摘要:
An anti-cheating system may comprise a combination of a modified environment, such as a modified operating system, in conjunction with a trusted external entity to verify that the modified environment is running on a particular device. The modified environment may be may be modified in a particular manner to create a restricted environment as compared with an original environment which is replaced by the modified environment. The modifications to the modified environment may comprise alternations to the original environment to, for example, detect and/or prevent changes to the hardware and/or software intended to allow cheating or undesirable user behavior.
摘要:
An anti-cheating system may comprise a combination of a modified environment, such as a modified operating system, in conjunction with a trusted external entity to verify that the modified environment is running on a particular device. The modified environment may be may be modified in a particular manner to create a restricted environment as compared with an original environment which is replaced by the modified environment. The modifications to the modified environment may comprise alternations to the original environment to, for example, detect and/or prevent changes to the hardware and/or software intended to allow cheating or undesirable user behavior.
摘要:
Tools and techniques for securely launching encrypted operating systems are described herein. The tools may provide computing systems that include operating systems (OSs) that define boot paths for the systems. This boot path may include first and second OS loader components. The first loader may include instructions for retrieving a list of disk sectors from a first store, and for retrieving these specified sectors from an encrypted second store. The first loader may also store the sectors in a third store that is accessible to both the first and the second loader components, and may invoke the second loader to try launching the OS using these sectors. In turn, the second loader may include instructions for retrieving these sectors from the third store, and for unsealing a key for decrypting these sectors. The second loader may then decrypt these sectors, and attempt to launch the OS from these sectors.
摘要:
Tools and techniques for securely launching encrypted operating systems are described herein. The tools may provide computing systems that include operating systems (OSs) that define boot paths for the systems. This boot path may include first and second OS loader components. The first loader may include instructions for retrieving a list of disk sectors from a first store, and for retrieving these specified sectors from an encrypted second store. The first loader may also store the sectors in a third store that is accessible to both the first and the second loader components, and may invoke the second loader to try launching the OS using these sectors. In turn, the second loader may include instructions for retrieving these sectors from the third store, and for unsealing a key for decrypting these sectors. The second loader may then decrypt these sectors, and attempt to launch the OS from these sectors.
摘要:
Bifurcated processes, in which a shadow process in a first environment is controlling thread scheduling for a trusted agent in a second, high assurance environment, can be debugged via a two-phase initialization of the debugger. In the first phase, initial set up is accomplished for the trusted agent, but no shadow process will schedule execution for any thread of the trusted agent. The debugger will then be attached. In a second phase, the shadow process will begin scheduling threads for the trusted agent. In order to allow the debugger access to the process memory of the trusted agent or to set or get information regarding a particular thread of the trusted agent, a thread which is either a thread belonging to the trusted agent or belonging to the second execution environment and matched with the trusted agent is used. This admin thread is used to perform the work of retrieving process memory and information regarding threads of the trusted agent, allowing such information from the high assurance environment to be found and used in the debugger in the first execution environment.
摘要:
Computer systems and environments implemented herein permit a local machine increased participation in authorizing access to protected content. An operating system attests to a computing environment at a corresponding computer system. If the computing environment is one permitted to access protected content, the operating system is permitted to regulate further (e.g., application) access to protected content in accordance with a procreation policy. As such, authorization decisions are partially distributed, easing the resource burden on a content protection server. Accordingly, this computing environment can facilitate more robust and efficient authorization decisions when access to protected content is requested.
摘要:
The present invention extends to methods, systems, and computer program products for protecting content. Embodiments of the invention permit a local machine increased participation in authorizing access to protected content. An operating system attests to a computing environment at a corresponding computer system. If the computing environment is one permitted to access protected content, the operating system is permitted to regulate further (e.g., application) access to protected content in accordance with a procreation policy. As such, authorization decisions are partially distributed, easing the resource burden on a content protection server. Accordingly, embodiments of the invention can facilitate more robust and efficient authorization decisions when access to protected content is requested.
摘要:
A system and method are provided, whereby data that is easily re-created is separated from data that is not easily re-created, such that the easily re-created data can be disposed of based on a variety of events and the not easily re-created data can be kept in its original state. In one aspect of the invention, such easily re-created data is disposed of based on a “panic button” being pushed by a computer system user, such as when a user becomes aware that some malware has infected the computer system. In other aspects of the invention, such data is disposed of every time the computer system boots up, or detects via its anti-virus program that some malware is present. In other aspects of the invention, the easily re-created data can be rolled back or rolled forward without affecting the non-easily re-created data.
摘要:
Various embodiments of the present invention are directed to augmented interrupt controllers (AICs) and to synthetic interrupt sources (SISs) providing richer interrupt information (or “synthetic interrupts” or “SIs”). The AIC and SIS provide efficient means for sending and receiving interrupts, and particularly interrupts sent to and received by virtual machines. Several of these embodiments are specifically directed to an interrupt controller that is extended to accept and deliver additional information associated with an incoming interrupt. For certain such embodiments, a memory-mapped extension to the interrupt controller includes a data structure that is populated with the additional information as part of the interrupt delivery. Although several of the embodiments described herein are disclosed in the context of a virtual machine system, the inventions disclosed herein can also be applied to traditional computer systems (without a virtualization layer) as well.
摘要:
Systems and methods are provided, whereby partitions may become enlightened and discover the presence of a hypervisor. Several techniques of hypervisor discovery are discussed, such as detecting the presence of virtual processor registers (e.g. model specific registers or special-purpose registers) or the presence of virtual hardware devices. Upon discovery, information (code and/or data) may be injected in a partition by the hypervisor, whereby such injection allows the partition to call the hypervisor. Moreover, the hypervisor may present a versioning mechanism that allows the partition to match up the version of the hypervisor to its virtual devices. Next, once code and/or data is injected, calling conventions are established that allow the partition and the hypervisor to communicate, so that the hypervisor may perform some operations on behalf of the partition. Four exemplary calling conventions are considered: restartable instructions, a looping mechanism, shared memory transport, and synchronous or asynchronous processed packets. Last, cancellation mechanisms are considered, whereby partition requests may be cancelled.