-
公开(公告)号:US20060265598A1
公开(公告)日:2006-11-23
申请号:US11389336
申请日:2006-03-23
申请人: David Plaquin , Marco Ricca , Boris Balacheff
发明人: David Plaquin , Marco Ricca , Boris Balacheff
IPC分类号: G06K9/00 , G06F12/14 , H04L9/00 , H04L9/32 , G06F17/30 , G06F12/00 , G06F11/00 , H04K1/00 , G06F11/30 , G06F15/16 , G06F13/00 , G06F12/16 , G06F7/04 , G06F15/18 , G06F7/58 , G08B23/00 , G06K19/00 , G11C7/00
CPC分类号: H04L63/0853 , H04L63/0892
摘要: A method for managing access to a computing environment by a computing device includes providing at least one credential that identifies both the computing device and a user of the computing device, storing data at the computing environment relating to the computing device and the user in association with the credential, and selectively granting an access request received from the computing device using the credential in accordance with the data stored at the computing environment.
-
公开(公告)号:US08984291B2
公开(公告)日:2015-03-17
申请号:US11389336
申请日:2006-03-23
申请人: David Plaquin , Marco Ricca , Boris Balacheff
发明人: David Plaquin , Marco Ricca , Boris Balacheff
CPC分类号: H04L63/0853 , H04L63/0892
摘要: A method for managing access to a computing environment by a computing device includes providing at least one credential that identifies both the computing device and a user of the computing device, storing data at the computing environment relating to the computing device and the user in association with the credential, and selectively granting an access request received from the computing device using the credential in accordance with the data stored at the computing environment.
摘要翻译: 用于管理计算设备对计算环境的访问的方法包括:提供至少一个识别计算设备和计算设备的用户的凭证,在与计算设备和用户相关联的计算环境下存储数据,与 并且根据存储在计算环境中的数据,使用凭证选择性地授予从计算设备接收的访问请求。
-
公开(公告)号:US07467370B2
公开(公告)日:2008-12-16
申请号:US11090964
申请日:2005-03-25
IPC分类号: G06F9/44
CPC分类号: G06F21/57 , G06F21/575 , G06F21/62 , G06F2221/2105 , G06F2221/2145 , G06F2221/2149 , G06F2221/2153
摘要: A computer apparatus for creating a trusted environment comprising a trusted device arranged to acquire a first integrity metric to allow determination as to whether the computer apparatus is operating in a trusted manner; a processor arranged to allow execution of a first trust routine and associated first operating environment, and means for restricting the first operating environment access to resources available to the trust routine, wherein the trust routine being arranged to acquire the first integrity metric and a second integrity metric to allow determination as to whether the first operating environment is operating in a trusted manner.
摘要翻译: 一种用于创建可信环境的计算机设备,包括被配置为获取第一完整性度量以允许确定所述计算机设备是否以可信任方式操作的信任设备; 布置成允许执行第一信任例程和相关联的第一操作环境的处理器以及用于限制第一操作环境访问可用于信任例程的资源的装置,其中所述信任例程被布置为获取第一完整性度量和第二完整性度量 以允许确定第一操作环境是否以可信任的方式操作。
-
公开(公告)号:US20050223221A1
公开(公告)日:2005-10-06
申请号:US11090964
申请日:2005-03-25
申请人: Graeme Proudler , Boris Balacheff , David Plaquin
发明人: Graeme Proudler , Boris Balacheff , David Plaquin
CPC分类号: G06F21/57 , G06F21/575 , G06F21/62 , G06F2221/2105 , G06F2221/2145 , G06F2221/2149 , G06F2221/2153
摘要: A computer apparatus for creating a trusted environment comprising a trusted device arranged to acquire a first integrity metric to allow determination as to whether the computer apparatus is operating in a trusted manner; a processor arranged to allow execution of a first trust routine and associated first operating environment, and means for restricting the first operating environment access to resources available to the trust routine, wherein the trust routine being arranged to acquire the first integrity metric and a second integrity metric to allow determination as to whether the first operating environment is operating in a trusted manner.
摘要翻译: 一种用于创建可信环境的计算机设备,包括被配置为获取第一完整性度量以允许确定所述计算机设备是否以可信任方式操作的信任设备; 布置成允许执行第一信任例程和相关联的第一操作环境的处理器以及用于限制第一操作环境访问可用于信任例程的资源的装置,其中所述信任例程被布置为获取第一完整性度量和第二完整性度量 以允许确定第一操作环境是否以可信任的方式操作。
-
公开(公告)号:US20050086511A1
公开(公告)日:2005-04-21
申请号:US10923250
申请日:2004-08-19
CPC分类号: H04L63/10 , G06F21/57 , G06F21/62 , H04L63/164
摘要: Control of access to data within a first data processing device is provided. The data processing device contains at least one data item which has a use policy associated with it. In response to a request from or a requirement of a second data processing device to perform an operation on the data item, the first data processing device seeks information about the ability of the second data processing device to respect conditions specified in the policy and on the basis of a comparison between the policy and the ability of the device to satisfy the policy, the first data processing device decides whether to allow the operation to be performed.
摘要翻译: 提供对第一数据处理设备内数据访问的控制。 数据处理装置包含至少一个具有与其相关联的使用策略的数据项。 响应于第二数据处理设备对数据项执行操作的请求或要求,第一数据处理设备寻求关于第二数据处理设备遵守策略中指定的条件的能力的信息,并且在 第一数据处理设备决定是否允许执行操作的策略与设备满足策略的能力的比较的基础。
-
公开(公告)号:US08069450B2
公开(公告)日:2011-11-29
申请号:US10765827
申请日:2004-01-26
CPC分类号: G06F21/62 , G06F9/468 , G06F21/52 , G06F21/6209 , G06F2221/2141 , G06F2221/2153
摘要: A method of computer operating system data management comprising the steps of: (a) associating data management information with data input to a process (300); and (b) regulating operating system operations involving the data according to the data management information is provided (310). A computing platform (1) for operating system data management is also provided. Furthermore, a computer program including instructions configured to enable operating system data management, an operating system, and an operating system data management method and apparatus arranged to identify data having data management information associated therewith when that data is read into a memory space are provided.
摘要翻译: 一种计算机操作系统数据管理的方法,包括以下步骤:(a)将数据管理信息与输入到过程(300)的数据相关联; 提供(b)根据数据管理信息调整涉及数据的操作系统操作(310)。 还提供了用于操作系统数据管理的计算平台(1)。 此外,提供了包括被配置为使得操作系统数据管理的指令,操作系统和操作系统数据管理方法和装置的计算机程序,其被配置为当该数据被读入存储器空间时,识别与其相关联的数据管理信息的数据。
-
公开(公告)号:US08060934B2
公开(公告)日:2011-11-15
申请号:US12059387
申请日:2008-03-31
CPC分类号: G06F21/57
摘要: A method and apparatus are provided for tracking the state of a software component in use on a computing platform. Upon a change of a first type in the software component (such as a change to an integrity-critical part of the component), an appropriate integrity metric of the software component is reliably measured and recorded in cumulative combination with any previous integrity metric values recorded for changes of the first type to the software component. Upon a change of a second type in the software component (such as a change to a non integrity-critical part of the component), an appropriate integrity metric of the software component is reliably measured and recorded as a replacement for any previous integrity metric value recorded for changes of the second type to the software component. The two resultant values provide an indication of the integrity state of the software component.
摘要翻译: 提供了一种用于跟踪在计算平台上使用的软件组件的状态的方法和装置。 在软件组件中的第一类型的更改(例如对组件的完整性关键部分的改变)中,可以可靠地测量和记录软件组件的适当的完整性度量并且与所记录的任何先前的完整性度量值 用于将第一类型更改为软件组件。 在软件组件中的第二类型的更改(例如对组件的非完整性关键部分的改变)中,软件组件的适当的完整性度量被可靠地测量并记录为任何先前的完整性度量值 记录第二类型与软件组件的变化。 两个结果值提供了软件组件的完整性状态的指示。
-
公开(公告)号:US08539587B2
公开(公告)日:2013-09-17
申请号:US11908920
申请日:2006-03-22
IPC分类号: G06F21/00
摘要: A data structure has within it the following elements: an identification of a data structure type; and a proof that two or more instances of the data structure type are as trustworthy as each other. Methods and devices using such data structures are described.
摘要翻译: 数据结构中包含以下元素:数据结构类型的标识; 以及数据结构类型的两个或多个实例彼此信任的证明。 描述使用这种数据结构的方法和装置。
-
公开(公告)号:US20090013406A1
公开(公告)日:2009-01-08
申请号:US12059387
申请日:2008-03-31
IPC分类号: G06F11/00
CPC分类号: G06F21/57
摘要: A method and apparatus are provided for tracking the state of a software component in use on a computing platform. Upon a change of a first type in the software component (such as a change to an integrity-critical part of the component), an appropriate integrity metric of the software component is reliably measured and recorded in cumulative combination with any previous integrity metric values recorded for changes of the first type to the software component. Upon a change of a second type in the software component (such as a change to a non integrity-critical part of the component), an appropriate integrity metric of the software component is reliably measured and recorded as a replacement for any previous integrity metric value recorded for changes of the second type to the software component. The two resultant values provide an indication of the integrity state of the software component.
摘要翻译: 提供了一种用于跟踪在计算平台上使用的软件组件的状态的方法和装置。 在软件组件中的第一类型的更改(例如对组件的完整性关键部分的改变)中,可以可靠地测量和记录软件组件的适当的完整性度量并且与所记录的任何先前的完整性度量值 用于将第一类型更改为软件组件。 在软件组件中的第二类型的更改(例如对组件的非完整性关键部分的改变)中,软件组件的适当的完整性度量被可靠地测量并记录为任何先前的完整性度量值 记录第二类型与软件组件的变化。 两个结果值提供了软件组件的完整性状态的指示。
-
公开(公告)号:US20080282348A1
公开(公告)日:2008-11-13
申请号:US11908920
申请日:2006-03-22
IPC分类号: G06F21/00
摘要: A data structure has within it the following elements: an identification of a data structure type; and a proof that two or more instances of the data structure type are as trustworthy as each other. Methods and devices using such data structures are described.
摘要翻译: 数据结构中包含以下元素:数据结构类型的标识; 以及数据结构类型的两个或多个实例彼此信任的证明。 描述使用这种数据结构的方法和装置。
-
-
-
-
-
-
-
-
-
搜索结果
15 条记录 (耗时 0.02 秒)
