利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

14 条记录 (耗时 0.019 秒)

    Autonomous memory checker for runtime security assurance and method therefore
    1.
    发明申请
    Autonomous memory checker for runtime security assurance and method therefore 有权
    因此,用于运行时安全保证和方法的自动内存检查器

    公开(公告)号:US20050193217A1

    公开(公告)日:2005-09-01

    申请号:US10791171

    申请日:2004-03-01

    申请人: Lawrence Case Mark Redman Thomas Tkacik Joel Feldman

    发明人: Lawrence Case Mark Redman Thomas Tkacik Joel Feldman

    IPC分类号: H04L9/32

    CPC分类号: G06F21/57 Y10S707/99939

    摘要: Methods and apparatus are provided for an electronic device having an autonomous memory checker for runtime security assurance. The autonomous memory checker comprises a controller, a memory reference file coupled to the controller, and an authentication engine coupled to the controller. A check is performed during runtime operation of the electronic device. The autonomous memory checker generates runtime reference values corresponding to trusted information stored in memory. The runtime reference values are compared against memory reference values stored in the memory reference file. The memory reference values are generated from the trusted information stored in memory. An error signal is generated when the runtime reference values are not identical to the memory reference values thereby indicating that the trusted information has been modified.

    摘要翻译: 为具有用于运行时安全保证的自主存储器检查器的电子设备提供了方法和装置。 自主存储器检查器包括控制器,耦合到控制器的存储器参考文件以及耦合到控制器的认证引擎。 在电子设备的运行时操作期间执行检查。 自主内存检查器生成对应于存储在存储器中的可信信息的运行时参考值。 将运行时引用值与存储在存储器引用文件中的存储器引用值进行比较。 存储器参考值是从存储在存储器中的可信信息生成的。 当运行时引用值与存储器引用值不相同时,产生错误信号,由此指示信任信息已被修改。

    Secure data access methods and apparatus
    5.
    发明授权
    Secure data access methods and apparatus 有权
    安全的数据访问方法和设备

    公开(公告)号:US08464069B2

    公开(公告)日:2013-06-11

    申请号:US11671271

    申请日:2007-02-05

    申请人: Lawrence L. Case Thomas Tkacik

    发明人: Lawrence L. Case Thomas Tkacik

    IPC分类号: H04L9/14

    CPC分类号: G06F12/1458

    摘要: Embodiments include systems and methods for securely accessing data in the context of a data transaction. A system may include a memory block, within which a memory partition may be allocated to the data transaction. The memory partition includes a data storage block and at least one binding register. The system also includes platform entities and an access control block, which determines whether a particular platform entity may access data within the data storage block, and whether a particular platform entity may write binding information into a binding register. Access also may be granted or denied based on the current state of a state machine associated with the data transaction. The system also includes a cipher/binding function adapted to encrypt the data, using the binding information, for storage on an unsecured memory device, and to decrypting encrypted data, using the binding information, which is retrieved from the unsecured memory device.

    摘要翻译: 实施例包括用于在数据事务的上下文中安全访问数据的系统和方法。 系统可以包括存储器块,在该存储器块内可以将存储器分区分配给数据事务。 存储器分区包括数据存储块和至少一个绑定寄存器。 该系统还包括平台实体和访问控制块,其确定特定平台实体是否可以访问数据存储块内的数据,以及特定平台实体是否可以将绑定信息写入绑定寄存器。 还可以基于与数据事务相关联的状态机的当前状态来授予或拒绝访问。 该系统还包括适于使用绑定信息加密数据,用于存储在不安全的存储器设备上的密码/绑定功能,以及使用从不安全的存储器件检索的绑定信息对加密的数据进行解密。

    Securing proprietary functions from scan access
    6.
    发明授权
    Securing proprietary functions from scan access 有权
    保护专有功能免受扫描访问

    公开(公告)号:US07975307B2

    公开(公告)日:2011-07-05

    申请号:US11851778

    申请日:2007-09-07

    申请人: Thomas Tkacik Amir Daneshbeh

    发明人: Thomas Tkacik Amir Daneshbeh

    IPC分类号: G06F7/04

    CPC分类号: G06F21/74 G06F21/556 G06F2221/2105

    摘要: An electronic device as described herein implements a scheme to secure a data mapping function from scan access. The protection scheme can be used as a security measure for proprietary lookup tables, secret constants, digitally implemented algorithms, and the like. The electronic device employs a reconfigurable data mapping arrangement that can be reconfigured for a normal operating mode and a scan testing mode. While in the normal operating mode, a normal data mapping arrangement generates valid output data in accordance with the data mapping function. While in the scanning mode, however, a scanning data mapping arrangement generates invalid but testable output data in accordance with a data masking function that conceals, hides, masks, or obfuscates the data mapping function. Using the data masking function in this manner protects the data mapping function against reverse engineering attacks that attempt to derive the data mapping function from scan testing results.

    摘要翻译: 如本文所述的电子设备实现了将数据映射功能从扫描访问中保护的方案。 保护方案可以用作专有查找表,秘密常数,数字实现的算法等的安全措施。 电子设备采用可重构的数据映射装置,其可以针对正常操作模式和扫描测试模式进行重新配置。 在正常操作模式下,正常的数据映射装置根据数据映射功能生成有效的输出数据。 然而,在扫描模式中,扫描数据映射装置根据隐藏,隐藏,掩蔽或模糊数据映射功能的数据屏蔽功能产生无效但可测试的输出数据。 以这种方式使用数据屏蔽功能可以保护数据映射功能,防止从扫描测试结果中导出数据映射功能的逆向工程攻击。

    Asymmetric cryptographic device with local private key generation and method therefor
    7.
    发明授权
    Asymmetric cryptographic device with local private key generation and method therefor 有权
    具有本地私钥生成的非对称加密设备及其方法

    公开(公告)号:US09111122B2

    公开(公告)日:2015-08-18

    申请号:US11772655

    申请日:2007-07-02

    申请人: Thomas Tkacik Amir K. Daneshbeh

    发明人: Thomas Tkacik Amir K. Daneshbeh

    IPC分类号: G06F21/77 H04L9/30 H04L9/14 H04L9/08 H04L29/06 G09C1/00 H04L9/06

    CPC分类号: G06F21/77 G09C1/00 H04L9/0662 H04L9/0825 H04L9/14 H04L9/302 H04L63/0442 H04L63/06 H04L2209/12 H04L2209/26

    摘要: An asymmetric cryptographic integrated circuit 20 and a data processing device 10 in which the integrated circuit 20 is used are disclosed. A security boundary 44 is confined to the interior of integrated circuit 20. A random number generator 50 with a hardware entropy source 54 and an arithmetic unit 62 programmed through microcode 38″ to perform a variety of cryptographically useful functions are included within security boundary 44. One of these functions is a primality tester 72. A controller 36 for integrated circuit 20 may cause cryptographically sensitive data, such as large random prime numbers and a clear private key to be generated within the confines of security boundary 44. A symmetric key encryption engine 56 is included within security boundary 44 and used to encrypt the clear private key so that a resulting encrypted private key may be stored outside security boundary 44 in a non-volatile memory 12.

    摘要翻译: 公开了一种使用集成电路20的非对称密码集成电路20和数据处理装置10。 安全边界44被限制在集成电路20的内部。具有硬件熵源54的随机数生成器50和通过微代码38“编程以执行各种加密有用的功能的算术单元62被包括在安全边界44内。 这些功能之一是原色测试器72.用于集成电路20的控制器36可以在安全边界44的范围内产生诸如大随机素数和清除私钥的密码敏感数据。对称密钥加密引擎 56被包括在安全边界44内并且用于加密清除私钥,使得所得到的加密私钥可以被存储在非易失性存储器12内的安全边界44之外。

    Apparatus and method of modifying hardware description language statements
    8.
    发明授权
    Apparatus and method of modifying hardware description language statements 失效
    修改硬件描述语言语句的装置和方法

    公开(公告)号:US5533179A

    公开(公告)日:1996-07-02

    申请号:US347665

    申请日:1994-12-01

    申请人: Kayhan Kucukcakar Rajesh Gupta Thomas Tkacik

    发明人: Kayhan Kucukcakar Rajesh Gupta Thomas Tkacik

    IPC分类号: G06F9/45 G06F17/50 G06F15/00

    CPC分类号: G06F8/425 G06F17/5045 G06F8/48

    摘要: An Hardware Description Language (HDL) description file (12) is updated without requiring complete re-assignment of all tokens associated with the HDL statements. The design information is maintained as attributes assigned to the tokens (14). The tokens map onto a block diagram (16). As part of an update to the HDL text file (34), the tokens are compared to see which ones if any have changed. The text lines are compared from left-to-right and right-to-left searching for changes in the text file and associated changes in token mapping (36, 38). All tokens inclusive between the left-most change and right-most change is considered to be different. New tokens are assigned and mapped into the block diagram for the HDL elements that change (40). The mapping of old tokens are removed from the block diagram (42). The mappings from token that did not change are maintained (44).

    摘要翻译: 更新硬件描述语言(HDL)描述文件(12),而不需要完全重新分配与HDL语句相关联的所有令牌。 设计信息作为分配给标记的属性(14)进行维护。 令牌映射到框图(16)。 作为HDL文本文件(34)的更新的一部分,将比较令牌以查看哪些更改。 文本行从左到右和从右到左进行比较,搜索文本文件中的更改和令牌映射中相关联的更改(36,38)。 最左边的变化和最右边的变化之间的所有令牌被认为是不同的。 新的令牌被分配并映射到更改(40)的HDL元素的框图中。 旧的令牌的映射从框图中删除(42)。 维持不变的令牌映射(44)。

    Method and apparatus for providing security in a data processing system
    9.
    发明申请
    Method and apparatus for providing security in a data processing system 有权
    用于在数据处理系统中提供安全性的方法和装置

    公开(公告)号:US20050278549A1

    公开(公告)日:2005-12-15

    申请号:US10865267

    申请日:2004-06-10

    申请人: Michael Torla Thomas Tkacik

    发明人: Michael Torla Thomas Tkacik

    IPC分类号: G06F11/30

    CPC分类号: G06F21/72

    摘要: One embodiment relates to a data processing system having a cryptographic unit. The cryptographic unit includes cryptographic circuitry which performs a first cryptographic function to provide security for a portion of the cryptographic unit, and which performs a second cryptographic function to provide security for a portion of the data processing system external to the cryptographic unit. The cryptographic unit may therefore operate in a normal operating mode and in a secure operating mode. During a first secure operating mode a first key is used to decrypt first security configuration information which includes a second key. During a second secure operating mode, the second key is used to decrypt second security configuration information. The cryptographic unit may include a secure internal memory such that during the secure operating modes, the cryptographic unit may only process descriptors provided from this secure internal memory.

    摘要翻译: 一个实施例涉及具有密码单元的数据处理系统。 该密码单元包括密码电路,该密码电路执行第一密码功能,为该密码单元的一部分提供安全性,并且执行第二密码功能,以便为密码单元外部的数据处理系统的一部分提供安全性。 因此,加密单元可以在正常操作模式和安全操作模式下操作。 在第一安全操作模式期间,第一密钥用于解密包括第二密钥的第一安全配置信息。 在第二安全操作模式期间,第二密钥用于解密第二安全配置信息。 加密单元可以包括安全内部存储器,使得在安全操作模式期间,密码单元可以仅处理从该安全内部存储器提供的描述符。

    Method of graphically displaying and manipulating clock-based scheduling of HDL statements
    10.
    发明授权
    Method of graphically displaying and manipulating clock-based scheduling of HDL statements 失效
    图形显示和操纵HDL语句基于时钟的调度的方法

    公开(公告)号:US5600567A

    公开(公告)日:1997-02-04

    申请号:US333656

    申请日:1994-11-03

    申请人: Kayhan Kucukcakar Rajesh Gupta Thomas Tkacik

    发明人: Kayhan Kucukcakar Rajesh Gupta Thomas Tkacik

    IPC分类号: G06F17/50 G06F15/00

    CPC分类号: G06F17/5045

    摘要: A scheduling editor graphically displays an algorithmic description and associated scheduling data (14) on a computer terminal (20) to provide a visual representation of the present clock-based timing and scheduling criteria assigned to the algorithmic description. The graphical display and update of scheduling data is performed by software on a computer system. The software allows the algorithmic description to be modified in a user friendly graphical format to edit the timing and scheduling data before the actual circuit schematic is generated. The design database includes control parameters such as selection of clock signal, execution phase of the selected clock, scheduling type, synchronization type, and concurrent operation that dictate how the scheduling is implemented. The software receives new control parameters selected by the designer via the graphic interface and updates the design database accordingly (16). The update alters values in the design database (18) to reflect the present scheduling information.

    摘要翻译: 调度编辑器在计算机终端(20)上图形地显示算法描述和相关联的调度数据(14),以提供分配给算法描述的当前基于时钟的定时和调度标准的可视表示。 调度数据的图形显示和更新由计算机系统上的软件执行。 该软件允许以用户友好的图形格式修改算法描述,以在生成实际电路原理图之前编辑定时和调度数据。 设计数据库包括控制参数,例如时钟信号的选择,所选时钟的执行阶段,调度类型,同步类型以及规定调度如何实现的并发操作。 该软件通过图形界面接收设计者选择的新的控制参数,并相应更新设计数据库(16)。 该更新更改设计数据库(18)中的值以反映当前的调度信息。