-
1.发明申请INFORMATION PROCESSING APPARATUS, METHOD, AND PROGRAM FOR CONTROLLING RESOURCE ACCESS BY APPLICATION PROGRAM 失效信息处理设备,方法和程序,用于通过应用程序控制资源访问公开(公告)号:US20080163242A1
公开(公告)日:2008-07-03
申请号:US11954144
申请日:2007-12-11
IPC分类号: G06F9/00
CPC分类号: G06F21/6218 , G06F21/554
摘要: A method executed in an information processing apparatus for controlling resource access by an application program running on the information processing apparatus is provided. A change in connection statuses or operating statuses of a device connected to the information processing apparatus is first detected. In response to the detection, a resource access condition to be applied to the information processing apparatus is selected based on certain criterion. The selected resource access condition is stored in a condition storage unit. Then, in response to capture of a function call for resource access issued to an operating system by the application program, the resource access condition is read from the condition storage unit, and it is determined on the basis of the resource access condition whether the captured function call is allowed. If it is determined that the captured function call is not allowed, the function call is rejected.
摘要翻译: 提供了一种在信息处理设备中执行的方法,用于控制由信息处理设备上运行的应用程序的资源访问。 首先检测连接到信息处理设备的设备的连接状态或操作状态的变化。 响应于该检测,基于一定的标准来选择要应用于信息处理设备的资源访问条件。 所选择的资源访问条件存储在条件存储单元中。 然后,响应于由应用程序捕获对操作系统发送的资源访问的功能调用,从条件存储单元读取资源访问条件,并且根据资源访问条件确定是否捕获了 函数调用是允许的。 如果确定不允许捕获的功能调用,则拒绝该函数调用。
-
2.发明授权Information processing apparatus, method, and program for controlling resource access by application program 失效用于通过应用程序控制资源访问的信息处理装置,方法和程序公开(公告)号:US07996854B2
公开(公告)日:2011-08-09
申请号:US11954144
申请日:2007-12-11
IPC分类号: G06F13/00
CPC分类号: G06F21/6218 , G06F21/554
摘要: A method executed in an information processing apparatus for controlling resource access by an application program running on the information processing apparatus is provided. A change in connection statuses or operating statuses of a device connected to the information processing apparatus is first detected. In response to the detection, a resource access condition to be applied to the information processing apparatus is selected based on certain criterion. The selected resource access condition is stored in a condition storage unit. Then, in response to capture of a function call for resource access issued to an operating system by the application program, the resource access condition is read from the condition storage unit, and it is determined on the basis of the resource access condition whether the captured function call is allowed. If it is determined that the captured function call is not allowed, the function call is rejected.
摘要翻译: 提供了一种在信息处理设备中执行的方法,用于控制由信息处理设备上运行的应用程序的资源访问。 首先检测连接到信息处理设备的设备的连接状态或操作状态的变化。 响应于该检测,基于一定的标准来选择要应用于信息处理设备的资源访问条件。 所选择的资源访问条件存储在条件存储单元中。 然后,响应于由应用程序捕获对操作系统发送的资源访问的功能调用,从条件存储单元读取资源访问条件,并且根据资源访问条件确定是否捕获了 函数调用是允许的。 如果确定不允许捕获的功能调用,则拒绝该函数调用。
-
公开(公告)号:US09582649B2
公开(公告)日:2017-02-28
申请号:US13529674
申请日:2012-06-21
申请人: Sanehiro Furuichi , Yasuhide Niimura , Masami Tada
发明人: Sanehiro Furuichi , Yasuhide Niimura , Masami Tada
IPC分类号: G06F21/10
CPC分类号: G06F21/10
摘要: An external storage device connectable to an information processing apparatus is provided. The storage device includes: an input/output interface via which data is exchanged with an information processing apparatus; a first storage region where data associated with first and second validity periods is stored; and a second storage region where a control program is stored. While the first validity period is used when the external storage device is connected to one information processing apparatus, the second validity period is used when the external storage device is connected to another information processing apparatus. The control program causes a processor to execute the steps of: establishing connection of the external storage device to an information processing apparatus; identifying any one of the validity periods as a validity period to be used for the data; and executing predetermined security protection processing on the data in accordance with the identified validity period.
摘要翻译: 提供可连接到信息处理装置的外部存储装置。 存储装置包括:与信息处理装置交换数据的输入/输出接口; 存储与第一和第二有效期相关联的数据的第一存储区域; 以及存储控制程序的第二存储区域。 虽然当外部存储装置连接到一个信息处理装置时使用第一有效期,但是当外部存储装置连接到另一信息处理装置时,使用第二有效期。 控制程序使处理器执行以下步骤:建立外部存储装置与信息处理装置的连接; 将任何一个有效期识别为要用于数据的有效期; 以及根据所识别的有效期对数据执行预定的安全保护处理。
-
4.发明授权Data protection technique that protects illicit copying of data maintained in data storage 有权数据保护技术可保护数据存储中维护的数据的非法复制公开(公告)号:US08966158B2
公开(公告)日:2015-02-24
申请号:US13324901
申请日:2011-12-13
申请人: Sanehiro Furuichi , Masami Tada
发明人: Sanehiro Furuichi , Masami Tada
CPC分类号: G06F21/6218
摘要: A data protection program for protecting data to be processed by an application, and a computer including volatile storage means and nonvolatile storage means performs a volatile file unpack function of writing, to the nonvolatile storage means, data corresponding to a data file to be read or written by the application so that the data is associated with the data file; and a volatile file repackage function of outputting the data file corresponding to the data written to the volatile storage means.
摘要翻译: 用于保护由应用程序处理的数据的数据保护程序以及包括易失性存储装置和非易失性存储装置的计算机执行易失性文件解包功能,向非易失性存储装置写入与要读取的数据文件相对应的数据, 由应用程序写入,使数据与数据文件相关联; 以及用于输出与写入到所述易失性存储装置的数据相对应的数据文件的易失性文件重新包装功能。
-
5.发明授权公开(公告)号:US08683199B2
公开(公告)日:2014-03-25
申请号:US12175841
申请日:2008-07-18
申请人: Sanehiro Furuichi , Masana Murase
发明人: Sanehiro Furuichi , Masana Murase
摘要: Whenever a drawing command is executed, a computer system having a graphic user interface such as a multi-window system determines, from the logical operation pattern of the drawing command, what kind of information is inherited by a drawing result from the drawing command, preferably without performing a complicated step such as an image process. At the same time, the computer system controls information flow of an image outputted to a screen by managing labeled area maps which correspond one to one to images on the screen and in a memory.
摘要翻译: 每当执行绘图命令时,具有诸如多窗口系统之类的图形用户界面的计算机系统根据绘图命令的逻辑运算模式确定绘图命令中的绘图结果所遗留的什么样的信息 而不执行诸如图像处理的复杂步骤。 同时,计算机系统通过管理对应于屏幕和存储器中的图像的一对一的标记区域图来控制输出到屏幕的图像的信息流。
-
公开(公告)号:US08640134B2
公开(公告)日:2014-01-28
申请号:US13115498
申请日:2011-05-25
申请人: Sanehiro Furuichi , Masami Tada
发明人: Sanehiro Furuichi , Masami Tada
IPC分类号: G06F9/46
摘要: Exemplary embodiments include a method and system having resistance to a forced termination attack on a monitoring program for monitoring a predetermined resource. Aspects of the exemplary embodiment include a device that executes a predetermined process including a monitoring program that monitors a predetermined resource, wherein the predetermined process is a process for which the predetermined resource becomes unavailable in response to termination of the predetermined process; a program starting unit for starting the monitoring program in response to an execution of the predetermined process; and a terminator for terminating the predetermined process in the case where the monitoring program is forcibly terminated from the outside.
-
7.发明授权Securely managing the execution of screen rendering instructions in a host operating system and virtual machine 失效在主机操作系统和虚拟机中安全地管理屏幕渲染指令的执行公开(公告)号:US08595511B2
公开(公告)日:2013-11-26
申请号:US13488369
申请日:2012-06-04
申请人: Taku Aratsu , Sanehiro Furuichi , Tada Masami
发明人: Taku Aratsu , Sanehiro Furuichi , Tada Masami
CPC分类号: G06F9/45558 , G06F21/53 , G06F21/606 , G06F2009/45587 , G06F2221/2141
摘要: Provided are a computer readable storage medium, computer apparatus, and method for securely managing the execution of screen rendering instructions in a host operating system and virtual machine. A first rendering instruction hooking section is set to a first mode to hook a screen rendering instruction issued by a virtual machine application in a virtual machine. A second rendering instruction hooking section is set to a second mode to hook instructions issued by the virtual machine application. The hooked screen rendering instruction issued by the virtual machine application are encrypted in response to the setting of the first mode to produce illegible output. The hooked screen rendering instruction issued by the virtual machine application are encrypted in response to the setting of the second mode. The encrypted hooked screen rendering instruction encrypted in the second mode are issued to a host operating system to decrypt.
摘要翻译: 提供了一种用于在主机操作系统和虚拟机中安全地管理屏幕呈现指令的执行的计算机可读存储介质,计算机装置和方法。 将第一渲染指令挂钩部分设置为第一模式以将由虚拟机应用发出的屏幕渲染指令挂接在虚拟机中。 将第二渲染指令挂钩部分设置为第二模式以钩住由虚拟机应用发出的指令。 响应于第一模式的设置,由虚拟机应用发出的挂接画面呈现指令被加密以产生难以辨认的输出。 响应于第二模式的设置,由虚拟机应用发出的挂接画面呈现指令被加密。 以第二模式加密的加密的挂接屏幕呈现指令被发布到主机操作系统以进行解密。
-
8.发明申请GENERATING A DISTRUBITION PACKAGE HAVING AN ACCESS CONTROL EXECUTION PROGRAM FOR IMPLEMENTING AN ACCESS CONTROL MECHANISM AND LOADING UNIT FOR A CLIENT 有权生成具有访问控制执行程序的分发包,以实现客户机的访问控制机制和加载单元公开(公告)号:US20130219462A1
公开(公告)日:2013-08-22
申请号:US13821562
申请日:2011-07-01
申请人: Taku Aratsu , Sanehiro Furuichi , Masami Tada
发明人: Taku Aratsu , Sanehiro Furuichi , Masami Tada
CPC分类号: G06F21/10 , G06F21/556 , G06F21/62 , G06F2221/2119 , H04L63/0428 , H04L63/102 , H04L67/1097
摘要: A data distribution system, method and program for generating a distribution package for distribution data to a client. An environment of a requesting client requesting distribution data is detected. A determination is made of an access control execution program for implementing an access control mechanism and a loading unit on the requesting client. The access control execution program is adapted to the detected environment of the requesting client and control access to a resource from a process in the client. The loading unit loads the distribution data to a protected storage area of the client. A determination is made of a security policy specified for the distribution data. A distribution package is generated including the distribution data, the security policy, the loading unit, and the access control execution program adapted to the environment of the requesting client; and transmitting the generated distribution package to the requesting client.
摘要翻译: 一种用于生成用于向客户端分发数据的分发包的数据分发系统,方法和程序。 检测请求客户端请求分发数据的环境。 确定用于在请求客户端上实现访问控制机构和加载单元的访问控制执行程序。 访问控制执行程序适应于所请求的客户端的检测环境,并且控制对客户端中的进程对资源的访问。 加载单元将分发数据加载到客户端的受保护存储区域。 确定为分发数据指定的安全策略。 生成分配包,包括分发数据,安全策略,加载单元和适应请求客户端的环境的访问控制执行程序; 以及将生成的分发包传送到请求客户端。
-
9.发明申请EXTERNAL STORAGE DEVICE, AS WELL AS METHOD, PROGRAM AND INFORMATION PROCESSING APPARATUS FOR PROCESSING DATA STORED IN EXTERNAL STORAGE DEVICE 有权外部存储设备,作为处理存储在外部存储设备中的数据的方法,程序和信息处理设备公开(公告)号:US20100250963A1
公开(公告)日:2010-09-30
申请号:US12719072
申请日:2010-03-08
申请人: Sanehiro Furuichi , Yasuhide Niimura , Masami Tada
发明人: Sanehiro Furuichi , Yasuhide Niimura , Masami Tada
CPC分类号: G06F21/10
摘要: An external storage device connectable to an information processing apparatus is provided. The storage device includes: an input/output interface via which data is exchanged with an information processing apparatus; a first storage region where data associated with first and second validity periods is stored; and a second storage region where a control program is stored. While the first validity period is used when the external storage device is connected to one information processing apparatus, the second validity period is used when the external storage device is connected to another information processing apparatus. The control program causes a processor to execute the steps of: establishing connection of the external storage device to an information processing apparatus; identifying any one of the validity periods as a validity period to be used for the data; and executing predetermined security protection processing on the data in accordance with the identified validity period.
摘要翻译: 提供可连接到信息处理装置的外部存储装置。 存储装置包括:与信息处理装置交换数据的输入/输出接口; 存储与第一和第二有效期相关联的数据的第一存储区域; 以及存储控制程序的第二存储区域。 虽然当外部存储装置连接到一个信息处理装置时使用第一有效期,但是当外部存储装置连接到另一信息处理装置时,使用第二有效期。 控制程序使处理器执行以下步骤:建立外部存储装置与信息处理装置的连接; 将任何一个有效期识别为要用于数据的有效期; 以及根据所识别的有效期对数据执行预定的安全保护处理。
-
10.发明申请SYSTEM FOR PREVENTING UNAUTHORIZED ACQUISITION OF INFORMATION AND METHOD THEREOF 有权用于预防未经授权收集信息的方法及方法公开(公告)号:US20100071034A1
公开(公告)日:2010-03-18
申请号:US12095033
申请日:2005-11-28
申请人: Sanehiro Furuichi , Yuriko Kanai , Masana Murase , Tasuku Otani
发明人: Sanehiro Furuichi , Yuriko Kanai , Masana Murase , Tasuku Otani
CPC分类号: H04L63/10 , G06F3/1285 , G06F21/608 , G06F21/6209 , G06F2221/2147 , H04L63/083
摘要: A system including a server apparatus executes an application program and a client apparatus enabling a user to utilize the application program by communicating with the server apparatus based on an instruction of the user. The server apparatus includes: an output detection section for detecting output-processing which is processing of outputting data from the application program into a shared area; and an output control section for storing instruction information in the shares area, instead of storing the output data outputted from the application program therein, in response to the detection of the output-processing, the instruction information specifying an acquisition method by which an authorized client apparatus acquires the output data. The client apparatus includes: a reading detection section for detecting reading-processing which is processing of reading data from the shared area; and a reading control section which reads the instruction information from the shared area in response to the detection of the reading-processing, and which acquires the output data by the acquisition method specified by the instruction information.
摘要翻译: 包括服务器装置的系统执行应用程序和客户端装置,使得用户能够基于用户的指令与服务器装置进行通信来利用应用程序。 服务器装置包括:输出检测部分,用于检测输出处理,该输出处理是从应用程序将数据输出到共享区域的处理; 以及输出控制部分,用于在共享区域中存储指令信息,而不是根据输出处理的检测来存储从其中应用程序输出的输出数据,指令信息指定获取方法,通过该方法,授权客户端 设备获取输出数据。 客户端装置包括:读取检测部分,用于检测正在从共享区域读取数据的处理的读取处理; 以及读取控制部分,其响应于读取处理的检测从共享区域读取指令信息,并且通过由指令信息指定的获取方法获取输出数据。
-
-
-
-
-
-
-
-
-
搜索结果
63 条记录 (耗时 0.025 秒)
