利索-全球专利检索

  1. 登录
  2. 注册

搜索结果

143 条记录 (耗时 0.027 秒)

    Method and apparatus for secure page swapping in virtual memory systems
    5.
    发明申请
    Method and apparatus for secure page swapping in virtual memory systems 审中-公开
    用于在虚拟存储器系统中进行安全页面交换的方法和装置

    公开(公告)号:US20080077767A1

    公开(公告)日:2008-03-27

    申请号:US11528161

    申请日:2006-09-27

    申请人: Hormuzd M. Khosravi Uday Savagaonkar Ravi Sahita David Durham Travis Schluessler Gayathri Nagabhushan

    发明人: Hormuzd M. Khosravi Uday Savagaonkar Ravi Sahita David Durham Travis Schluessler Gayathri Nagabhushan

    IPC分类号: G06F12/00 G06F13/00

    CPC分类号: G06F12/1475 G06F12/0804 G06F12/1408 G06F12/1491

    摘要: Embodiments described herein disclose a method and apparatus for secure page swapping in a virtual memory system. An integrity check value mechanism is used to protect software programs from run-time attacks against memory pages while those pages are swapped to secondary memory. A hash value is computed for an agent page as it is swapped from primary memory to secondary memory. When the page is swapped back into primary memory from secondary memory, that hash value is recomputed to verify that the page was not modified while stored in secondary memory. Alternatively, the hash value is pre-computed and placed in an integrity manifest wherein it is retrieved and verified when the page is loaded back into primary memory from secondary memory.

    摘要翻译: 本文描述的实施例公开了一种用于虚拟存储器系统中的安全页面交换的方法和装置。 完整性检查值机制用于保护软件程序免受针对存储器页面的运行时攻击,而这些页面被交换到辅助存储器。 当代理页面从主存储器交换到辅助存储器时,计算哈希值。 当页面从辅助存储器交换回主存储器时,重新计算该哈希值,以验证在存储在辅助存储器中的页面是否未被修改。 或者,哈希值是预先计算的并且被放置在完整性清单中,其中当从第二存储器将页面加载回主存储器时,其被检索和验证。

    Validating a memory type modification attempt
    6.
    发明授权
    Validating a memory type modification attempt 有权
    验证内存类型修改尝试

    公开(公告)号:US07748037B2

    公开(公告)日:2010-06-29

    申请号:US11233733

    申请日:2005-09-22

    申请人: Priya Rajagopal Uday Savagaonkar David Durham Ravi Sahita Hormuzd Khosravi

    发明人: Priya Rajagopal Uday Savagaonkar David Durham Ravi Sahita Hormuzd Khosravi

    IPC分类号: G06F21/00

    CPC分类号: G06F12/1491 G06F21/74 Y02D10/13

    摘要: A system and process are described to enable at least one of a plurality of host agents executing on a system to update memory region types of a system memory, register the at least one host agent in a registry stored in system management memory, receive a system management interrupt (SMI) from one of the plurality of host agents to update a memory region type, determine if the host agent issuing the SMI is listed in the registry stored in system management memory, update the memory region in response to determining the host agent issuing the SMI is listed in the registry, and maintain the memory region type in response to determining the host agent issuing the SMI is not listed in the registry.

    摘要翻译: 描述系统和过程以使得在系统上执行的多个主机代理中的至少一个能够更新系统存储器的存储器区域类型,在存储在系统管理存储器中的注册表中注册至少一个主机代理,接收系统 管理中断(SMI)从多个主机代理之一更新存储器区域类型,确定发出SMI的主机代理是否列在存储在系统管理存储器中的注册表中,响应于确定主机代理来更新存储器区域 发出SMI是在注册表中列出的,并且维护内存区域类型以响应确定发起SMI的主机代理不在注册表中列出。

    Tamper protection of software agents operating in a VT environment methods and apparatuses
    9.
    发明申请
    Tamper protection of software agents operating in a VT environment methods and apparatuses 失效
    在VT环境中操作的软件代理的篡改保护方法和设备

    公开(公告)号:US20080082772A1

    公开(公告)日:2008-04-03

    申请号:US11529828

    申请日:2006-09-29

    申请人: Uday Savagaonkar Ravi Sahita David Durham Hormuzd Khosravi

    发明人: Uday Savagaonkar Ravi Sahita David Durham Hormuzd Khosravi

    IPC分类号: G06F12/14

    CPC分类号: G06F12/145 G06F12/1491 G06F21/54 G06F21/6218 G06F21/79 G06F2221/2141

    摘要: Methods, apparatuses, articles, and systems for comparing a first security domain of a first memory page of a physical device to a second security domain of a second memory page of the physical device, the security domains being stored in one or more registers of a processor of the physical device, are described herein. Based on the comparison, the processor disallows an instruction from the first memory page to access the second memory page if the first security domain is different from the second security domain. Resultantly, software agents, in particular, critical software agents, may be protected in a VT environment more efficiently and effectively.

    摘要翻译: 用于将物理设备的第一存储器页面的第一安全域与物理设备的第二存储器页面的第二安全域进行比较的方法,设备,文章和系统,所述安全域被存储在物理设备的一个或多个寄存器中 物理设备的处理器。 基于比较,如果第一安全域与第二安全域不同,则处理器不允许来自第一存储器页的指令访问第二存储器页。 因此,软件代理,特别是关键软件代理,可以在VT环境中更有效和更有效地得到保护。