利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

10 条记录 (耗时 0.02 秒)

    TRUST EVALUATION
    1.
    发明申请
    TRUST EVALUATION 有权
    信任评估

    公开(公告)号:US20070198214A1

    公开(公告)日:2007-08-23

    申请号:US11355719

    申请日:2006-02-16

    申请人: Steven Bade Andrew Kegel Leendert Van Doorn

    发明人: Steven Bade Andrew Kegel Leendert Van Doorn

    IPC分类号: G21C17/00

    CPC分类号: G06F21/577 G06F11/3409 G06F2201/81

    摘要: A solution for evaluating trust in a computer infrastructure is provided. In particular, a plurality of computing devices in the computer infrastructure evaluate one or more other computing devices in the computer infrastructure based on a set of device measurements for the other computing device(s) and a set of reference measurements. To this extent, each of the plurality of computing devices also provides a set of device measurements for processing by the other computing device(s) in the computer infrastructure.

    摘要翻译: 提供了一种评估计算机基础设施信任的解决方案。 特别地,计算机基础设施中的多个计算设备基于用于其他计算设备的一组设备测量值和一组参考测量结果来评估计算机基础结构中的一个或多个其他计算设备。 在这种程度上,多个计算设备中的每一个还提供一组设备测量值以供计算机基础设施中的其他计算设备处理。

    Sealing of data for applications
    2.
    发明申请
    Sealing of data for applications 有权
    密封应用程序的数据

    公开(公告)号:US20070136577A1

    公开(公告)日:2007-06-14

    申请号:US11301803

    申请日:2005-12-13

    申请人: Steven Bade Andrew Kegel Leendert Van Doorn

    发明人: Steven Bade Andrew Kegel Leendert Van Doorn

    IPC分类号: H04L9/00

    CPC分类号: G06F21/57

    摘要: A method, system and computer program product for implementing general purpose PCRs with extended semantics (referred to herein as “ePCRs”) in a trusted, measured software module. The module is designed to run in one of a hypervisor context, an isolated partition, or under other isolated configurations. Because the software module is provided using trusted (measured) code, the software implementing the PCRs is able to run as a simple software process in the operating system (OS), as long as the software is first measured and logged. The software-implemented ePCRs are generated as needed to record specific measurements of the software and hardware elements on which an application depends, and the ePCRs are able to ignore other non-dependencies.

    摘要翻译: 一种用于在可信测量的软件模块中实现具有扩展语义(在本文中称为“ePCR”)的通用PCR的方法,系统和计算机程序产品。 该模块设计为在虚拟机管理程序上下文,隔离分区或其他隔离配置之一下运行。 由于使用可信(测量)代码提供软件模块,所以实施PCR的软件只要首先测量和记录软件,就可以在操作系统(OS)中作为简单的软件过程运行。 根据需要生成软件实现的ePCR,以记录应用程序所依赖的软件和硬件元素的特定测量,ePCR可以忽略其他不依赖性。

    Method for extending the CRTM in a trusted platform
    3.
    发明申请
    Method for extending the CRTM in a trusted platform 审中-公开
    在可信平台上扩展CRTM的方法

    公开(公告)号:US20060010326A1

    公开(公告)日:2006-01-12

    申请号:US10887441

    申请日:2004-07-08

    申请人: Steven Bade Ronald Perez Leendert Van Doorn Helmut Weber

    发明人: Steven Bade Ronald Perez Leendert Van Doorn Helmut Weber

    IPC分类号: H04L9/00

    CPC分类号: G06F21/572

    摘要: A method, system and computer program product for enhancing the functionality of the existing core root of trust measurement (CRTM). The CRTM is extended to allow platform manufacturer controlled and certified code to be incorporated into the function of the CRTM, wherein the manufacturer may define the policy for accepting a new function into the CRTM. When a firmware or software module image is compiled, the build process generates a hash value of the compiled firmware or software image, wherein the hash value reflects a fingerprint (or short hand) representation of the compiled image. A determination is made as to whether the hash value of the firmware or software image is to be a CRTM extension. If so, a digital signature of the module is created using the CRTM extension private key. This signature value is added to the firmware or software module.

    摘要翻译: 一种用于增强现有核心信任度量(CRTM)功能的方法,系统和计算机程序产品。 CRTM被扩展为允许平台制造商控制和认证的代码被并入CRTM的功能,其中制造商可以将接受新功能的策略定义到CRTM中。 当编译固件或软件模块图像时,构建过程产生编译的固件或软件映像的哈希值,其中散列值反映编译图像的指纹(或短手)表示。 确定固件或软件映像的哈希值是否为CRTM扩展。 如果是这样,使用CRTM扩展专用密钥创建模块的数字签名。 该签名值被添加到固件或软件模块。

    Dynamic creation and hierarchical organization of trusted platform modules
    4.
    发明申请
    Dynamic creation and hierarchical organization of trusted platform modules 审中-公开
    可信平台模块的动态创建和层次化组织

    公开(公告)号:US20070079120A1

    公开(公告)日:2007-04-05

    申请号:US11242673

    申请日:2005-10-03

    申请人: Steven Bade Stefan Berger Kenneth Goldman Ronald Perez Reiner Sailer Leendert Van Doorn

    发明人: Steven Bade Stefan Berger Kenneth Goldman Ronald Perez Reiner Sailer Leendert Van Doorn

    IPC分类号: H04L9/00

    CPC分类号: G06F21/57

    摘要: A trusted platform module is presented that is capable of creating, dynamically, multiple virtual trusted platform modules in a hierarchical organization. A trusted platform module domain is created. The trusted platform module creates virtual trusted platform modules, as needed, in the trusted platform module domain. The virtual trusted platform modules can inherit the permissions of a parent trusted platform module to have the ability to create virtual trusted platform modules themselves. Each virtual trusted platform module is associated with a specific partition. Each partition is associated with an individual operating system. The hierarchy of created operating systems and their privilege of spawning new operating systems is reflected in the hierarchy of trusted platform modules and the privileges each of the trusted platform modules has.

    摘要翻译: 提出了一种可信任的平台模块,能够在层次结构中动态创建多个虚拟可信平台模块。 创建可信平台模块域。 可信平台模块根据需要在可信平台模块域中创建虚拟可信平台模块。 虚拟可信平台模块可以继承父信任平台模块的权限,以便能够自己创建虚拟可信平台模块。 每个虚拟可信平台模块与特定分区关联。 每个分区与单个操作系统相关联。 创建的操作系统的层次结构及其产生新操作系统的特权体现在可信平台模块的层次结构和每个可信平台模块所具有的特权上。

    Device Discovery and Topology Reporting in a Combined CPU/GPU Architecture System
    5.
    发明申请
    Device Discovery and Topology Reporting in a Combined CPU/GPU Architecture System 有权
    组合CPU / GPU架构系统中的设备发现和拓扑报告

    公开(公告)号:US20120162234A1

    公开(公告)日:2012-06-28

    申请号:US13325824

    申请日:2011-12-14

    申请人: Paul Blinzer Leendert Van Doorn Gongxian Jeffrey Cheng Elene Terry Thomas Woller Arshad Rahman

    发明人: Paul Blinzer Leendert Van Doorn Gongxian Jeffrey Cheng Elene Terry Thomas Woller Arshad Rahman

    IPC分类号: G06T1/20 G06T1/60

    CPC分类号: G06T1/20 G06F9/30003

    摘要: Methods and apparatus are provided, as an aspect of a combined CPU/APD architecture system, for discovering and reporting properties of devices and system topology that are relevant to efficiently scheduling and distributing computational tasks to the various computational resources of a combined CPU/APD architecture system. The combined CPU/APD architecture unifies CPUs and APDs in a flexible computing environment. In some embodiments, the combined CPU/APD architecture capabilities are implemented in a single integrated circuit, elements of which can include one or more CPU cores and one or more APD cores. The combined CPU/APD architecture creates a foundation upon which existing and new programming frameworks, languages, and tools can be constructed.

    摘要翻译: 提供了作为组合的CPU / APD架构系统的一个方面的方法和装置,用于发现和报告与有效地调度和分发计算任务到组合的CPU / APD架构的各种计算资源相关的设备和系统拓扑的属性 系统。 组合的CPU / APD架构将CPU和APD统一在灵活的计算环境中。 在一些实施例中,组合的CPU / APD架构能力在单个集成电路中实现,其单元可以包括一个或多个CPU核心和一个或多个APD核心。 组合的CPU / APD架构创建了可以构建现有和新的编程框架,语言和工具的基础。

    Method, system and program product for remotely verifying integrity of a system
    6.
    发明申请
    Method, system and program product for remotely verifying integrity of a system 失效
    用于远程验证系统完整性的方法,系统和程序产品

    公开(公告)号:US20070107046A1

    公开(公告)日:2007-05-10

    申请号:US11268220

    申请日:2005-11-07

    申请人: Trent Jaeger Reiner Sailer Leendert Van Doorn

    发明人: Trent Jaeger Reiner Sailer Leendert Van Doorn

    IPC分类号: H04L9/32

    CPC分类号: G06F21/57

    摘要: The present invention provides a computer-implemented method system and program product for remotely verifying (e.g., analytic) integrity of a system. Specifically, at startup of the system an access control policy that sets forth information flows within the system is read and a set of trusted subjects that interact with a target application in the system is determined. Based on the access information flows and the set of trusted subjects, an information flow graph of the system is constructed. At runtime of the target application, runtime information and program code loaded into the set of trusted subjects are measured. Measuring the program code that is loaded allows the remote party to verify that the program code is “expected” program code for the set of trusted subjects.

    摘要翻译: 本发明提供了一种用于远程验证(例如,分析)系统完整性的计算机实现的方法系统和程序产品。 特别地,在系统启动时,读取在系统内设置信息流的访问控制策略,并且确定与系统中的目标应用交互的一组可信对象。 基于访问信息流和可信任对象的集合,构建系统的信息流图。 在目标应用程序的运行时间,测量加载到可信任对象集合中的运行时信息和程序代码。 测量加载的程序代码允许远程方验证程序代码是可信任对象集合的“预期”程序代码。

    Device discovery and topology reporting in a combined CPU/GPU architecture system
    8.
    发明授权
    Device discovery and topology reporting in a combined CPU/GPU architecture system 有权
    组合CPU / GPU架构系统中的设备发现和拓扑报告

    公开(公告)号:US08797332B2

    公开(公告)日:2014-08-05

    申请号:US13325824

    申请日:2011-12-14

    申请人: Paul Blinzer Leendert Van Doorn Gongxian Jeffrey Cheng Elene Terry Thomas Woller Arshad Rahman

    发明人: Paul Blinzer Leendert Van Doorn Gongxian Jeffrey Cheng Elene Terry Thomas Woller Arshad Rahman

    IPC分类号: G06F15/00 G06T1/00 G06F15/16 G06T1/60

    CPC分类号: G06T1/20 G06F9/30003

    摘要: Methods and apparatus are provided, as an aspect of a combined CPU/APD architecture system, for discovering and reporting properties of devices and system topology that are relevant to efficiently scheduling and distributing computational tasks to the various computational resources of a combined CPU/APD architecture system. The combined CPU/APD architecture unifies CPUs and APDs in a flexible computing environment. In some embodiments, the combined CPU/APD architecture capabilities are implemented in a single integrated circuit, elements of which can include one or more CPU cores and one or more APD cores. The combined CPU/APD architecture creates a foundation upon which existing and new programming frameworks, languages, and tools can be constructed.

    摘要翻译: 提供了作为组合的CPU / APD架构系统的一个方面的方法和装置,用于发现和报告与有效地调度和分发计算任务到组合的CPU / APD架构的各种计算资源相关的设备和系统拓扑的属性 系统。 组合的CPU / APD架构将CPU和APD统一在灵活的计算环境中。 在一些实施例中,组合的CPU / APD架构能力在单个集成电路中实现,其单元可以包括一个或多个CPU核心和一个或多个APD核心。 组合的CPU / APD架构创建了可以构建现有和新的编程框架,语言和工具的基础。

    Executing and implementing a service for establishing network connections
    9.
    发明申请
    Executing and implementing a service for establishing network connections 审中-公开
    执行和实施建立网络连接的服务

    公开(公告)号:US20050128952A1

    公开(公告)日:2005-06-16

    申请号:US10733591

    申请日:2003-12-11

    申请人: David Challener Steven Mastrianni Joseph Parker Ratan Ray Leendert Van Doorn

    发明人: David Challener Steven Mastrianni Joseph Parker Ratan Ray Leendert Van Doorn

    IPC分类号: H04L12/24 H04L29/12 H04L12/26

    CPC分类号: H04L61/2015 H04L29/12264 H04L29/1232 H04L41/082 H04L41/0853 H04L41/0856 H04L41/5009 H04L41/5054 H04L61/2046 H04L61/2092

    摘要: A method for a service provider to be able to work with a client under an engagement relationship to repair a failed network connection between a client system and a network is disclosed. In a first aspect, the method preferably includes collecting real time connectivity information by the client system and utilizing the real time connectivity information by the client system to establish a connection with the network. In a second aspect, a computer system coupled to a network includes at least one network adapter for monitoring and collecting real time connectivity information from the network, memory for storing the real time connectivity information, and a processor coupled to the memory and to the at least one network adapter, where the processor is configured to execute program instructions for utilizing the real time connectivity information to repair a failed network connection between the computer system and the network.

    摘要翻译: 公开了一种用于服务提供商能够以参与关系处理客户端以修复客户端系统和网络之间的故障网络连接的方法。 在第一方面,该方法优选地包括由客户端系统收集实时连接性信息,并利用客户端系统建立与网络的连接的实时连接信息。 在第二方面,耦合到网络的计算机系统包括至少一个网络适配器,用于监视和收集来自网络的实时连接信息,用于存储实时连接性信息的存储器以及耦合到存储器和处理器的处理器 至少一个网络适配器,其中所述处理器被配置为执行用于利用所述实时连接信息来修复所述计算机系统和所述网络之间的故障网络连接的程序指令。