-
公开(公告)号:US20070234355A1
公开(公告)日:2007-10-04
申请号:US11394655
申请日:2006-03-31
IPC分类号: G06F9/455
CPC分类号: G06F11/0712 , G06F11/0757
摘要: Hypervisors are a new technology in the industry that enable multiple Operating Systems to co-exist on a single client. The use of a hypervisor provides a novel approach to determining the operability of an Operating System. Each Operating System is a virtualized Operating System, with its own IP address. According to a preferred embodiment, the capability Operating System has an application that is a monitor program that runs and provides information that is sent to the maintenance Operating System. The monitor program sends a status packet at regular intervals, which contains system power state and is a confirmation that the system is not hung. If the maintenance Operating System does not receive a packet at a regular interval, or in response to a query, then the maintenance Operating System will be aware that the capability Operating System is hung and will take appropriate measures.
摘要翻译: 管理程序是行业中的一项新技术,可使多个操作系统在单个客户端上共存。 使用管理程序提供了一种确定操作系统可操作性的新颖方法。 每个操作系统都是一个虚拟化的操作系统,具有自己的IP地址。 根据优选实施例,能力操作系统具有作为运行并提供发送到维护操作系统的信息的监视程序的应用程序。 监控程序定期发送状态数据包,其中包含系统电源状态,并确认系统未挂起。 如果维护操作系统没有定期接收数据包或响应查询,则维护操作系统将会意识到操作系统的功能挂起并将采取适当的措施。
-
公开(公告)号:US08667577B2
公开(公告)日:2014-03-04
申请号:US12242340
申请日:2008-09-30
申请人: David C. Challener , Howard J. Locker , Mark C. Davis , Daryl C. Cromer , Randall S. Springfield
发明人: David C. Challener , Howard J. Locker , Mark C. Davis , Daryl C. Cromer , Randall S. Springfield
IPC分类号: G06F21/00
CPC分类号: G06F21/32 , G06F21/575 , G06F2221/2115
摘要: Systems and arrangements for permitting the transmission of fingerprint authentication data to a system remotely, while also permitting the system to employ such data as well as passwords in order to operate a computer system, while ensuring a reliable level of security for any group or organization using such systems and arrangements.
摘要翻译: 允许将指纹认证数据远程传输到系统的系统和布置,同时还允许系统采用这样的数据和密码以操作计算机系统,同时确保任何组或组织使用可靠的安全级别 这样的系统和安排。
-
公开(公告)号:US07805765B2
公开(公告)日:2010-09-28
申请号:US11319329
申请日:2005-12-28
申请人: David C. Challener , Daryl C. Cromer , Howard J. Locker , David R. Safford , Randall S. Springfield
发明人: David C. Challener , Daryl C. Cromer , Howard J. Locker , David R. Safford , Randall S. Springfield
CPC分类号: G06F21/565 , G06F2221/2151
摘要: Executable files are extended with a file signature containing a header containing validation data. This header may be added to an existing executable and linking format (ELF) header, added as a new section, or placed in a file's extended attribute store. The header contains results of all previous validation checks that have been performed. The file signature is inserted, with a date stamp, into the file attributes. On execution, the system checks the previously-created file signature against a current file signature, instead of creating the file signature for every file during the execution process. Checks to ensure that the file signature is secure, and is valid and up to date, are also implemented. Only if the file signature is not valid and up-to-date does the execution program create a new file signature at the time of execution.
摘要翻译: 可执行文件使用包含包含验证数据的标题的文件签名进行扩展。 该头可以被添加到现有的可执行和链接格式(ELF)头部,作为新部分添加或放置在文件的扩展属性存储中。 标题包含已执行的所有先前验证检查的结果。 将文件签名带有日期戳插入到文件属性中。 执行时,系统会根据当前文件签名检查先前创建的文件签名,而不是在执行过程中为每个文件创建文件签名。 检查以确保文件签名是安全的,并且是有效的和最新的,也被实现。 只有当文件签名无效且最新的执行程序在执行时才会创建新的文件签名。
-
34.发明授权公开(公告)号:US07752667B2
公开(公告)日:2010-07-06
申请号:US11024914
申请日:2004-12-28
申请人: David C. Challener , Daryl C. Cromer , Howard J. Locker , David R. Safford , Randall S. Springfield
发明人: David C. Challener , Daryl C. Cromer , Howard J. Locker , David R. Safford , Randall S. Springfield
CPC分类号: G06F21/565 , G06F2221/2151
摘要: A procedure and implementations thereof are disclosed that significantly reduce the amount of time necessary to perform a virus scan. A file signature is created each time a file is modified (i.e., with each “file write” to that file). The file signature is inserted, with a date stamp, into the file attributes. The virus scan program checks the previously-created file signature against the virus signature file instead of creating the file signature for every file during the virus scan. Checks to ensure that the file signature is secure, and is valid and up to date, are also implemented. Only if the file signature is not valid and up-to-date does the virus scan program create a new file signature at the time of the running of the virus scan.
摘要翻译: 公开了显着地减少进行病毒扫描所需的时间量的过程和实施方式。 每次修改文件(即每个“文件写入”文件)时都会创建文件签名。 将文件签名带有日期戳插入到文件属性中。 病毒扫描程序根据病毒签名文件检查先前创建的文件签名,而不是在病毒扫描期间为每个文件创建文件签名。 检查以确保文件签名是安全的,并且是有效的和最新的,也被实现。 只有当病毒扫描程序在病毒扫描运行时病毒扫描程序创建新的文件签名时,文件签名无效并且是最新的。
-
公开(公告)号:US07600134B2
公开(公告)日:2009-10-06
申请号:US10984400
申请日:2004-11-08
申请人: Ryan C. Catherman , David C. Challener , James P. Hoff , Joseph M. Pennisi , Randall S. Springfield
发明人: Ryan C. Catherman , David C. Challener , James P. Hoff , Joseph M. Pennisi , Randall S. Springfield
摘要: A method for theft deterrence of a computer system is disclosed. The computer system includes a trusted platform module (TPM) and storage medium. The method comprises providing a binding key in the TPM; and providing an encrypted symmetric key in the storage medium. The method further includes providing an unbind command to the TPM based upon an authorization to provide a decrypted symmetric key; and providing the decrypted symmetric key to the secure storage device to allow for use of the computer system. Accordingly, by utilizing a secure hard disk drive (HDD) that requires a decrypted key to function in conjunction with a TPM, a computer if stolen is virtually unusable by the thief. In so doing, the risk of theft of the computer is significantly reduced.
摘要翻译: 公开了一种用于计算机系统的盗窃威慑的方法。 计算机系统包括可信平台模块(TPM)和存储介质。 该方法包括在TPM中提供绑定密钥; 以及在所述存储介质中提供加密的对称密钥。 该方法还包括:基于提供解密对称密钥的授权向TPM提供解除绑定命令; 以及将解密的对称密钥提供给所述安全存储设备以允许所述计算机系统的使用。 因此,通过使用需要解密密钥与TPM一起工作的安全硬盘驱动器(HDD),如果窃取的计算机实际上不能被小偷使用。 在这样做时,盗窃计算机的风险显着降低。
-
公开(公告)号:US08756667B2
公开(公告)日:2014-06-17
申请号:US12341512
申请日:2008-12-22
申请人: Randall S. Springfield , Jeffrey M. Estroff , Seiichi Kawano , Mikio Hagiwara , David C. Challener , James P. Hoff , Binqiang Ma
发明人: Randall S. Springfield , Jeffrey M. Estroff , Seiichi Kawano , Mikio Hagiwara , David C. Challener , James P. Hoff , Binqiang Ma
IPC分类号: H04L9/32
CPC分类号: G06F21/34
摘要: In the context of computer systems, the generation of preboot passwords at a server instead of at a client. Preferably, preboot passwords generated at the server are distributed to the client, and a process is offered whereby a user can establish his/her own proxy, not known to the server, that can be used to release the stored passwords to the client hardware. Since the passwords are generated at the server, management of the passwords is greatly facilitated since they are generated at the site where they are stored. This also makes it easy to implement management features such as a group policy, since the password generation software will be able to make logical connections between users and hardware.
摘要翻译: 在计算机系统的上下文中,在服务器而不是在客户端生成预引导密码。 优选地,在服务器处生成的预引导密码被分发给客户端,并且提供一个过程,由此用户可以建立他/她自己的代理(服务器不知道),可以用于将存储的密码释放到客户端硬件。 由于密码是在服务器上生成的,因此密码的管理因其在存储位置生成而大大方便。 这也使得容易实现诸如组策略的管理功能,因为密码生成软件将能够在用户和硬件之间进行逻辑连接。
-
公开(公告)号:US08266449B2
公开(公告)日:2012-09-11
申请号:US12415495
申请日:2009-03-31
IPC分类号: G06F21/00
CPC分类号: H04L9/0897 , G06F11/1662 , G06F11/2094 , H04L9/3226
摘要: The invention broadly contemplates a security solution for storage devices that is inexpensive and robust. The invention allows a store of system specific data to be used to release the hard disk key of full-disk encryption (FDE) drives. This system specific data is passed to the FDE drives and used to calculate the actual encryption key. This allows for safe disposal of an FDE drive containing confidential data, as the lack of available system specific decryption data makes decryption virtually impossible.
摘要翻译: 本发明广泛地考虑了廉价且鲁棒的存储设备的安全解决方案。 本发明允许存储系统特定数据以释放全盘加密(FDE)驱动器的硬盘密钥。 该系统的特定数据被传递到FDE驱动器并用于计算实际的加密密钥。 这允许安全处理包含机密数据的FDE驱动器,因为缺少可用的系统特定解密数据使解密几乎不可能。
-
38.发明授权Method and apparatus for providing a secure single sign-on to a computer system 有权用于向计算机系统提供安全单点登录的方法和装置公开(公告)号:US07941847B2
公开(公告)日:2011-05-10
申请号:US11535110
申请日:2006-09-26
申请人: David Rivera , David C. Challener , William F. Keown, Jr. , Joseph M. Pennisi , Randall S. Springfield
发明人: David Rivera , David C. Challener , William F. Keown, Jr. , Joseph M. Pennisi , Randall S. Springfield
IPC分类号: G06F7/04
CPC分类号: G06F21/34
摘要: A method for providing a secure single sign-on to a computer system is disclosed. Pre-boot passwords are initially stored in a secure storage area of a smart card. The operating system password, which has been encrypted to a blob, is stored in a non-secure area of the smart card. After the smart card has been inserted in a computer system, a user is prompted for a Personal Identification Number (PIN) of the smart card. In response to a correct smart card PIN entry, the blob stored in the non-secure storage area of the smart card is decrypted to provide the operating system password, and the operating system password along with the pre-boot passwords stored in the secure storage area of the smart card are then utilized to log on to the computer system.
摘要翻译: 公开了一种用于向计算机系统提供安全单点登录的方法。 预引导密码最初存储在智能卡的安全存储区域中。 已经加密到Blob的操作系统密码存储在智能卡的非安全区域。 在将智能卡插入计算机系统中之后,将提示用户输入智能卡的个人识别号码(PIN)。 响应于正确的智能卡PIN条目,存储在智能卡的非安全存储区域中的斑点被解密以提供操作系统密码,以及操作系统密码以及存储在安全存储器中的预引导密码 然后使用智能卡的区域登录到计算机系统。
-
39.发明授权Method for protecting security accounts manager (SAM) files within windows operating systems 有权在Windows操作系统中保护安全帐户管理器(SAM)文件的方法公开(公告)号:US07818567B2
公开(公告)日:2010-10-19
申请号:US11535542
申请日:2006-09-27
申请人: Rod D. Waltermann , David C. Challener , Philip L. Childs , Norman A. Dion, II , James Hunt , Nathan J. Peterson , David Rivera , Randall S. Springfield , Arnold S. Weksler
发明人: Rod D. Waltermann , David C. Challener , Philip L. Childs , Norman A. Dion, II , James Hunt , Nathan J. Peterson , David Rivera , Randall S. Springfield , Arnold S. Weksler
IPC分类号: H04L29/06
CPC分类号: G06F21/575 , G06F21/6209 , G06F2221/2107 , H04L9/0897 , H04L2209/127
摘要: A method for protecting Security Accounts Manager (SAM) files within a Windows® operating system is disclosed. A SAM file encryption key is generated by encrypting a SAM file via a syskey utility provided within the Windows® operating system. The SAM file encryption key is then stored in a virtual floppy disk by selecting an option to store SAM file encryption key to a floppy disk under the syskey utility. A blob is generated by performing a Trusted Platform Module (TPM) Seal command against the SAM file encryption key along with a value stored in a Performance Control Register and a TPM Storage Root Key. The blob is stored in a non-volatile storage area of a computer.
摘要翻译: 披露了一种在Windows®操作系统中保护安全帐户管理器(SAM)文件的方法。 通过在Windows®操作系统中提供的syskey实用程序加密SAM文件来生成SAM文件加密密钥。 然后,SAM文件加密密钥存储在虚拟软盘中,方法是选择将SAM文件加密密钥存储到syskey实用程序下的软盘中。 通过对SAM文件加密密钥执行可信平台模块(TPM)密封命令以及存储在性能控制寄存器和TPM存储根密钥中的值来生成blob。 斑点存储在计算机的非易失性存储区域中。
-
公开(公告)号:US09015078B2
公开(公告)日:2015-04-21
申请号:US12748423
申请日:2010-03-28
CPC分类号: G06Q20/40 , G06Q20/38215 , G06Q20/3825 , G06Q40/02 , G06Q40/12 , G06Q50/265
摘要: An exemplary method includes transmitting, via a network interface, at least a currency amount in an attempt to confirm a financial transaction; responsive to the transmitting, receiving a confirmation indicator for the financial transaction; storing at least the currency amount in non-volatile memory; hashing at least the currency amount to generate a hash and storing the hash in a secure non-volatile memory; hashing at least the currency amount stored in the non-volatile memory to generate a verification hash; and in an attempt to verify at least the financial transaction, comparing the verification hash to the hash stored in the secure non-volatile memory. Various other apparatuses, systems, methods, etc., are also disclosed.
摘要翻译: 一种示例性方法包括经由网络接口至少发送货币金额来尝试确认金融交易; 响应于发送,接收金融交易的确认指标; 将至少存储在非易失性存储器中的货币量; 至少散列货币量以产生散列并将散列存储在安全的非易失性存储器中; 至少散列存储在非易失性存储器中的货币量以产生验证散列; 并且尝试至少验证金融交易,将验证散列与存储在安全非易失性存储器中的散列进行比较。 还公开了各种其它装置,系统,方法等。
-
-
-
-
-
-
-
-
-
搜索结果
79 条记录 (耗时 0.023 秒)