-
公开(公告)号:US20110081017A1
公开(公告)日:2011-04-07
申请号:US12993931
申请日:2009-05-25
IPC分类号: H04L9/00
CPC分类号: H04L9/0836 , H04L9/088
摘要: Provided is a key migration device which can securely and reliably control the migration of keys. A migration authority (101) fetches a generation level which is the security level of a first electronic terminal (3011) and an output destination level which is the security level of a third electronic terminal (3013), decides whether the relationship between the generation level and the output destination level satisfies a predetermined condition when a request for fetching a collection of keys is received from the third electronic terminal (3013), outputs the key generated by the first electronic terminal (3011) among the collection of keys to the third electronic terminal (3013) if the predetermined condition is fulfilled, and restricts output to the third electronic terminal (3013) of the key generated by the first electronic terminal (3011) among the collection of keys if the predetermined condition is not fulfilled.
摘要翻译: 提供了一种可以安全可靠地控制密钥迁移的密钥迁移设备。 移动机构(101)取出作为第一电子终端(3011)的安全级别的生成级别和作为第三电子终端(3013)的安全级别的输出目的地级别,决定生成级别 并且当从第三电子终端(3013)接收到提取密钥集合的请求时,输出目的地级别满足预定条件,将由第一电子终端(3011)生成的密钥输出到第三电子邮件集合 如果满足预定条件,并且如果不满足预定条件,则在密钥集合中限制由第一电子终端(3011)生成的密钥的输出到第三电子终端(3013)的终端(3013)。
-
82.发明申请公开(公告)号:US20110072266A1
公开(公告)日:2011-03-24
申请号:US12992699
申请日:2009-10-09
申请人: Hisashi Takayama , Hideki Matsushima , Takayuki Ito , Tomoyuki Haga , Kenneth Alexander Nicolson
发明人: Hisashi Takayama , Hideki Matsushima , Takayuki Ito , Tomoyuki Haga , Kenneth Alexander Nicolson
IPC分类号: G06F21/22
CPC分类号: H04L9/3247 , G06F21/445 , G06F2221/2129 , H04L9/3263 , H04L2209/60 , H04L2209/68 , H04L2209/80
摘要: The present invention provides an information processing device, an authentication system, etc. that save a server the trouble of updating a database, etc., even when a software module in a client device is updated, and that are capable of verifying whether software modules that have been started in the client device are valid. The terminal device A100 holds private keys 1 and 2, and performs authentication processing with the terminal device B101 using the private key 2. The private key 1 has been encrypted such that the private key 1 is decryptable only when secure boot is completed. The private key 2 has been encrypted such that the private key 2 is decryptable using the private key 1 only when the application module X that has been started is valid. When the authentication processing is successful, the terminal device B101 verifies that the terminal device A100 has completed secure boot and the application module X that has been started in the terminal device A100 is valid. Also, the terminal device B101 performs the authentication processing using the same private key 2, regardless of whether a program pertaining to the secure boot of the terminal device A100 is updated or not.
摘要翻译: 本发明提供一种信息处理装置,认证系统等,其即使在客户端装置中的软件模块被更新时也能够保存服务器更新数据库等的故障,并且能够验证软件模块 已经在客户端设备中启动的是有效的。 终端装置A100保持私有密钥1和2,并使用专用密钥2对终端装置B101进行认证处理。专用密钥1已被加密,使得专用密钥1仅在安全引导完成时被解密。 专用密钥2已经被加密,使得仅当已经启动的应用模块X有效时,私钥2可以使用专用密钥1被解密。 当认证处理成功时,终端装置B101验证终端装置A100是否已经完成安全引导,并且已经在终端装置A100中启动的应用模块X有效。 此外,终端装置B101使用相同的私钥2执行认证处理,而不管终端装置A100的安全引导有关的程序是否被更新。
-
83.发明授权Electronic device, content reproduction control method, program, storage medium, and integrated circuit 有权电子设备,内容再现控制方法,程序,存储介质和集成电路公开(公告)号:US07792292B2
公开(公告)日:2010-09-07
申请号:US12299817
申请日:2007-05-18
IPC分类号: H04N7/167
CPC分类号: H04N21/44204 , G06F21/10 , H04N5/765 , H04N5/781 , H04N5/85 , H04N5/91 , H04N5/913 , H04N7/163 , H04N9/8205 , H04N21/4627 , H04N2005/91321 , H04N2005/91328 , H04N2005/91364
摘要: To play back a content while managing the right of use of the content, such as a total time of playback of the content, an electronic device stores right information in a right temporary storage unit 59 and judges whether or not use of the content is permitted, in a process of decoding a frame. Also, the electronic device updates the right information stored in the right temporary storage unit 59. When the frame to be played back is the one at a predetermined position in order, the electronic device stores the right information stored in the right temporary storage unit 59 into a storage area 20.
摘要翻译: 为了在管理内容的使用权的同时回放内容,例如内容的回放的总时间,电子设备将权利信息存储在右边的临时存储单元59中,并且判断是否允许内容的使用 在解码帧的过程中。 此外,电子设备更新存储在右临时存储单元59中的正确信息。当要播放的帧是按照预定位置的帧时,电子设备存储存储在右临时存储单元59中的权限信息 进入存储区域20。
-
84.发明申请公开(公告)号:US20100162352A1
公开(公告)日:2010-06-24
申请号:US12377040
申请日:2007-11-07
申请人: Tomoyuki Haga , Hideki Matsushima , Takayuki Ito , Manabu Maeda , Taichi Sato
发明人: Tomoyuki Haga , Hideki Matsushima , Takayuki Ito , Manabu Maeda , Taichi Sato
IPC分类号: G06F21/22
摘要: A tamper detection device detects tampering with a program loaded to memory, at high speed and without compromising the safety. Prior to loading of a program, a dividing-size determining unit 12 determines a block size based on random number information, a dividing unit 13 divides the program by the block size into data blocks, and a first conversion unit 14 converts, by conducting a logical operation, the data blocks into intermediate authentication data no greater than the block size, and a second conversion unit 15 conducts a second conversion on the intermediate authentication data to generate authentication data. The authentication data and the block size are stored. After the program loading, a program resulting from the loading is divided by the block size, followed by the first and second conversions to generate comparative data. The comparative data is compared with the authentication data to detect tampering of the loaded program.
摘要翻译: 篡改检测装置可以高速地检测加载到存储器的程序的篡改,而不会影响安全性。 在加载程序之前,分割尺寸确定单元12基于随机数信息确定块大小,分割单元13将程序除以块大小分成数据块,第一转换单元14通过执行 逻辑运算,将数据块转换成不大于块大小的中间认证数据,第二转换单元15对中间认证数据进行第二转换以生成认证数据。 存储认证数据和块大小。 在程序加载之后,由加载产生的程序除以块大小,然后进行第一次和第二次转换以生成比较数据。 将比较数据与认证数据进行比较,以检测加载的程序的篡改。
-
公开(公告)号:US20090320110A1
公开(公告)日:2009-12-24
申请号:US12484537
申请日:2009-06-15
申请人: Kenneth Alexander Nicolson , Hideki Matsushima , Hisashi Takayama , Takayuki Ito , Tomoyuki Haga , Manabu Maeda
发明人: Kenneth Alexander Nicolson , Hideki Matsushima , Hisashi Takayama , Takayuki Ito , Tomoyuki Haga , Manabu Maeda
CPC分类号: G06F21/57 , H04L9/3268 , H04L2209/80
摘要: A method is executed which is for managing the optional trusted components that are active within a device, such that the device itself controls the availability of trusted components. The device includes: a storing unit which stores a plurality of pieces of software and a plurality of certificates; a receiving unit which receives the certificates; and a selecting unit which selects one of the certificates. The device further includes an executing unit which verifies an enabled one of the plurality of pieces of software using the selected and updated one of the certificates.
摘要翻译: 执行用于管理在设备内活动的可选可信组件的方法,使得设备本身控制可信组件的可用性。 该装置包括:存储单元,存储多个软件和多个证书; 接收证书的接收单元; 以及选择单元,其选择证书之一。 该设备还包括执行单元,其使用所选择和更新的一个证书来验证多个软件中启用的一个软件。
-
公开(公告)号:USD606088S1
公开(公告)日:2009-12-15
申请号:US29331847
申请日:2009-02-03
-
公开(公告)号:US20090193521A1
公开(公告)日:2009-07-30
申请号:US11914918
申请日:2006-05-30
申请人: Hideki Matsushima , Takafumi Kagawa , Tomoyuki Haga , Hiroshi Okuyama , Shigehiko Kimura , Yasuki Oiwa , Yoshikatsu Ito
发明人: Hideki Matsushima , Takafumi Kagawa , Tomoyuki Haga , Hiroshi Okuyama , Shigehiko Kimura , Yasuki Oiwa , Yoshikatsu Ito
CPC分类号: H04L9/0891 , G06F11/1433 , G06F21/57 , G06F21/64 , G06F21/86 , G06F2221/2129 , H04L63/123 , H04L63/1441 , H04L67/34 , H04L2209/80
摘要: The present invention offers an electronic device that reduces the amount of data for communication required when files pertaining to software are to be updated, as compared to the conventional devices, and performs tamper detection. The present invention is an electronic device having an application file pertaining to an operation of application software and updating the application file via a network. The electronic device (i) stores therein the application file including one or more data pieces, (ii) receives, from an external apparatus via the network, update data and location information indicating a location, within the application file, which is for rewrite with the update data, (iii) rewrites only part of the application file by writing over a data piece present at the indicated location with the update data, to update the application file, and (iv) examines whether the updated application file has been tampered with.
摘要翻译: 本发明提供了一种电子设备,与常规设备相比,减少了与更新软件相关的文件所需的通信数据量,并进行了篡改检测。 本发明是一种电子设备,具有与应用软件的操作有关的应用文件,并经由网络更新应用文件。 电子设备(i)在其中存储包括一个或多个数据的应用文件,(ii)经由网络从外部设备接收更新数据和指示应用文件内的用于重写的位置的位置信息, 所述更新数据,(iii)通过使用所述更新数据写入所述指示位置处的数据段来仅重写所述应用文件的一部分,以更新所述应用文件,以及(iv)检查所更新的应用文件是否已被篡改 。
-
公开(公告)号:US20080278285A1
公开(公告)日:2008-11-13
申请号:US11951051
申请日:2007-12-05
申请人: Hideki Matsushima , Rieko Asai , Manabu Maeda , Kaoru Yokota
发明人: Hideki Matsushima , Rieko Asai , Manabu Maeda , Kaoru Yokota
IPC分类号: H04L9/32
CPC分类号: G11B20/00695 , G06F21/575 , G06F21/78 , G11B20/00086 , G11B2220/61
摘要: When a recording media 10 including secure areas is inserted in an electronic terminal 30, the electronic terminal 30 reads a predetermined program from the recording media 10. As a result of processing performed by the program, the recording media 10 judges a boot state of the electronic terminal 30 when the recording media 10 is inserted in the electronic terminal 30. As a result of the judgment, when the recording media 10 is inserted in the electronic terminal 30 immediately after the electronic terminal 30 is booted, the recording media 10 imposes a loose restriction of accessing the secure areas. As a point of time when the recording media 10 is inserted in the electronic terminal 30 is nearer to a point of time when the boot of the electronic terminal 30 has been completed, the recording media 10 imposes a severer restriction of accessing the secure areas.
摘要翻译: 当包括安全区域的记录介质10插入电子终端30中时,电子终端30从记录介质10读取预定程序。 作为由程序执行的处理的结果,当记录介质10插入电子终端30中时,记录介质10判断电子终端30的启动状态。 作为判断的结果,当记录介质10在电子终端30启动之后立即插入电子终端30中时,记录介质10对访问安全区域施加了松散的限制。 当电子终端30中插入记录介质10的时间点更靠近电子终端30的启动完成的时间点时,记录介质10对访问安全区域施加了更严格的限制。
-
公开(公告)号:US09589115B2
公开(公告)日:2017-03-07
申请号:US12376844
申请日:2008-01-17
CPC分类号: G06F21/14
摘要: An obfuscation assisting apparatus assists in the obfuscation of a program. The obfuscation assisting apparatus includes an analyzer which identifies corresponding respective blocks in the source code and in the transformed code generated through the obfuscation of the source code. A browser obtains obfuscation information relating to obfuscation of the respective blocks of the source code and the transformed code, and causes an output device to display the respective parts of the source code and the transformed code, and the obfuscation information in association with each other.
摘要翻译: 混淆辅助装置协助对程序进行混淆。 混淆辅助装置包括分析器,其识别源代码中的相应各个块以及通过模糊源代码生成的变换代码。 浏览器获得与源代码和变换代码的各个块的混淆相关的混淆信息,并使输出设备相互关联地显示源代码和变换代码的各个部分以及混淆信息。
-
90.发明授权Information processing device, virtual machine creation method, and application distribution system 有权信息处理设备,虚拟机创建方法和应用分发系统公开(公告)号:US09081596B2
公开(公告)日:2015-07-14
申请号:US13515384
申请日:2011-03-08
CPC分类号: G06F9/45533 , G06F9/4843 , G06F21/53 , G06F2009/45562 , G06F2009/45587
摘要: A device (110) according to an implementation of the present invention, having a plurality of virtual machines (1002, 1003, 1004, and 1005), includes a virtualization software (1001) which manages the virtual machines. The virtualization software includes an application VM creating unit (1300) which creates a virtual machine for executing a program. A first virtual machine (1002) determines whether a first program is to be executed on the first virtual machine or to be executed on a virtual machine other than the first virtual machine. When the first virtual machine determines that the first program is to be executed on the other virtual machine, the application VM creating unit creates a second virtual machine for executing the first program.
摘要翻译: 根据本发明的实现的具有多个虚拟机(1002,1003,1004和1005)的设备(110)包括管理虚拟机的虚拟化软件(1001)。 虚拟化软件包括创建用于执行程序的虚拟机的应用程序VM创建单元(1300)。 第一虚拟机(1002)确定要在第一虚拟机上执行第一程序还是在除第一虚拟机之外的虚拟机上执行第一程序。 当第一虚拟机确定要在另一虚拟机上执行第一程序时,应用程序VM创建单元创建用于执行第一程序的第二虚拟机。
-
-
-
-
-
-
-
-
-
搜索结果
149 条记录 (耗时 0.043 秒)
