-
公开(公告)号:US07444601B2
公开(公告)日:2008-10-28
申请号:US11249820
申请日:2005-10-12
申请人: Graeme John Proudler , Dipankar Gupta , Liqun Chen , Siani Lynne Pearson , Boris Balacheff , Bruno Edgard Van Wilder , David Chan
发明人: Graeme John Proudler , Dipankar Gupta , Liqun Chen , Siani Lynne Pearson , Boris Balacheff , Bruno Edgard Van Wilder , David Chan
IPC分类号: G06F17/50
CPC分类号: G06F21/445 , G06F21/34 , G06F21/57 , G06F21/606 , G06F21/64 , G06F21/85 , G06F2207/7219 , G06F2211/009 , G06F2221/2103
摘要: In a computing platform, a trusted hardware device (24) is added to the motherboard (20). The trusted hardware device (24) is configured to acquire an integrity metric, for example a hash of the BIOS memory (29), of the computing platform. The trusted hardware device (24) is tamper-resistant, difficult to forge and inaccessible to other functions of the platform. The hash can be used to convince users that that the operation of the platform (hardware or software) has not been subverted in some way, and is safe to interact with in local or remote applications.In more detail, the main processing unit (21) of the computing platform is directed to address the trusted hardware device (24), in advance of the BIOS memory, after release from ‘reset’. The trusted hardware device (24) is configured to receive memory read signals from the main processing unit (21) and, in response, return instructions, in the native language of the main processing unit (21), that instruct the main processing unit to establish the hash and return the value to be stored by the trusted hardware device (24). Since the hash is calculated in advance of any other system operations, this is a relatively strong method of verifying the integrity of the system. Once the hash has been returned, the final instruction calls the BIOS program and the system boot procedure continues as normal.Whenever a user wishes to interact with the computing platform, he first requests the integrity metric, which he compares with an authentic integrity metric that was measured by a trusted party. If the metrics are the same, the platform is verified and interactions can continue. Otherwise, interaction halts on the basis that the operation of the platform may have been subverted.
摘要翻译: 在计算平台中,将可信硬件设备(24)添加到主板(20)。 可信硬件设备(24)被配置为获取计算平台的完整性度量,例如BIOS存储器(29)的散列。 受信任的硬件设备(24)是防篡改的,难以伪造并且不能访问平台的其他功能。 该哈希可以用于说服用户,平台(硬件或软件)的操作没有以某种方式颠覆,并且可以安全地与本地或远程应用程序进行交互。 更详细地说,计算平台的主处理单元(21)在从“复位”释放之后被引导以在BIOS存储器之前对可信硬件设备(24)进行寻址。 可信硬件设备(24)被配置为从主处理单元(21)接收存储器读取信号,并响应于主处理单元(21)的母语的返回指令,其指示主处理单元 建立散列并返回由可信硬件设备(24)存储的值。 由于散列是在任何其他系统操作之前计算出来的,所以这是验证系统完整性的相对较强的方法。 一旦散列已经返回,最后的指令调用BIOS程序,并且系统引导过程正常进行。 每当用户希望与计算平台进行交互时,他首先请求完整性度量,其与被可信方测量的真实完整性度量进行比较。 如果指标相同,则会验证平台并继续进行交互。 否则,交互停止,基于平台的操作可能已被颠覆。
-
公开(公告)号:US06378070B1
公开(公告)日:2002-04-23
申请号:US09227162
申请日:1999-01-08
IPC分类号: G06F0124
CPC分类号: G06F21/608 , G06F21/84 , G06F2211/008
摘要: In a distributed computing environment, a user is able to send a document to a secure printer (140) in such a way that only a specified intended recipient can print the document. When the user specifies that the document is to be printed securely, a special print job is created in which the document is encrypted using a session key and a bulk encryption algorithm, and the session key is encrypted using the intended recipient's public key. Then, the encrypted session key, the encrypted document and an indication of the intended recipient's identity is transmitted to a print server (130), where the print job is held. When the recipient's smart card (145) is inserted into a smart card reader of the secure printer (140), the recipient's identity, taken from the smart card (145), is transmitted to the print server (130). The print server uses the identity to search for and retrieve documents intended for the recipient. If the recipient is the intended recipient, the encrypted document and encrypted session key are transmitted to the secure printer (140). The secure printer (140) then forward the encrypted session key to the smart card (145), which decrypts the session key using an embedded private key. Then secure printer (140) receives and uses the session key to decrypt the encrypted document and, finally, prints the document for the recipient.
摘要翻译: 在分布式计算环境中,用户能够以仅仅指定的预期接收者可以打印文档的方式将文档发送到安全打印机(140)。当用户指定要打印文档时, 创建使用会话密钥和批量加密算法对文档进行加密的特殊打印作业,并使用预期的收件人的公钥加密会话密钥。 然后,加密的会话密钥,加密的文档和预期接收者的身份的指示被发送到打印服务器(130),在打印服务器(130)处保持打印作业。当接收者的智能卡(145)插入到智能卡读卡器 所述安全打印机(140)的所述接收者身份被从所述智能卡(145)取出,被传送到所述打印服务器(130)。 打印服务器使用身份来搜索和检索用于收件人的文档。 如果收件人是预期的收件人,则将加密的文档和加密的会话密钥发送到安全打印机(140)。 安全打印机(140)然后将加密的会话密钥转发到智能卡(145),该智能卡使用嵌入式私钥对会话密钥进行解密。 然后,安全打印机(140)接收和使用会话密钥来解密加密的文档,最后打印接收者的文档。
-
公开(公告)号:US06988250B1
公开(公告)日:2006-01-17
申请号:US09913452
申请日:2000-02-15
申请人: Graeme John Proudler , Dipankar Gupta , Liqun Chen , Siani Lynne Pearson , Boris Balacheff , Bruno Edgard Van Wilder , David Chan
发明人: Graeme John Proudler , Dipankar Gupta , Liqun Chen , Siani Lynne Pearson , Boris Balacheff , Bruno Edgard Van Wilder , David Chan
IPC分类号: G06F17/50
CPC分类号: G06F21/445 , G06F21/34 , G06F21/57 , G06F21/606 , G06F21/64 , G06F21/85 , G06F2207/7219 , G06F2211/009 , G06F2221/2103
摘要: In a computing platform, a trusted hardware device (24) is added to the motherboard (20). The trusted hardware device (24) is configured to acquire an integrity metric, for example a hash of the BIOS memory (29), of the computing platform. The trusted hardware device (24) is tamper-resistant, difficult to forge and inaccessible to other functions of the platform. The hash can be used to convince users that that the operation of the platform (hardware or software) has not been subverted in some way, and is safe to interact with in local or remote applications.In more detail, the main processing unit (21) of the computing platform is directed to address the trusted hardware device (24), in advance of the BIOS memory, after release from ‘reset’. The trusted hardware device (24) is configured to receive memory read signals from the main processing unit (21) and, in response, return instructions, in the native language of the main processing unit (21), that instruct the main processing unit to establish the hash and return the value to be stored by the trusted hardware device (24). Since the hash is calculated in advance of any other system operations, this is a relatively strong method of verifying the integrity of the system. Once the hash has been returned, the final instruction calls the BIOS program and the system boot procedure continues as normal.Whenever a user wishes to interact with the computing platform, he first requests the integrity metric, which he compares with an authentic integrity metric that was measured by a trusted party. If the metrics are the same, the platform is verified and interactions can continue. Otherwise, interaction halts on the basis that the operation of the platform may have been subverted.
摘要翻译: 在计算平台中,将可信硬件设备(24)添加到主板(20)。 可信硬件设备(24)被配置为获取计算平台的完整性度量,例如BIOS存储器(29)的散列。 受信任的硬件设备(24)是防篡改的,难以伪造并且不能访问平台的其他功能。 该哈希可以用于说服用户,平台(硬件或软件)的操作没有以某种方式颠覆,并且可以安全地与本地或远程应用程序进行交互。 更详细地说,计算平台的主处理单元(21)在从“复位”释放之后被引导以在BIOS存储器之前对可信硬件设备(24)进行寻址。 可信硬件设备(24)被配置为从主处理单元(21)接收存储器读取信号,并响应于主处理单元(21)的母语的返回指令,其指示主处理单元 建立散列并返回由可信硬件设备(24)存储的值。 由于散列是在任何其他系统操作之前计算出来的,所以这是验证系统完整性的相对较强的方法。 一旦散列已经返回,最后的指令调用BIOS程序,并且系统引导过程正常进行。 每当用户希望与计算平台进行交互时,他首先请求完整性度量,其与被可信方测量的真实完整性度量进行比较。 如果指标相同,则会验证平台并继续进行交互。 否则,交互停止,基于平台的操作可能已被颠覆。
-
-
搜索结果
3 条记录 (耗时 0.01 秒)
