur Aciicmez ,  Xinwen Zhang ,  Jean-Pierre Seifert

IPC分类号： H04L9/06

CPC分类号： H04L63/08 ,  H04L63/04 ,  H04L63/0823

摘要： Methods and systems for regulating services provided by a first computing entity, such as a server, to a second computing entity, such as a client are described. A first entity receives a request for a service from a second entity over a network. The first entity determines whether the second entity has a trusted agent by examining an attestation report from the second entity. The first entity transmits a message to the second entity. The trusted agent on the second entity may receive the message. A response is created at the second computing entity and received at the first entity. The first entity then provides the service to the second entity. The first entity may transmit an attestation challenge to the second entity and in response receives an attestation report from the second entity.

摘要翻译： 描述用于将第一计算实体（诸如服务器）提供的服务调整到诸如客户端的第二计算实体的方法和系统。 第一实体通过网络从第二实体接收对服务的请求。 第一实体通过检查来自第二实体的证明报告来确定第二实体是否具有可信代理。 第一实体向第二实体发送消息。 第二实体上的可信代理可以接收消息。 在第二计算实体处创建并在第一实体处接收到响应。 然后，第一实体将服务提供给第二实体。 第一实体可以向第二实体发送认证挑战，并且在响应中接收到来自第二实体的认证报告。

公开(公告)号：US20090126006A1

公开(公告)日：2009-05-14

申请号：US11937320

申请日：2007-11-08

申请人： Xinwen Zhang ,  Jean-Pierre Seifert ,  Onur Aciicmez ,  Qingwei Ma

发明人： Xinwen Zhang ,  Jean-Pierre Seifert ,  Onur Aciicmez ,  Qingwei Ma

IPC分类号： G06F21/02

CPC分类号： G06F9/5033 ,  G06F21/52 ,  G06F21/62 ,  G06F21/6281

摘要： In an embodiment of the present invention, the ability for a user or process to set or modify affinities is restricted in order to method for control a multi-processor environment. This may be accomplished by using a reference monitor that controls a process' capability to retrieve and set its or another process' affinity. This aids in the prevention of security breaches.

摘要翻译： 在本发明的一个实施例中，为了控制多处理器环境的方法，限制了用户或进程设置或修改关联性的能力。 这可以通过使用参考监视器来实现，该监视器控制过程检索和设置其或另一进程的亲和力的能力。 这有助于预防安全漏洞。