公开(公告)号：US20050198507A1

公开(公告)日：2005-09-08

申请号：US10794292

申请日：2004-03-05

申请人： Scott Brender ,  Philip Lafornara ,  Michael Marr ,  Robert Oliver

发明人： Scott Brender ,  Philip Lafornara ,  Michael Marr ,  Robert Oliver

IPC分类号： H04L9/00

CPC分类号： G06F12/1416 ,  G06F21/51

摘要： The import address table of a software module is verified in order to prevent detouring attacks. A determination is made regarding which entries in the IAT must be verified; all of the entries may be verified or some subset of the entries that are critical may be verified. For each external function, the external module containing the external function is loaded, if it is not already loaded. The function address in the exported function table is found. That address is compared to the address for the function in the IAT. Additionally, the external module, in one embodiment, is verified to ensure that it has not been modified. For a delay load IAT, a similar procedure is followed; however the delay load IAT may be periodically checked to ensure that the delay load IAT entries are either valid (indicating that the external function has been bound) or in their initial state (indicating that no binding has yet occurred).

摘要翻译： 验证软件模块的导入地址表，以防止迂回攻击。 确定必须验证IAT中的哪些条目; 可以验证所有条目，或者可以验证关键的条目的某些子集。 对于每个外部功能，如果外部模块尚未加载，则会加载包含外部功能的外部模块。 找到导出的功能表中的功能地址。 该地址与IAT中功能的地址进行比较。 此外，在一个实施例中，外部模块被验证以确保其未被修改。 对于延迟负载IAT，遵循类似的过程; 然而，可以定期检查延迟负载IAT以确保延迟负载IAT条目是有效的（指示外部功能已经被绑定）或处于其初始状态（指示还没有发生绑定）。

公开(公告)号：US07543140B2

公开(公告)日：2009-06-02

申请号：US10374312

申请日：2003-02-26

申请人： Blair Brewster Dillaway ,  Philip Lafornara ,  Brian A. LaMacchia ,  Rushmi U. Malaviarachchi ,  John L. Manferdelli ,  Charles F. Rose, III

发明人： Blair Brewster Dillaway ,  Philip Lafornara ,  Brian A. LaMacchia ,  Rushmi U. Malaviarachchi ,  John L. Manferdelli ,  Charles F. Rose, III

IPC分类号： H04L29/00

CPC分类号： G06F21/10 ,  H04L9/3268 ,  H04L2209/603

摘要： A digital certificate identifies an entity as having authority over the certificate to revoke same as delegated by the issuer. The certificate also has at least one revocation condition relating to possible revocation of the certificate. To authenticate the certificate, the identification of the delegated revocation authority, a location from which a revocation list is to be obtained, and any freshness requirement to be applied to the revocation list are determined from the certificate. It is then ensured that the revocation list from the location is present and that the present revocation list satisfies the freshness requirement, that the revocation list is promulgated by the delegated revocation authority identified in the certificate, and that the certificate is not identified in the revocation list as being revoked.

摘要翻译： 数字证书将一个实体认定为具有颁发机构授权的权限，以撤销与发行人授权相同的权限。 该证书还具有与可能撤销证书有关的至少一个撤销条件。 为了对证书进行身份验证，从证书中确定授权撤销机构的标识，要从中获得撤销列表的位置以及应用于撤销列表的任何新鲜度要求。 然后确保从该位置的撤销列表存在，并且本撤销列表满足新鲜度要求，撤销列表由证书中指定的授权撤销机构颁布，并且该证书在撤销中未被识别 列表被撤销。

公开(公告)号：US20060059106A1

公开(公告)日：2006-03-16

申请号：US11266381

申请日：2005-11-03

申请人： Charlie Chase ,  Krishnamurthy Ganesan ,  Philip Lafornara ,  Jeffrey McKune ,  Clifford Strom ,  Vijay Gajjala

发明人： Charlie Chase ,  Krishnamurthy Ganesan ,  Philip Lafornara ,  Jeffrey McKune ,  Clifford Strom ,  Vijay Gajjala

IPC分类号： G06Q99/00

CPC分类号： G06F21/10 ,  G06F2221/0771

摘要： Content revocation is achieved by disabling licenses issued to a computing device for the content. A content revocation is delivered within a license to the computing device. Upon license storage the content revocation is recognized, validated, and stored in a secure state store under the public key of the content server (PU-CS) that issued the content. Each license has a (PU-CS) therein, and each license evaluation considers each content revocation stored in the state store and having the same (PU-CS). The license is disabled or otherwise affected based on the considered content revocation. A content revocation is one form of a license modification that may be delivered within a license.

公开(公告)号：US07376975B2

公开(公告)日：2008-05-20

申请号：US10842061

申请日：2004-05-10

申请人： Philip Lafornara ,  Rushmi U. Malaviarachchi ,  John L. Manferdelli ,  Michael David Marr ,  Charles F. Rose, III ,  Bradley Serbus

发明人： Philip Lafornara ,  Rushmi U. Malaviarachchi ,  John L. Manferdelli ,  Michael David Marr ,  Charles F. Rose, III ,  Bradley Serbus

IPC分类号： G06K9/00

CPC分类号： H04L63/0823 ,  H04L9/0825 ,  H04L9/3263 ,  H04L63/101 ,  H04L2209/603 ,  H04L2463/101

摘要： In order to allow for security beyond revocation lists, a policy regarding when permissions may be granted (in the form of a rights document, e.g. a use license or a certificate) is enforced. When a request is made for a rights document, the requester submits an account certificate which includes certain metadata regarding the requester. This metadata is analyzed to determine whether it meets a specific policy before the request is granted. If the request is not granted, the cause of the rejection may be overcome, for example by updating or upgrading some system component (hardware or software) in the requesting system. In certain cases, such an update to overcome a policy-based rejection may be performed transparently to the user.

摘要翻译： 为了允许超出撤销列表的安全性，执行关于何时可以授予权限（以权利文档的形式，例如使用许可证或证书）的策略。 当为权利文件提出请求时，请求者提交一个帐户证书，其中包括有关请求者的某些元数据。 分析此元数据以确定在批准请求之前是否满足特定策略。 如果不允许请求，则可以克服拒绝的原因，例如通过更新或升级请求系统中的一些系统组件（硬件或软件）。 在某些情况下，可以透明地对用户执行这种克服基于策略的拒绝的更新。

公开(公告)号：US20050257271A1

公开(公告)日：2005-11-17

申请号：US10842061

申请日：2004-05-10

申请人： Philip Lafornara ,  Rushmi Malaviarachchi ,  John Manferdelli ,  Michael Marr ,  Charles Rose ,  Bradley Serbus

发明人： Philip Lafornara ,  Rushmi Malaviarachchi ,  John Manferdelli ,  Michael Marr ,  Charles Rose ,  Bradley Serbus

IPC分类号： H04L9/00 ,  H04L9/08 ,  H04L9/32 ,  H04L29/06

CPC分类号： H04L63/0823 ,  H04L9/0825 ,  H04L9/3263 ,  H04L63/101 ,  H04L2209/603 ,  H04L2463/101

摘要： In order to allow for security beyond revocation lists, a policy regarding when permissions may be granted (in the form of a rights document, e.g. a use license or a certificate) is enforced. When a request is made for a rights document, the requester submits an account certificate which includes certain metadata regarding the requester. This metadata is analyzed to determine whether it meets a specific policy before the request is granted. If the request is not granted, the cause of the rejection may be overcome, for example by updating or upgrading some system component (hardware or software) in the requesting system. In certain cases, such an update to overcome a policy-based rejection may be performed transparently to the user.

摘要翻译： 为了允许超出撤销列表的安全性，执行关于何时可以授予权限（以权利文档的形式，例如使用许可证或证书）的策略。 当为权利文件提出请求时，请求者提交一个帐户证书，其中包括有关请求者的某些元数据。 分析此元数据以确定在批准请求之前是否满足特定策略。 如果不允许请求，则可以克服拒绝的原因，例如通过更新或升级请求系统中的一些系统组件（硬件或软件）。 在某些情况下，可以透明地对用户执行这种克服基于策略的拒绝的更新。

公开(公告)号：US20050044534A1

公开(公告)日：2005-02-24

申请号：US10644359

申请日：2003-08-20

申请人： Michael Darweesh ,  Michael Marr ,  Octavian Ureche ,  Philip LaFornara

发明人： Michael Darweesh ,  Michael Marr ,  Octavian Ureche ,  Philip LaFornara

IPC分类号： G06F9/44 ,  G06F11/36

CPC分类号： G06F11/362

摘要： A system debugs a computer application that employs rights-managed (RM) content. A first, non-isolated process has the application and a shell version of the trusted component, where such shell version receives each request by the application for RM services. The shell version is unconcerned whether a debugger is monitoring the first process. A second, isolated process is separate from the first process and has a debugging version of the trusted component. The shell version in the first process forwards the received request to the debugging version in the second process, and such debugging version acts upon same. The debugging version ensures that the debugger is not monitoring the second process, but is unconcerned whether the debugger is monitoring the first process.

摘要翻译： 系统调试采用权限管理（RM）内容的计算机应用程序。 第一个非隔离进程具有应用程序和受信任组件的shell版本，其中此类shell版本接收应用程序对RM服务的每个请求。 调试器是否监视第一个进程，shell版本是不关心的。 第二个隔离的进程与第一个进程分离，并具有受信任组件的调试版本。 第一个进程中的shell版本在第二个进程中将接收的请求转发到调试版本，并且此类调试版本的作用相同。 调试版本确保调试器不监视第二个进程，但是不管调试器是否正在监视第一个进程。

公开(公告)号：US07383537B2

公开(公告)日：2008-06-03

申请号：US10644359

申请日：2003-08-20

申请人： Michael Joseph Darweesh ,  Michael David Marr ,  Octavian Tony Ureche ,  Philip LaFornara

发明人： Michael Joseph Darweesh ,  Michael David Marr ,  Octavian Tony Ureche ,  Philip LaFornara

IPC分类号： G06F9/44

CPC分类号： G06F11/362

摘要： A system debugs a computer application that employs rights-managed (RM) content. A first, non-isolated process has the application and a shell version of the trusted component, where such shell version receives each request by the application for RM services. The shell version is unconcerned whether a debugger is monitoring the first process. A second, isolated process is separate from the first process and has a debugging version of the trusted component. The shell version in the first process forwards the received request to the debugging version in the second process, and such debugging version acts upon same. The debugging version ensures that the debugger is not monitoring the second process, but is unconcerned whether the debugger is monitoring the first process.

摘要翻译： 系统调试采用权限管理（RM）内容的计算机应用程序。 第一个非隔离进程具有应用程序和受信任组件的shell版本，其中此类shell版本接收应用程序对RM服务的每个请求。 调试器是否监视第一个进程，shell版本是不关心的。 第二个隔离的进程与第一个进程分离，并具有受信任组件的调试版本。 第一个进程中的shell版本在第二个进程中将接收的请求转发到调试版本，并且此类调试版本的作用相同。 调试版本确保调试器不监视第二个进程，但是不管调试器是否正在监视第一个进程。

公开(公告)号：US20060095383A1

公开(公告)日：2006-05-04

申请号：US11266580

申请日：2005-11-03

申请人： Charlie Chase ,  Krishnamurthy Ganesan ,  Philip Lafornara ,  Jeffrey McKune ,  Clifford Strom ,  Vijay Gajjala

发明人： Charlie Chase ,  Krishnamurthy Ganesan ,  Philip Lafornara ,  Jeffrey McKune ,  Clifford Strom ,  Vijay Gajjala

IPC分类号： G06Q99/00

CPC分类号： G06F21/10 ,  G06F2221/0771

摘要： Content revocation is achieved by disabling licenses issued to a computing device for the content. A content revocation is delivered within a license to the computing device. Upon license storage the content revocation is recognized, validated, and stored in a secure state store under the public key of the content server (PU-CS) that issued the content. Each license has a (PU-CS) therein, and each license evaluation considers each content revocation stored in the state store and having the same (PU-CS). The license is disabled or otherwise affected based on the considered content revocation. A content revocation is one form of a license modification that may be delivered within a license.

公开(公告)号：US20060026569A1

公开(公告)日：2006-02-02

申请号：US10902244

申请日：2004-07-29

申请人： Timothy Oerting ,  Philip Lafornara ,  Robert Oliver ,  Scott Brender ,  Michael Marr

发明人： Timothy Oerting ,  Philip Lafornara ,  Robert Oliver ,  Scott Brender ,  Michael Marr

IPC分类号： G06F9/44

CPC分类号： G06F21/51

摘要： Dynamic run-time verification of a module which is loaded in memory (in whole or in part) for execution is enabled by using pre-computed portion-level verification data for portions of the module smaller than the whole (e.g. at the page-level). A portion of the module as loaded into memory for execution can be verified. Pre-computed portion-level verification data is retrieved from storage and used to verify the loaded portions of the executable. Verification data may be, for example, a digitally signed hash of the portion. Where the operating system loader has modified the portion for execution, the modifications are reversed, removing any changes performed by the operating system. If the portion has not been tampered, this will return the portion to its original pre-loaded state. This version is then used to determine validity using the pre-computed portion-level verification. Additionally, during execution of the module, new portions/pages of the module which are loaded can be verified to ensure that they have not been changed, and a list of hot pages of the module can be made, including pages to be continually reverified, in order to ensure that no malicious changes have been made in the module.

摘要翻译： 通过对小于整个模块的部分（例如在页面级别）使用预先计算的部分级验证数据来启用加载在存储器（整体或部分）中用于执行的模块的动态运行时验证 ）。 可以验证加载到存储器中用于执行的模块的一部分。 从存储器检索预先计算的部分级验证数据，并用于验证可执行文件的加载部分。 验证数据可以是例如该部分的经数字签名的散​​列。 在操作系统加载程序修改了执行部分的情况下，修改将相反，从而删除操作系统执行的任何更改。 如果该部分没有被篡改，这将使该部分恢复到原来的预加载状态。 然后使用该版本使用预先计算的部分级验证来确定有效性。 此外，在执行模块期间，可以验证装载的模块的新部分/页面，以确保它们未被更改，并且可以制作模块的热页面列表，包括要不断重新验证的页面， 以确保模块中不会发生恶意更改。