-
1.发明授权System, method, and computer program product for file encryption, decryption and transfer 有权用于文件加密,解密和传输的系统,方法和计算机程序产品公开(公告)号:US07280956B2
公开(公告)日:2007-10-09
申请号:US10692843
申请日:2003-10-24
申请人: David B. Cross , Jainrong Gu , Duncan Bryce , Shishir Pardikar , Pradeep Jnana Madhavarapu , Scott A. Field , Kelvin S. Yiu
发明人: David B. Cross , Jainrong Gu , Duncan Bryce , Shishir Pardikar , Pradeep Jnana Madhavarapu , Scott A. Field , Kelvin S. Yiu
IPC分类号: G06F9/24
CPC分类号: G06F21/10
摘要: An encrypted file system (EFS) and an underlying file transfer protocol to permit a client to encrypt, decrypt, and transfer file(s) resident on a server are disclosed. A user at a client computer can open, read, and write to encrypted files, including header information associated with encrypted files, and can add users to or remove users from an encrypted file.
摘要翻译: 公开了一种加密文件系统(EFS)和底层文件传输协议,以允许客户机加密,解密和传输驻留在服务器上的文件。 客户端计算机上的用户可以打开,读取和写入加密文件,包括与加密文件相关联的标题信息,并且可以将用户添加到加密文件或从加密文件中删除用户。
-
公开(公告)号:US07376968B2
公开(公告)日:2008-05-20
申请号:US10718153
申请日:2003-11-20
申请人: Andrew J. Ritz , David B. Cross , Duncan Bryce , James A. Schwartz, Jr. , Jianrong Gu , Scott A. Field
发明人: Andrew J. Ritz , David B. Cross , Duncan Bryce , James A. Schwartz, Jr. , Jianrong Gu , Scott A. Field
CPC分类号: G06F21/575 , G06F21/6209 , G06F2221/2107
摘要: A system and method for facilitating BIOS integrated encryption is provided. An interface is defined between the operating system and the BIOS. The operating system employs this interface to provide BIOS code information to facilitate decryption of data that is encrypted on the system. In the pre-operating system boot phase, the BIOS employs the decryption information provided from this interface in order to decrypt the data. The decrypted information can be employed to facilitate secure rebooting of a computer system from hibernate mode and/or secure access to device(s).
摘要翻译: 提供了一种用于促进BIOS集成加密的系统和方法。 在操作系统和BIOS之间定义一个接口。 操作系统采用该接口提供BIOS代码信息,以便于在系统上加密的数据的解密。 在操作前系统启动阶段,BIOS使用从该接口提供的解密信息来解密数据。 解密的信息可用于促进计算机系统从休眠模式的安全重新启动和/或安全地访问设备。
-
公开(公告)号:US08615801B2
公开(公告)日:2013-12-24
申请号:US11515160
申请日:2006-08-31
摘要: Software is authorized in accordance with a reputation of the software. A trust in the author and/or publisher of the software is determined via digital signatures and/or CoAs, and a reputation of the software is utilized to determine the intent of the software. The reputation of the software can be determined via a local service, such as an enterprise IT department and/or via a reputation determination service. When software is downloaded or to be executed, the trust in the author/publisher is determined using digital signatures and/or CoAs associated with the software. If the author/publisher is determined to be trusted, a service is called to determine the reputation of the software. The software can be installed and/or executed dependent upon the reputation of the software and trustworthiness of the author/publisher.
摘要翻译: 软件根据软件的声誉授权。 通过数字签名和/或CoA来确定软件的作者和/或发行者的信任,并且利用软件的声誉来确定软件的意图。 软件的声誉可以通过本地服务(如企业IT部门)和/或通过信誉确定服务来确定。 当软件被下载或要执行时,使用与该软件相关联的数字签名和/或CoAs确定作者/发行者的信任。 如果作者/发行者被确定为受信任,则调用服务来确定软件的声誉。 该软件可以根据软件的声誉和作者/出版商的可靠性进行安装和/或执行。
-
公开(公告)号:US07797311B2
公开(公告)日:2010-09-14
申请号:US11688062
申请日:2007-03-19
CPC分类号: G06F21/6245 , G06F17/3089 , G06F21/6218 , G06F2221/2111 , G06F2221/2141 , G06F2221/2147
摘要: Mechanisms for organizing scenario solution-related information based upon a user's locality are provided. Locality refers to a collection of metadata created based upon scenario solutions executed by a user and/or enablers acquired by a user during scenario solution execution. Such metadata may be stored in association with a scenario solution execution workspace and/or in association with a user-specific information store. Once such information is acquired, a user may desire to share the information, or a portion thereof, with one or more other users, for instance, the members of a user group. However, often times, the user would prefer that the information not be made available to the general public. Thus, mechanisms for controlling access to user-specific information are also provided.
摘要翻译: 提供了基于用户的位置组织场景解决方案相关信息的机制。 局部性是指在场景解决方案执行期间,基于由用户执行的场景解决方案创建的元数据集和/或用户获取的使能器。 这样的元数据可以与场景解决方案执行工作空间和/或与用户特定信息存储相关联地存储。 一旦获得这样的信息,用户可能希望与一个或多个其他用户(例如,用户组的成员)共享信息或其一部分。 然而,通常情况下,用户更愿意将信息提供给公众。 因此,还提供了用于控制对用户特定信息的访问的机制。
-
公开(公告)号:US20080235229A1
公开(公告)日:2008-09-25
申请号:US11688062
申请日:2007-03-19
IPC分类号: G06F17/30
CPC分类号: G06F21/6245 , G06F17/3089 , G06F21/6218 , G06F2221/2111 , G06F2221/2141 , G06F2221/2147
摘要: Mechanisms for organizing scenario solution-related information based upon a user's locality are provided. Locality refers to a collection of metadata created based upon scenario solutions executed by a user and/or enablers acquired by a user during scenario solution execution. Such metadata may be stored in association with a scenario solution execution workspace and/or in association with a user-specific information store. Once such information is acquired, a user may desire to share the information, or a portion thereof, with one or more other users, for instance, the members of a user group. However, often times, the user would prefer that the information not be made available to the general public. Thus, mechanisms for controlling access to user-specific information are also provided.
摘要翻译: 提供了基于用户的位置组织场景解决方案相关信息的机制。 局部性是指在场景解决方案执行期间,基于由用户执行的场景解决方案创建的元数据集和/或用户获取的使能器。 这样的元数据可以与场景解决方案执行工作空间和/或与用户特定信息存储相关联地存储。 一旦获得这样的信息,用户可能希望与一个或多个其他用户(例如,用户组的成员)共享信息或其一部分。 然而,通常情况下,用户更愿意将信息提供给公众。 因此,还提供了用于控制对用户特定信息的访问的机制。
-
公开(公告)号:US07325115B2
公开(公告)日:2008-01-29
申请号:US10721562
申请日:2003-11-25
申请人: Benjamin A. Leis , David B. Cross , Duncan G. Bryce , Jianrong Gu , Rajeev Y. Nagar , Scott A. Field
发明人: Benjamin A. Leis , David B. Cross , Duncan G. Bryce , Jianrong Gu , Rajeev Y. Nagar , Scott A. Field
IPC分类号: G06F12/00
CPC分类号: G06F12/145 , G06F21/62 , G06F21/6281 , G06F21/80 , G06F2221/2143
摘要: An operating system copies data from memory pages into a paging file on disk, in order to free up space in the memory. A mechanism is disclosed that causes the data to be encrypted as it is copied into the paging file, thereby protecting the paged data from unauthorized (or otherwise undesired) observation. The data that is stored in the paging file is encrypted with a session key, that is generated shortly after the machine on which the paging file exists is started. The session key, which is used both for encryption and decryption of the paging file data, is stored in volatile memory, so that the key is not persisted across boots of the machine. Since the key is not persisted across boots, old paging file data that was stored prior to the most recent boot cannot be recovered in clear text, thereby protecting the data from observation.
摘要翻译: 操作系统将数据从内存页复制到磁盘上的页面文件中,以释放内存中的空间。 公开了一种机制,使得数据在被复制到寻呼文件中时被加密,从而保护分页数据免受未经授权(或以其他方式不希望的)观察。 存储在页面文件中的数据使用会话密钥进行加密,会话密钥是在启动了分页文件的计算机之后不久生成的。 用于分页文件数据的加密和解密的会话密钥存储在易失性存储器中,使得密钥不会在机器的引导上持久存储。 由于密钥在整个引导过程中不会持久存在,所以在最新引导之前存储的旧页面文件数据无法以明文形式恢复,从而保护数据免受观察。
-
公开(公告)号:US20080072049A1
公开(公告)日:2008-03-20
申请号:US11515160
申请日:2006-08-31
IPC分类号: H04L9/00
摘要: Software is authorized in accordance with a reputation of the software. A trust in the author and/or publisher of the software is determined via digital signatures and/or CoAs, and a reputation of the software is utilized to determine the intent of the software. The reputation of the software can be determined via a local service, such as an enterprise IT department and/or via a reputation determination service. When software is downloaded or to be executed, the trust in the author/publisher is determined using digital signatures and/or CoAs associated with the software. If the author/publisher is determined to be trusted, a service is called to determine the reputation of the software. The software can be installed and/or executed dependent upon the reputation of the software and trustworthiness of the author/publisher.
摘要翻译: 软件根据软件的声誉授权。 通过数字签名和/或CoA来确定软件的作者和/或发行者的信任,并且利用软件的声誉来确定软件的意图。 软件的声誉可以通过本地服务(如企业IT部门)和/或通过信誉确定服务来确定。 当软件被下载或要执行时,使用与该软件相关联的数字签名和/或CoAs确定作者/发行者的信任。 如果作者/发行者被确定为受信任,则调用服务来确定软件的声誉。 该软件可以根据软件的声誉和作者/出版商的可靠性进行安装和/或执行。
-
公开(公告)号:US08789159B2
公开(公告)日:2014-07-22
申请号:US12029168
申请日:2008-02-11
申请人: S. Franklin Williams , Kiran Akella Venkata , David C. LeBlanc , Juraj Gottweis , Gareth A. Howell , Scott A. Field , Ramesh Chinta
发明人: S. Franklin Williams , Kiran Akella Venkata , David C. LeBlanc , Juraj Gottweis , Gareth A. Howell , Scott A. Field , Ramesh Chinta
CPC分类号: G06F21/53
摘要: Systems and methods for creating a secure process on a web server can include creating an application manager process, and creating an application host process, the application host process being created under control of the application manager process. Example methods can also include restricting attributes of the application host process, and assigning a unique logon identifier to the application host process so that the application host process can only communicate with the application manager process.
摘要翻译: 用于在Web服务器上创建安全进程的系统和方法可以包括创建应用程序管理器进程以及创建应用程序主机进程,该应用程序主机进程是在应用程序管理器进程的控制下创建的。 示例方法还可以包括限制应用程序主机进程的属性,以及向应用程序主机进程分配唯一的登录标识符,以便应用程序主机进程只能与应用程序管理器进程通信。
-
公开(公告)号:US07996682B2
公开(公告)日:2011-08-09
申请号:US11251946
申请日:2005-10-17
IPC分类号: G06F21/00
CPC分类号: G06F21/57
摘要: Techniques are described herein for securely prompting a user to confirm sensitive operations, input sensitive information or the like. The techniques include receiving or intercepting calls from applications to prompting routines. When a call to a prompting routine is received or intercepted a hint may be provided to the user to switch to a secure desktop. When the user switches from the user desktop to the secure desktop the particular prompt is displayed. The input to the prompt is received on the secure desktop and verified to have been provided by the user. The user input or a representation of the input is then returned to the application running on the user desktop. Using these techniques, interception of prompting messages by malware does not result in sensitive information being revealed. Furthermore, spoofing of new messages by malware does not lead to the dismissal of critical prompting.
摘要翻译: 这里描述了用于安全地提示用户确认敏感操作,输入敏感信息等的技术。 这些技术包括接收或拦截来自应用程序的呼叫以提示例程。 当接收或拦截对提示例程的调用时,可以向用户提供切换到安全桌面的提示。 当用户从用户桌面切换到安全桌面时,会显示特定的提示。 在安全桌面上接收到提示的输入,并验证其已由用户提供。 用户输入或输入的表示然后返回到在用户桌面上运行的应用程序。 使用这些技术,通过恶意软件拦截提示消息不会导致敏感信息被显示。 此外,恶意软件欺骗新消息不会导致关键提示被解雇。
-
公开(公告)号:US07757281B2
公开(公告)日:2010-07-13
申请号:US11450597
申请日:2006-06-09
申请人: Scott A. Field , Liqiang Zhu , Peter T. Brundrett , Paul J. Leach
发明人: Scott A. Field , Liqiang Zhu , Peter T. Brundrett , Paul J. Leach
IPC分类号: G06F7/04
CPC分类号: H04L63/102
摘要: Remote administrative privileges in a distributed system are disabled by default. To administer a remote system, express action is taken to elevate a user status to obtain remote administrative privileges. When local and remote systems communicate, information pertaining to the status of the logged on user is included in the communications. If the user wishes to legitimately administer a remote system, the user provides an explicit request. The request is processed. If the user is configured as an administrator of the remote system and the request contains an indication that the user's administrative status has been elevated, an authorization token is generated. The authorization token is utilized by the remote system to allow the user to administer the remote system.
摘要翻译: 默认情况下,分布式系统中的远程管理权限将被禁用。 要管理远程系统,请采取行动来提升用户状态以获得远程管理权限。 当本地和远程系统进行通信时,通信中包含与登录用户状态有关的信息。 如果用户希望合法地管理远程系统,则用户提供明确的请求。 请求被处理。 如果用户配置为远程系统的管理员,并且该请求包含用户的管理状态提升的指示,则会生成授权令牌。 远程系统利用授权令牌允许用户管理远程系统。
-
-
-
-
-
-
-
-
-
搜索结果
57 条记录 (耗时 0.041 秒)
