-
公开(公告)号:US08793786B2
公开(公告)日:2014-07-29
申请号:US12028297
申请日:2008-02-08
申请人: Firdosh K. Bhesania , Alain Michaud , Nathan C. Sherman , Hirofumi Yamamoto , Yashabh Sethi , Steve Wright
发明人: Firdosh K. Bhesania , Alain Michaud , Nathan C. Sherman , Hirofumi Yamamoto , Yashabh Sethi , Steve Wright
CPC分类号: G06F21/84 , G06F21/554 , G06F21/629 , G06F21/74 , G06F21/83 , G06F2221/2105
摘要: Computer-readable media, computerized methods, and computer systems for alerting a user that an operating system has entered a secure mode is provided. Initially, inputs are received at an operating system residing in a default mode. Typically, the default mode allows applications running on the operating system to access the inputs. If the inputs are identified as a call to perform a protected operation, the operating system is transitioned from the default mode to the secure mode. Typically, the secure mode restricts the applications from intercepting the inputs. The transition to the secure mode is automatically communicated to the user via an indicator device. Generally, automatic communication includes providing a message from the operating system to the indicator device over a secure pathway that triggers the indicator device to generate a user-perceivable output. Accordingly, the operating system exerts exclusive control over the operation of the indicator device.
摘要翻译: 提供了计算机可读介质,计算机化方法和用于提醒用户操作系统进入安全模式的计算机系统。 最初,在默认模式下的操作系统处接收输入。 通常,默认模式允许在操作系统上运行的应用程序访问输入。 如果输入被标识为执行受保护操作的呼叫,则操作系统将从默认模式转换到安全模式。 通常,安全模式限制应用程序拦截输入。 通过指示设备自动地向用户传送到安全模式的转换。 通常,自动通信包括通过触发指示器设备产生用户可感知输出的安全路径从操作系统向指示器设备提供消息。 因此,操作系统对指示装置的操作进行专用控制。
-
公开(公告)号:US07600264B2
公开(公告)日:2009-10-06
申请号:US11193312
申请日:2005-07-30
CPC分类号: H04L63/101 , G06F21/6218 , G06F2221/2105 , G06F2221/2141 , H04L63/1441
摘要: In aspects, interactions between processes of a desktop are allowed or denied based on security data. The security data may comprise a first bitmap that indicates whether a requesting process is allowed to cause an action to occur, a second bitmap that indicates whether a process is protected from having an action occur, and a third bitmap that indicates whether the requesting process may override protection, if any, in causing the action to occur.
摘要翻译: 在一些方面,基于安全性数据允许或拒绝桌面进程之间的交互。 安全数据可以包括指示请求进程是否允许发生动作的第一位图,指示进程是否被保护以防止发生动作的第二位图,以及指示请求进程是否可以 超越保护(如果有的话)导致动作发生。
-
公开(公告)号:US20070028294A1
公开(公告)日:2007-02-01
申请号:US11193312
申请日:2005-07-30
IPC分类号: H04L9/32
CPC分类号: H04L63/101 , G06F21/6218 , G06F2221/2105 , G06F2221/2141 , H04L63/1441
摘要: In aspects, interactions between processes of a desktop are allowed or denied based on security data. The security data may comprise a first bitmap that indicates whether a requesting process is allowed to cause an action to occur, a second bitmap that indicates whether a process is protected from having an action occur, and a third bitmap that indicates whether the requesting process may override protection, if any, in causing the action to occur.
摘要翻译: 在一些方面,基于安全性数据允许或拒绝桌面进程之间的交互。 安全数据可以包括指示请求进程是否允许发生动作的第一位图,指示进程是否被保护以防止发生动作的第二位图,以及指示请求进程是否可以 超越保护(如果有的话)导致动作发生。
-
公开(公告)号:US20090293057A1
公开(公告)日:2009-11-26
申请号:US12381065
申请日:2009-03-05
申请人: Michael Larkin , James Yarbrough , Yashabh Sethi
发明人: Michael Larkin , James Yarbrough , Yashabh Sethi
CPC分类号: G06F9/45533 , G06F9/45558 , G06F9/468 , G06F12/1491 , G06F21/53 , G06F2009/45587 , G06F2221/2105 , G06F2221/2141 , G06F2221/2149
摘要: A computing system is configured to use a trampoline to isolate sensitive code in a virtual environment and in other applications. An import table may describe the entry points of a privileged code module or driver that generates privileged code. A system and method loads a shadow kernel to facilitate isolating the linkage between drivers and the rest of the system. The shadow kernel may be a copy of the operating system kernel that does not have the same integral position in the operation of the computing device. The shadow kernel may be used as a template for creating a jump table to redirect more critical privileged resource access requests from specially loaded kernel mode drivers to the PVM. All requests may pass through the PVM, which redirects non-critical functions to the original kernel. Multiple copies of a given driver or code module may be loaded in a given session.
摘要翻译: 计算系统被配置为使用蹦床来隔离虚拟环境和其他应用中的敏感代码。 导入表可以描述生成特权代码的特权代码模块或驱动程序的入口点。 系统和方法加载影子内核以便于隔离驱动程序与系统其余部分之间的连接。 影子内核可以是在计算设备的操作中不具有相同整数位置的操作系统内核的副本。 影子内核可以用作创建跳转表的模板,以将更重要的特权资源访问请求从特殊加载的内核模式驱动程序重定向到PVM。 所有请求都可以通过PVM,将非关键功能重定向到原始内核。 给定的驱动程序或代码模块的多个副本可以在给定的会话中加载。
-
公开(公告)号:US08407699B2
公开(公告)日:2013-03-26
申请号:US12381065
申请日:2009-03-05
申请人: Michael Larkin , James Yarbrough , Yashabh Sethi
发明人: Michael Larkin , James Yarbrough , Yashabh Sethi
IPC分类号: G06F9/46
CPC分类号: G06F9/45533 , G06F9/45558 , G06F9/468 , G06F12/1491 , G06F21/53 , G06F2009/45587 , G06F2221/2105 , G06F2221/2141 , G06F2221/2149
摘要: A computing system is configured to use a trampoline to isolate sensitive code in a virtual environment and in other applications. An import table may describe the entry points of a privileged code module or driver that generates privileged code. A system and method loads a shadow kernel to facilitate isolating the linkage between drivers and the rest of the system. The shadow kernel may be a copy of the operating system kernel that does not have the same integral position in the operation of the computing device. The shadow kernel may be used as a template for creating a jump table to redirect more critical privileged resource access requests from specially loaded kernel mode drivers to the PVM. All requests may pass through the PVM, which redirects non-critical functions to the original kernel. Multiple copies of a given driver or code module may be loaded in a given session.
-
-
-
-
搜索结果
5 条记录 (耗时 0.03 秒)
