公开(公告)号：US07200734B2

公开(公告)日：2007-04-03

申请号：US10909786

申请日：2004-07-31

申请人： Chris Hyser

发明人： Chris Hyser

IPC分类号： G06F12/00

CPC分类号： G06F12/10 ,  G06F3/0601 ,  G06F12/08 ,  G06F12/0813 ,  G06F12/1036 ,  G06F12/1475 ,  G06F12/1491 ,  G06F2003/0697 ,  H04L67/10

摘要： Various embodiments of the present invention provide distributed computing systems featuring an operating-system-transparent distributed memory that, among other things, facilitates shared-message-based inter-thread communication between intercommunicating threads executing concurrently on a single-processor computer system, concurrently and simultaneously on a multi-processor computer system, and concurrently and simultaneously on multiple, discrete computer systems. Certain embodiments of the present invention are implemented using a secure-platform architecture in which secure-platform code running on processors within a distributed computing system provide a virtual, or logical, computing platform on which operating systems and higher-level software can be layered. A distributed memory system is provided by the secure-platform layer, using an extension of the memory-management hardware, firmware, and software systems originally developed to support virtual memory in single-processor and multi-processor computer systems. In essence, logical processors, logical caches, logical memory, and logical mass-storage-device-implemented backing store are mapped onto the individual processors, caches, memories, and interconnected mass-storage systems of a number of discrete computer systems interconnected by high-speed networking.

摘要翻译： 本发明的各种实施例提供分布式计算系统，其特征在于操作系统透明的分布式存储器，其特征在于，促进在单处理器计算机系统上同时执行的通信线程之间的基于共享消息的跨线程间通信， 同时在多处理器计算机系统上，同时并且同时在多个分立的计算机系统上。 使用安全平台架构来实现本发明的某些实施例，其中运行在分布式计算系统内的处理器上的安全平台代码提供虚拟或逻辑计算平台，操作系统和更高级别的软件可以在其上分层。 分布式存储器系统由安全平台层提供，使用最初开发用于在单处理器和多处理器计算机系统中支持虚拟存储器的存储器管理硬件，固件和软件系统的扩展。 本质上，逻辑处理器，逻辑高速缓存，逻辑存储器和逻辑大容量存储设备实现的备份存储器映射到由高位互连的多个分立计算机系统的各个处理器，高速缓存，存储器和互连的大容量存储系统 速度网络。

公开(公告)号：US20050166208A1

公开(公告)日：2005-07-28

申请号：US10867048

申请日：2004-06-14

申请人： John Worley ,  Daniel Magenheimer ,  Chris Hyser ,  Robert Gardner ,  Thomas Christian ,  Bret McKee ,  Christopher Worley ,  William Worley

发明人： John Worley ,  Daniel Magenheimer ,  Chris Hyser ,  Robert Gardner ,  Thomas Christian ,  Bret McKee ,  Christopher Worley ,  William Worley

IPC分类号： G06F9/00 ,  G06F21/00

CPC分类号： G06F21/52 ,  G06F11/3636 ,  G06F21/554 ,  G06F2221/2101

摘要： In various embodiments of the present invention, execution-state transitions occur in a first portion of a system, and a cumulative execution state for each process is maintained by a second portion of the system so that, when a second-portion routine is called, the second-portion routine can determine whether or not the current execution state is suitable for execution of the second-portion routine. In various embodiments, a callpoint log, allocated and maintained for each process, stores the cumulative execution state for the process. In one embodiment, the first portion is an operating system, and the second portion is a secure kernel, with the cumulative execution state used by the secure kernel to prevent unauthorized access by erroneously or maliciously invoked operating-system routines to secure kernel routines. In another embodiment, the cumulative execution state is used as a debugging tool by the second-portion routines to catch errors in the implementation of the first-portion routines.

摘要翻译： 在本发明的各种实施例中，执行状态转换发生在系统的第一部分中，并且由系统的第二部分维护每个进程的累积执行状态，使得当调用第二部分例程时， 第二部分例程可以确定当前执行状态是否适合执行第二部分例程。 在各种实施例中，为每个进程分配和维护的调用点日志存储该进程的累积执行状态。 在一个实施例中，第一部分是操作系统，并且第二部分是安全内核，其中安全内核使用累积执行状态来防止通过错误或恶意调用的操作系统例程来非法访问以保护内核例程。 在另一个实施例中，累积执行状态被第二部分例程用作调试工具，以捕获第一部分例程的实现中的错误。

公开(公告)号：US20050165783A1

公开(公告)日：2005-07-28

申请号：US10756038

申请日：2004-01-13

申请人： Chris Hyser

发明人： Chris Hyser

IPC分类号： G06F9/46 ,  G06F17/30 ,  G06F21/00

CPC分类号： G06F9/468 ,  G06F21/6281 ,  G06F21/70 ,  G06F21/78 ,  G06F21/82 ,  G06F2221/2141

摘要： A method and system for providing secure, direct access to computer system resources, such as system memory, by a non-trusted processing entity running in an unprivileged state that request access to the resource through a device that directly accesses the resource. The device includes access-right-checking logic and is configured to verify access rights of non-trusted processing entities that attempt to access the resource through the device. By checking access rights, the device ensures that non-trusted processing entities access only those particular portions of the resource authorized for access by the secure kernel.

摘要翻译： 一种方法和系统，用于通过在非特权状态下运行的非可信处理实体，通过直接访问资源的设备访问资源来对计算机系统资源（例如系统存储器）提供安全，直接的访问。 该设备包括访问权限检查逻辑，并且被配置为验证尝试通过设备访问资源的不可信处理实体的访问权限。 通过检查访问权限，该设备确保不受信任的处理实体仅访问由安全内核授权访问的资源的那些特定部分。

公开(公告)号：US20050091496A1

公开(公告)日：2005-04-28

申请号：US10693378

申请日：2003-10-23

申请人： Chris Hyser

发明人： Chris Hyser

IPC分类号： G06F21/00 ,  H04L9/30 ,  H04L9/32 ,  H04L9/00

CPC分类号： G06F21/575 ,  H04L9/3236 ,  H04L9/3247

摘要： A methods for preparing an authenticable and verifiable image of a software module by adding to the received software module image a size and location block, an authentication block including a cryptographically protected module-specific public key and a clear-text version of the module-specific public key, and a verification block that includes a digital signature prepared from the module image. In one particular embodiment of the present invention, a next firmware-module that is to be accessed during a secure boot process is created to include a module-specific public key, a hashed and encrypted version of the module-specific public key, and a digital signature of the firmware-module image prepared using a module-specific private key.

摘要翻译： 一种用于通过向所接收的软件模块图像添加大小和位置块来制备软件模块的可认证和可验证图像的方法，包括密码保护的模块专用公钥和特定模块特定公钥的明文版本的认证块 公开密钥和包括从模块图像准备的数字签名的验证块。 在本发明的一个具体实施例中，创建在安全引导过程期间被访问的下一个固件模块，以包括特定于模块的公开密钥，特定于模块的公开密钥的散列和加密版本，以及 使用模块专用私钥准备的固件模块图像的数字签名。

公开(公告)号：US20050033979A1

公开(公告)日：2005-02-10

申请号：US10638008

申请日：2003-08-08

申请人： Chris Hyser

发明人： Chris Hyser

IPC分类号： G06F12/10 ,  G06F12/14 ,  H04L9/00

CPC分类号： G06F12/145 ,  G06F12/1081

摘要： Method and system that allows a secure processing entity to allocate a portion of a system resource for use only by the secure processing entity. The portion of the system resource allocated for use only by the secure processing entity is protected from DMA-access by an untrusted processing entity, such as an I/O controller in the control of untrusted software. In one embodiment, a secure kernel may provide address translations to a system controller that result in the system controller returning invalid-memory-address errors to a DMA engine attempting to access a portion of a system memory allocated for use only by a secure kernel. In another embodiment of the present invention, a secure kernel initializes a system controller to contain a view of system-memory address space that does not include a portion of system-memory address space allocated for use only by a secure kernel.

摘要翻译： 允许安全处理实体分配系统资源的一部分以供仅由安全处理实体使用的方法和系统。 仅由安全处理实体分配的系统资源的部分被不受信任的处理实体（例如控制不可信软件的I / O控制器）进行DMA访问保护。 在一个实施例中，安全内核可以向系统控制器提供地址转换，该系统控制器导致系统控制器将无效存储器地址错误返回给试图访问仅由安全内核使用的系统存储器的一部分的DMA引擎。 在本发明的另一个实施例中，安全内核初始化系统控制器以包含系统内存地址空间的视图，该视图不包括仅由安全内核分配的系统内存地址空间的一部分。

公开(公告)号：US20050028064A1

公开(公告)日：2005-02-03

申请号：US10630144

申请日：2003-07-30

申请人： William Thomas ,  Kenneth Geer ,  Chris Hyser

发明人： William Thomas ,  Kenneth Geer ,  Chris Hyser

IPC分类号： G06F21/00 ,  H03M13/00

CPC分类号： G06F21/83

摘要： A key fragment generator accepts a key string, such as from a key string generator, and produces a plurality of key fragments that can be entered by a human with a lower likelihood of error than if the human attempted to enter the original key string. A key defragmenter accepts a plurality of entered key fragments, reconstitutes the original key string from the entered key fragments and, optionally, provides the reconstituted key string to a software package or other license manager. The key fragment generator can produce “friendly” key fragments that are easier for humans to read and enter than the arbitrary character strings that characterize typical key strings. The key fragment generator can produce “error-detectable” key fragments. If an error-detectable key fragment is entered incorrectly, the key defragmenter can generate an error message and permit a user to enter the key fragment again. The key fragment generator can produce “error-correctable” key fragments. If an error-correctable key fragment is entered incorrectly, the key defragmenter can generate an error message that describes the nature of the error or that draws a user's attention to a portion of the key fragment that the user entered incorrectly. The error message can include a “hint” related to one or more confusable characters that were entered incorrectly.

摘要翻译： 密钥片段生成器接受诸如来自密钥串生成器的密钥串，并且产生可以由人类以比人尝试进入原始密钥串的更低的误差的可能性输入的多个密钥片段。 密钥碎片整理程序接受多个输入的密钥片段，从输入的密钥片段重新构建原始密钥串，并且可选地，将重构的密钥串提供给软件包或其他许可证管理器。 密钥片段生成器可以产生“友好”的关键片段，这些片段比用于表征典型密钥串的任意字符串更易于人类阅读和输入。 密钥片段生成器可以产生“可检测错误”的密钥片段。 如果输入错误的密钥片段输入错误，则密钥碎片整理程序可以生成错误消息，并允许用户再次输入密钥片段。 密钥片段生成器可以产生“可纠错”密钥片段。 如果错误地输入错误的密钥片段，则密钥碎片整理程序可以生成描述错误性质的错误消息，或者将用户注意到用户输入错误的密钥片段的一部分。 该错误消息可以包括与一个或多个错误输入的混淆字符相关的“提示”。

公开(公告)号：US20060123223A1

公开(公告)日：2006-06-08

申请号：US11004355

申请日：2004-12-03

申请人： John Mayfield ,  Kenneth Geer ,  Chris Hyser

发明人： John Mayfield ,  Kenneth Geer ,  Chris Hyser

IPC分类号： G06F9/00

CPC分类号： G06F9/4403

摘要： Systems, methodologies, media, and other embodiments associated with performing a manipulation of a persistent memory using an extensible firmware interface are described. One exemplary method embodiment includes selectively refreshing a persistent memory from an EFI level application and providing to a user level application a signal concerning the persistent memory refreshing.

公开(公告)号：US20050091494A1

公开(公告)日：2005-04-28

申请号：US10693182

申请日：2003-10-23

申请人： Chris Hyser

发明人： Chris Hyser

IPC分类号： G06F21/00 ,  H04L9/00

CPC分类号： G06F21/52 ,  G06F21/57

摘要： An external personal computer or other computing device is employed as an external security-state monitor to monitor the security state of one or more computer systems. The security-state monitor creates pairs of write-once CDs containing an identical sequence of encryption keys. One CD of a pair remains with the security-state monitor, and the other CD of the pair is provided to the system administrator of a computer system. Keys are employed by the security-state monitor and computer system one time only, and the current key employed can be specified by an index into the sequence of keys stored on the duplicate CDs. When the computer system carries out an initial boot into a secure state, the computer system informs the security-state monitor using the current key from the computer system's CD. The security-state monitor accordingly determines that the computer system is currently secure. Prior to loading the executing the first untrusted software, the secure software executing on the computer system sends a message to the security-state monitor indicating that the computer system is transitioning to an insecure state.

摘要翻译： 外部个人计算机或其他计算设备被用作外部安全状态监视器以监视一个或多个计算机系统的安全状态。 安全状态监视器创建包含相同序列加密密钥的一次写入CD。 一对CD保留在安全状态监视器上，另一张CD被提供给计算机系统的系统管理员。 密钥仅由安全状态监视器和计算机系统使用，并且所使用的当前密钥可以通过存储在重复CD上的密钥序列的索引来指定。 当计算机系统执行初始启动进入安全状态时，计算机系统使用来自计算机系统的CD的当前密钥通知安全状态监视器。 因此，安全状态监视器确定计算机系统当前是安全的。 在加载执行第一不可信软件之前，在计算机系统上执行的安全软件向安全状态监视器发送消息，指示计算机系统正在转换到不安全状态。

公开(公告)号：US20050033978A1

公开(公告)日：2005-02-10

申请号：US10638007

申请日：2003-08-08

申请人： Chris Hyser

发明人： Chris Hyser

IPC分类号： G06F21/00 ,  H04L9/00

CPC分类号： G06F21/577

摘要： Security-state-reporting and data-control functionality introduced into a computer system to monitor and report the security state of the computer system and to store and make selectively available, for processes executing within a computer system, security-state-associated data. The hardware element includes two control registers, a current-security-state control register (“CSS”) and a current-data-bank control register (“CDB”). When the CSS is read, the CSS reports the current security state of the computer system, with security states represented as unsigned integers starting from a highest security level of 0 and decreasing with unsigned integers of increasing magnitudes. The CDB controls access to one or more data-register banks, positioning a data-register window to allow access only to those data-register-bank registers associated with the currently reported security state.

摘要翻译： 引入到计算机系统中的安全状态报告和数据控制功能来监视和报告计算机系统的安全状态，并且对于在计算机系统内执行的进程安全状态相关联的数据进行存储和选择性地可用。 硬件元件包括两个控制寄存器，一个当前安全状态控制寄存器（“CSS”）和一个当前数据库控制寄存器（“CDB”）。 当CSS被读取时，CSS会报告计算机系统的当前安全状态，安全状态表示为无符号整数，从最高安全级别0开始，随着无符号整数的增加而减小。 CDB控制对一个或多个数据寄存器组的访问，定位数据寄存器窗口，以允许仅访问与当前报告的安全状态相关联的那些数据寄存器组寄存器。

公开(公告)号：US20060041733A1

公开(公告)日：2006-02-23

申请号：US10909786

申请日：2004-07-31

申请人： Chris Hyser

发明人： Chris Hyser

IPC分类号： G06F12/10

CPC分类号： G06F12/10 ,  G06F3/0601 ,  G06F12/08 ,  G06F12/0813 ,  G06F12/1036 ,  G06F12/1475 ,  G06F12/1491 ,  G06F2003/0697 ,  H04L67/10

摘要： Various embodiments of the present invention provide distributed computing systems featuring an operating-system-transparent distributed memory that, among other things, facilitates shared-message-based inter-thread communication between intercommunicating threads executing concurrently on a single-processor computer system, concurrently and simultaneously on a multi-processor computer system, and concurrently and simultaneously on multiple, discrete computer systems. Certain embodiments of the present invention are implemented using a secure-platform architecture in which secure-platform code running on processors within a distributed computing system provide a virtual, or logical, computing platform on which operating systems and higher-level software can be layered. A distributed memory system is provided by the secure-platform layer, using an extension of the memory-management hardware, firmware, and software systems originally developed to support virtual memory in single-processor and multi-processor computer systems. In essence, logical processors, logical caches, logical memory, and logical mass-storage-device-implemented backing store are mapped onto the individual processors, caches, memories, and interconnected mass-storage systems of a number of discrete computer systems interconnected by high-speed networking.

摘要翻译： 本发明的各种实施例提供分布式计算系统，其特征在于操作系统透明的分布式存储器，其特征在于，促进在单处理器计算机系统上同时执行的通信线程之间的基于共享消息的跨线程间通信， 同时在多处理器计算机系统上，同时并且同时在多个分立的计算机系统上。 使用安全平台架构来实现本发明的某些实施例，其中运行在分布式计算系统内的处理器上的安全平台代码提供虚拟或逻辑计算平台，操作系统和更高级别的软件可以在其上分层。 分布式存储器系统由安全平台层提供，使用最初开发用于在单处理器和多处理器计算机系统中支持虚拟存储器的存储器管理硬件，固件和软件系统的扩展。 本质上，逻辑处理器，逻辑高速缓存，逻辑存储器和逻辑大容量存储设备实现的备份存储器映射到由高位互连的多个分立计算机系统的各个处理器，高速缓存，存储器和互连的大容量存储系统 速度网络。