-
公开(公告)号:US09189605B2
公开(公告)日:2015-11-17
申请号:US12390505
申请日:2009-02-23
申请人: Sumedh N. Barde , Jonathan D. Schwartz , Reid Joseph Kuhn , Alexandre Vicktorovich Grigorovitch , Kirt A. Debique , Chadd B. Knowlton , James M. Alkove , Geoffrey T. Dunbar , Michael J. Grier , Ming Ma , Chaitanya D. Upadhyay , Adil Ahmed Sherwani , Arun Upadhyaya Kishan
发明人: Sumedh N. Barde , Jonathan D. Schwartz , Reid Joseph Kuhn , Alexandre Vicktorovich Grigorovitch , Kirt A. Debique , Chadd B. Knowlton , James M. Alkove , Geoffrey T. Dunbar , Michael J. Grier , Ming Ma , Chaitanya D. Upadhyay , Adil Ahmed Sherwani , Arun Upadhyaya Kishan
CPC分类号: G06F21/10 , G06F21/57 , G06F2221/0735 , H04L9/3247 , H04L9/3263 , H04L2209/603
摘要: A method of establishing a protected environment within a computing device including validating a kernel component loaded into a kernel of the computing device, establishing a security state for the kernel based on the validation, creating a secure process and loading a software component into the secure process, periodically checking the security state of the kernel, and notifying the secure process when the security state of the kernel has changed.
摘要翻译: 一种在计算设备内建立受保护环境的方法,包括验证加载到计算设备的内核中的内核组件,基于验证建立内核的安全状态,创建安全过程并将软件组件加载到安全过程中 定期检查内核的安全状态,并在内核的安全状态发生变化时通知安全进程。
-
公开(公告)号:US20090158036A1
公开(公告)日:2009-06-18
申请号:US12390505
申请日:2009-02-23
申请人: Sumedh N. Barde , Jonathan D. Schwartz , Reid Joseph Kuhn , Alexandre Vicktorovich Grigorovitch , Kirt A. Debique , Chabd B. Knowlton , James M. Alkove , Geoffery T. Dunbar , Michael J. Grier , Ming Ma , Chaitanya D. Upadhyay , Adil Ahmed Sherwani , Arun Upadhyaya Kishan
发明人: Sumedh N. Barde , Jonathan D. Schwartz , Reid Joseph Kuhn , Alexandre Vicktorovich Grigorovitch , Kirt A. Debique , Chabd B. Knowlton , James M. Alkove , Geoffery T. Dunbar , Michael J. Grier , Ming Ma , Chaitanya D. Upadhyay , Adil Ahmed Sherwani , Arun Upadhyaya Kishan
IPC分类号: H04L9/00
CPC分类号: G06F21/10 , G06F21/57 , G06F2221/0735 , H04L9/3247 , H04L9/3263 , H04L2209/603
摘要: A method of establishing a protected environment within a computing device including validating a kernel component loaded into a kernel of the computing device, establishing a security state for the kernel based on the validation, creating a secure process and loading a software component into the secure process, periodically checking the security state of the kernel, and notifying the secure process when the security state of the kernel has changed.
摘要翻译: 一种在计算设备内建立受保护环境的方法,包括验证加载到计算设备的内核中的内核组件,基于验证建立内核的安全状态,创建安全过程并将软件组件加载到安全过程中 定期检查内核的安全状态,并在内核的安全状态发生变化时通知安全进程。
-
3.
公开(公告)号:US08074287B2
公开(公告)日:2011-12-06
申请号:US11191448
申请日:2005-07-28
申请人: Sumedh N. Barde , Rebecca Claire Weiss , Alexandre V. Grigorovitch , Chaitanya Dutt Upadhyay , Reid Joseph Kuhn
发明人: Sumedh N. Barde , Rebecca Claire Weiss , Alexandre V. Grigorovitch , Chaitanya Dutt Upadhyay , Reid Joseph Kuhn
IPC分类号: G06F7/04
CPC分类号: G06F21/10 , H04L9/3265 , H04L9/3268 , H04L2209/603 , H04L2209/68
摘要: Systems and methods for providing a protected computing environment comprising separating out a protected environment management component from a kernel of a computing device, providing identification information as a part of the protected environment management component, and providing individualization information as part of the protected environment management component.
摘要翻译: 用于提供受保护的计算环境的系统和方法包括将受保护的环境管理组件与计算设备的内核分离,提供作为受保护的环境管理组件的一部分的标识信息,以及提供作为受保护的环境管理组件的一部分的个性化信息 。
-
公开(公告)号:US09276935B2
公开(公告)日:2016-03-01
申请号:US12473102
申请日:2009-05-27
CPC分类号: H04L63/10 , G06F21/10 , G06F21/105 , G06F2221/2107 , G06F2221/2115 , H04L29/12047 , H04L61/15 , H04L63/062 , H04L2463/101
摘要: A system is disclosed for providing trusted third-party management of user device domains in a digital rights management environment. The system includes a plurality of content providers that distribute digital content items via user accounts having associated user device domains. The user device domains are managed by an independent domain manager. The domain manager includes a device registrar which is operative, for a given user device domain, to receive a request to add a device to the user device domain. If the request is grantable, a domain controller of the domain manager is operative to cause a domain private key to be transmitted to the device being added to the user device domain. The domain private key is usable at the device to decrypt a content key which was previously released to the user device domain for decrypting protected digital content.
摘要翻译: 公开了一种用于在数字版权管理环境中提供用户设备域的受信任的第三方管理的系统。 该系统包括通过具有相关联的用户设备域的用户帐户分发数字内容的多个内容提供商。 用户设备域由独立的域管理器管理。 域管理器包括设备注册器,对于给定的用户设备域,该设备注册器可以接收向用户设备域添加设备的请求。 如果请求是可授权的,则域管理器的域控制器可操作地使域私有密钥被发送到被添加到用户设备域的设备。 域私钥在设备上可用于解密之前已被释放到用户设备域以解密受保护的数字内容的内容密钥。
-
公开(公告)号:US20100306485A1
公开(公告)日:2010-12-02
申请号:US12473102
申请日:2009-05-27
IPC分类号: G06F12/16
CPC分类号: H04L63/10 , G06F21/10 , G06F21/105 , G06F2221/2107 , G06F2221/2115 , H04L29/12047 , H04L61/15 , H04L63/062 , H04L2463/101
摘要: A system is disclosed for providing trusted third-party management of user device domains in a digital rights management environment. The system includes a plurality of content providers that distribute digital content items via user accounts having associated user device domains. The user device domains are managed by an independent domain manager. The domain manager includes a device registrar which is operative, for a given user device domain, to receive a request to add a device to the user device domain. If the request is grantable, a domain controller of the domain manager is operative to cause a domain private key to be transmitted to the device being added to the user device domain. The domain private key is usable at the device to decrypt a content key which was previously released to the user device domain for decrypting protected digital content.
摘要翻译: 公开了一种用于在数字版权管理环境中提供用户设备域的受信任的第三方管理的系统。 该系统包括通过具有相关联的用户设备域的用户帐户分发数字内容的多个内容提供商。 用户设备域由独立的域管理器管理。 域管理器包括设备注册器,对于给定的用户设备域,该设备注册器可以接收向用户设备域添加设备的请求。 如果请求是可授权的,则域管理器的域控制器可操作地使域私有密钥被发送到被添加到用户设备域的设备。 域私钥在设备上可用于解密之前已被释放到用户设备域以解密受保护的数字内容的内容密钥。
-
-
-
-