摘要:
A computing system and a method of handling a system management request. The computing system includes a virtual high-privilege mode in a trusted domain managed by the virtual machine monitor. The virtual high-privilege mode handles the system management request.
摘要:
A method for managing access to a computing environment by a computing device includes providing at least one credential that identifies both the computing device and a user of the computing device, storing data at the computing environment relating to the computing device and the user in association with the credential, and selectively granting an access request received from the computing device using the credential in accordance with the data stored at the computing environment.
摘要:
A privileged domain includes a function of a Basic Input/Output System (BIOS). A request to access the function of the BIOS is routed to the privileged domain.
摘要:
The preferred embodiment of the invention comprises a computer system which employs a trusted display processor (260), which has a trusted processor (300) and trusted memory (305, 315, 335, 345) physically and functionally distinct from the processor and memory of the computer system. The trusted display processor (260) is immune to unauthorised modification or inspection of internal data. It is physical to prevent forgery, tamper-resistant to prevent counterfeiting, and has crypto functions (340) to securely communicate at a distance. The trusted display processor (260) interacts with a user's smartcard (122) in order to extract and display a trusted image, or seal (1000), generate a digital signature of the bitmap of a document image and control the video memory (315) so that other processes of the computer system cannot subvert the image during the signing process. The user interacts with the trusted display processor via a trusted switch (135).
摘要:
The preferred embodiment of the invention comprises a computer system which employs a trusted display processor (260), which has a trusted processor (300) and trusted memory (305, 315, 335, 345) physically and functionally distinct from the processor and memory of the computer system. The trusted display processor (260) is immune to unauthorised modification or inspection of internal data. It is physical to prevent forgery, tamper-resistant to prevent counterfeiting, and has crypto functions (340) to securely communicate at a distance. The trusted display processor (260) interacts with a user's smartcard (122) in order to extract and display a trusted image, or seal (1000), generate a digital signature of the bitmap of a document image and control the video memory (315) so that other processes of the computer system cannot subvert the image during the signing process. The user interacts with the trusted display processor via a trusted switch (135).
摘要:
A computer security system comprises a secure platform adapted to receive sensitive data from an agent. The secure platform is also adapted to cooperate with a trusted platform module (TPM) to encrypt the sensitive data via a TPM storage key associated with the agent.
摘要:
A computing system and a method of handling a system management request. The computing system includes a virtual high-privilege mode in a trusted domain managed by the virtual machine monitor. The virtual high-privilege mode handles the system management request.
摘要:
A network system for implementing a cloud platform within a network to which a device defining a computing environment for a user has access comprises an application management module, a community management module, and a user enrollment portal. The application management module enables access to an abstract application associated with a concrete application defining an implementation of the abstract application for the computing environment. The community management module manages a community comprised of a user credential and the abstract application, the community defines at least one of: a policy, a management process, and a service, under which the user can access the abstract application. The user enrollment portal supports an enrollment of the user in the community from the device and orchestrates a policy management mechanism to support an enforcement of the policy under which the user has access to the concrete application from the device.
摘要:
A computer system includes an authentication service running in a virtual machine. The authentication service uses the hardware components of the computer system in performing a user authentication process and responds to a remote call from another virtual machine by performing the user authentication process and returning a result.