利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

95 条记录 (耗时 0.034 秒)

    INFORMATION PROCESSING APPARATUS AND FALSIFICATION VERIFICATION METHOD
    52.
    发明申请
    INFORMATION PROCESSING APPARATUS AND FALSIFICATION VERIFICATION METHOD 审中-公开
    信息处理装置和伪造验证方法

    公开(公告)号:US20110044451A1

    公开(公告)日:2011-02-24

    申请号:US12666636

    申请日:2007-07-25

    申请人: Jun Anzai Hideki Matsushima Tomoyuki Haga

    发明人: Jun Anzai Hideki Matsushima Tomoyuki Haga

    IPC分类号: H04L9/12 G06F12/00

    CPC分类号: G06F21/51

    摘要: An object of the present invention is to provide an information processing apparatus in which a secure CPU and a non-secure CPU are included, that is capable of reliably detecting falsification of programs. The information processing apparatus according to the present invention includes a secure CPU 1, a non-secure CPU 2, a nonvolatile memory 3, a boot ROM 11, and a RAM 12. The secure CPU 1 verifies the presence or absence of falsification of various programs stored in the nonvolatile memory 3 with reference to a first falsification verification program stored in the boot ROM 11, according to a verification result, and loads a secure CPU target program 31 stored in the nonvolatile memory 3 into the RAM 12, and outputs a non-secure CPU target program stored in the nonvolatile memory 3 to the non-secure CPU 2 with reference to a load program loaded in the RAM 12.

    摘要翻译: 本发明的目的是提供一种信息处理装置,其中包括安全CPU和非安全CPU,其能够可靠地检测程序的伪造。 根据本发明的信息处理设备包括安全CPU 1,非安全CPU 2,非易失性存储器3,引导ROM11和RAM12。安全CPU 1验证各种不同的伪造的伪造的存在或不存在 根据验证结果参照存储在引导ROM11中的第一伪造验证程序存储在非易失性存储器3中的程序,并将存储在非易失性存储器3中的安全CPU目标程序31加载到RAM 12中,并输出 参考加载在RAM 12中的加载程序,存储在非易失性存储器3中的非安全CPU目标程序发送到非安全CPU2。

    INFORMATION SECURITY DEVICE AND INFORMATION SECURITY SYSTEM
    53.
    发明申请
    INFORMATION SECURITY DEVICE AND INFORMATION SECURITY SYSTEM 有权
    信息安全设备和信息安全系统

    公开(公告)号:US20100332820A1

    公开(公告)日:2010-12-30

    申请号:US12865894

    申请日:2009-02-23

    申请人: Hideki Matsushima Hisashi Takayama Takayuki Ito Tomoyuki Haga Yuichi Futa Taichi Sato

    发明人: Hideki Matsushima Hisashi Takayama Takayuki Ito Tomoyuki Haga Yuichi Futa Taichi Sato

    IPC分类号: H04L9/00

    CPC分类号: G06F21/10 G06F9/45558 G06F21/57 G06F2009/45587 G06F2221/0782 G06F2221/2137 G06F2221/2145 H04L9/14 H04L9/3234 H04L9/3247 H04L9/3263 H04L2209/127 H04L2209/603

    摘要: The present invention provides a migration apparatus that realizes safe migration of data between devise that use different encryption algorithms and different security authentication levels. The fourth electronic terminal device 2502 sends, to the migration authority 2501, a request for migration of a virtual machine to the fifth electronic terminal device 2503. If the fifth electronic terminal device 2503 is not an illegitimate device, the migration authority 2501 sends a migration request to the fifth electronic terminal device 2503. The fifth electronic terminal device 2503 sends, to the migration authority 2501, a digital signature and so on, together with the request. The migration authority 2501 makes a judgment. If the result is “OK”, the migration authority 2501 sends the result “OK” to the fifth electronic terminal device 2503. The fourth electronic terminal device 2502 encrypts a migration package and sends the encrypted migration package to the migration authority 2501, and sends the virtual machine to the fifth electronic terminal device 2503.

    摘要翻译: 本发明提供了一种迁移装置,其实现了使用不同加密算法和不同安全认证级别的设备之间的数据的安全迁移。 第四电子终端装置2502向迁移机构2501发送虚拟机迁移到第五电子终端装置2503的请求。如果第五电子终端装置2503不是非法装置,则迁移机构2501发送迁移 请求到第五电子终端装置2503.第五电子终端装置2503与请求一起发送到移动局2501的数字签名等。 迁移管理机构2501进行判断。 如果结果为“OK”,则迁移机构2501将结果“OK”发送到第五电子终端装置2503.第四电子终端装置2502对迁移包进行加密,并将加密的迁移包发送到迁移机构2501,并发送 虚拟机到第五电子终端设备2503。

    DATA PROCESSING DEVICE, DATA PROCESSING METHOD, DATA PROCESSING PROGRAM, RECORDING MEDIUM, AND INTEGRATED CIRCUIT
    55.
    发明申请
    DATA PROCESSING DEVICE, DATA PROCESSING METHOD, DATA PROCESSING PROGRAM, RECORDING MEDIUM, AND INTEGRATED CIRCUIT 有权
    数据处理设备,数据处理方法,数据处理程序,记录介质和集成电路

    公开(公告)号:US20100229168A1

    公开(公告)日:2010-09-09

    申请号:US12377320

    申请日:2008-06-04

    申请人: Manabu Maeda Tomoyuki Haga Takayuki Ito Hideki Matsushima Yuichi Futa

    发明人: Manabu Maeda Tomoyuki Haga Takayuki Ito Hideki Matsushima Yuichi Futa

    IPC分类号: G06F9/455 G06F3/00

    CPC分类号: G06F1/3203 G06F9/45558 G06F9/4856 G06F9/4893 G06F21/57 Y02D10/24 Y02D10/32

    摘要: When notifying virtual machines of a change to shared data, it is impossible to realize power saving for the apparatus if always notifying a virtual machine in the power-saving state.The present invention is equipped with an inter-VM notification management unit 1242, a resuming judgment unit 1244 and a scheduled interruption time acquisition unit 1245, and when it is necessary to notify a virtual machine in the power-saving state, the resuming judgment unit 1244 judges whether to cause the virtual machine to return from the power saving state, based on the time until the interruption acquired by the scheduled interruption time acquisition unit 1245. With this structure, the present invention prevents unnecessary transitions between the states, and realizes the power saving for the apparatus.

    摘要翻译: 通知虚拟机对共享数据进行更改时,如果总是通知虚拟机处于省电状态,则不可能实现设备的省电。 本发明装备有VM间通知管理单元1242,恢复判断单元1244和调度中断时间获取单元1245,并且当需要在省电状态下通知虚拟机时,恢复判断单元 1244根据直到调度中断时间获取单元1245获取的中断的时间来判断是否使虚拟机从省电状态返回。利用这种结构,本发明防止了状态之间的不必要的转换,并且实现了 为设备省电。

    Information processing device, virtual machine creation method, and application distribution system
    56.
    发明授权
    Information processing device, virtual machine creation method, and application distribution system 有权
    信息处理设备,虚拟机创建方法和应用分发系统

    公开(公告)号:US09081596B2

    公开(公告)日:2015-07-14

    申请号:US13515384

    申请日:2011-03-08

    申请人: Manabu Maeda Hideki Matsushima Tomoyuki Haga Kenneth Alexander Nicolson

    发明人: Manabu Maeda Hideki Matsushima Tomoyuki Haga Kenneth Alexander Nicolson

    IPC分类号: G06F9/455 G06F9/48 G06F21/53

    CPC分类号: G06F9/45533 G06F9/4843 G06F21/53 G06F2009/45562 G06F2009/45587

    摘要: A device (110) according to an implementation of the present invention, having a plurality of virtual machines (1002, 1003, 1004, and 1005), includes a virtualization software (1001) which manages the virtual machines. The virtualization software includes an application VM creating unit (1300) which creates a virtual machine for executing a program. A first virtual machine (1002) determines whether a first program is to be executed on the first virtual machine or to be executed on a virtual machine other than the first virtual machine. When the first virtual machine determines that the first program is to be executed on the other virtual machine, the application VM creating unit creates a second virtual machine for executing the first program.

    摘要翻译: 根据本发明的实现的具有多个虚拟机(1002,1003,1004和1005)的设备(110)包括管理虚拟机的虚拟化软件(1001)。 虚拟化软件包括创建用于执行程序的虚拟机的应用程序VM创建单元(1300)。 第一虚拟机(1002)确定要在第一虚拟机上执行第一程序还是在除第一虚拟机之外的虚拟机上执行第一程序。 当第一虚拟机确定要在另一虚拟机上执行第一程序时,应用程序VM创建单元创建用于执行第一程序的第二虚拟机。

    Program execution apparatus, control method, control program, and integrated circuit
    57.
    发明授权
    Program execution apparatus, control method, control program, and integrated circuit 有权
    程序执行装置,控制方法,控制程序和集成电路

    公开(公告)号:US08555089B2

    公开(公告)日:2013-10-08

    申请号:US12652256

    申请日:2010-01-05

    申请人: Takayuki Ito Manabu Maeda Tomoyuki Haga Hideki Matsushima Yuichi Futa Kouji Kobayashi

    发明人: Takayuki Ito Manabu Maeda Tomoyuki Haga Hideki Matsushima Yuichi Futa Kouji Kobayashi

    IPC分类号: G06F11/00

    CPC分类号: G06F21/554 G06F21/62 G06F21/74

    摘要: Information processing apparatus (100) ensures confidentiality of encryption and reduces overhead associated with processing not directly related to the encryption. The information processing apparatus (100) includes: application program (A158) that includes an instruction for encryption which uses a key; tampering detection unit (135x) that detects tampering of the program; CPU (141) that operates according to instructions and outputs a direction for encryption upon detecting the instruction for encryption; data encryption/decryption function unit (160) that controls switching to the protective mode according to the direction; and protected data operation unit (155) that stores a key in correspondence with the program, outputs the key in the protective mode, and controls switching to the normal mode, and the data encryption/decryption function unit (160) executes the encryption in the normal mode using the received key.

    摘要翻译: 信息处理装置(100)确保加密的机密性,并减少与加密无直接关系的处理相关的开销。 信息处理装置(100)包括:应用程序(A158),其包括使用密钥的用于加密的指令; 篡改检测单元(135x),用于检测程序的篡改; CPU(141),其根据指令进行操作,并且在检测到加密指令时输出加密方向; 数据加密/解密功能单元(160),其根据所述方向控制切换到所述保护模式; 和存储与程序对应的密钥的保护数据操作单元(155),将该密钥输出为保护模式,并控制切换到正常模式,并且数据加密/解密功能单元(160)执行加密 正常模式使用接收的键。

    INFORMATION PROCESSING APPARATUS, METHOD, PROGRAM, AND INTEGRATED CIRCUIT
    58.
    发明申请
    INFORMATION PROCESSING APPARATUS, METHOD, PROGRAM, AND INTEGRATED CIRCUIT 有权
    信息处理设备,方法,程序和集成电路

    公开(公告)号:US20130185816A1

    公开(公告)日:2013-07-18

    申请号:US13816501

    申请日:2012-05-31

    申请人: Manabu Maeda Hideki Matsushima Kenneth Alexander Nicolson Tomoyuki Haga

    发明人: Manabu Maeda Hideki Matsushima Kenneth Alexander Nicolson Tomoyuki Haga

    IPC分类号: G06F21/60

    CPC分类号: G06F21/604

    摘要: A content display apparatus which processes protected information configured, with an aim to prevent access from any unauthorized program, to include: a process managing unit which manages a plurality of processes operable in the content display apparatus; and an access detecting unit configured to detect access to the protected-information access detecting unit which detects access to the protected information. The process managing unit includes an application execution control unit which temporarily stops the operation of each of at least one process other than a process which accesses the protected information among the plurality of processes when the access to the protected information is detected by the protected-information access detecting unit.

    摘要翻译: 一种内容显示装置,其处理被配置为防止从任何未经授权的程序访问的受保护信息,包括:管理在内容显示装置中可操作的多个处理的处理管理单元; 以及访问检测单元,被配置为检测对被保护信息访问检测单元的访问,其检测对所述受保护信息的访问。 处理管理单元包括应用程序执行控制单元,当对受保护信息的访问被保护信息检测到时,临时停止在多个处理中访问受保护信息的处理之外的至少一个处理中的每一个的操作 访问检测单元。

    Information processing device, authentication system, authentication device, information processing method, information processing program, recording medium, and integrated circuit
    59.
    发明授权
    Information processing device, authentication system, authentication device, information processing method, information processing program, recording medium, and integrated circuit 有权
    信息处理装置,认证系统,认证装置,信息处理方法,信息处理程序,记录介质和集成电路

    公开(公告)号:US08479000B2

    公开(公告)日:2013-07-02

    申请号:US12992699

    申请日:2009-10-09

    申请人: Hisashi Takayama Hideki Matsushima Takayuki Ito Tomoyuki Haga Kenneth Alexander Nicolson

    发明人: Hisashi Takayama Hideki Matsushima Takayuki Ito Tomoyuki Haga Kenneth Alexander Nicolson

    IPC分类号: H04L29/06 H04L9/00 H04K1/00 G06F15/177 G06F17/00 H04L12/18 H04L9/08 H04L9/32 G06F21/22

    CPC分类号: H04L9/3247 G06F21/445 G06F2221/2129 H04L9/3263 H04L2209/60 H04L2209/68 H04L2209/80

    摘要: The present invention provides an information processing device, an authentication system, etc. that save a server the trouble of updating a database, etc., even when a software module in a client device is updated, and that are capable of verifying whether software modules that have been started in the client device are valid. The terminal device A100 holds private keys 1 and 2, and performs authentication processing with the terminal device B101 using the private key 2. The private key 1 has been encrypted such that the private key 1 is decryptable only when secure boot is completed. The private key 2 has been encrypted such that the private key 2 is decryptable using the private key 1 only when the application module X that has been started is valid. When the authentication processing is successful, the terminal device B101 verifies that the terminal device A100 has completed secure boot and the application module X that has been started in the terminal device A100 is valid. Also, the terminal device B101 performs the authentication processing using the same private key 2, regardless of whether a program pertaining to the secure boot of the terminal device A100 is updated or not.

    摘要翻译: 本发明提供一种信息处理装置,认证系统等,其即使在客户端装置中的软件模块被更新时也能够保存服务器更新数据库等的故障,并且能够验证软件模块 已经在客户端设备中启动的是有效的。 终端装置A100保持私有密钥1和2,并使用专用密钥2对终端装置B101进行认证处理。专用密钥1已被加密,使得专用密钥1仅在安全引导完成时被解密。 专用密钥2已经被加密,使得仅当已经启动的应用模块X有效时,私钥2可以使用专用密钥1被解密。 当认证处理成功时,终端装置B101验证终端装置A100是否已经完成安全引导,并且已经在终端装置A100中启动的应用模块X有效。 此外,终端装置B101使用相同的私钥2执行认证处理,而不管终端装置A100的安全引导有关的程序是否被更新。

    Detecting unauthorized tampering of a program
    60.
    发明授权
    Detecting unauthorized tampering of a program 有权
    检测未经授权篡改程序

    公开(公告)号:US08453206B2

    公开(公告)日:2013-05-28

    申请号:US12377040

    申请日:2007-11-07

    申请人: Tomoyuki Haga Hideki Matsushima Takayuki Ito Manabu Maeda Taichi Sato

    发明人: Tomoyuki Haga Hideki Matsushima Takayuki Ito Manabu Maeda Taichi Sato

    IPC分类号: G06F7/04

    CPC分类号: G06F21/64 G06F21/51

    摘要: A tamper detection device detects tampering with a program loaded to memory, at high speed and without compromising the safety. Prior to loading of a program, a dividing-size determining unit 12 determines a block size based on random number information, a dividing unit 13 divides the program by the block size into data blocks, and a first conversion unit 14 converts, by conducting a logical operation, the data blocks into intermediate authentication data no greater than the block size, and a second conversion unit 15 conducts a second conversion on the intermediate authentication data to generate authentication data. The authentication data and the block size are stored. After the program loading, a program resulting from the loading is divided by the block size, followed by the first and second conversions to generate comparative data. The comparative data is compared with the authentication data to detect tampering of the loaded program.

    摘要翻译: 篡改检测装置可以高速地检测加载到存储器的程序的篡改,而不会影响安全性。 在加载程序之前,分割尺寸确定单元12基于随机数信息确定块大小,分割单元13将程序除以块大小分成数据块,第一转换单元14通过执行 逻辑运算,将数据块转换成不大于块大小的中间认证数据,第二转换单元15对中间认证数据进行第二转换以生成认证数据。 存储认证数据和块大小。 在程序加载之后,由加载产生的程序除以块大小,然后进行第一次和第二次转换以生成比较数据。 将比较数据与认证数据进行比较,以检测加载的程序的篡改。