-
1.发明申请公开(公告)号:US20160283714A1
公开(公告)日:2016-09-29
申请号:US14670988
申请日:2015-03-27
申请人: Michael LeMay , Ravi L. Sahita , Beeman C. Strong , Thilo Schmitt , Yuriy Bulygin , Markus T. Metzger
发明人: Michael LeMay , Ravi L. Sahita , Beeman C. Strong , Thilo Schmitt , Yuriy Bulygin , Markus T. Metzger
摘要: Technologies for control flow exploit mitigation include a computing device having a processor with real-time instruction tracing support. During execution of a process, the processor generates trace data indicative of control flow of the process. The computing device analyzes the trace data to identify suspected control flow exploits. The computing device may use heuristic algorithms to identify return-oriented programming exploits. The computing device may maintain a shadow stack based on the trace data. The computing device may identify indirect branches to unauthorized addresses based on the trace data to identify jump-oriented programming exploits. The computing device may check the trace data whenever the process is preempted. The processor may detect mispredicted return instructions in real time and invoke a software handler in the process space of the process to verify and maintain the shadow stack. Other embodiments are described and claimed.
摘要翻译: 用于控制流利用减轻的技术包括具有具有实时指令跟踪支持的处理器的计算设备。 在处理过程中,处理器产生指示过程控制流的跟踪数据。 计算设备分析跟踪数据以识别可疑的控制流攻击。 计算设备可以使用启发式算法来识别返回导向的编程漏洞。 计算设备可以基于跟踪数据来维护阴影栈。 计算设备可以基于跟踪数据来识别对未授权地址的间接分支,以识别面向跳跃的编程漏洞。 每当进程被抢占时,计算设备可以检查跟踪数据。 处理器可以实时地检测错误的返回指令,并且在该过程的过程空间中调用软件处理程序以验证和维护该影子栈。 描述和要求保护其他实施例。
-
公开(公告)号:US20160179665A1
公开(公告)日:2016-06-23
申请号:US14581730
申请日:2014-12-23
CPC分类号: G06F12/08 , G06F9/45558 , G06F12/1009 , G06F12/1491 , G06F21/79 , G06F2009/45583 , G06F2009/45591 , G06F2212/151 , G06F2212/657
摘要: Generally, this disclosure provides systems, devices, methods and computer readable media for controlled memory view switching. The system may include a memory module comprising a shared address space between a first memory view and a second memory view. The system may also include a virtual machine monitor (VMM) to maintain a list of Controlled View Switch (CVS) descriptors. The system may further include a processor to receive a memory view switch request and to execute an instruction to save processor state information and switch from the first memory view to the second memory view, wherein the second memory view is specified by an extended page table pointer (EPTP) provided by one of the CVS descriptors.
摘要翻译: 通常,本公开提供了用于受控存储器视图切换的系统,设备,方法和计算机可读介质。 该系统可以包括存储器模块,该存储器模块包括第一存储器视图和第二存储器视图之间的共享地址空间。 该系统还可以包括维护受控视图切换(CVS)描述符的列表的虚拟机监视器(VMM)。 该系统还可以包括处理器,用于接收存储器视图切换请求并且执行用于保存处理器状态信息并从第一存储器视图切换到第二存储器视图的指令,其中第二存储器视图由扩展页表指针 (EPTP)由其中一个CVS描述符提供。
-
公开(公告)号:US20140157349A1
公开(公告)日:2014-06-05
申请号:US13690666
申请日:2012-11-30
申请人: Scott H. Robinson , Jason Martin , Howard C. Herbert , Michael LeMay , Karanvir Ken S. Grewal , Keith L. Shippy , Geoffrey Strongin
发明人: Scott H. Robinson , Jason Martin , Howard C. Herbert , Michael LeMay , Karanvir Ken S. Grewal , Keith L. Shippy , Geoffrey Strongin
IPC分类号: H04L29/06
CPC分类号: H04L63/20 , G06K9/00228 , H04L63/105 , H04L67/24
摘要: Sensor data may be filtered in a secure environment. The filtering may limit distribution of the sensor data. Filtering may modify the sensor data, for example, to prevent identification of a person depicted in a captured image or to prevent acquiring a user's precise location. Filtering may also add or require other data use controls to access the data. Attestation that a filter policy is being applied and working properly or not may be provided as well.
摘要翻译: 传感器数据可能会在安全的环境中进行过滤。 滤波可能会限制传感器数据的分布。 过滤可以修改传感器数据,例如,以防止识别拍摄图像中描绘的人,或阻止获取用户的精确位置。 过滤还可以添加或要求其他数据使用控制来访问数据。 也可以提供过滤器策略正在应用和正常工作的证明。
-
公开(公告)号:US20050198170A1
公开(公告)日:2005-09-08
申请号:US11009399
申请日:2004-12-10
申请人: Michael LeMay , Jack Tan
发明人: Michael LeMay , Jack Tan
IPC分类号: G06F15/16
CPC分类号: H04L63/045 , H04L51/00 , H04L63/126
摘要: An electronic message transport protocol applies two distinct sub-protocols, a message transport protocol and an encryption key management protocol, which operate in tandem to provide enhanced security. The protocol may employ an existing SMTP infrastructure to transport secure email messages, and a key server implementing the key management protocol to transport key packets associated with the secure email message. However, the protocol need not be limited to email, and may be applicable to other electronic message applications. The message transport protocol permits communicating parties to obscure their identities to enhance security. The key management protocol supports message security, and allows senders to control access to messages even after they have been transmitted. The message transport protocol permits the sender to encrypt the entire message and utilizes the key management protocol for exchange of necessary keys. The message transport protocol relies on a group addressing scheme to obscure individual sender and recipient identities.
摘要翻译: 电子消息传输协议应用两个不同的子协议,即消息传输协议和加密密钥管理协议,其一起工作以提供增强的安全性。 该协议可以使用现有的SMTP基础设施来传输安全电子邮件消息,以及实施密钥管理协议的密钥服务器来传送与安全电子邮件消息相关联的密钥包。 然而,该协议不限于电子邮件,并且可以适用于其他电子消息应用。 消息传输协议允许通信方掩盖其身份以增强安全性。 密钥管理协议支持消息安全性,并且允许发送者控制对消息的访问,即使它们已经被发送。 消息传输协议允许发送方加密整个消息,并利用密钥管理协议来交换必要的密钥。 消息传输协议依赖于组寻址方案来模糊个体发送者和接收者身份。
-
公开(公告)号:US20160092673A1
公开(公告)日:2016-03-31
申请号:US14498075
申请日:2014-09-26
申请人: Michael LeMay , Barry E. Huntley
发明人: Michael LeMay , Barry E. Huntley
CPC分类号: G06F21/52 , G06F8/30 , G06F8/31 , G06F9/4484 , G06F9/45533 , G06F9/45558 , G06F11/3419 , G06F21/56 , G06F2009/45587
摘要: Technologies for shadow stack support for legacy guests include a computing device having a processor with shadow stack support. During execution of a call instruction, the processor determines whether a legacy stack pointer is within bounds and generates a virtual machine exit if the legacy stack pointer is out-of-bounds. If not out-of-bounds, the processor pushes a return address onto the legacy stack and onto a shadow stack protected by a hypervisor. During execution of a return instruction, the processor determines whether top return addresses of the legacy stack and the shadow stack match, and generates a virtual machine exit if the return addresses do not match. If the return addresses match, the processor pops the return addresses off of the legacy stack and off of the shadow stack. The stack out-of-bounds and the stack mismatch virtual machine exits may be handled by the hypervisor. Other embodiments are described and claimed.
摘要翻译: 用于传统客户端的影子堆栈支持技术包括具有处理器的计算设备,该处理器具有阴影栈支持。 在执行调用指令期间,处理器确定传统堆栈指针是否在边界内,如果传统堆栈指针超出边界,则会生成虚拟机退出。 如果不是超出范围,处理器将返回地址推送到传统堆栈上,并将其保存到由管理程序保护的影子堆栈上。 在执行返回指令期间,处理器确定传统堆栈和影子堆叠的顶部返回地址是否匹配,并且如果返回地址不匹配则生成虚拟机退出。 如果返回地址匹配,处理器会将返回地址从传统堆栈中弹出并离开阴影栈。 虚拟机管理程序可以处理堆栈超出范围和堆栈不匹配的虚拟机退出。 描述和要求保护其他实施例。
-
公开(公告)号:US20160170769A1
公开(公告)日:2016-06-16
申请号:US14570507
申请日:2014-12-15
申请人: Michael LeMay
发明人: Michael LeMay
CPC分类号: G06F9/3863 , G06F9/30043 , G06F9/30054 , G06F9/322 , G06F9/35 , G06F12/12 , G06F12/1408 , G06F21/566 , G06F2212/1052 , G06F2212/70 , H04L9/0861
摘要: Technologies for indirect branch target security include a computing device having a processor to execute an indirect branch instruction. The processor may determine an indirect branch target of the indirect branch instruction, load a memory tag associated with the indirect branch target, and determine whether the memory tag is set. The processor may generate a security fault if the memory tag is not set. The processor may load an encrypted indirect branch target, decrypt the encrypted branch target using an activation record key stored in an activation key register, and perform a jump to the indirect branch target. The processor may generate a next activation record coordinate as a function of the activation record key and a return address of a call instruction and generate the next activation record key as a function of the next activation record coordinate. Other embodiments are described and claimed.
摘要翻译: 用于间接分支目标安全性的技术包括具有执行间接分支指令的处理器的计算设备。 处理器可以确定间接分支指令的间接分支目标,加载与间接分支目标相关联的存储器标签,并确定是否设置了存储器标签。 如果内存标签未设置,则处理器可能会产生安全故障。 处理器可以加载加密的间接分支目标,使用存储在激活密钥寄存器中的激活记录密钥解密加密的分支目标,并执行到间接分支目标的跳转。 处理器可以根据激活记录密钥和呼叫指令的返回地址生成下一个激活记录坐标,并根据下一个激活记录坐标生成下一个激活记录密钥。 描述和要求保护其他实施例。
-
7.发明申请公开(公告)号:US20220382885A1
公开(公告)日:2022-12-01
申请号:US17878322
申请日:2022-08-01
IPC分类号: G06F21/60 , G06F12/0897 , G06F9/30 , G06F9/48 , G06F21/72 , H04L9/06 , G06F12/06 , G06F12/0875 , G06F21/79 , G06F9/455 , G06F12/0811 , G06F21/12 , H04L9/08 , G06F12/14 , G06F9/32 , G06F9/50 , G06F12/02 , H04L9/14 , G06F21/62
摘要: Technologies disclosed herein provide cryptographic computing with cryptographically encoded pointers in multi-tenant environments. An example method comprises executing, by a trusted runtime, first instructions to generate a first address key for a private memory region in the memory and generate a first cryptographically encoded pointer to the private memory region in the memory. Generating the first cryptographically encoded pointer includes storing first context information associated with the private memory region in first bits of the first cryptographically encoded pointer and performing a cryptographic algorithm on a slice of a first linear address of the private memory region based, at least in part, on the first address key and a first tweak, the first tweak including the first context information. The method further includes permitting a first tenant in the multi-tenant environment to access the first address key and the first cryptographically encoded pointer to the private memory region.
-
公开(公告)号:US20180096136A1
公开(公告)日:2018-04-05
申请号:US15283317
申请日:2016-10-01
申请人: Michael LeMay , Barry E. Huntley , Ravi Sahita
发明人: Michael LeMay , Barry E. Huntley , Ravi Sahita
CPC分类号: G06F21/53 , G06F9/5016 , G06F21/121 , G06F21/74 , G06F2221/2113
摘要: Technologies for memory management with memory protection extension include a computing device having a processor with one or more protection extensions. The processor may load a logical address including a segment base, effective limit, and effective address and generate a linear address as a function of the logical address with the effective limit as a mask. The processor may switch to a new task described by a task state segment extension. The task state extension may specify a low-latency segmentation mode. The processor may prohibit access to a descriptor in a local descriptor table with a descriptor privilege level lower than the current privilege level of the processor. The computing device may load a secure enclave using secure enclave support of the processor. The secure enclave may load an unsandbox and a sandboxed application in a user privilege level of the processor. Other embodiments are described and claimed.
-
公开(公告)号:US07774411B2
公开(公告)日:2010-08-10
申请号:US11009399
申请日:2004-12-10
申请人: Michael LeMay , Jack Tan
发明人: Michael LeMay , Jack Tan
IPC分类号: G06F15/16
CPC分类号: H04L63/045 , H04L51/00 , H04L63/126
摘要: An electronic message transport protocol applies two distinct sub-protocols, a message transport protocol and an encryption key management protocol, which operate in tandem to provide enhanced security. The protocol may employ an existing SMTP infrastructure to transport secure email messages, and a key server implementing the key management protocol to transport key packets associated with the secure email message. However, the protocol need not be limited to email, and may be applicable to other electronic message applications. The message transport protocol permits communicating parties to obscure their identities to enhance security. The key management protocol supports message security, and allows senders to control access to messages even after they have been transmitted. The message transport protocol permits the sender to encrypt the entire message and utilizes the key management protocol for exchange of necessary keys. The message transport protocol relies on a group addressing scheme to obscure individual sender and recipient identities.
摘要翻译: 电子消息传输协议应用两个不同的子协议,即消息传输协议和加密密钥管理协议,其一起工作以提供增强的安全性。 该协议可以使用现有的SMTP基础设施来传输安全电子邮件消息,以及实施密钥管理协议的密钥服务器来传送与安全电子邮件消息相关联的密钥包。 然而,该协议不限于电子邮件,并且可以适用于其他电子消息应用。 消息传输协议允许通信方掩盖其身份以增强安全性。 密钥管理协议支持消息安全性,并且允许发送者控制对消息的访问,即使它们已经被发送。 消息传输协议允许发送方加密整个消息,并利用密钥管理协议来交换必要的密钥。 消息传输协议依赖于组寻址方案来模糊个体发送者和接收者身份。
-
-
-
-
-
-
-
-
搜索结果
9 条记录 (耗时 0.039 秒)