-
公开(公告)号:US12095916B2
公开(公告)日:2024-09-17
申请号:US17648837
申请日:2022-01-25
CPC分类号: H04L9/0894 , H04L9/0825 , H04L9/085 , H04L9/0861
摘要: A computer-implemented method for managing a life-cycle of at least in parts interdependent cryptographic keys is disclosed. Each of the cryptographic keys is signed and relates to a different one of artifacts. The method comprises creating a key manifest, wherein the key manifest comprises data about determined dependencies of the cryptographic keys at a point in time when one of the artifacts is built encrypting the key manifest with a manifest key, and upon a life-cycle change happening to one out of the group comprising one of the artifacts and one of the interdependent cryptographic keys in the key manifest of the one of the artifacts, the method comprises decrypting the key manifest and invoking an action to a related one out of the group comprising the one of the artifacts and at least one of the interdependent cryptographic keys in accordance with the key manifest.
-
公开(公告)号:US11947687B2
公开(公告)日:2024-04-02
申请号:US17449036
申请日:2021-09-27
发明人: Florian Fritz , Timo Kussmaul , Dennis Zeisberg , Angel Nunez Mencias , Dimitrij Pankratz , Stefan Liesche , Sebastian Hense
CPC分类号: G06F21/606 , G06F8/65 , G06F21/44 , H04L9/088
摘要: A computer-implemented method for securely transferring a secret from a source computing component to a target computing component, wherein the source computing component and the target computing component are part of a secure computing environment is disclosed. The method comprises upon the source computing component receiving from the target computing component a signed attestation document, verifying, by the source computing component, an authenticity and content of the attestation document, and upon a successful verification of the authenticity and the content, transferring, by the source computing component the secret to the target computing system. Thereby, the attestation document is attesting that the target computing component is compliant to an update governance rule.
-
公开(公告)号:US11947660B2
公开(公告)日:2024-04-02
申请号:US17446478
申请日:2021-08-31
CPC分类号: G06F21/53 , G06F8/60 , H04L9/3247 , G06F2221/033 , G06F2221/2149
摘要: Securing pods in a container orchestration environment is provided. A container runtime interface command is verified to perform an orchestration action on a set of containers comprising an application workload that corresponds to a service based on matching the container runtime interface command to a rule contained in a trusted execution environment contract included in a pod sandbox virtual machine of a trusted execution environment. It is determined whether the container runtime interface command to perform the orchestration action on the set of containers is valid based finding a matching rule in the trusted execution environment contract. In response to determining that the container runtime interface command to perform the orchestration action on the set of containers is valid, the container runtime interface command is executed to perform the orchestration action on the set of containers in the pod sandbox virtual machine of the trusted execution environment.
-
公开(公告)号:US11809572B2
公开(公告)日:2023-11-07
申请号:US17472972
申请日:2021-09-13
发明人: Florian Fritz , Timo Kussmaul , Dennis Zeisberg , Angel Nunez Mencias , Dimitrij Pankratz , Stefan Liesche , Sebastian Hense
CPC分类号: G06F21/577 , G06F21/64 , G06F2221/033
摘要: A computer-implemented method for building trusted executable software using trusted building units, wherein a path between the building units is untrusted, is disclosed. The method comprises generating, by each of the trusted building units, an identifier for identifying an output of the respective trusted building unit, wherein the respective trusted building unit also generates a signed confirmative certificate comprising the identifier. The method comprise as well utilizing, by each of the distributed trusted building units, output results of at least one of a predecessor build unit of the trusted building unit as input, validating that each of the signed confirmative certificates conforms to a predefined set of policy rules, and upon a failed validating of the signed confirmative certificate of one of the trusted building units, terminating the building of the trusted executable software.
-
公开(公告)号:US10114896B2
公开(公告)日:2018-10-30
申请号:US14479918
申请日:2014-09-08
发明人: Michael Junginger , Stefan Liesche , Andreas Nauerz , Sascha Sambale , Thomas Steinheber , Thomas Stober
IPC分类号: G06F17/30
摘要: A computer implemented method for searching resources via an application in a user interface framework that initiates a first search request via a search engine interface and receives a search result and associated resource types in response to the first search request. The method further maps the associated resource types to at least one user interface control class of a plurality of user interface control classes resulting in at least one selected class group and dynamically maps the at least one selected class group to a corresponding instance of user interface controls. The method further renders the search result and the corresponding instance into a faceted user interface, receives an input via the corresponding instance rendered into the faceted user interface, filters the search result based on the input to generate a filtered search result, and renders the filtered search result into the faceted search interface.
-
公开(公告)号:US09692794B2
公开(公告)日:2017-06-27
申请号:US14349697
申请日:2012-10-04
发明人: Stefan Liesche , Thomas Stober , Stefan Weigeldt , Martin Welsch
CPC分类号: H04L65/1073 , H04L67/025 , H04W4/70
摘要: The invention provides for a computer system, comprising a device register for creating and registering one or more device objects. At least one device object of the one or more device objects is configured for communicating with a network connector of a sensor appliance via a network connection. The device object is configured for exposing at least one parameter of the sensor appliance by declaring its capabilities. The computer system further comprises an aggregation model for aggregating the at least one parameter of the at least one device objects; a set of wiring definitions descriptive of raised events created by changes or updates in the at least one parameter; and a wiring broker for updating the aggregation model in accordance with the raised events.
-
公开(公告)号:US20150178049A1
公开(公告)日:2015-06-25
申请号:US14475637
申请日:2014-09-03
IPC分类号: G06F9/44
CPC分类号: G06F8/20 , G06F3/0481 , G06F8/34 , G06F9/451
摘要: In one embodiment, a method for interconnecting portlets is disclosed. A first view is displayed on a computing device, wherein the first view is associated with a software application in a first state and includes a first portlet. A first event is received from the first portlet. A state model for the software application is accessed, wherein the state model includes a plurality of transitions between states of the software application, and wherein one transition of the plurality of transitions is triggered to bring the software application into a second state based on a type of the first portlet and data associated with the type of the first portlet. The one transition is executed to bring the software application into the second state, and a second view is displayed, wherein the second view is associated with the software application in the second state.
摘要翻译: 在一个实施例中,公开了一种用于互连Portlet的方法。 在计算设备上显示第一视图,其中第一视图与处于第一状态的软件应用相关联并且包括第一portlet。 从第一个portlet收到第一个事件。 访问用于软件应用的状态模型,其中所述状态模型包括所述软件应用的状态之间的多个转换,并且其中触发所述多个转换的一个转换,以使软件应用基于类型 的第一个portlet和与第一个portlet的类型相关联的数据。 执行一个转换以使软件应用进入第二状态,并且显示第二视图,其中第二视图与处于第二状态的软件应用相关联。
-
公开(公告)号:US20230095755A1
公开(公告)日:2023-03-30
申请号:US17449036
申请日:2021-09-27
发明人: Florian Fritz , Timo Kussmaul , Dennis Zeisberg , Angel Nunez Mencias , Dimitrij Pankratz , Stefan Liesche , Sebastian Hense
摘要: A computer-implemented method for securely transferring a secret from a source computing component to a target computing component, wherein the source computing component and the target computing component are part of a secure computing environment is disclosed. The method comprises upon the source computing component receiving from the target computing component a signed attestation document, verifying, by the source computing component, an authenticity and content of the attestation document, and upon a successful verification of the authenticity and the content, transferring, by the source computing component the secret to the target computing system. Thereby, the attestation document is attesting that the target computing component is compliant to an update governance rule.
-
公开(公告)号:US20230079773A1
公开(公告)日:2023-03-16
申请号:US17472972
申请日:2021-09-13
发明人: Florian Fritz , Timo Kussmaul , Dennis Zeisberg , Angel Nunez Mencias , Dimitrij Pankratz , Stefan Liesche , Sebastian Hense
摘要: A computer-implemented method for building trusted executable software using trusted building units, wherein a path between the building units is untrusted, is disclosed. The method comprises generating, by each of the trusted building units, an identifier for identifying an output of the respective trusted building unit, wherein the respective trusted building unit also generates a signed confirmative certificate comprising the identifier. The method comprise as well utilizing, by each of the distributed trusted building units, output results of at least one of a predecessor build unit of the trusted building unit as input, validating that each of the signed confirmative certificates conforms to a predefined set of policy rules, and upon a failed validating of the signed confirmative certificate of one of the trusted building units, terminating the building of the trusted executable software.
-
公开(公告)号:US09372668B2
公开(公告)日:2016-06-21
申请号:US14475637
申请日:2014-09-03
IPC分类号: G06F3/00 , G06F9/44 , G06F3/0481
CPC分类号: G06F8/20 , G06F3/0481 , G06F8/34 , G06F9/451
摘要: In one embodiment, a method for interconnecting portlets is disclosed. A first view is displayed on a computing device, wherein the first view is associated with a software application in a first state and includes a first portlet. A first event is received from the first portlet. A state model for the software application is accessed, wherein the state model includes a plurality of transitions between states of the software application, and wherein one transition of the plurality of transitions is triggered to bring the software application into a second state based on a type of the first portlet and data associated with the type of the first portlet. The one transition is executed to bring the software application into the second state, and a second view is displayed, wherein the second view is associated with the software application in the second state.
-
-
-
-
-
-
-
-
-
搜索结果
21 条记录 (耗时 0.018 秒)
