-
公开(公告)号:US20060236127A1
公开(公告)日:2006-10-19
申请号:US11097697
申请日:2005-04-01
IPC分类号: G06F12/14
CPC分类号: G06F21/57 , G06F9/5077 , G06F2221/2149
摘要: Systems and methods provide multiple partitions hosted on an isolation technology such as a hypervisor where at least one of the partitions, a local secure service partition (LSSP), provides security services to other partitions. The service partitions (LSSPs) host those high assurance services that require strict security isolation, where the service can be shared across partitions and accessed even when the user is not connected to a network. The LSSP also can certify the results of any computation using a key signed by a TPM attestation identity key (AIK), or other key held securely by the hypervisor or a service partition. The LSSPs may be configured to provide trusted audit logs, trusted security scans, trusted cryptographic services, trusted compilation and testing, trusted logon services, and the like.
-
公开(公告)号:US20070028096A1
公开(公告)日:2007-02-01
申请号:US11194100
申请日:2005-07-29
申请人: Paul England , Muthukrishnan Paramasivam , Thekkthalackal Kurien , Charles Rose , Ravindra Pandya
发明人: Paul England , Muthukrishnan Paramasivam , Thekkthalackal Kurien , Charles Rose , Ravindra Pandya
IPC分类号: H04L9/00
CPC分类号: H04L9/3263 , H04L2209/60
摘要: Disclosed herein is a technique for certifying distributable objects. The technique involves creating a certification for each distributable object to indicate properties of the object. Using certifications such as this, it is possible to accept objects having certain properties only from specified entities.
摘要翻译: 这里公开了一种用于认证可分发物体的技术。 该技术涉及为每个可分发对象创建一个认证,以指示对象的属性。 使用这样的认证,只能从指定的实体接受具有某些属性的对象。
-
公开(公告)号:US20050125548A1
公开(公告)日:2005-06-09
申请号:US10692224
申请日:2003-10-23
申请人: Paul England , Anshul Dhir , Thekkthalackal Kurien , Kenneth Ray
发明人: Paul England , Anshul Dhir , Thekkthalackal Kurien , Kenneth Ray
IPC分类号: G06F21/24 , G06F1/00 , G06F3/14 , G06F9/06 , G06F9/50 , G06F12/14 , G06F15/00 , G06F15/16 , G06F21/00 , G06F21/22 , G06K19/073 , G09C1/00 , H04L9/32
CPC分类号: G06F21/62
摘要: A resource is obtained from a resource provider (RP) for a resource requester (RR) operating on a computing device. The RR has an identity descriptor (id) associated therewith, where the id including security-related information specifying an environment in which the RR operates. A code identity (code-ID) is calculated corresponding to and based on the loaded RR and loaded id. The RP verifies that the calculated code-ID in a request for the resource matches one of one or more valid code-IDs for the identified RR to conclude that the RR and id can be trusted, and the RP responds to the forwarded request by providing the requested resource to the RR.
摘要翻译: 从用于在计算设备上操作的资源请求者(RR)的资源提供者(RP)获得资源。 RR具有与其相关联的身份描述符(id),其中id包括指定RR操作的环境的安全相关信息。 代码标识(代码ID)是根据加载的RR和加载的id来计算的。 RP验证在资源请求中计算出的代码ID与所识别的RR的一个或多个有效代码ID中的一个匹配,以得出可以信任的RR和ID,并且RP通过提供转发的请求来响应转发的请求 向RR请求的资源。
-
4.发明申请Integration of high-assurance features into an application through application factoring 有权通过应用程序保理将高保证功能集成到应用程序中公开(公告)号:US20050091661A1
公开(公告)日:2005-04-28
申请号:US10693749
申请日:2003-10-24
IPC分类号: G06F21/24 , G06F1/00 , G06F3/00 , G06F9/44 , G06F9/45 , G06F9/46 , G06F12/14 , G06F15/76 , G06F17/00 , G06F21/00 , G06F21/22
CPC分类号: G06F21/53
摘要: Application factoring or partitioning is used to integrate secure features into a conventional application. An application's functionality is partitioned into two sets according to whether a given action does, or does not, involve the handling of sensitive data. Separate software objects (processors) are created to perform these two sets of actions. A trusted processor handles secure data and runs in a high-assurance environment. When another processor encounters secure data, that data is sent to the trusted processor. The data is wrapped in such a way that allows it to be routed to the trusted processor, and prevents the data from being deciphered by any entity other than the trusted processor. An infrastructure is provided that wraps objects, routes them to the correct processor, and allows their integrity to be attested through a chain of trust leading back to base component that is known to be trustworthy.
摘要翻译: 应用因子分解或分区用于将安全特征集成到常规应用中。 应用程序的功能根据给定操作是否涉及敏感数据的处理而分为两组。 创建独立的软件对象(处理器)来执行这两组操作。 值得信赖的处理器处理安全数据并在高保证环境中运行。 当另一个处理器遇到安全数据时,该数据被发送到可信处理器。 以允许将数据路由到可信处理器的方式包装数据,并且防止数据被除可信处理器之外的任何实体解密。 提供了一个基础设施,用于包装对象,将它们路由到正确的处理器,并通过一系列信任来验证其完整性,并将其引导回已知可靠的基础组件。
-
公开(公告)号:US20060200859A1
公开(公告)日:2006-09-07
申请号:US11072982
申请日:2005-03-04
IPC分类号: G06F12/14
CPC分类号: G06F21/57
摘要: To authenticate a program on a computing device to a resource local to or remote from the computing device, a stored program security identifier (PSID) corresponding to the program is retrieved, where the stored PSID includes information taking into account the program itself, the execution setting of the program, and any inputs and initializations that are provided to the program. The PSID is re-constructed based on the same information as obtained from local sources, and the stored and reconstructed PSIDs are compared to determine whether a match exists. If so, it may be concluded that the program operates in a trusted manner according to an approved set of conditions.
-
6.发明申请System and method for protected operating system boot using state validation 有权使用状态验证的受保护操作系统引导的系统和方法公开(公告)号:US20060005034A1
公开(公告)日:2006-01-05
申请号:US10882134
申请日:2004-06-30
申请人: Bryan Willman , Paul England , Kenneth Ray , Jamie Hunter , Lonny McMichael , Derek LaSalle , Pierre Jacomet , Mark Paley , Thekkthalackal Kurien , David Cross
发明人: Bryan Willman , Paul England , Kenneth Ray , Jamie Hunter , Lonny McMichael , Derek LaSalle , Pierre Jacomet , Mark Paley , Thekkthalackal Kurien , David Cross
CPC分类号: G06F21/575 , G06F9/4401
摘要: A mechanism for protected operating system boot that prevents rogue components from being loaded with the operating system, and thus prevents divulgence of the system key under inappropriate circumstances. After a portion of the machine startup procedure has occurred, the operating system loader is run, the loader is validated, and a correct machine state is either verified to exist and/or created. Once the loader has been verified to be a legitimate loader, and the machine state under which it is running is verified to be correct, the loader's future behavior is known to protect against the loading of rogue components that could cause divulgence of the system key. With the loader's behavior being known to be safe for the system key, the validator may unseal the system key and provides it to the loader.
摘要翻译: 用于保护操作系统启动的机制,可防止恶意组件与操作系统一起加载,从而防止系统密钥在不适当情况下泄露。 在机器启动过程的一部分发生后,运行操作系统加载程序,验证加载程序,并验证是否存在和/或创建正确的机器状态。 一旦加载程序已被验证为合法的装载程序,并且其运行的机器状态被验证为正确的,则加载程序的未来行为是已知的,以防止可能导致系统密钥泄露的流氓组件的加载。 对于系统密钥,加载程序的行为被认为是安全的,验证器可以打开系统密钥并将其提供给加载程序。
-
7.发明申请Communication of information via a side-band channel, and use of same to verify positional relationship 失效通过边带通道进行信息通信,并使用它来验证位置关系公开(公告)号:US20050010818A1
公开(公告)日:2005-01-13
申请号:US10759325
申请日:2004-01-16
申请人: John Paff , Marcus Peinado , Thekkthalackal Kurien , Bryan Willman , Paul England , Andrew Thornton
发明人: John Paff , Marcus Peinado , Thekkthalackal Kurien , Bryan Willman , Paul England , Andrew Thornton
CPC分类号: G06F21/606 , G06F21/85
摘要: The present invention provides for trusted side-band communications between components in a computer system, so that use of the system bus may be avoided. Two components may be connected by means other than a bus (e.g., an infrared port, a wire, an unused pin, etc.), whereby these components may communicate without the use of the system bus. The non-bus communication channel may be referred to as “side-band.” The side-band channel may be used to communicate information that might identify the user's hardware (e.g., a public key) or other information that the user may not want to be easily intercepted by the public at large. Communication over the side-band channel may also be used to verify that the participants in a communication are within a defined positional relationship to each other.
摘要翻译: 本发明提供计算机系统中的组件之间的可靠的边带通信,从而可以避免使用系统总线。 两个组件可以通过除总线(例如,红外线端口,电线,未使用的引脚等)之外的方式连接,由此这些组件可以在不使用系统总线的情况下进行通信。 非总线通信信道可以被称为“边带”。 边带频道可以用于传达可能识别用户硬件(例如,公共密钥)的信息或用户可能不希望容易被公众容易地截获的其他信息。 通过边带信道的通信也可以用于验证通信中的参与者在彼此之间的定义的位置关系内。
-
公开(公告)号:US08619971B2
公开(公告)日:2013-12-31
申请号:US11097697
申请日:2005-04-01
CPC分类号: G06F21/57 , G06F9/5077 , G06F2221/2149
摘要: Systems and methods provide multiple partitions hosted on an isolation technology such as a hypervisor where at least one of the partitions, a local secure service partition (LSSP), provides security services to other partitions. The service partitions (LSSPs) host those high assurance services that require strict security isolation, where the service can be shared across partitions and accessed even when the user is not connected to a network. The LSSP also can certify the results of any computation using a key signed by a TPM attestation identity key (AIK), or other key held securely by the hypervisor or a service partition. The LSSPs may be configured to provide trusted audit logs, trusted security scans, trusted cryptographic services, trusted compilation and testing, trusted logon services, and the like.
摘要翻译: 系统和方法提供了诸如管理程序之类的隔离技术上托管的多个分区,其中至少一个分区本地安全服务分区(LSSP)为其他分区提供安全服务。 服务分区(LSSP)承载需要严格安全隔离的高保证服务,即使在用户未连接到网络时,也可以跨分区共享服务并进行访问。 LSSP还可以使用由TPM认证身份密钥(AIK)签名的密钥或由管理程序或服务分区安全地保存的其他密钥来证明任何计算的结果。 可以将LSSP配置为提供可信的审核日志,可信的安全扫描,可信密码服务,可信的编译和测试,可信登录服务等。
-
公开(公告)号:US09183406B2
公开(公告)日:2015-11-10
申请号:US13012573
申请日:2011-01-24
申请人: Paul England , Marcus Peinado
发明人: Paul England , Marcus Peinado
CPC分类号: G06F21/6218
摘要: In accordance with certain aspects, data is received from a calling program. Ciphertext that includes the data is generated, using public key encryption, in a manner that allows the data to be obtained from the ciphertext only if one or more conditions are satisfied. In accordance with another aspect, a bit string is received from a calling program. Data in the bit string is decrypted using public key decryption and returned to the calling program only if one or more conditions included in the bit string are satisfied.
摘要翻译: 根据某些方面,从呼叫程序接收数据。 使用公钥加密来生成包含数据的密文,只有满足一个或多个条件,才允许从密文获得数据。 根据另一方面,从调用程序接收位串。 使用公钥解密解密比特串中的数据,只有满足包含在比特串中的一个或多个条件时才返回给调用程序。
-
公开(公告)号:US08738890B2
公开(公告)日:2014-05-27
申请号:US13178908
申请日:2011-07-08
申请人: Paul England , Jork Loeser , Luis Irun-Briz
发明人: Paul England , Jork Loeser , Luis Irun-Briz
CPC分类号: G06F12/1036 , G06F9/545 , G06F12/109 , G06F2212/656
摘要: A single application can be executed across multiple execution environments in an efficient manner if at least a relevant portion of the virtual memory assigned to the application was equally accessible by each of the multiple execution environments. A request by a process in one execution environment can, thereby, be directed to an operating system, or other core software, in another execution environment and can be made by a shadow of the requesting process in the same manner as the original request was made by the requesting process itself. Because of the memory invariance between the execution environments, the results of the request will be equally accessible to the original requesting process even though the underlying software that responded to the request may be executing in a different execution environment. A similar thread invariance can be maintained to provide for accurate translation of requests between execution environments.
摘要翻译: 如果分配给应用的虚拟存储器的至少相关部分可以被多个执行环境中的每个执行环境同等地访问,则可以以有效的方式在多个执行环境中执行单个应用。 一个执行环境中的进程的请求可以由此被引导到另一执行环境中的操作系统或其他核心软件,并且可以以与原始请求相同的方式通过请求进程的阴影来进行 通过请求过程本身。 由于执行环境之间的内存不变性,即使响应请求的底层软件可能在不同的执行环境中执行,原始请求进程的请求结果也可以同样访问。 可以维护类似的线程不变性,以便在执行环境之间提供精确的请求转换。
-
-
-
-
-
-
-
-
-
搜索结果
208 条记录 (耗时 0.04 秒)
