公开(公告)号：US20060247140A1

公开(公告)日：2006-11-02

申请号：US10542952

申请日：2004-01-21

申请人： David Cressey ,  David Price ,  Christopher Friend ,  Virginia Carrick ,  David Moreton ,  David Durham ,  Rodney McAtee ,  Michael Sutton

发明人： David Cressey ,  David Price ,  Christopher Friend ,  Virginia Carrick ,  David Moreton ,  David Durham ,  Rodney McAtee ,  Michael Sutton

IPC分类号： C10L1/22

CPC分类号： C10M145/20 ,  C10M129/14 ,  C10M129/54 ,  C10M133/02 ,  C10M133/12 ,  C10M133/14 ,  C10M149/14 ,  C10M159/12 ,  C10M2201/06 ,  C10M2201/18 ,  C10M2207/023 ,  C10M2207/024 ,  C10M2207/08 ,  C10M2207/144 ,  C10M2209/101 ,  C10M2215/02 ,  C10M2215/04 ,  C10M2215/042 ,  C10M2215/06 ,  C10M2215/14 ,  C10M2215/22 ,  C10M2215/224 ,  C10M2217/046 ,  C10N2230/04 ,  C10N2230/06 ,  C10N2230/42 ,  C10N2230/43 ,  C10N2230/45 ,  C10N2230/50

摘要： A composition comprises a sulphur free reaction product of: (a)(i) a hydrocarbyl substituted aromatic compound containing an acidic group selected from the group consisting of a carboxylic group, a hydroxyl group and mixtures thereof and (a)(ii) an organic nitrogen-containing base reacted with acidic group. The composition is obtained by a preparatory process and is useful in a method for lubricating an internal combustion engine to include where the lubricant has reduced levels of sulphur, phosphorus and sulphated ash.

摘要翻译： 组合物包含：（a）（i）含有选自羧基，羟基及其混合物的酸性基团的烃基取代的芳族化合物的无硫反应产物和（a）（ii）有机 含氮碱与酸性基团反应。 该组合物通过制备方法获得，并且可用于润滑内燃机的方法，包括其中润滑剂具有降低的硫，磷和硫酸化灰分的水平。

公开(公告)号：US20150205732A1

公开(公告)日：2015-07-23

申请号：US14449467

申请日：2014-08-01

申请人： Uday SAVAGAONKAR ,  Ravi Sahita ,  David Durham ,  Men Long

发明人： Uday SAVAGAONKAR ,  Ravi Sahita ,  David Durham ,  Men Long

IPC分类号： G06F12/14

CPC分类号： G06F12/1408 ,  G06F12/1441 ,  G06F2212/1052

摘要： Systems, apparatuses, and methods, and for seamlessly protecting memory regions to protect against hardware-based attacks are disclosed. In one embodiment, an apparatus includes a decoder, control logic, and cryptographic logic. The decoder is to decode a transaction between a processor and memory-mapped input/output space. The control logic is to redirect the transaction from the memory-mapped input/output space to a system memory. The cryptographic logic is to operate on data for the transaction.

摘要翻译： 公开了系统，装置和方法，并且用于无缝地保护存储器区域以防止基于硬件的攻击。 在一个实施例中，一种装置包括解码器，控制逻辑和加密逻辑。 解码器是对处理器和存储器映射的输入/输出空间之间的事务进行解码。 控制逻辑是将事务从存储器映射的输入/输出空间重定向到系统存储器。 密码逻辑是对数据进行交易操作。

公开(公告)号：US08839450B2

公开(公告)日：2014-09-16

申请号：US11833073

申请日：2007-08-02

申请人： David Durham ,  Hormuzd Khosravi ,  Uri Blumenthal ,  Men Long

发明人： David Durham ,  Hormuzd Khosravi ,  Uri Blumenthal ,  Men Long

IPC分类号： G06F12/14 ,  G06F17/30

CPC分类号： G06F21/6209 ,  G06F12/1408 ,  G06F12/1466 ,  G06F12/1475 ,  G06F21/52 ,  G06F21/53

摘要： Embodiments of apparatuses, articles, methods, and systems for secure vault service for software components within an execution environment are generally described herein. An embodiment includes the ability for a Virtual Machine Monitor, Operating System Monitor, or other underlying platform capability to restrict memory regions for access only by specifically authenticated, authorized and verified software components, even when part of an otherwise compromised operating system environment. The underlying platform to lock and unlock secrets on behalf of the authenticated/authorized/verified software component provided in protected memory regions only accessible to the authenticated/authorized/verified software component. Other embodiments may be described and claimed.

摘要翻译： 这里一般地描述用于执行环境中的软件组件的安全保险库服务的装置，物品，方法和系统的实施例。 一个实施例包括虚拟机监视器，操作系统监视器或其他底层平台功能的能力，以限制存储器区域，以便仅通过特定认证的，授权的和已验证的软件组件进行访问，即使在其他受损的操作系统环境的一部分。 代表被保护的内存区域中提供的经过身份验证/授权/验证的软件组件的锁定和解锁秘密的底层平台只能由经过身份验证/授权/验证的软件组件访问。 可以描述和要求保护其他实施例。

公开(公告)号：US08826035B2

公开(公告)日：2014-09-02

申请号：US12646028

申请日：2009-12-23

申请人： David Durham ,  Men Long ,  Uday Savagaonkar

发明人： David Durham ,  Men Long ,  Uday Savagaonkar

IPC分类号： G06F21/00

CPC分类号： G06F21/79 ,  G06F21/72

摘要： In general, in one aspect, the disclosure describes a process that includes a cryptographic engine and first and second registers. The cryptographic engine is to encrypt data to be written to memory, to decrypt data read from memory, to generate read integrity check values (ICVs) and write ICVs for memory accesses. The cryptographic engine is also to create a cumulative read ICV and a cumulative write ICV by XORing the generated read ICV and the generated write ICV with a current read MAC and a current write ICV respectively and to validate data integrity by comparing the cumulative read ICV and the cumulative write ICV. The first and second registers are to store the cumulative read and write ICVs respectively at the processor. Other embodiments are described and claimed.

摘要翻译： 通常，在一个方面，本公开描述了包括密码引擎和第一和第二寄存器的过程。 加密引擎是对要写入存储器的数据进行加密，解密从存储器读取的数据，生成读取完整性检查值（ICV），并为存储器访问写入ICV。 密码引擎还通过分别用当前读取的MAC和当前的写入ICV异或生成的读取ICV和产生的写ICV来创建累积读取ICV和累积写入ICV，并通过比较累积读取ICV和 累积写ICV。 第一和第二寄存器分别在处理器处存储累积读和写ICV。 描述和要求保护其他实施例。

公开(公告)号：US20140245230A1

公开(公告)日：2014-08-28

申请号：US13996088

申请日：2011-12-27

申请人： Lenitra M. Durham ,  David Durham ,  Sangita Sharma

发明人： Lenitra M. Durham ,  David Durham ,  Sangita Sharma

IPC分类号： G06F3/0481 ,  G06F3/0486 ,  G06F3/0484

CPC分类号： G06F3/04815 ,  G06F3/017 ,  G06F3/0425 ,  G06F3/04842 ,  G06F3/0486

摘要： Systems and methods may provide for displaying a three-dimensional (3D) environment on a screen of a mobile device, and identifying a user interaction with an area behind the mobile device. In addition, the 3D environment can be modified based at least in part on the first user interaction. Moreover, the 3D environment may be modified based on movements of the mobile device as well as user interactions with the mobile device, allowing the user to navigate through the virtual 3D environment by moving the mobile/handheld device.

摘要翻译： 系统和方法可以提供在移动设备的屏幕上显示三维（3D）环境，并且识别与移动设备后面区域的用户交互。 另外，可以至少部分地基于第一用户交互来修改3D环境。 此外，可以基于移动设备的移动以及用户与移动设备的交互来修改3D环境，从而允许用户通过移动移动/手持设备在虚拟3D环境中导航。

公开(公告)号：US08799673B2

公开(公告)日：2014-08-05

申请号：US12651432

申请日：2009-12-31

申请人： Uday R. Savagaonkar ,  Ravi Sahita ,  David Durham ,  Men Long

发明人： Uday R. Savagaonkar ,  Ravi Sahita ,  David Durham ,  Men Long

IPC分类号： H04L29/06

CPC分类号： G06F12/1408 ,  G06F12/1441 ,  G06F2212/1052

摘要： Systems, apparatuses, and methods, and for seamlessly protecting memory regions to protect against hardware-based attacks are disclosed. In one embodiment, an apparatus includes a decoder, control logic, and cryptographic logic. The decoder is to decode a transaction between a processor and memory-mapped input/output space. The control logic is to redirect the transaction from the memory-mapped input/output space to a system memory. The cryptographic logic is to operate on data for the transaction.

摘要翻译： 公开了系统，装置和方法，并且用于无缝地保护存储器区域以防止基于硬件的攻击。 在一个实施例中，一种装置包括解码器，控制逻辑和加密逻辑。 解码器是对处理器和存储器映射的输入/输出空间之间的事务进行解码。 控制逻辑是将事务从内存映射的输入/输出空间重定向到系统内存。 密码逻辑是对数据进行交易操作。

公开(公告)号：US08671439B2

公开(公告)日：2014-03-11

申请号：US12460736

申请日：2009-07-23

申请人： David Durham ,  Ravi Sahita ,  Karanvir Grewal ,  Ned Smith ,  Kapil Sood

发明人： David Durham ,  Ravi Sahita ,  Karanvir Grewal ,  Ned Smith ,  Kapil Sood

IPC分类号： G06F21/00

CPC分类号： H04L63/10 ,  G06F2221/2141 ,  H04L9/3234 ,  H04L9/3247 ,  H04L9/3263 ,  H04L63/0209 ,  H04L63/08 ,  H04L63/20

摘要： Architectures and techniques that allow a firmware agent to operate as a tamper-resistant agent on a host platform that may be used as a trusted policy enforcement point (PEP) on the host platform to enforce policies even when the host operating system is compromised. The PEP may be used to open access control and/or remediation channels on the host platform. The firmware agent may also act as a local policy decision point (PDP) on the host platform in accordance with an authorized enterprise PDP entity by providing policies if a host trust agent is non-responsive and may function as a passive agent when the host trust agent is functional.

摘要翻译： 允许固件代理在主机平台上作为防篡改代理操作的体系结构和技术，可在主机平台上用作受信任的策略执行点（PEP），即使主机操作系统受到威胁也可执行策略。 PEP可用于在主机平台上打开访问控制和/或修复通道。 固件代理还可以根据授权的企业PDP实体在主机平台上作为本地策略决策点（PDP），通过在主机信任代理不响应时提供策略，并且当主机信任时可以用作被动代理 代理功能。

公开(公告)号：US20140068704A1

公开(公告)日：2014-03-06

申请号：US13863168

申请日：2013-04-15

申请人： Karanvir S. Grewal ,  Ravi L. Sahita ,  David Durham

发明人： Karanvir S. Grewal ,  Ravi L. Sahita ,  David Durham

IPC分类号： H04L29/06

CPC分类号： H04L63/0428 ,  G06F21/52 ,  G06F21/53 ,  G06F21/606 ,  G06F21/78 ,  G06F21/85

摘要： One particular example implementation of an apparatus for mitigating unauthorized access to data traffic, comprises: an operating system stack to allocate unprotected kernel transfer buffers; a hypervisor to allocate protected memory data buffers, where data is to be stored in the protected memory data buffers before being copied to the unprotected kernel transfer buffers; and an encoder module to encrypt the data stored in the protected memory data buffers, where the unprotected kernel transfer buffers receive a copy the encrypted data.

摘要翻译： 用于减轻对数据业务的未经授权访问的装置的一个特定示例实现包括：操作系统栈以分配未受保护的内核传送缓冲器; 分配受保护的存储器数据缓冲器的管理程序，其中数据将被存储在受保护的存储器数据缓冲器中，然后被复制到未受保护的内核传送缓冲器; 以及编码器模块，用于加密存储在受保护的存储器数据缓冲器中的数据，其中未受保护的内核传送缓冲器接收到加密数据的副本。

公开(公告)号：US08584204B2

公开(公告)日：2013-11-12

申请号：US12460736

申请日：2009-07-23

申请人： David Durham ,  Ravi Sahita ,  Karanvir Grewal ,  Ned Smith ,  Kapil Sood

发明人： David Durham ,  Ravi Sahita ,  Karanvir Grewal ,  Ned Smith ,  Kapil Sood

IPC分类号： G06F21/00

摘要： Architectures and techniques that allow a firmware agent to operate as a tamper-resistant agent on a host platform that may be used as a trusted policy enforcement point (PEP) on the host platform to enforce policies even when the host operating system is compromised. The PEP may be used to open access control and/or remediation channels on the host platform. The firmware agent may also act as a local policy decision point (PDP) on the host platform in accordance with an authorized enterprise PDP entity by providing policies if a host trust agent is non-responsive and may function as a passive agent when the host trust agent is functional.

公开(公告)号：US08572692B2

公开(公告)日：2013-10-29

申请号：US12215907

申请日：2008-06-30

申请人： Divya Naidu Kolar Sunder ,  Hormuzd Khosravi ,  David Durham ,  Dan Dahle ,  Prashant Dewan

发明人： Divya Naidu Kolar Sunder ,  Hormuzd Khosravi ,  David Durham ,  Dan Dahle ,  Prashant Dewan

IPC分类号： G06F7/04 ,  H04L9/32

CPC分类号： H04L63/126 ,  G06F21/31 ,  G06F21/57 ,  G06F21/577 ,  G06F2221/2129 ,  H04L63/0823 ,  H04L63/123

摘要： A method and system for a platform-based trust verifying service for multi-party verification. In one embodiment, the method includes a client platform accessing an service provider over a network. Upon accessing the service provider, the client platform receives a request from the service provider for platform measurement and verification. The client platform collects platform information and performs measurement and verification, including performing an integrity manifest comparison. If the integrity manifest comparison indicates a good client platform posture, then the client platform signs the client platform posture and sends an approval notification to the service provider indicating that the client platform has not been compromised. The client platform may then receive the service of the service provider. If the integrity manifest comparison indicates that the client platform posture is not good, then the client platform will send a failure notification to the service provider indicating that the client platform has been compromised.