利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

208 条记录 (耗时 0.04 秒)

    Saving and retrieving data based on symmetric key encryption
    51.
    发明授权
    Saving and retrieving data based on symmetric key encryption 有权

    公开(公告)号:US07487365B2

    公开(公告)日:2009-02-03

    申请号:US10406861

    申请日:2003-04-04

    申请人: Paul England Marcus Peinado

    发明人: Paul England Marcus Peinado

    IPC分类号: H04L9/00 H04N7/167

    CPC分类号: G06F21/6218

    摘要: In accordance with certain aspects, data is received from a calling program. Ciphertext that includes the data is generated, using a symmetric cipher, in a manner that allows only one or more target programs to be able to obtain the data from the ciphertext. In accordance with other aspects, a bit string is received from a calling program. An identifier of the calling program is checked to determine whether the calling program is allowed to access data encrypted in ciphertext of the bit string. The integrity of the data is also verified, and the data is decrypted using a symmetric key. The data is returned to the calling program only if the calling program is allowed to access the data and if the integrity of the data is successfully verified.

    Switching user mode thread context
    52.
    发明申请
    Switching user mode thread context 审中-公开
    切换用户模式线程上下文

    公开(公告)号:US20080320475A1

    公开(公告)日:2008-12-25

    申请号:US11820422

    申请日:2007-06-19

    申请人: Matthew D. Klein Paul England

    发明人: Matthew D. Klein Paul England

    IPC分类号: G06F9/46

    CPC分类号: G06F9/461

    摘要: Various technologies and techniques are disclosed for switching user mode thread context. A user mode portion of a thread can be switched without entering a kernel by using execution context directly based on registers. Upon receiving a request to switch a user mode part of a thread to a new thread, user mode register contexts are switched, as well as a user mode thread block by changing an appropriate register to point at the user mode thread block of the new thread. Switching is available in environments using segment registers with offsets. Each user mode thread block in a process has a descriptor in a local descriptor table. When switching a user mode thread context to a new thread, a descriptor is located for a user mode thread block of the new thread. A shadow register is updated with a descriptor base address of the new thread.

    摘要翻译: 公开了用于切换用户模式线程上下文的各种技术和技术。 线程的用户模式部分可以通过直接基于寄存器使用执行上下文来切换而不进入内核。 在接收到将线程的用户模式部分切换到新线程的请求时,通过将适当的寄存器改变为指向新线程的用户模式线程块来切换用户模式注册上下文以及用户模式线程块 。 在使用带偏移量的段寄存器的环境中可以进行切换。 进程中的每个用户模式线程块在本地描述符表中都有描述符。 当将用户模式线程上下文切换到新线程时,将为新线程的用户模式线程块定位描述符。 影子寄存器用新线程的描述符基地址更新。

    Notifying user mode scheduler of blocking events
    53.
    发明申请
    Notifying user mode scheduler of blocking events 审中-公开
    通知用户模式调度程序阻塞事件

    公开(公告)号:US20080313652A1

    公开(公告)日:2008-12-18

    申请号:US11818627

    申请日:2007-06-15

    申请人: Matthew D. Klein Paul England

    发明人: Matthew D. Klein Paul England

    IPC分类号: G06F13/00

    CPC分类号: G06F9/485 G06F9/524

    摘要: Various technologies and techniques are disclosed for detecting and handling blocking events. A user mode thread is assigned a dedicated backing thread. System calls are made on the dedicated backing thread. The kernel detects when a system call results in a blocking event. A core that the dedicated backing thread is currently running on is observed. An entry in a per process table that maps cores to a currently associated primary thread waiting to be woken is consulted. The currently associated primary thread for the core is woken with a special result code to indicate that it was woken due to the blocking system call. The primary thread is released back to the application. A user mode scheduler is notified of the blocking event so a core can continue to be utilized.

    摘要翻译: 公开了用于检测和处理阻塞事件的各种技术和技术。 用户模式线程被分配一个专用的背衬线程。 系统调用在专用后备线上进行。 内核检测系统调用何时导致阻塞事件。 观察到专用背衬线程正在运行的核心。 在每个进程表中,将核心映射到等待被唤醒的当前关联的主线程中的一个条目。 用于核心的当前关联的主线程用特殊结果代码唤醒,以指示由于阻塞系统调用而唤醒它。 主线程被释放回应用程序。 通知用户模式调度器阻塞事件,以便核心可以继续被利用。

    Multiplexing a secure counter to implement second level secure counters
    54.
    发明授权
    Multiplexing a secure counter to implement second level secure counters 有权
    复用安全计数器来实现二级安全计数器

    公开(公告)号:US07421579B2

    公开(公告)日:2008-09-02

    申请号:US10185506

    申请日:2002-06-28

    申请人: Paul England Marcus Peinado

    发明人: Paul England Marcus Peinado

    IPC分类号: H04L9/00 G06F11/30 H04L9/32 H04K1/00

    CPC分类号: G06F21/64 G06F21/10 G06F2221/2145

    摘要: A multiplexed secure counter is provided, in which a multiplicity of child secure counters are secured by a parent secure counter. Child counters are stored with a parent secure counter value and a signature. Before a child counter is read, the signature is verified and value stored is checked against the current value of the parent secure value. If the verifications are successful, the child secure counter can be used. To increment a child counter, the signature is verified and the value stored checked against the current value of the parent secure value. If the verifications are successful, the parent counter and the child counter are incremented, and the data is signed again.

    摘要翻译: 提供一种复用的安全计数器,其中多个子安全计数器由父安全计数器保护。 子计数器存储有父安全计数器值和签名。 在读取子计数器之前,验证签名,并根据父安全值的当前值检查值存储。 如果验证成功,则可以使用子安全计数器。 要增加子计数器,将验证签名,并根据父安全值的当前值检查存储的值。 如果验证成功,则父计数器和子计数器递增,数据再次签名。

    Secure processor architecture for use with a digital rights management (DRM) system on a computing device
    56.
    发明授权
    Secure processor architecture for use with a digital rights management (DRM) system on a computing device 有权
    与计算设备上的数字版权管理(DRM)系统一起使用的安全处理器架构

    公开(公告)号:US07225333B2

    公开(公告)日:2007-05-29

    申请号:US09892329

    申请日:2001-06-27

    申请人: Marcus Peinado Paul England

    发明人: Marcus Peinado Paul England

    IPC分类号: G06F21/00 G06F21/02

    CPC分类号: H04L63/0442 G06F21/10 G06F21/71 G06F2221/2105 H04L9/0897 H04L9/3236 H04L9/3263 H04L63/068 H04L63/0823 H04L63/12 H04L2209/603

    摘要: A secure processor is operable in normal and preferred modes, and includes a security kernel instantiated when the processor enters into preferred mode and a security key accessible by the security kernel during preferred mode. The security kernel employs the accessed security key to authenticate a secure application, and allows the processor to be trusted to keep hidden a secret of the application. To instantiate the application, the processor enters preferred mode where the security key is accessible, and instantiates and runs the security kernel. The security kernel accesses the security key and applies same to decrypt a key for the application, stores the decrypted key in a location where the application will expect same, and instantiates the application. The processor then enters the normal mode, where the security key is not accessible.

    摘要翻译: 安全处理器在正常和优选模式下可操作,并且包括当处理器进入优选模式时实例化的安全内核以及在优选模式期间由安全内核访问的安全密钥。 安全内核使用访问的安全密钥来认证安全应用程序,并允许处理器被信任以隐藏应用程序的秘密。 为了实例化应用程序,处理器进入可访问安全密钥的首选模式,并实例化和运行安全内核。 安全内核访问安全密钥并应用该密钥对应用程序的密钥进行解密,将解密的密钥存储在应用程序期望相同的位置,并实例化应用程序。 然后,处理器进入正常模式,其中安全密钥不可访问。

    Methods and systems providing per pixel security and functionality
    57.
    发明授权
    Methods and systems providing per pixel security and functionality 失效
    提供每像素安全性和功能的方法和系统

    公开(公告)号:US07206940B2

    公开(公告)日:2007-04-17

    申请号:US10178822

    申请日:2002-06-24

    申请人: Glenn F. Evans Paul England

    发明人: Glenn F. Evans Paul England

    IPC分类号: G06F11/30 G06F12/14 G06F7/04 G06F17/30 H04L9/32 H04L9/00 G06K9/00

    CPC分类号: H04N7/1675 G06F21/84 H04N21/4143 H04N21/4367

    摘要: Various described embodiments provide for per-pixel functionality in connection with pixel data that is processed by a video card for rendering on a display monitor. That is, pixel data that is associated with individual pixels that are to be rendered on a display monitor are imparted with a characteristic that enables various functionalities to be implemented at the pixel level. In one embodiment, per-pixel functionality is provided by including, in the pixel data itself, a specification of an auxiliary function that is to be performed on the pixel data associated with the individual pixels. For example, the security of the pixel data associated with each pixel can be enhanced by providing the ability to encrypt and decrypt the pixel data for individual pixels. A specification of a key that can be used for decrypting the pixel data can then be included in the pixel data itself such that when the pixel data is processed for rendering, a suitably configured decryptor can access the key specification and decrypt the pixel data.

    摘要翻译: 各种所描述的实施例提供了与由视频卡处理以在显示监视器上呈现的像素数据相关联的每像素功能。 也就是说,与在显示监视器上呈现的各个像素相关联的像素数据被赋予能够在像素级实现各种功能的特性。 在一个实施例中,通过在像素数据本身中包括要对与各个像素相关联的像素数据执行的辅助功能的规范来提供每像素功能。 例如,通过提供对各个像素的像素数据进行加密和解密的能力,可以增强与每个像素相关联的像素数据的安全性。 可以将可用于解密像素数据的密钥的规范包括在像素数据本身中,使得当像素数据被处理用于呈现时,适当配置的解密器可以访问密钥规范并解密像素数据。

    Implementation of memory access control using optimizations
    58.
    发明授权
    Implementation of memory access control using optimizations 有权
    使用优化实现内存访问控制

    公开(公告)号:US07139892B2

    公开(公告)日:2006-11-21

    申请号:US10610666

    申请日:2003-06-30

    申请人: Marcus Peinado Paul England

    发明人: Marcus Peinado Paul England

    IPC分类号: G06F12/00

    CPC分类号: G06F21/79 G06F12/145

    摘要: Mechanisms are disclosed that may allow certain memory access control algorithms to be implemented efficiently. When memory access control is based on controlling changes to an address translation map (or set of maps), it may be necessary to determine whether a particular map change would allow memory to be accessed in an impermissible way. Certain data about the map may be cached in order to allow the determination to be made more efficiently than performing an evaluation of the entire map.

    摘要翻译: 公开了可以有效地实现某些存储器访问控制算法的机制。 当存储器访问控制基于控制对地址转换映射(或映射集)的改变时,可能需要确定特定映射更改是否允许以不允许的方式访问存储器。 可以缓存关于地图的某些数据,以便比执行整个地图的评估更有效地进行确定。

    Disposable red partitions
    59.
    发明申请
    Disposable red partitions 有权
    一次性红色分区

    公开(公告)号:US20060248587A1

    公开(公告)日:2006-11-02

    申请号:US11118062

    申请日:2005-04-29

    申请人: Kenneth Ray Paul England Nathan Lewis Michael Marr

    发明人: Kenneth Ray Paul England Nathan Lewis Michael Marr

    IPC分类号: G06F12/14

    CPC分类号: G06F21/575 G06F21/57

    摘要: A system and method are provided, whereby data that is easily re-created is separated from data that is not easily re-created, such that the easily re-created data can be disposed of based on a variety of events and the not easily re-created data can be kept in its original state. In one aspect of the invention, such easily re-created data is disposed of based on a “panic button” being pushed by a computer system user, such as when a user becomes aware that some malware has infected the computer system. In other aspects of the invention, such data is disposed of every time the computer system boots up, or detects via its anti-virus program that some malware is present. In other aspects of the invention, the easily re-created data can be rolled back or rolled forward without affecting the non-easily re-created data.

    摘要翻译: 提供了一种系统和方法,由此容易重新创建的数据与不容易重新创建的数据分离,使得可以基于各种事件来处理容易重新创建的数据,并且不容易地重新生成 处理的数据可以保持原来的状态。 在本发明的一个方面中,基于由计算机系统用户推送的“紧急按钮”(例如当用户意识到某些恶意软件已经感染了计算机系统时)来处理这样容易重新创建的数据。 在本发明的其他方面,每当计算机系统启动时处理这样的数据,或者通过其防病毒程序来检测存在一些恶意软件。 在本发明的其它方面,容易重新创建的数据可以回滚或滚动,而不影响不容易重新创建的数据。