-
1.发明申请INFORMATION PROCESSING DEVICE, INFORMATION PROCESSING SYSTEM, SOFTWARE ROUTINE EXECUTION METHOD, AND REMOTE ATTESTATION METHOD 审中-公开信息处理装置,信息处理系统,软件程序执行方法和远程实施方法公开(公告)号:US20120246470A1
公开(公告)日:2012-09-27
申请号:US13514481
申请日:2011-01-27
IPC分类号: H04L29/06
摘要: Techniques for protecting memory locations within a stakeholder's engine according to the Multi-Stakeholder Model, and a protocol for remote attestation to a device supporting the Multi-Stakeholder Model that provides extra evidence of the identity of the three actors.
摘要翻译: 用于根据多利益相关者模型保护利益相关者引擎内的记忆位置的技术,以及用于远程认证支持多利益相关者模型的设备的协议,其提供对三个角色的身份的额外证据。
-
2.发明申请USING TRANSIENT PCRs TO REALISE TRUST IN APPLICATION SPACE OF A SECURE PROCESSING SYSTEM 审中-公开使用瞬态PCR在安全处理系统的应用空间中实现信任公开(公告)号:US20110173643A1
公开(公告)日:2011-07-14
申请号:US13063103
申请日:2009-10-09
申请人: Kenneth Alexander Nicolson , Hideki Matsushima , Hisashi Takayama , Takayuki Ito , Tomoyuki Haga
发明人: Kenneth Alexander Nicolson , Hideki Matsushima , Hisashi Takayama , Takayuki Ito , Tomoyuki Haga
IPC分类号: G06F9/44
CPC分类号: G06F21/575 , G06F2221/2145
摘要: A method to allow programs running within the application space of a device with a secure processor and a trusted computing base to flexibly use certificates that describe the required system state. An information processing device including PSC database (1112), Component and PSC Map (1202), and OS support (1200).
摘要翻译: 允许具有安全处理器和可信计算基础的设备的应用空间内运行的程序灵活地使用描述所需系统状态的证书的方法。 一种包括PSC数据库(1112),组件和PSC映射(1202)和OS支持(1200)的信息处理设备。
-
3.发明授权Information processing device, information processing method, and program distribution system 有权信息处理装置,信息处理方法和程序分发系统公开(公告)号:US08904518B2
公开(公告)日:2014-12-02
申请号:US13382327
申请日:2011-04-19
CPC分类号: G06F21/53 , G06F9/45533 , G06F21/556
摘要: An information processing device includes an external connection unit which connects to an external device; and a communication control unit which obtains data from a first virtual machine, transmits the data to a second virtual machine, and transmits, to the external connection unit, transmission completion information indicating that the data is already transmitted to the second virtual machine. The external connection unit (i) determines, based on the transmission completion information, whether or not a virtual machine is the second virtual machine to which the data is already transmitted, when the external connection unit receives, from the virtual machine, a request for a connection to the external device, and (ii) permits a connection between the virtual machine and the external device, when the external connection unit determines that the virtual machine is not the second virtual machine to which the data is already transmitted.
摘要翻译: 信息处理装置包括连接到外部设备的外部连接单元; 以及通信控制单元,其从第一虚拟机获取数据,将数据发送到第二虚拟机,并向外部连接单元发送指示已经向第二虚拟机发送了数据的发送完成信息。 外部连接单元(i)基于传输完成信息确定虚拟机是否是已经发送数据的第二虚拟机,当外部连接单元从虚拟机接收到请求 当外部连接单元确定虚拟机不是已经发送数据的第二虚拟机时,连接到外部设备,以及(ii)允许虚拟机与外部设备之间的连接。
-
4.发明授权Information processing device, information processing method, information processing program, and integrated circuit 有权信息处理装置,信息处理方法,信息处理程序和集成电路公开(公告)号:US08732445B2
公开(公告)日:2014-05-20
申请号:US13121770
申请日:2009-10-09
申请人: Tomoyuki Haga , Kenneth Alexander Nicolson , Hideki Matsushima , Takayuki Ito , Hisashi Takayama
发明人: Tomoyuki Haga , Kenneth Alexander Nicolson , Hideki Matsushima , Takayuki Ito , Hisashi Takayama
IPC分类号: G06F9/24 , G06F15/177
CPC分类号: G06F21/57
摘要: An information processing terminal includes first sealed data respectively having usability conditions of matching with predetermined terminal environment information during a secure boot and second sealed data respectively having usability conditions of matching with terminal environment information upon completion of the secure boot. Upon completion of the secure boot, the second sealed data is unsealed and the first sealed data is resealed using the unsealed data. It is possible to update and re-seal sealed data having a usability condition of matching with predetermined terminal environment information during a secure boot without rebooting a terminal when a program using the sealed data is updated.
摘要翻译: 信息处理终端包括在安全引导期间分别具有与预定终端环境信息匹配的可用性条件的第一密封数据以及在完成安全引导时分别具有与终端环境信息匹配的可用性条件的第二密封数据。 在安全启动完成后,第二密封数据被开封,并且使用未密封的数据重新密封第一密封数据。 可以在安全引导期间更新和重新密封具有与预定终端环境信息匹配的可用性条件的密封数据,而不使用密封数据的程序更新时重新启动终端。
-
公开(公告)号:US08732444B2
公开(公告)日:2014-05-20
申请号:US13144966
申请日:2010-02-18
申请人: Kenneth Alexander Nicolson , Hideki Matsushima , Hisashi Takayama , Takayuki Ito , Tomoyuki Haga
发明人: Kenneth Alexander Nicolson , Hideki Matsushima , Hisashi Takayama , Takayuki Ito , Tomoyuki Haga
IPC分类号: G06F9/00
CPC分类号: G06F21/575 , G06F2221/2145
摘要: A method to allow a value to be written into one PCR domain, only if values from a second PCR domain are valid, thus ensuring the extension of the chain of trust between domains.
摘要翻译: 一种允许将值写入一个PCR域的方法,只有来自第2个PCR域的值是有效的,从而确保域之间的信任链的扩展。
-
6.发明授权Method for finding next component to be booted based on booting status of current component to continue booting process by using a component look-up table 有权基于当前组件的启动状态查找要启动的下一个组件以通过使用组件查找表继续引导过程的方法公开(公告)号:US08677108B2
公开(公告)日:2014-03-18
申请号:US12864589
申请日:2009-01-29
申请人: Kenneth Alexander Nicolson , Hideki Matsushima , Hisashi Takayama , Takayuki Ito , Tomoyuki Haga
发明人: Kenneth Alexander Nicolson , Hideki Matsushima , Hisashi Takayama , Takayuki Ito , Tomoyuki Haga
IPC分类号: G06F9/00 , G06F9/24 , G06F15/177
CPC分类号: G06F21/575
摘要: A method to allow a device to boot in a secure fashion, even though some of the components within the secure device's firmware may not be present, not correctly authorized, or not correctly operating.
摘要翻译: 即使安全设备的固件中的某些组件可能不存在,未正确授权或不正确操作,允许设备以安全方式引导的方法。
-
7.发明授权Starts up of modules of a second module group only when modules of a first group have been started up legitimately 有权仅当第一组的模块合法启动时,才启动第二个模块组的模块公开(公告)号:US08510544B2
公开(公告)日:2013-08-13
申请号:US12991516
申请日:2009-05-25
申请人: Hisashi Takayama , Hideki Matsushima , Takayuki Ito , Tomoyuki Haga , Kenneth Alexander Nicolson , Manabu Maeda
发明人: Hisashi Takayama , Hideki Matsushima , Takayuki Ito , Tomoyuki Haga , Kenneth Alexander Nicolson , Manabu Maeda
CPC分类号: H04L9/3263 , G06F21/575 , H04L9/3236 , H04L2209/80
摘要: The present invention provides an information processing apparatus that is capable of continuously performing secure boot between module groups in the case where software of a terminal device consists of module groups provided by a plurality of providers, while keeping independence between the providers. The information processing apparatus is provided with a linkage certificate that contains a first configuration comparison value, which indicates a cumulative hash value of the first module group to be started up by secure boot, and a module measurement value, which indicates a hash value of the first module of the second module group to be started up by secure boot. After the secure boot of the first module group, it is verified that the first module group has been started up by comparison with the first configuration comparison value.
摘要翻译: 本发明提供一种信息处理装置,其能够在终端装置的软件由多个提供者提供的模块组成的情况下连续地执行模块组之间的安全引导,同时保持提供者之间的独立性。 该信息处理装置具有包含第一配置比较值的连接证书,该第一配置比较值指示通过安全引导来启动的第一模块组的累积散列值,以及指示所述第一配置比较值的散列值 第二个模块组的第一个模块通过安全启动启动。 在第一模块组的安全引导之后,通过与第一配置比较值进行比较来验证第一模块组是否被启动。
-
公开(公告)号:US20110276795A1
公开(公告)日:2011-11-10
申请号:US13144966
申请日:2010-02-18
申请人: Kenneth Alexander Nicolson , Hideki Matsushima , Hisashi Takayama , Takayuki Ito , Tomoyuki Haga
发明人: Kenneth Alexander Nicolson , Hideki Matsushima , Hisashi Takayama , Takayuki Ito , Tomoyuki Haga
CPC分类号: G06F21/575 , G06F2221/2145
摘要: A method to allow a value to be written into one PCR domain, only if values from a second PCR domain are valid, thus ensuring the extension of the chain of trust between domains.
摘要翻译: 一种允许将值写入一个PCR域的方法,只有来自第2个PCR域的值是有效的,从而确保域之间的信任链的扩展。
-
9.发明申请INFORMATION PROCESSING DEVICE, ENCRYPTION KEY MANAGEMENT METHOD, COMPUTER PROGRAM AND INTEGRATED CIRCUIT 审中-公开信息处理设备,加密密钥管理方法,计算机程序和集成电路公开(公告)号:US20110099362A1
公开(公告)日:2011-04-28
申请号:US12995008
申请日:2009-06-04
申请人: Tomoyuki Haga , Kenneth Alexander Nicolson , Hideki Matsushima , Takayuki Ito , Hisashi Takayama , Manabu Maeda
发明人: Tomoyuki Haga , Kenneth Alexander Nicolson , Hideki Matsushima , Takayuki Ito , Hisashi Takayama , Manabu Maeda
IPC分类号: H04L9/08 , G06F15/177
CPC分类号: H04L9/0825 , H04L9/0822 , H04L9/0836 , H04L9/0891 , H04L9/0897
摘要: For the keys in a key tree group composed of root keys for each of multiple stakeholders, a shared key is generated between the multiple stakeholders, and access restrictions with respect to the generated shared key are flexibly set. A shared key control unit and a tamper-resistant module are provided for each of the multiple stakeholders. The shared key is set based on stakeholder dependency relationships. After the shared key is set, access to the shared key is controlled so that access is not possible by malicious stakeholders, so as to maintain the security level.
摘要翻译: 对于由多个利益相关者中的每一个的根密钥组成的密钥树组中的密钥,在多个利益相关者之间生成共享密钥,并且灵活地设置关于生成的共享密钥的访问限制。 为每个利益相关者提供共享密钥控制单元和防篡改模块。 共享密钥是基于利益相关者依赖关系设置的。 设置共享密钥后,控制对共享密钥的访问,以便恶意利益相关者无法访问,以保持安全级别。
-
公开(公告)号:US20100180346A1
公开(公告)日:2010-07-15
申请号:US12376844
申请日:2008-01-17
IPC分类号: G06F21/22
CPC分类号: G06F21/14
摘要: To provide, in order that proper obfuscation of a source code (100) can be easily performed, an obfuscation assisting apparatus (11) which can sufficiently assist the obfuscation. The obfuscation assisting apparatus (11) includes: an analyzer (114) which identifies corresponding respective blocks in the source code (100) and in a transformed code (104) generated through the obfuscation of the source code (100); and a browser (119) which obtains obfuscation information relating to obfuscation of the respective blocks of the source code (100) and the transformed code (104), and causes an output device (1002) to display the respective parts of the source code (100) and the transformed code (104), and the obfuscation information in association with each other.
摘要翻译: 为了提供能够容易地执行源代码(100)的适当混淆的混淆辅助装置(11),其能够充分地协助混淆。 混淆辅助装置(11)包括:分析器(114),其识别源代码(100)中的相应各个块以及通过模糊源代码(100)生成的变换代码(104); 以及浏览器(119),其获得与源代码(100)和变换代码(104)的各个块的混淆有关的混淆信息,并且使得输出设备(1002)显示源代码 100)和变换代码(104),以及混淆信息彼此相关联。
-
-
-
-
-
-
-
-
-
搜索结果
31 条记录 (耗时 0.026 秒)