-
71.发明授权System for isolating first computing environment from second execution environment while sharing resources by copying data from first portion to second portion of memory 有权用于将第一计算环境与第二执行环境隔离的系统,同时通过将数据从第一部分复制到第二部分存储器来共享资源公开(公告)号:US07788669B2
公开(公告)日:2010-08-31
申请号:US10428279
申请日:2003-05-02
申请人: Paul England , Marcus Peinado , Bryan Mark Willman
发明人: Paul England , Marcus Peinado , Bryan Mark Willman
CPC分类号: G06F9/45537
摘要: Techniques are disclosed to support hosting of a first operating system by a second operating system, where the first system provides at least some of the infrastructure for the second system. A facility is provided whereby the second system can receive data from the first system without the first system being able to modify that data. The second system may use the first system's scheduler by creating shadow threads and synchronization objects known to the first system, while the second system makes the final decision as to whether a thread runs. Separate memory may be allocated to both systems at boot time, or dynamically during their operation. The techniques herein may be used to protect the second system from actions arising in the first system. Preferably, the interaction between the first and second systems is facilitated by a security monitor, which assists in protecting the second system from the first.
摘要翻译: 公开了技术来支持由第二操作系统托管第一操作系统,其中第一系统为第二系统提供至少一些基础设施。 提供了一种设施,其中第二系统可以从第一系统接收数据,而第一系统不能修改该数据。 第二系统可以通过创建第一系统已知的影子线程和同步对象来使用第一系统的调度器,而第二系统对线程是否运行做出最终决定。 分开的内存可能会在引导时分配给这两个系统,也可能在其操作期间动态分配。 这里的技术可以用于保护第二系统免受在第一系统中产生的动作。 优选地,通过安全监视器来促进第一和第二系统之间的相互作用,安全监视器有助于保护第二系统不受第一系统的影响。
-
公开(公告)号:US07752456B2
公开(公告)日:2010-07-06
申请号:US11557595
申请日:2006-11-08
申请人: Paul England , Marcus Peinado
发明人: Paul England , Marcus Peinado
IPC分类号: G06F11/30
CPC分类号: G06F21/6218
摘要: In accordance with certain aspects, data is received from a calling program. Ciphertext that includes the data is generated, using a symmetric cipher, in a manner that allows only one or more target programs to be able to obtain the data from the ciphertext. In accordance with other aspects, a bit string is received from a calling program. An identifier of the calling program is checked to determine whether the calling program is allowed to access data encrypted in ciphertext of the bit string. The integrity of the data is also verified, and the data is decrypted using a symmetric key. The data is returned to the calling program only if the calling program is allowed to access the data and if the integrity of the data is successfully verified.
摘要翻译: 根据某些方面,从呼叫程序接收数据。 使用对称密码,以允许只有一个或多个目标程序能够从密文获得数据的方式生成包含数据的密文。 根据其他方面,从呼叫程序接收到位串。 检查调用程序的标识符以确定是否允许调用程序访问以位串的密文加密的数据。 还验证数据的完整性,并使用对称密钥对数据进行解密。 只有当主叫程序被允许访问数据并且数据的完整性被成功验证时,才将数据返回给调用程序。
-
73.发明授权Integration of high-assurance features into an application through application factoring 有权通过应用程序保理将高保证功能集成到应用程序中公开(公告)号:US07730318B2
公开(公告)日:2010-06-01
申请号:US10693749
申请日:2003-10-24
IPC分类号: H04L9/32
CPC分类号: G06F21/53
摘要: Application factoring or partitioning is used to integrate secure features into a conventional application. An application's functionality is partitioned into two sets according to whether a given action does, or does not, involve the handling of sensitive data. Separate software objects (processors) are created to perform these two sets of actions. A trusted processor handles secure data and runs in a high-assurance environment. When another processor encounters secure data, that data is sent to the trusted processor. The data is wrapped in such a way that allows it to be routed to the trusted processor, and prevents the data from being deciphered by any entity other than the trusted processor. An infrastructure is provided that wraps objects, routes them to the correct processor, and allows their integrity to be attested through a chain of trust leading back to base component that is known to be trustworthy.
摘要翻译: 应用因子分解或分区用于将安全特征集成到常规应用中。 应用程序的功能根据给定操作是否涉及敏感数据的处理而分为两组。 创建独立的软件对象(处理器)来执行这两组操作。 值得信赖的处理器处理安全数据并在高保证环境中运行。 当另一个处理器遇到安全数据时,该数据被发送到可信处理器。 以允许将数据路由到可信处理器的方式包装数据,并且防止数据被除可信处理器之外的任何实体解密。 提供了一个基础设施,用于包装对象,将它们路由到正确的处理器,并通过一系列信任来验证其完整性,并将其引导回已知可靠的基础组件。
-
公开(公告)号:US07644246B2
公开(公告)日:2010-01-05
申请号:US11298033
申请日:2005-12-09
申请人: Marcus Peinado , Paul England , Bryan Mark Willman
发明人: Marcus Peinado , Paul England , Bryan Mark Willman
IPC分类号: G06F12/00
CPC分类号: G06F12/145
摘要: A data storage resource is identifiable by physical addresses, and optionally by a virtual address. A policy defines which resources are accessible and which resources are not accessible. A request to access a resource is allowed if access to the resource is permitted by the policy, and if carrying out the access will not cause virtual addresses to be assigned to resources to which the policy disallows access. Since resources to which access is disallowed do not have virtual addresses, certain types of access requests that identify a resource by a virtual address can be allowed without consulting the policy.
-
公开(公告)号:US07605816B2
公开(公告)日:2009-10-20
申请号:US11494907
申请日:2006-07-28
申请人: Marcus Peinado , Paul England
发明人: Marcus Peinado , Paul England
IPC分类号: G06T11/20
CPC分类号: G06F21/79 , G06F12/145
摘要: Mechanisms are disclosed that may allow certain memory access control algorithms to be implemented efficiently. When memory access control is based on controlling changes to an address translation map (or set of maps), it may be necessary to determine whether a particular map change would allow memory to be accessed in an impermissible way. Certain data about the map may be cached in order to allow the determination to be made more efficiently than performing an evaluation of the entire map.
摘要翻译: 公开了可以有效地实现某些存储器访问控制算法的机制。 当存储器访问控制基于控制对地址转换映射(或映射集)的改变时,可能需要确定特定映射更改是否允许以不允许的方式访问存储器。 可以缓存关于地图的某些数据,以便比执行整个地图的评估更有效地进行确定。
-
公开(公告)号:US07565505B2
公开(公告)日:2009-07-21
申请号:US11298033
申请日:2005-12-09
申请人: Marcus Peinado , Paul England , Bryan Mark Willman
发明人: Marcus Peinado , Paul England , Bryan Mark Willman
IPC分类号: G06F12/00
摘要: A data storage resource is identifiable by physical addresses, and optionally by a virtual address. A policy defines which resources are accessible and which resources are not accessible. A request to access a resource is allowed if access to the resource is permitted by the policy, and if carrying out the access will not cause virtual addresses to be assigned to resources to which the policy disallows access. Since resources to which access is disallowed do not have virtual addresses, certain types of access requests that identify a resource by a virtual address can be allowed without consulting the policy.
-
公开(公告)号:US07478235B2
公开(公告)日:2009-01-13
申请号:US10187259
申请日:2002-06-28
申请人: Paul England , Kenneth D. Ray , Marcus Peinado , John C. Dunn , Glen Slick , Bryan Willman
发明人: Paul England , Kenneth D. Ray , Marcus Peinado , John C. Dunn , Glen Slick , Bryan Willman
CPC分类号: G06F12/1408 , G06F3/065 , G06F13/28 , G06F13/362 , G06F13/4282 , G06F21/606 , G06F21/72 , G06F21/73 , G06F21/78 , G06F21/85 , G06F2212/1052 , G06F2221/0704 , G06F2221/2105 , G06F2221/2129 , G06F2221/2147 , G06F2221/2153
摘要: The various embodiments described below are directed to providing authenticated and confidential messaging from software executing on a host (e.g. a secure software application or security kernel) to and from I/O devices operating on a USB bus. The embodiments can protect against attacks that are levied by software executing on a host computer. In some embodiments, a secure functional component or module is provided and can use encryption techniques to provide protection against observation and manipulation of USB data. In other embodiments, USB data can be protected through techniques that do not utilized (or are not required to utilize) encryption techniques. In accordance with these embodiments, USB devices can be designated as “secure” and, hence, data sent over the USB to and from such designated devices can be provided into protected memory. Memory indirection techniques can be utilized to ensure that data to and from secure devices is protected.
摘要翻译: 下面描述的各种实施例旨在从在USB总线上操作的I / O设备到主机(例如安全软件应用或安全内核)上执行的软件提供经认证和保密的消息传递。 这些实施例可以防止在主计算机上执行的软件所征收的攻击。 在一些实施例中,提供了安全的功能部件或模块,并且可以使用加密技术来提供对USB数据的观察和操纵的保护。 在其他实施例中,USB数据可以通过不被利用(或不需要利用)加密技术的技术来保护。 根据这些实施例,USB设备可以被指定为“安全”,因此,可以通过USB向这些指定设备发送和从这些指定设备发送的数据提供到受保护的存储器中。 可以利用内存间接技术来确保进出安全设备的数据受到保护。
-
公开(公告)号:US07424612B2
公开(公告)日:2008-09-09
申请号:US11557620
申请日:2006-11-08
申请人: Paul England , Marcus Peinado
发明人: Paul England , Marcus Peinado
CPC分类号: G06F21/6218
摘要: In accordance with certain aspects, data is received from a calling program. Ciphertext that includes the data is generated, using a symmetric cipher, in a manner that allows only one or more target programs to be able to obtain the data from the ciphertext. In accordance with other aspects, a bit string is received from a calling program. An identifier of the calling program is checked to determine whether the calling program is allowed to access data encrypted in ciphertext of the bit string. The integrity of the data is also verified, and the data is decrypted using a symmetric key. The data is returned to the calling program only if the calling program is allowed to access the data and if the integrity of the data is successfully verified.
摘要翻译: 根据某些方面,从呼叫程序接收数据。 使用对称密码,以允许只有一个或多个目标程序能够从密文获得数据的方式生成包含数据的密文。 根据其他方面,从呼叫程序接收到位串。 检查调用程序的标识符以确定是否允许调用程序访问以位串的密文加密的数据。 还验证数据的完整性,并使用对称密钥对数据进行解密。 只有当主叫程序被允许访问数据并且数据的完整性被成功验证时,才将数据返回给调用程序。
-
公开(公告)号:US07353209B1
公开(公告)日:2008-04-01
申请号:US09525510
申请日:2000-03-15
申请人: Marcus Peinado , Paul England , Frank Yerrace
发明人: Marcus Peinado , Paul England , Frank Yerrace
CPC分类号: G06F21/10 , G06F2221/2107
摘要: Digital content is released to a rendering application for forwarding by such rendering application to an ultimate destination by way of a path therebetween. The path is defined by at least one module, and the digital content is initially in an encrypted form. An authentication of at least a portion of the path is performed to determine whether each defining module thereof is to be trusted to appropriately handle the digital content passing therethrough. The encrypted digital content is decrypted if in fact each such defining module is to be trusted, and the decrypted digital content is forwarded to the rendering application for further forwarding to the ultimate destination by way of the authenticated path.
摘要翻译: 数字内容被释放到呈现应用程序,用于通过这些渲染应用程序之间的路径转发到最终目的地。 该路径由至少一个模块定义,数字内容最初是加密形式。 执行路径的至少一部分的认证,以确定其每个定义模块是否被信任以适当地处理通过其中的数字内容。 如果实际上每个这样的定义模块都被信任,则加密的数字内容被解密,并且解密的数字内容被转发到呈现应用程序,以便通过认证路径进一步转发到最终目的地。
-
80.发明申请Manifest-Based Trusted Agent Management in a Trusted Operating System Environment 审中-公开受信任的操作系统环境中基于显示的可信代理管理公开(公告)号:US20070174921A1
公开(公告)日:2007-07-26
申请号:US11558125
申请日:2006-11-09
申请人: Paul England , Marcus Peinado , Daniel Simon , Josh Benaloh
发明人: Paul England , Marcus Peinado , Daniel Simon , Josh Benaloh
IPC分类号: H04L9/32
摘要: Manifest-based trusted agent management in a trusted operating system environment includes receiving a request to execute a process is received and setting up a virtual memory space for the process. Additionally, a manifest corresponding to the process is accessed, and which of a plurality of binaries can be executed in the virtual memory space is limited based on indicators, of the binaries, that are included in the manifest.
摘要翻译: 在受信任的操作系统环境中的基于清单的可信代理管理包括接收接收到的执行进程的请求,并为进程设置虚拟内存空间。 此外,访问对应于进程的清单,并且可以基于二进制文件中包括在清单中的指示符限制在虚拟存储器空间中执行多个二进制文件中的哪一个。
-
-
-
-
-
-
-
-
-
搜索结果
208 条记录 (耗时 0.046 秒)
