Smartcard-based root certificate methods and apparatuses
    1.
    发明申请
    Smartcard-based root certificate methods and apparatuses 审中-公开
    基于智能卡的根证书方法和设备

    公开(公告)号:US20050160041A1

    公开(公告)日:2005-07-21

    申请号:US10761489

    申请日:2004-01-20

    IPC分类号: G06F21/00 H04L9/32 G06F17/60

    摘要: Methods and apparatuses are provided for use with smartcards or other like shared computing resources. One or more root certificates are stored on a smartcard. The root certificates can be selectively copied to a certificate store or other like mechanism of an operatively coupled computing or like device and available to support certificate and other trust related processes of the device. When the smartcard is no longer operatively available to the device, the root certificates are no longer available to support such certificate and other trust related processes of the device.

    摘要翻译: 提供了与智能卡或其他类似的共享计算资源一起使用的方法和装置。 一个或多个根证书存储在智能卡上。 可以将根证书选择性地复制到可操作耦合的计算或类似设备的证书存储或其他类似的机制,并且可用于支持设备的证书和其他信任相关过程。 当智能卡不再可用于设备时,根证书不再可用于支持设备的此类证书和其他信任相关进程。

    Updating trusted root certificates on a client computer
    2.
    发明申请
    Updating trusted root certificates on a client computer 有权
    在客户端计算机上更新受信任的根证书

    公开(公告)号:US20050080899A1

    公开(公告)日:2005-04-14

    申请号:US10967608

    申请日:2004-10-18

    IPC分类号: G06F15/173 H04L29/06

    摘要: An update process is used to update root certificates in a root certificate store of a client computer, maintaining the integrity of the existing root certificates as well as any new root certificates. In accordance with certain aspects, the integrity of a certificate trust list identifying one or more root certificates is verified. The root certificate store of the client computer is modified in accordance with the certificate trust list if the integrity of the certificate trust list is verified.

    摘要翻译: 更新过程用于更新客户端计算机的根证书库中的根证书,维护现有根证书的完整性以及任何新的根证书。 根据某些方面,验证识别一个或多个根证书的证书信任列表的完整性。 如果验证了证书信任列表的完整性,则客户端计算机的根证书存储库将根据证书信任列表进行修改。

    Efficient retrieval of cryptographic evidence
    4.
    发明申请
    Efficient retrieval of cryptographic evidence 有权
    有效检索加密证据

    公开(公告)号:US20060294576A1

    公开(公告)日:2006-12-28

    申请号:US11166884

    申请日:2005-06-24

    IPC分类号: H04L9/00

    摘要: An efficient protocol for retrieving cryptographic evidence may be selected by evaluating a local policy and a number of relevant factors. Furthermore, updated cryptographic evidence may be prefetched during a time period in which there is a low volume of requests for cryptographic evidence. This low volume time period may be defined, approximately, as an overlapping window in which both a first cryptographic evidence publication and a second cryptographic evidence publication are valid.

    摘要翻译: 可以通过评估当地政策和一些相关因素来选择用于检索加密证据的有效协议。 此外,更新的加密证据可以在存在密码证据少量的时间段期间被预取。 这个低容量时间段可以大致定义为其中第一密码证据出版物和第二密码证据出版物都是有效的重叠窗口。

    Systems and methods for validating executable file integrity using partial image hashes

    公开(公告)号:US20060161761A1

    公开(公告)日:2006-07-20

    申请号:US11037566

    申请日:2005-01-18

    IPC分类号: G06F12/10

    CPC分类号: G06F21/52 G06F21/64

    摘要: Systems and methods for validating integrity of an executable file are described. In one aspect, multiple partial image hashes are generated, the combination of which represent a digest of an entire executable file. Subsequent to loading the executable file on a computing device, a request to page a portion of the executable file into memory for execution is intercepted. Responsive to intercepting the request, and prior to paging the portion into memory for execution, a validation hash of the portion is computed. The validation hash is compared to a partial hash of the multiple partial image hashes to determine code integrity of the portion. The partial hash represents a same code segment as the portion.

    Credential roaming
    6.
    发明申请
    Credential roaming 有权
    证书漫游

    公开(公告)号:US20050257072A1

    公开(公告)日:2005-11-17

    申请号:US10821603

    申请日:2004-04-09

    摘要: Implementations are described and claimed herein to enable credential roaming among a plurality of different computing devices. An exemplary system may include an event handler to receive event notifications such as, e.g., a client logon. The event handler may invoke a management service in response to receiving an event notification. The management service may include a synchronizing module to synchronize a user's credentials with a remote directory service, such as, e.g., Active Directory, so that the user's credentials are available from any of a number of different computing devices.

    摘要翻译: 这里描述和要求保护的实施方式,以使许多不同计算设备之间的凭证漫游。 示例性系统可以包括用于接收事件通知的事件处理程序,例如客户端登录。 响应于接收到事件通知,事件处理程序可以调用管理服务。 管理服务可以包括同步模块,以将用户的凭证与例如Active Directory的远程目录服务同步,使得用户的凭证可从多个不同的计算设备中的任何一个获得。