-
公开(公告)号:US20130166899A1
公开(公告)日:2013-06-27
申请号:US13336038
申请日:2011-12-23
IPC分类号: G06F9/00
CPC分类号: G06F9/44505 , G06F21/53 , G06F21/54 , G06F21/602 , G06F2221/2149
摘要: Methods and devices for controlling system settings of a computing device are described herein. One example embodiment comprises: determining configuration data associated with a software application, wherein the configuration data identifies one or more new system settings to be temporarily enforced on the computing device during an execution of the software application, and wherein the configuration data is digitally signed; and in response to an initiation of the execution of the software application, reconfiguring system settings on the computing device; wherein the reconfiguring comprises verifying at least one digital signature associated with the digitally signed configuration data; wherein if the at least one digital signature associated with the digitally signed configuration data successfully verifies, then the reconfiguring further comprises temporarily enforcing new system settings for the duration of the execution of the software application.
-
2.发明授权Method and system for temporarily reconfiguring system settings of a computing device during execution of a software application 有权用于在执行软件应用期间临时重新配置计算设备的系统设置的方法和系统公开(公告)号:US08799634B2
公开(公告)日:2014-08-05
申请号:US13336038
申请日:2011-12-23
CPC分类号: G06F9/44505 , G06F21/53 , G06F21/54 , G06F21/602 , G06F2221/2149
摘要: Methods and devices for controlling system settings of a computing device are described herein. One example embodiment comprises: determining configuration data associated with a software application, wherein the configuration data identifies one or more new system settings to be temporarily enforced on the computing device during an execution of the software application, and wherein the configuration data is digitally signed; and in response to an initiation of the execution of the software application, reconfiguring system settings on the computing device; wherein the reconfiguring comprises verifying at least one digital signature associated with the digitally signed configuration data; wherein if the at least one digital signature associated with the digitally signed configuration data successfully verifies, then the reconfiguring further comprises temporarily enforcing new system settings for the duration of the execution of the software application.
摘要翻译: 本文描述了用于控制计算设备的系统设置的方法和设备。 一个示例性实施例包括:确定与软件应用相关联的配置数据,其中所述配置数据识别在所述软件应用的执行期间在所述计算设备上临时执行的一个或多个新的系统设置,并且其中所述配置数据被数字签名; 并且响应于启动所述软件应用的执行,重新配置所述计算设备上的系统设置; 其中所述重新配置包括验证与所述经数字签名的配置数据相关联的至少一个数字签名; 其中如果与所述数字签名的配置数据相关联的所述至少一个数字签名成功地验证,则所述重新配置还包括在所述软件应用的执行期间暂时执行新的系统设置。
-
公开(公告)号:US20120017081A1
公开(公告)日:2012-01-19
申请号:US12835007
申请日:2010-07-13
CPC分类号: G06K7/10722 , G06K19/06037 , H04L9/321 , H04L9/3263 , H04L2209/608 , H04L2209/80
摘要: A system, devices and methods for verifying an administrator computing device to a guest computing device, verifying the guest device to the administrator device and outputting a list of the guest device capabilities for the administrator device such that the guest device is capable of verifying the administrator device, for example to ensure it does not divulge its capabilities to imposters, and the administrator device is capable of identifying whether the list of device capabilities is authentic. Verification can be achieved through cryptographic hashes of private certificates, digital signatures or expected output from verified modules. The list of device capabilities may be restricted based on the authorization granted to the administrator computer and may be altered or watermarked for verification. A failure to verify the administrator device may restrict execution of instructions on the guest device to prevent unauthorized access to the guest device's capabilities.
摘要翻译: 一种用于验证来宾计算设备的管理员计算设备的系统,设备和方法,将访客设备验证给管理员设备,并输出管理员设备的访客设备能力的列表,使得访客设备能够验证管理员 设备,例如以确保其不泄露其对冒名顶替者的能力,并且管理员设备能够识别设备功能的列表是否是真实的。 验证可以通过私密证书的密码散列,数字签名或验证模块的预期输出来实现。 可以基于授予管理员计算机的授权来限制设备能力的列表,并且可以更改或加水印以供验证。 无法验证管理员设备可能会限制访客设备上的指令执行,以防止未经授权的访问访客设备的功能。
-
公开(公告)号:US20130152176A1
公开(公告)日:2013-06-13
申请号:US13315758
申请日:2011-12-09
CPC分类号: G06F21/36 , G06F2221/0733 , H04L63/0853 , H04L63/18 , H04W12/06
摘要: Apparatus, systems, and methods provide a mechanism to enhance the security of operating client devices with systems controlling secure data. Various embodiments include apparatus and methods to authenticate a communication session between a server and a client device without providing authentication tokens to the client device. Additional apparatus, systems, and methods are disclosed.
摘要翻译: 装置,系统和方法提供了一种机制,以通过控制安全数据的系统来增强操作客户端设备的安全性。 各种实施例包括用于认证服务器和客户端设备之间的通信会话而不向客户端设备提供认证令牌的装置和方法。 公开了附加装置,系统和方法。
-
公开(公告)号:US08397274B2
公开(公告)日:2013-03-12
申请号:US12835007
申请日:2010-07-13
IPC分类号: H04L9/00
CPC分类号: G06K7/10722 , G06K19/06037 , H04L9/321 , H04L9/3263 , H04L2209/608 , H04L2209/80
摘要: A system, devices and methods for verifying an administrator computing device to a guest computing device, verifying the guest device to the administrator device and outputting a list of the guest device capabilities for the administrator device such that the guest device is capable of verifying the administrator device, for example to ensure it does not divulge its capabilities to imposters, and the administrator device is capable of identifying whether the list of device capabilities is authentic. Verification can be achieved through cryptographic hashes of private certificates, digital signatures or expected output from verified modules. The list of device capabilities may be restricted based on the authorization granted to the administrator computer and may be altered or watermarked for verification. A failure to verify the administrator device may restrict execution of instructions on the guest device to prevent unauthorized access to the guest device's capabilities.
摘要翻译: 一种用于验证来宾计算设备的管理员计算设备的系统,设备和方法,将访客设备验证给管理员设备,并输出管理员设备的访客设备能力的列表,使得访客设备能够验证管理员 设备,例如以确保其不泄露其对冒名顶替者的能力,并且管理员设备能够识别设备功能的列表是否是真实的。 验证可以通过私密证书的密码散列,数字签名或验证模块的预期输出来实现。 可以基于授予管理员计算机的授权来限制设备能力的列表,并且可以更改或加水印以供验证。 无法验证管理员设备可能会限制访客设备上的指令执行,以防止未经授权的访问访客设备的功能。
-
公开(公告)号:US08701166B2
公开(公告)日:2014-04-15
申请号:US13315758
申请日:2011-12-09
CPC分类号: G06F21/36 , G06F2221/0733 , H04L63/0853 , H04L63/18 , H04W12/06
摘要: Apparatus, systems, and methods provide a mechanism to enhance the security of operating client devices with systems controlling secure data. Various embodiments include apparatus and methods to authenticate a communication session between a server and a client device without providing authentication tokens to the client device. Additional apparatus, systems, and methods are disclosed.
摘要翻译: 装置,系统和方法提供了一种机制,以通过控制安全数据的系统来增强操作客户端设备的安全性。 各种实施例包括用于认证服务器和客户端设备之间的通信会话而不向客户端设备提供认证令牌的装置和方法。 公开了附加装置,系统和方法。
-
公开(公告)号:US09264235B2
公开(公告)日:2016-02-16
申请号:US12947062
申请日:2010-11-16
IPC分类号: G06F21/10 , H04N21/4405 , H04L9/32 , H04L29/06
CPC分类号: H04L9/3263 , H04L63/0823 , H04L63/0869 , H04L63/166 , H04L2209/80
摘要: A device and method are provided for a device that authenticates a server over a network. The device and method are operable to contact the server to initiate a handshaking operation. The device receives certificate information and handshaking information from the server. The device completes the handshaking operations to establish the connection with the server. The device downloads the content from the server through the connection before authenticating the server to establish a secure connection. In some aspects, the device may display a portion of the downloaded content before the server is authenticated.
摘要翻译: 为通过网络认证服务器的设备提供了一种设备和方法。 该设备和方法可操作以联系服务器以启动握手操作。 设备从服务器接收证书信息和握手信息。 设备完成握手操作,以建立与服务器的连接。 设备在认证服务器之前通过连接从服务器下载内容以建立安全连接。 在某些方面,设备可以在服务器认证之前显示下载内容的一部分。
-
公开(公告)号:US08844026B2
公开(公告)日:2014-09-23
申请号:US13486145
申请日:2012-06-01
CPC分类号: G06F21/44 , G06F21/31 , G06F21/335 , G06F21/40 , H04L9/3213 , H04L2209/80 , H04W12/08
摘要: A system and method for controlling access to a secure resource in a device are disclosed. In some embodiments, the device may include a processor capable of receiving a first request from a first application of a plurality of applications executable by the processor, where the first request requests access to the secure resource, and the first request identifies the plurality of applications. In response to the first request, the processor is capable of generating a ticket associated with the secure resource and with each of the plurality of applications, and then storing the ticket in a memory. After receiving a second request from a second application requesting access to the secure resource, the processor is capable of granting the second application access to the secure resource, if the ticket associated with the secure resource exists and if the ticket is associated with the second application.
摘要翻译: 公开了一种用于控制对设备中的安全资源的访问的系统和方法。 在一些实施例中,设备可以包括能够从第一应用接收可由处理器执行的多个应用的第一请求的处理器,其中第一请求请求对安全资源的访问,并且第一请求标识多个应用 。 响应于第一请求,处理器能够生成与安全资源和多个应用程序中的每一个相关联的票据,然后将票据存储在存储器中。 在从第二应用程序接收到请求访问安全资源的第二请求之后,如果存在与安全资源相关联的票据,并且如果票据与第二应用程序相关联,则处理器能够授予对安全资源的第二应用访问 。
-
公开(公告)号:US20130326614A1
公开(公告)日:2013-12-05
申请号:US13486145
申请日:2012-06-01
IPC分类号: G06F21/24
CPC分类号: G06F21/44 , G06F21/31 , G06F21/335 , G06F21/40 , H04L9/3213 , H04L2209/80 , H04W12/08
摘要: A system and method for controlling access to a secure resource in a device are disclosed. In some embodiments, the device may include a processor capable of receiving a first request from a first application of a plurality of applications executable by the processor, where the first request requests access to the secure resource, and the first request identifies the plurality of applications. In response to the first request, the processor is capable of generating a ticket associated with the secure resource and with each of the plurality of applications, and then storing the ticket in a memory. After receiving a second request from a second application requesting access to the secure resource, the processor is capable of granting the second application access to the secure resource, if the ticket associated with the secure resource exists and if the ticket is associated with the second application.
-
10.发明申请公开(公告)号:US20100241851A1
公开(公告)日:2010-09-23
申请号:US12405366
申请日:2009-03-17
申请人: Alexander Truskovsky , Van Quy Tu , Cheryl Mok , Shivangi Gandhi , Eli Jackson , Neil Patrick Adams
发明人: Alexander Truskovsky , Van Quy Tu , Cheryl Mok , Shivangi Gandhi , Eli Jackson , Neil Patrick Adams
IPC分类号: H04L9/32
CPC分类号: H04L63/0823 , H04L63/126 , H04W12/06 , H04W12/10
摘要: To validate a received certificate issuance notification message, a device may verify that the certificate issuance notification message conforms to expected norms or authenticate a signature associate with the certificate issuance notification message. Upon validating, the device may then transmit a uniform resource locator, extracted from the certificate issuance notification message, to a network entity configured for processing certificate issuance.
摘要翻译: 为了验证接收到的证书发布通知消息,设备可以验证证书颁发通知消息符合预期规范或认证与证书颁发通知消息相关联的签名。 验证后,设备可以将从证书颁发通知消息中提取的统一资源定位符发送到被配置用于处理证书颁发的网络实体。
-
-
-
-
-
-
-
-
-
搜索结果
17 条记录 (耗时 0.023 秒)