-
1.发明申请MANAGING CODE ENTITLEMENTS FOR SOFTWARE DEVELOPERS IN SECURE OPERATING ENVIRONMENTS 审中-公开管理软件开发商在安全操作环境中的代码执行公开(公告)号:US20090249071A1
公开(公告)日:2009-10-01
申请号:US12397757
申请日:2009-03-04
申请人: Dallas De Atley , Heiko Panther , Mitchell Adler , Simon Cooper , Michael Brouwer , Matt Reda
发明人: Dallas De Atley , Heiko Panther , Mitchell Adler , Simon Cooper , Michael Brouwer , Matt Reda
IPC分类号: H04L9/32
CPC分类号: G06F21/6218 , G06F2221/2141
摘要: Systems and methods for managing access to restricted data and system resources in secure operating environments are disclosed. Developer access profiles are issued by trusted authorities to developers which define entitlements that provide limited access to system resources and data on specified computing devices. The developer access profiles allow software developers to write software which accesses parts of the target platform environment which are typically off limits to third party developers.
摘要翻译: 公开了用于在安全操作环境中管理对受限数据和系统资源的访问的系统和方法。 开发人员访问配置文件由受信任的权限发布给开发人员,这些开发人员定义了对指定计算设备上的系统资源和数据的有限访问权限。 开发人员访问配置文件允许软件开发人员编写访问目标平台环境部分的软件,这些部分通常不受第三方开发人员的限制。
-
公开(公告)号:US20090228704A1
公开(公告)日:2009-09-10
申请号:US12398053
申请日:2009-03-04
申请人: Dallas de Atley , Heiko Panther , Mitchell Adler , Simon Cooper , Michael Brouwer , Matt Reda
发明人: Dallas de Atley , Heiko Panther , Mitchell Adler , Simon Cooper , Michael Brouwer , Matt Reda
CPC分类号: H04L9/3247 , G06F8/20 , G06F21/57 , H04L9/321 , H04L9/3263 , H04L63/102 , H04L63/123 , H04L63/126 , H04L67/306 , H04L2209/805
摘要: In some embodiments, software developers may obtain development access to a computing device. A software developer may request development access from one or more trusted authorities, such as a manufacturer of the devices, an operating system provider, etc. The request may be approved by a single trusted authority, by at least one of a plurality of trusted authorities, or a combination of several trusted authorities. In order to enable developer access, a trusted authority may create a digital certificate that may be specific to the software developer and the devices and generate a profile that specifies the access rights of the developer on those devices. In addition, the digital certificate may enable the software developer to sign their applications or code so that it may execute on the device in accordance with their profile.
摘要翻译: 在一些实施例中,软件开发者可以获得对计算设备的开发访问。 软件开发者可以请求来自一个或多个受信任的机构(诸如设备的制造商,操作系统提供商等)的开发访问。该请求可由多个可信管理机构中的至少一个由单个可信管理机构批准 ,或几个受信任的机构的组合。 为了使开发者能够访问,受信任的机构可以创建可能是软件开发人员和设备特有的数字证书,并生成指定开发者在这些设备上的访问权限的简档。 此外,数字证书可以使软件开发人员能够签署他们的应用程序或代码,以便它可以根据其配置文件在设备上执行。
-
3.发明申请SYSTEM AND METHOD OF AUTHORIZING EXECUTION OF SOFTWARE CODE IN A DEVICE BASED ON ENTITLEMENTS GRANTED TO A CARRIER 审中-公开基于授予载体的文件授权软件代码执行的系统和方法公开(公告)号:US20090249075A1
公开(公告)日:2009-10-01
申请号:US12397676
申请日:2009-03-04
申请人: Dallas De Atley , Heiko Panther , Mitchell Adler , Simon Cooper , Michael Brouwer , Matt Reda
发明人: Dallas De Atley , Heiko Panther , Mitchell Adler , Simon Cooper , Michael Brouwer , Matt Reda
IPC分类号: H04L9/32
CPC分类号: G06F21/51
摘要: Embodiments include systems and methods for authorizing software code to be executed or access capabilities in secure operating environments based on at least one carrier profile. Carrier profiles may be issued by trusted entities to extend trust to other entities to allow those other entities to provide or control execution of applications in a secure operating environment such as on particular computing devices. The carrier profiles allow entities to add software code to a device without reauthorizing each distribution by the trusted authority, or to limited groups of devices controlled or authorized by the other entities.
摘要翻译: 实施例包括用于基于至少一个载体简档来授权在安全操作环境中执行软件代码或访问能力的系统和方法。 运营商简档可以由可信实体发布以将信任扩展到其他实体,以允许这些其他实体在诸如特定计算设备的安全操作环境中提供或控制应用的执行。 运营商配置文件允许实体向设备添加软件代码,而不必由可信管理机构重新授权每个分发,或由其他实体控制或授权的有限的设备组。
-
4.发明申请SYSTEM AND METHOD OF AUTHORIZING EXECUTION OF SOFTWARE CODE BASED ON A TRUSTED CACHE 审中-公开基于有效的高速缓存执行软件代码的系统和方法公开(公告)号:US20090249064A1
公开(公告)日:2009-10-01
申请号:US12397690
申请日:2009-03-04
申请人: Dallas De Atley , Heiko Panther , Mitchell Adler , Simon Cooper , Michael Brouwer , Matt Reda
发明人: Dallas De Atley , Heiko Panther , Mitchell Adler , Simon Cooper , Michael Brouwer , Matt Reda
IPC分类号: H04L9/32
CPC分类号: G06F21/51
摘要: Embodiments include systems and methods for authorizing software code to be executed on a device based on a trusted cache. When receiving a request to execute software, this software may be checked for a digital signature by at least one trusted authority. According, a digest value indicative of at least a portion of the software module may be determined. A cache stored in trusted space of the device is then accessed for a matching digest value. If an entry is found, the device may allow execution of the software module; if an entry is not found, then the device may continue with the cryptographic operations for verifying the software's digital signature, or may be configured to block execution of the software.
摘要翻译: 实施例包括用于授权在基于可信缓存的设备上执行软件代码的系统和方法。 当接收到执行软件的请求时,可以由至少一个可信管理机构检查该软件的数字签名。 据此,可以确定指示软件模块的至少一部分的摘要值。 存储在设备的可信空间中的缓存然后被访问以获得匹配的摘要值。 如果找到条目,则该设备可以允许执行该软件模块; 如果未找到条目,则设备可以继续用于验证软件的数字签名的加密操作,或者可以被配置为阻止软件的执行。
-
5.发明授权公开(公告)号:US09672350B2
公开(公告)日:2017-06-06
申请号:US12398001
申请日:2009-03-04
申请人: Dallas De Atley , Heiko Panther , Mitchell Adler , Simon Cooper , Michael Brouwer , Matt Reda
发明人: Dallas De Atley , Heiko Panther , Mitchell Adler , Simon Cooper , Michael Brouwer , Matt Reda
摘要: Embodiments include systems and methods for authorizing software code to be executed or access capabilities in secure operating environments. Profiles may be issued by trusted entities to extend trust to other entities to allow those other entities to provide or control execution of applications in a secure operating environment such as on particular computing devices. The profiles allow entities to add software code to the device without reauthorizing each distribution by a trusted authority such as testing, quality assurance, or to limited groups of devices controlled or authorized by the other entities.
-
公开(公告)号:US20090247124A1
公开(公告)日:2009-10-01
申请号:US12397733
申请日:2009-03-04
申请人: Dallas de Atley , Heiko Panther , Mitchell Adler , Simon Cooper , Michael Brouwer , Matt Reda
发明人: Dallas de Atley , Heiko Panther , Mitchell Adler , Simon Cooper , Michael Brouwer , Matt Reda
CPC分类号: H04M1/72525 , H04W8/205
摘要: Systems and methods for provisioning computing devices are provided. Carrier provisioning profiles are distributed to computing devices via an activation service during the provisioning process. The carrier provisioning profiles specify access limitations to certain device resources which may otherwise be available to users of the device.
摘要翻译: 提供了用于供应计算设备的系统和方法。 运营商供应配置文件在配置过程中通过激活服务分发给计算设备。 运营商供应配置文件指定对于设备的用户可能可用的某些设备资源的访问限制。
-
7.发明申请SYSTEM AND METHOD OF AUTHORIZING EXECUTION OF SOFTWARE CODE BASED ON ACCESSIBLE ENTITLEMENTS 审中-公开基于可访问权限的软件授权执行系统和方法公开(公告)号:US20090254753A1
公开(公告)日:2009-10-08
申请号:US12397660
申请日:2009-03-04
申请人: Dallas De Atley , Heiko Panther , Mitchell Adler , Simon Cooper , Michael Brouwer , Matt Reda
发明人: Dallas De Atley , Heiko Panther , Mitchell Adler , Simon Cooper , Michael Brouwer , Matt Reda
CPC分类号: G06F21/51
摘要: Embodiments include systems and methods for authorizing software code to be executed or access capabilities in secure operating environments. Profiles may be issued by trusted entities to extend trust to other entities to allow those other entities to provide or control execution of applications in a secure operating environment such as on particular computing devices. A request in a first program may be received from a second program. A profile is then identified. The profile includes at least one entitlement associated with the second program. The profile is authenticated based on a first digest indicative of the profile and the second program is authenticated based on a second digest indicative of the second program. The request is then executed based on the entitlement.
摘要翻译: 实施例包括用于授权在安全操作环境中执行软件代码或访问能力的系统和方法。 配置文件可以由受信任的实体发布以将信任扩展到其他实体,以允许其他实体在安全操作环境(例如特定计算设备)中提供或控制应用的执行。 可以从第二程序接收第一程序中的请求。 然后识别配置文件。 该简档包括与第二程序相关联的至少一个授权。 基于指示简档的第一摘要来鉴定简档,并且基于指示第二程序的第二摘要对第二程序进行认证。 然后根据授权执行该请求。
-
8.发明申请SYSTEM AND METHOD OF AUTHORIZING EXECUTION OF SOFTWARE CODE BASED ON AT LEAST ONE INSTALLED PROFILE 有权基于至少一个安装配置文件授权执行软件代码的系统和方法公开(公告)号:US20090249065A1
公开(公告)日:2009-10-01
申请号:US12398001
申请日:2009-03-04
申请人: Dallas De Atley , Heiko Panther , Mitchell Adler , Simon Cooper , Michael Brouwer , Matt Reda
发明人: Dallas De Atley , Heiko Panther , Mitchell Adler , Simon Cooper , Michael Brouwer , Matt Reda
IPC分类号: H04L9/32
摘要: Embodiments include systems and methods for authorizing software code to be executed or access capabilities in secure operating environments. Profiles may be issued by trusted entities to extend trust to other entities to allow those other entities to provide or control execution of applications in a secure operating environment such as on particular computing devices. The profiles allow entities to add software code to the device without reauthorizing each distribution by a trusted authority such as testing, quality assurance, or to limited groups of devices controlled or authorized by the other entities.
摘要翻译: 实施例包括用于授权在安全操作环境中执行软件代码或访问能力的系统和方法。 配置文件可以由受信任的实体发布以将信任扩展到其他实体,以允许其他实体在安全操作环境(例如特定计算设备)中提供或控制应用的执行。 配置文件允许实体向设备添加软件代码,而不必由受信任的机构(例如测试,质量保证)或由其他实体控制或授权的有限的设备组重新授权每个分发。
-
-
-
-
-
-
-
搜索结果
8 条记录 (耗时 0.027 秒)
