公开(公告)号：US20050138270A1

公开(公告)日：2005-06-23

申请号：US11030825

申请日：2005-01-07

申请人： Dinarte Morais ,  Jon Lange ,  Daniel Simon ,  Ling Chen ,  Josh Benaloh

发明人： Dinarte Morais ,  Jon Lange ,  Daniel Simon ,  Ling Chen ,  Josh Benaloh

IPC分类号： G06F21/22 ,  G06F9/445 ,  G06F21/00 ,  G06F12/00

CPC分类号： G06F21/575

摘要： Machine instructions comprising a bootstrap code are buried within a critical component of an electronic game console where they cannot readily be accessed or modified. A preloader portion in a read only memory (ROM) is hashed by the bootstrap code and the result is compared to an expected hash value maintained in the bootstrap code. Further verification of the boot-up process is carried out by the preloader, which hashes the code in ROM to obtain a hash value for the code. The result is verified against a digital signature value that defines an expected value for this hash. Failure to obtain any expected result terminates the boot-up process. Since the bootstrap code confirms the preloader, and the preloader confirms the remainder of the code in ROM, this technique is useful for ensuring that the code used for booting up the device has not been modified or replaced.

公开(公告)号：US20060059571A1

公开(公告)日：2006-03-16

申请号：US10931785

申请日：2004-09-01

申请人： Ling Chen ,  Josh Benaloh

发明人： Ling Chen ,  Josh Benaloh

IPC分类号： H04N7/16

CPC分类号： G06F21/121 ,  G06F21/10 ,  G06F2221/2109

摘要： Software is licensed for use on a particular computing device, such as a gaming console or a multimedia console. An unlocking code is provided from a distribution service to the computing device (either directly or via a user), which in turn, unlocks the appropriate software or portion of software for use with the associated computing device. The software may reside on a computer-readable medium, such as a CD-ROM or DVD disk, that is being used in conjunction with the computing device. The unlocking code may be provided directly to the user in private (e.g., via email or a mobile phone) or in public (e.g., published on a website). Portions of the software that may be unlocked include a particular level of a game or other features (such as additional characters or weapons), or a working or more advanced version of an application that was otherwise provided as a demo or older version. The unlocking code may be based on a unique identifier of the computing device and an identifier associated with the software seeking to be accessed. Thus, the code may only be used by the computing device having that unique identifier. This prevents unauthorized or unlicensed computing devices from using the software.

公开(公告)号：US20050278477A1

公开(公告)日：2005-12-15

申请号：US11207081

申请日：2005-08-18

申请人： Paul England ,  Marcus Peinado ,  Daniel Simon ,  Josh Benaloh

发明人： Paul England ,  Marcus Peinado ,  Daniel Simon ,  Josh Benaloh

IPC分类号： G06F21/00 ,  G06F12/00

CPC分类号： G06F21/54 ,  G06F21/53 ,  G06F21/57

摘要： Manifest-based trusted agent management in a trusted operating system environment includes receiving a request to execute a process is received and setting up a virtual memory space for the process. Additionally, a manifest corresponding to the process is accessed, and which of a plurality of binaries can be executed in the virtual memory space is limited based on indicators, of the binaries, that are included in the manifest.

摘要翻译： 在受信任的操作系统环境中的基于清单的可信代理管理包括接收接收到的执行进程的请求，并为进程设置虚拟内存空间。 此外，访问对应于进程的清单，并且可以基于二进制文件中包括在清单中的指示符限制在虚拟存储器空间中执行多个二进制文件中的哪一个。

公开(公告)号：US20060005230A1

公开(公告)日：2006-01-05

申请号：US11206585

申请日：2005-08-18

申请人： Paul England ,  Marcus Peinado ,  Daniel Simon ,  Josh Benaloh

发明人： Paul England ,  Marcus Peinado ,  Daniel Simon ,  Josh Benaloh

IPC分类号： G06F17/00

CPC分类号： G06F21/54 ,  G06F21/53 ,  G06F21/57

摘要： Manifest-based trusted agent management in a trusted operating system environment includes receiving a request to execute a process is received and setting up a virtual memory space for the process. Additionally, a manifest corresponding to the process is accessed, and which of a plurality of binaries can be executed in the virtual memory space is limited based on indicators, of the binaries, that are included in the manifest.

公开(公告)号：US20050278530A1

公开(公告)日：2005-12-15

申请号：US11206519

申请日：2005-08-18

申请人： Paul England ,  Marcus Peinado ,  Daniel Simon ,  Josh Benaloh

发明人： Paul England ,  Marcus Peinado ,  Daniel Simon ,  Josh Benaloh

IPC分类号： G06F21/00 ,  H04L9/00

CPC分类号： G06F21/54 ,  G06F21/53 ,  G06F21/57

摘要： Manifest-based trusted agent management in a trusted operating system environment includes receiving a request to execute a process is received and setting up a virtual memory space for the process. Additionally, a manifest corresponding to the process is accessed, and which of a plurality of binaries can be executed in the virtual memory space is limited based on indicators, of the binaries, that are included in the manifest.

公开(公告)号：US20060198517A1

公开(公告)日：2006-09-07

申请号：US11074885

申请日：2005-03-07

申请人： Kim Cameron ,  Arun Nanda ,  Josh Benaloh ,  John Shewchuk ,  Daniel Simon ,  Andrew Bortz

发明人： Kim Cameron ,  Arun Nanda ,  Josh Benaloh ,  John Shewchuk ,  Daniel Simon ,  Andrew Bortz

IPC分类号： H04L9/00

CPC分类号： H04L63/0442 ,  G06F21/445 ,  G06F2221/2129 ,  H04L9/0869 ,  H04L9/3218 ,  H04L63/06 ,  H04L2463/061

摘要： Exemplary embodiments disclosed herein may include a method and system for creating pair-wise security keys, comprising receiving an identity key from a website, generating a master key, creating a pair-wise symmetric key or asymmetric key pair by utilizing an encryption function of the identity key and the master key, and storing the pair-wise public or symmetric key at the client and the website.

摘要翻译： 本文公开的示例性实施例可以包括用于创建成对安全密钥的方法和系统，包括从网站接收身份密钥，生成主密钥，通过利用所述密钥对的加密功能创建成对对称密钥或非对称密钥对 身份密钥和主密钥，并将成对的公有或对称密钥存储在客户端和网站上。

公开(公告)号：US20070174921A1

公开(公告)日：2007-07-26

申请号：US11558125

申请日：2006-11-09

申请人： Paul England ,  Marcus Peinado ,  Daniel Simon ,  Josh Benaloh

发明人： Paul England ,  Marcus Peinado ,  Daniel Simon ,  Josh Benaloh

IPC分类号： H04L9/32

CPC分类号： G06F21/54 ,  G06F21/53 ,  G06F21/57

摘要： Manifest-based trusted agent management in a trusted operating system environment includes receiving a request to execute a process is received and setting up a virtual memory space for the process. Additionally, a manifest corresponding to the process is accessed, and which of a plurality of binaries can be executed in the virtual memory space is limited based on indicators, of the binaries, that are included in the manifest.

摘要翻译： 在受信任的操作系统环境中的基于清单的可信代理管理包括接收接收到的执行进程的请求，并为进程设置虚拟内存空间。 此外，访问对应于进程的清单，并且可以基于二进制文件中包括在清单中的指示符限制在虚拟存储器空间中执行多个二进制文件中的哪一个。

公开(公告)号：US20050289351A1

公开(公告)日：2005-12-29

申请号：US11206578

申请日：2005-08-18

申请人： Paul England ,  Marcus Peinado ,  Daniel Simon ,  Josh Benaloh

发明人： Paul England ,  Marcus Peinado ,  Daniel Simon ,  Josh Benaloh

IPC分类号： G06F21/00 ,  H04L9/00

CPC分类号： G06F21/54 ,  G06F21/53 ,  G06F21/57

摘要： Manifest-based trusted agent management in a trusted operating system environment includes receiving a request to execute a process is received and setting up a virtual memory space for the process. Additionally, a manifest corresponding to the process is accessed, and which of a plurality of binaries can be executed in the virtual memory space is limited based on indicators, of the binaries, that are included in the manifest.

公开(公告)号：US20050144448A1

公开(公告)日：2005-06-30

申请号：US11068007

申请日：2005-02-28

申请人： Paul England ,  Marcus Peinado ,  Daniel Simon ,  Josh Benaloh

发明人： Paul England ,  Marcus Peinado ,  Daniel Simon ,  Josh Benaloh

IPC分类号： G06F21/00 ,  H04L9/00

CPC分类号： G06F21/57 ,  G06F21/606

摘要： Transferring application secrets in a trusted operating system environment involves receiving a request to transfer application data from a source computing device to a destination computing device. A check is made as to whether the application data can be transferred to the destination computing device, and if so, whether the application data can be transferred under control of the user or a third party. If these checks succeed, a check is also made as to whether the destination computing device is a trustworthy device running known trustworthy software. Input is also received from the appropriate one of the user or third party to control transferring of the application data to the destination computing device. Furthermore, application data is stored on the source computing device in a manner that facilitates determining whether the application data can be transferred, and that facilitates transferring the application data if it can be transferred.

公开(公告)号：US20050144447A1

公开(公告)日：2005-06-30

申请号：US11068006

申请日：2005-02-28

申请人： Paul England ,  Marcus Peinado ,  Daniel Simon ,  Josh Benaloh

发明人： Paul England ,  Marcus Peinado ,  Daniel Simon ,  Josh Benaloh

IPC分类号： G06F21/00 ,  H04L9/00

CPC分类号： G06F21/57 ,  G06F21/606

摘要： Transferring application secrets in a trusted operating system environment involves receiving a request to transfer application data from a source computing device to a destination computing device. A check is made as to whether the application data can be transferred to the destination computing device, and if so, whether the application data can be transferred under control of the user or a third party. If these checks succeed, a check is also made as to whether the destination computing device is a trustworthy device running known trustworthy software. Input is also received from the appropriate one of the user or third party to control transferring of the application data to the destination computing device. Furthermore, application data is stored on the source computing device in a manner that facilitates determining whether the application data can be transferred, and that facilitates transferring the application data if it can be transferred.

摘要翻译： 在受信任的操作系统环境中传送应用程序秘密涉及接收将应用数据从源计算设备传送到目的地计算设备的请求。 检查应用数据是否可以传送到目的地计算设备，如果是，可以在用户或第三方的控制下传送应用数据。 如果这些检查成功，还要检查目的地计算设备是否是运行已知可靠软件的值得信赖的设备。 还从适当的用户或第三方接收输入以控制将应用数据传送到目的地计算设备。 此外，应用数据以便于确定是否可以传送应用数据的方式存储在源计算设备上，并且如果可以传送应用数据便于传送应用数据。