-
公开(公告)号:US20060005230A1
公开(公告)日:2006-01-05
申请号:US11206585
申请日:2005-08-18
申请人: Paul England , Marcus Peinado , Daniel Simon , Josh Benaloh
发明人: Paul England , Marcus Peinado , Daniel Simon , Josh Benaloh
IPC分类号: G06F17/00
摘要: Manifest-based trusted agent management in a trusted operating system environment includes receiving a request to execute a process is received and setting up a virtual memory space for the process. Additionally, a manifest corresponding to the process is accessed, and which of a plurality of binaries can be executed in the virtual memory space is limited based on indicators, of the binaries, that are included in the manifest.
-
公开(公告)号:US20050278530A1
公开(公告)日:2005-12-15
申请号:US11206519
申请日:2005-08-18
申请人: Paul England , Marcus Peinado , Daniel Simon , Josh Benaloh
发明人: Paul England , Marcus Peinado , Daniel Simon , Josh Benaloh
摘要: Manifest-based trusted agent management in a trusted operating system environment includes receiving a request to execute a process is received and setting up a virtual memory space for the process. Additionally, a manifest corresponding to the process is accessed, and which of a plurality of binaries can be executed in the virtual memory space is limited based on indicators, of the binaries, that are included in the manifest.
-
3.发明申请Manifest-based trusted agent management in a trusted operating system environment 审中-公开在受信任的操作系统环境中进行基于清单的可信代理管理公开(公告)号:US20050278477A1
公开(公告)日:2005-12-15
申请号:US11207081
申请日:2005-08-18
申请人: Paul England , Marcus Peinado , Daniel Simon , Josh Benaloh
发明人: Paul England , Marcus Peinado , Daniel Simon , Josh Benaloh
摘要: Manifest-based trusted agent management in a trusted operating system environment includes receiving a request to execute a process is received and setting up a virtual memory space for the process. Additionally, a manifest corresponding to the process is accessed, and which of a plurality of binaries can be executed in the virtual memory space is limited based on indicators, of the binaries, that are included in the manifest.
摘要翻译: 在受信任的操作系统环境中的基于清单的可信代理管理包括接收接收到的执行进程的请求,并为进程设置虚拟内存空间。 此外,访问对应于进程的清单,并且可以基于二进制文件中包括在清单中的指示符限制在虚拟存储器空间中执行多个二进制文件中的哪一个。
-
公开(公告)号:US20050278531A1
公开(公告)日:2005-12-15
申请号:US11206579
申请日:2005-08-18
申请人: Paul England , Marcus Peinado , Daniel Simon , Josh Benaloh
发明人: Paul England , Marcus Peinado , Daniel Simon , Josh Benaloh
摘要: Manifest-based trusted agent management in a trusted operating system environment includes receiving a request to execute a process is received and setting up a virtual memory space for the process. Additionally, a manifest corresponding to the process is accessed, and which of a plurality of binaries can be executed in the virtual memory space is limited based on indicators, of the binaries, that are included in the manifest.
-
5.发明申请Manifest-Based Trusted Agent Management in a Trusted Operating System Environment 审中-公开受信任的操作系统环境中基于显示的可信代理管理公开(公告)号:US20070174921A1
公开(公告)日:2007-07-26
申请号:US11558125
申请日:2006-11-09
申请人: Paul England , Marcus Peinado , Daniel Simon , Josh Benaloh
发明人: Paul England , Marcus Peinado , Daniel Simon , Josh Benaloh
IPC分类号: H04L9/32
摘要: Manifest-based trusted agent management in a trusted operating system environment includes receiving a request to execute a process is received and setting up a virtual memory space for the process. Additionally, a manifest corresponding to the process is accessed, and which of a plurality of binaries can be executed in the virtual memory space is limited based on indicators, of the binaries, that are included in the manifest.
摘要翻译: 在受信任的操作系统环境中的基于清单的可信代理管理包括接收接收到的执行进程的请求,并为进程设置虚拟内存空间。 此外,访问对应于进程的清单,并且可以基于二进制文件中包括在清单中的指示符限制在虚拟存储器空间中执行多个二进制文件中的哪一个。
-
公开(公告)号:US20050289351A1
公开(公告)日:2005-12-29
申请号:US11206578
申请日:2005-08-18
申请人: Paul England , Marcus Peinado , Daniel Simon , Josh Benaloh
发明人: Paul England , Marcus Peinado , Daniel Simon , Josh Benaloh
摘要: Manifest-based trusted agent management in a trusted operating system environment includes receiving a request to execute a process is received and setting up a virtual memory space for the process. Additionally, a manifest corresponding to the process is accessed, and which of a plurality of binaries can be executed in the virtual memory space is limited based on indicators, of the binaries, that are included in the manifest.
-
公开(公告)号:US20050144448A1
公开(公告)日:2005-06-30
申请号:US11068007
申请日:2005-02-28
申请人: Paul England , Marcus Peinado , Daniel Simon , Josh Benaloh
发明人: Paul England , Marcus Peinado , Daniel Simon , Josh Benaloh
CPC分类号: G06F21/57 , G06F21/606
摘要: Transferring application secrets in a trusted operating system environment involves receiving a request to transfer application data from a source computing device to a destination computing device. A check is made as to whether the application data can be transferred to the destination computing device, and if so, whether the application data can be transferred under control of the user or a third party. If these checks succeed, a check is also made as to whether the destination computing device is a trustworthy device running known trustworthy software. Input is also received from the appropriate one of the user or third party to control transferring of the application data to the destination computing device. Furthermore, application data is stored on the source computing device in a manner that facilitates determining whether the application data can be transferred, and that facilitates transferring the application data if it can be transferred.
-
8.发明申请公开(公告)号:US20050144447A1
公开(公告)日:2005-06-30
申请号:US11068006
申请日:2005-02-28
申请人: Paul England , Marcus Peinado , Daniel Simon , Josh Benaloh
发明人: Paul England , Marcus Peinado , Daniel Simon , Josh Benaloh
CPC分类号: G06F21/57 , G06F21/606
摘要: Transferring application secrets in a trusted operating system environment involves receiving a request to transfer application data from a source computing device to a destination computing device. A check is made as to whether the application data can be transferred to the destination computing device, and if so, whether the application data can be transferred under control of the user or a third party. If these checks succeed, a check is also made as to whether the destination computing device is a trustworthy device running known trustworthy software. Input is also received from the appropriate one of the user or third party to control transferring of the application data to the destination computing device. Furthermore, application data is stored on the source computing device in a manner that facilitates determining whether the application data can be transferred, and that facilitates transferring the application data if it can be transferred.
摘要翻译: 在受信任的操作系统环境中传送应用程序秘密涉及接收将应用数据从源计算设备传送到目的地计算设备的请求。 检查应用数据是否可以传送到目的地计算设备,如果是,可以在用户或第三方的控制下传送应用数据。 如果这些检查成功,还要检查目的地计算设备是否是运行已知可靠软件的值得信赖的设备。 还从适当的用户或第三方接收输入以控制将应用数据传送到目的地计算设备。 此外,应用数据以便于确定是否可以传送应用数据的方式存储在源计算设备上,并且如果可以传送应用数据便于传送应用数据。
-
公开(公告)号:US07243237B2
公开(公告)日:2007-07-10
申请号:US10428675
申请日:2003-05-02
申请人: Marcus Peinado , Josh Benaloh
发明人: Marcus Peinado , Josh Benaloh
IPC分类号: H04L9/00
CPC分类号: G06F21/83 , G06F2221/2107
摘要: Secure communication between a keyboard and a component, such as a piece of software running on a computer. A first initial value is known to both the keyboard and the component. The keyboard and the component exchange nonces. The keyboard and the component each compute a second initial value and a third initial value based on the nonces and the first initial value. Both the keyboard and the component perform the same computation, so that the keyboard and the component each have the same second and third initial values. The keyboard encrypts keystrokes destined for the component using CBC-3DES based on the key and the second initial value, and also creates a message authentication code for each keystroke using CBC-3DESMAC based on the key and the third initial value. The component decrypts and verifies the keystrokes using the key and the second and third initial values.
摘要翻译: 确保键盘和组件之间的通信,例如在计算机上运行的软件。 键盘和组件都知道第一个初始值。 键盘和组件交换随机数。 键盘和组件各自基于随机数和第一初始值来计算第二初始值和第三初始值。 键盘和组件都执行相同的计算,因此键盘和组件各具有相同的第二和第三初始值。 键盘使用基于密钥和第二初始值的CBC-3DES加密发往组件的击键,并且还使用基于密钥和第三初始值的CBC-3DESMAC为每个击键创建消息认证码。 组件使用密钥和第二和第三初始值解密和验证击键。
-
10.发明申请Verifying human interaction to a computer entity by way of a trusted component on a computing device or the like 审中-公开通过计算设备等上的受信任的组件验证与计算机实体的人际交互公开(公告)号:US20050278253A1
公开(公告)日:2005-12-15
申请号:US10868116
申请日:2004-06-15
CPC分类号: G06F21/31
摘要: A method describes user interaction in combination with sending a send item from an application of a computing device to a recipient. The computing device has an attestation unit thereon for attesting to trustworthiness. The application facilitates a user in constructing the send item, and pre-determined indicia are monitored that can be employed to detect that the user is in fact expending effort to construct the send item. The attestation unit authenticates the application to impart trust thereto, and upon the user commanding the application to send, a send attestation is constructed to accompany the send item. The send attestation is based on the monitored indicia and the authentication of the application and thereby describes the user interaction. The constructed send attestation is packaged with the constructed send item and the package is sent to the recipient.
摘要翻译: 一种方法描述了将发送项目从计算设备的应用发送到接收者的用户交互。 计算设备在其上具有用于证明可信赖性的证明单元。 应用程序便于用户构建发送项目,并且监视可以用于检测用户事实上花费构建发送项目的努力的预定标记。 认证单元认证应用程序以赋予其信任,并且在用户命令应用发送时,构造发送认证以伴随发送项目。 发送证明是基于监控的标记和应用的认证,从而描述用户交互。 构建的发送证明与构建的发送项目一起打包,并将包发送给收件人。
-
-
-
-
-
-
-
-
-
搜索结果
159 条记录 (耗时 0.035 秒)
