Effective protection of computer data traffic in constrained resource scenarios
    1.
    发明授权
    Effective protection of computer data traffic in constrained resource scenarios 有权
    在受限资源情景下有效保护计算机数据流量

    公开(公告)号:US07464171B2

    公开(公告)日:2008-12-09

    申请号:US10956451

    申请日:2004-10-01

    申请人: Avni H. Rambhia

    发明人: Avni H. Rambhia

    IPC分类号: G06F15/173 G06F15/16

    摘要: Described is a system and method that protect certain classes of sensitive data traveling across an accessible transmission medium, such as an internal bus in a device, from automated attacks. The protection is particularly useful for resource-constrained and/or security constrained components. Automated attacks depend on analyzing data characteristics such as bit pattern signatures and/or frequency distributions to succeed. To preclude such automated attacks, various alternatives of the present invention internally alter the sensitive data at a data source prior to transmission, in a synchronized way such that the altered data is internally reversible at the destination resource. Data alteration includes interspersing random data into a data stream (e.g., bitstream or stream of packets), and interspersing data of varying length on the bus. Synchronization algorithms enable the data source and the destination resource to pad and remove the interspersed data in relatively complex ways even with resource-constrained and/or security constrained components.

    摘要翻译: 描述了一种系统和方法,其保护通过可访问的传输介质(例如,设备中的内部总线)行进的某些类别的敏感数据免于自动化攻击。 该保护对资源受限和/或安全约束的组件特别有用。 自动攻击取决于分析数据特征,如位模式签名和/或频率分布成功。 为了防止这种自动攻击,本发明的各种替代方案以同步的方式在数据源内部改变数据源处的敏感数据,使得改变的数据在目的地资源内部是可逆的。 数据改变包括将随机数据散布到数据流(例如,比特流或分组流)中,并且在总线上散布不同长度的数据。 同步算法使得数据源和目的地资源能够以相对复杂的方式填补和散布散布的数据,即使是资源受限和/或安全约束的组件。