利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

105 条记录 (耗时 0.031 秒)

    CONTROL OF ENTRY INTO PROTECTED MEMORY VIEWS
    41.
    发明申请
    CONTROL OF ENTRY INTO PROTECTED MEMORY VIEWS 有权
    进入受保护的存储器视图的控制

    公开(公告)号:US20160179665A1

    公开(公告)日:2016-06-23

    申请号:US14581730

    申请日:2014-12-23

    申请人: Michael LeMay Ravi L. Sahita Barry E. Huntley David M. Durham Vedvyas Shanbhogue

    发明人: Michael LeMay Ravi L. Sahita Barry E. Huntley David M. Durham Vedvyas Shanbhogue

    IPC分类号: G06F12/08 G06F9/455

    CPC分类号: G06F12/08 G06F9/45558 G06F12/1009 G06F12/1491 G06F21/79 G06F2009/45583 G06F2009/45591 G06F2212/151 G06F2212/657

    摘要: Generally, this disclosure provides systems, devices, methods and computer readable media for controlled memory view switching. The system may include a memory module comprising a shared address space between a first memory view and a second memory view. The system may also include a virtual machine monitor (VMM) to maintain a list of Controlled View Switch (CVS) descriptors. The system may further include a processor to receive a memory view switch request and to execute an instruction to save processor state information and switch from the first memory view to the second memory view, wherein the second memory view is specified by an extended page table pointer (EPTP) provided by one of the CVS descriptors.

    摘要翻译: 通常,本公开提供了用于受控存储器视图切换的系统,设备,方法和计算机可读介质。 该系统可以包括存储器模块,该存储器模块包括第一存储器视图和第二存储器视图之间的共享地址空间。 该系统还可以包括维护受控视图切换(CVS)描述符的列表的虚拟机监视器(VMM)。 该系统还可以包括处理器,用于接收存储器视图切换请求并且执行用于保存处理器状态信息并从第一存储器视图切换到第二存储器视图的指令,其中第二存储器视图由扩展页表指针 (EPTP)由其中一个CVS描述符提供。

    Secure local boot using third party data store (3PDS) based ISO image
    42.
    发明授权
    Secure local boot using third party data store (3PDS) based ISO image 有权
    使用基于第三方数据存储(3PDS)的ISO映像进行本地启动

    公开(公告)号:US08751782B2

    公开(公告)日:2014-06-10

    申请号:US12970698

    申请日:2010-12-16

    申请人: Hormuzd M. Khosravi Divya Naidu Kolar Sundar David M. Durham

    发明人: Hormuzd M. Khosravi Divya Naidu Kolar Sundar David M. Durham

    IPC分类号: G06F9/00 G06F15/177 G06F11/30 G06F12/14 G06F7/04 G06F17/30

    CPC分类号: G06F21/572 G06F21/575

    摘要: In some embodiments, the invention involves a method and apparatus for secure/authenticated local boot of a host operating system on a computing platform using active management technology (AMT) with a third party data store (3PDS)-based ISO firmware image. A portion of non-volatile memory is hardware secured against access by the host processor and OS, and accessible only to the AMT. The AMT comprises an AT/ATAPI protocol emulator to access an ISO boot image from secured memory, while appearing to the host processor as a communication with an AT/ATAPI device. Other embodiments are described and claimed.

    摘要翻译: 在一些实施例中,本发明涉及一种用于使用基于第三方数据存储(3PDS)的ISO固件映像的主动管理技术(AMT)在计算平台上安全/认证的主机操作系统本地引导的方法和装置。 非易失性存储器的一部分是由主机处理器和OS访问的硬件安全的,并且只能由AMT访问。 AMT包括AT / ATAPI协议仿真器,用于从安全存储器访问ISO引导映像,同时作为与AT / ATAPI设备的通信向主机处理器呈现。 描述和要求保护其他实施例。

    DEVICE, METHOD, AND SYSTEM FOR CONTROLLING ACCESS TO WEB OBJECTS OF A WEBPAGE OR WEB-BROWSER APPLICATION
    43.
    发明申请
    DEVICE, METHOD, AND SYSTEM FOR CONTROLLING ACCESS TO WEB OBJECTS OF A WEBPAGE OR WEB-BROWSER APPLICATION 审中-公开
    用于控制访问网页或网络浏览器应用程序的WEB对象的设备,方法和系统

    公开(公告)号:US20140095870A1

    公开(公告)日:2014-04-03

    申请号:US13631419

    申请日:2012-09-28

    申请人: Prashant Dewan David M. Durham

    发明人: Prashant Dewan David M. Durham

    IPC分类号: G06F21/00 H04L9/32

    CPC分类号: H04L9/3231 G06F21/32 H04L9/0866 H04L63/0428 H04L63/0861 H04L67/02 H04L67/42

    摘要: A method and device for securely displaying web content with secure web objects across untrusted channels includes downloading web content from a web server. The web content includes tags that a web browser uses to authenticate the current user and identify encrypted web objects packaged in the web content. The computing device authenticates the current user using a biometric recognition procedure. If the current user is authenticated and determined to be authorized to view the decrypted web object, the encrypted web object is decrypted and displayed to the user. If the user is unauthenticated, the encrypted web object is displayed in place of the encrypted web object such that the decrypted web object is displayed for only authorized persons physically present at the computing device. The biometric recognition procedure and web object decryption processes are protected through secure media path circuitry and secure memory.

    摘要翻译: 用于在不受信任的频道上安全地显示具有安全web对象的web内容的方法和装置包括从Web服务器下载web内容。 网页内容包括网页浏览器用来验证当前用户并识别打包在网页内容中的加密网页对象的标签。 计算设备使用生物识别程序认证当前用户。 如果当前用户被认证并被确定为被授权以查看解密的web对象,则加密的web对象被解密并显示给用户。 如果用户未经身份验证,则加密的web对象被显示代替加密的web对象,使得被解密的web对象被显示给仅在物理存在于计算设备处的授权人员。 生物识别程序和web对象解密过程通过安全媒体路径电路和安全存储器进行保护。

    System and method for managing actions provided by a network using a policy tree
    46.
    发明授权
    System and method for managing actions provided by a network using a policy tree 有权
    用于管理由网络使用策略树提供的操作的系统和方法

    公开(公告)号:US06601082B1

    公开(公告)日:2003-07-29

    申请号:US09365101

    申请日:1999-07-30

    申请人: David M. Durham Russell J. Fenger Rajendra S. Yavatkar

    发明人: David M. Durham Russell J. Fenger Rajendra S. Yavatkar

    IPC分类号: G06F900

    CPC分类号: H04L41/28 H04L63/0227 H04L63/105

    摘要: A system and method for managing a network using a policy tree which includes a plurality of levels (e.g., two levels, five levels, etc.) is described. When the network receives a request to provide an action to a particular source, the network determines if the action is available as a function of at least one level of the plurality of levels. If the action is available, the network determines if the particular source is authorized to be provided with the action as a function of at least one rule of at least one further level of the plurality of levels. If the particular source is authorized, the network provides the action to the particular source.

    摘要翻译: 描述了使用包括多个级别(例如,两个级别,五个等级等)的策略树来管理网络的系统和方法。 当网络接收到向特定源提供动作的请求时,网络确定该动作是否可用作为多个级别中的至少一个级别的函数。 如果动作可用,则网络确定特定源是否被授权被提供作为多个级别中的至少一个进一步级别的至少一个规则的函数的动作。 如果特定的源被授权,则网络向特定的源提供动作。

    Carton for egg-shaped containers
    47.
    发明授权
    Carton for egg-shaped containers 失效
    蛋形容器

    公开(公告)号:US4010887A

    公开(公告)日:1977-03-08

    申请号:US573572

    申请日:1975-04-30

    申请人: David M. Durham

    发明人: David M. Durham

    IPC分类号: B65D5/02 B65D5/36 B65D85/20 B65D3/04

    CPC分类号: B65D5/3621 B65D5/0227

    摘要: A pre-cut, pre-folded carton having a hexagonally shaped, preformed bottom with upwardly extending walls which form at the top thereof a generally circular top for receiving and retaining the bottom, enlarged portion of an egg-shaped container therein. A die-cut blank is first formed with a rear wall section and a pair of front wall sections. Each section is of a height sufficient to receive the largest diameter of the egg-shaped container therein and includes depending lower flap portions. The bottom is formed by folding and gluing the lower flap sections. The resulting carton has a first, flat position in which the bottom wall is folded up between the front and rear walls, and a second, open position where the flap sections, which are already secured to form a folded bottom section, are automatically unfolded or extended to form a double-thickness, hexagonal shaped bottom wall. An upper flap folds downwardly and inwardly from the upper edges of the front and rear wall to form a retaining member of reduced diameter which prevents inadvertent removal of the container.

    STACK PIVOT DETECTION SYSTEMS AND METHODS
    48.
    发明申请
    STACK PIVOT DETECTION SYSTEMS AND METHODS 审中-公开

    公开(公告)号:US20180285559A1

    公开(公告)日:2018-10-04

    申请号:US15472181

    申请日:2017-03-28

    申请人: Rodrigo Branco Xiaoning Li David M. Durham Hongliang Gao Stephen A. Fischer Baiju V. Patel

    发明人: Rodrigo Branco Xiaoning Li David M. Durham Hongliang Gao Stephen A. Fischer Baiju V. Patel

    IPC分类号: G06F21/52 G06F21/55 G06F15/78

    摘要: The present disclosure is directed to systems and methods for detecting stack-pivot attacks in a processor-based device. Processor circuitry executes one or more applications via sequential execution of instructions on a stack. Stack pivot attacks occur when an attacker takes control of the stack and uses the stack to execute a series of code sections referred to as “gadgets.” A stack-pivot attack detector establishes an allowable processor stack offset change value associated with an application and monitors a processor stack offset change value responsive to an occurrence of a processor stack exchange instruction. A stack-pivot attack is detected when the processor offset change value exceeds the allowable processor stack offset change value. Upon detecting a stack-pivot attack, the stack-pivot detection circuitry causes the selective termination of the application.

    TRUSTED TIMER SERVICE
    49.
    发明申请
    TRUSTED TIMER SERVICE 审中-公开

    公开(公告)号:US20180189464A1

    公开(公告)日:2018-07-05

    申请号:US15395399

    申请日:2016-12-30

    申请人: Alpa T. Narendra Trivedi Siddhartha Chhabra Karanvir S. Grewal David M. Durham

    发明人: Alpa T. Narendra Trivedi Siddhartha Chhabra Karanvir S. Grewal David M. Durham

    IPC分类号: G06F21/12

    CPC分类号: G06F21/126 G06F2221/0735

    摘要: A trusted time service is provided that can detect resets of a real-time clock and re-initialize the real-time clock with the correct time. The trusted time service provides a secure communication channel from an application requesting a timestamp to the real-time clock, so that malicious code (such as a compromised operating system) cannot intercept a timestamp as it is communicated from the real-time clock to the application. The trusted time service synchronizes wall-clock time with a trusted time server, as well as protects against replay attacks, where a valid data transmission (such as transmission of a valid timestamp) is maliciously or fraudulently repeated or delayed.