-
公开(公告)号:US07716494B2
公开(公告)日:2010-05-11
申请号:US10893137
申请日:2004-07-15
IPC分类号: H04L9/00
CPC分类号: G06F21/57
摘要: A trusted platform in a digital processing system is maintained even when modules, or other processes or data, are loaded after a boot sequence. A configuration file is used to include measurements (e.g., hash values, signatures, etc.) of modules to be loaded. After secure boot-up the operating system kernel uses the configuration file to check module integrity prior to loading and executing. If a module does not verify against the configuration file data then the system can prevent further operation, restrict certain operations, indicate the non-trusted nature of the system or take other actions. In one embodiment, if a module does not pass the integrity check then the failed measurement is extended into a specific Platform Configuration Register (PCR) within a Trusted Platform Manager (TPM) process. Subsequently, client applications can determine if the platform is trustable based on the return of the PCR value. A local application (application running in the same platform) can “seal” secrets to a trusted platform. The operation of the application relies on the secrets, which can only be revealed in a trusted platform.
摘要翻译: 即使在引导顺序之后加载模块或其他进程或数据,数字处理系统中的信任平台也得以维护。 配置文件用于包括要加载的模块的测量(例如散列值,签名等)。 在安全启动之后,操作系统内核在加载和执行之前使用配置文件来检查模块的完整性。 如果模块没有针对配置文件数据进行验证,则系统可以防止进一步的操作,限制某些操作,指示系统的不受信任的性质或采取其他操作。 在一个实施例中,如果模块不通过完整性检查,则将失败的测量扩展到可信平台管理器(TPM)进程内的特定平台配置寄存器(PCR)。 随后,客户应用程序可以根据PCR值的返回来确定平台是否可信任。 本地应用程序(在同一平台上运行的应用程序)可以将密码“密封”到可信赖的平台。 应用程序的操作依赖于只能在可信平台中显示的秘密。
-
公开(公告)号:US20060015717A1
公开(公告)日:2006-01-19
申请号:US10893137
申请日:2004-07-15
申请人: Zhengrong Liu , Yusuf Purna , Takemura Shinichi , Nicholas Szeto
发明人: Zhengrong Liu , Yusuf Purna , Takemura Shinichi , Nicholas Szeto
IPC分类号: H04L9/00
CPC分类号: G06F21/57
摘要: A trusted platform in a digital processing system is maintained even when modules, or other processes or data, are loaded after a boot sequence. A configuration file is used to include measurements (e.g., hash values, signatures, etc.) of modules to be loaded. After secure boot-up the operating system kernel uses the configuration file to check module integrity prior to loading and executing. If a module does not verify against the configuration file data then the system can prevent further operation, restrict certain operations, indicate the non-trusted nature of the system or take other actions. In one embodiment, if a module does not pass the integrity check then the failed measurement is extended into a specific Platform Configuration Register (PCR) within a Trusted Platform Manager (TPM) process. Subsequently, client applications can determine if the platform is trustable based on the return of the PCR value. A local application (application running in the same platform) can “seal” secrets to a trusted platform. The operation of the application relies on the secrets, which can only be revealed in a trusted platform.
摘要翻译: 即使在引导顺序之后加载模块或其他进程或数据,数字处理系统中的信任平台也得以维护。 配置文件用于包括要加载的模块的测量(例如散列值,签名等)。 在安全启动之后,操作系统内核在加载和执行之前使用配置文件来检查模块的完整性。 如果模块没有针对配置文件数据进行验证,则系统可以防止进一步的操作,限制某些操作,指示系统的不受信任的性质或采取其他操作。 在一个实施例中,如果模块不通过完整性检查,则将失败的测量扩展到可信平台管理器(TPM)进程内的特定平台配置寄存器(PCR)。 随后,客户应用程序可以根据PCR值的返回来确定平台是否可信任。 本地应用程序(在同一平台上运行的应用程序)可以将密码“密封”到可信赖的平台。 应用程序的操作依赖于只能在可信平台中显示的秘密。
-
3.发明授权System and method for authorizing the use of stored information in an operating system 失效授权在操作系统中使用存储信息的系统和方法公开(公告)号:US07568102B2
公开(公告)日:2009-07-28
申请号:US10893765
申请日:2004-07-15
IPC分类号: H04L21/00
CPC分类号: G06F21/125 , H04L9/3247 , H04L2209/60
摘要: A method and apparatus for authorizing a file to use stored information for executing a process in a Linux operating system. The file includes an executable linking format, an application authorization data, and other attributes for the application.
摘要翻译: 一种授权文件使用存储信息执行Linux操作系统中的进程的方法和装置。 该文件包括可执行链接格式,应用程序授权数据和应用程序的其他属性。
-
4.发明申请System and method for storing attributes in a file for processing an operating system 审中-公开用于在用于处理操作系统的文件中存储属性的系统和方法公开(公告)号:US20060015860A1
公开(公告)日:2006-01-19
申请号:US10893129
申请日:2004-07-15
申请人: Zhengrong Liu , Takemura Shinichi
发明人: Zhengrong Liu , Takemura Shinichi
IPC分类号: G06F9/44
CPC分类号: G06F21/64
摘要: A method and apparatus for adding sections to a file used for executing a process in a Linux operating system. The file includes existing sections, an executable linking format, and other attributes for the application. Sections are added to the existing sections of the file which may be used to execute a process in a Linux operating system.
摘要翻译: 一种用于在Linux操作系统中为用于执行进程的文件添加部分的方法和装置。 该文件包括现有的部分,可执行链接格式和应用程序的其他属性。 部分将添加到文件的现有部分,可用于在Linux操作系统中执行进程。
-
公开(公告)号:US08238880B2
公开(公告)日:2012-08-07
申请号:US13096192
申请日:2011-04-28
申请人: Chongting Jin , Zhengrong Liu , Qicheng Guo
发明人: Chongting Jin , Zhengrong Liu , Qicheng Guo
摘要: The present invention discloses a method and an apparatus for processing an authentication of a mobile terminal, wherein the method includes: a network side receiving an image identity message from a mobile terminal, wherein the image identity message carries current image feature information and a user identifier of the mobile terminal; and searching image feature information which is saved previously in a database by the user identifier of the mobile terminal, performing a corresponding algorithm match between the current image feature information and the image feature information according to a preset security level, and performing an authentication on the mobile terminal based on the result of the match. By means of the technical solution of the present invention applying, the image information collected by photo shooting is used as an identity identification password, therefore, the identity authentications of different security levels can be provided, and the security and the expansibility of the identity authentication of the mobile terminal is increased greatly.
摘要翻译: 本发明公开了一种用于处理移动终端的认证的方法和装置,其中该方法包括:网络侧从移动终端接收图像标识消息,其中图像标识消息携带当前图像特征信息和用户标识符 的移动终端; 以及通过移动终端的用户标识搜索先前保存在数据库中的图像特征信息,根据预设的安全级别执行当前图像特征信息和图像特征信息之间的对应算法匹配,并对 移动终端基于匹配的结果。 通过应用本发明的技术方案,将通过照片拍摄收集的图像信息用作身份识别密码,因此可以提供不同安全级别的身份认证,身份认证的安全性和可扩展性 的移动终端大大增加。
-
公开(公告)号:US20120176420A1
公开(公告)日:2012-07-12
申请号:US13395483
申请日:2010-07-20
申请人: Zhengrong Liu
发明人: Zhengrong Liu
IPC分类号: G09G5/10
CPC分类号: H04N5/58 , G09G3/3406 , G09G5/10 , G09G2320/0626 , G09G2320/0653 , G09G2360/144 , H04M1/72569 , H04N21/42202 , H04N21/4318
摘要: The present invention provides a device and method for controlling screen brightness. The method comprises: a light sensor acquiring a brightness signal intensity value of external environment and transmitting the brightness signal intensity value to a comparator; the comparator comparing the received brightness signal intensity value with a stored brightness signal intensity value and outputting a comparison result to an integrator; if the comparison result is that the received brightness signal intensity value is greater than the stored brightness signal intensity value, the integrator increasing the stored brightness signal intensity value by a fixed value according to the comparison result; and if the comparison result is that the received brightness signal intensity value is less than the stored brightness signal intensity value, the integrator decreasing the stored brightness signal intensity value by a fixed value according to the comparison result.
摘要翻译: 本发明提供了一种用于控制屏幕亮度的装置和方法。 该方法包括:光传感器,获取外部环境的亮度信号强度值,并将亮度信号强度值发送到比较器; 所述比较器将所接收的亮度信号强度值与存储的亮度信号强度值进行比较,并将比较结果输出到积分器; 如果比较结果是接收到的亮度信号强度值大于存储的亮度信号强度值,则积分器根据比较结果将存储的亮度信号强度值增加固定值; 如果比较结果是接收到的亮度信号强度值小于存储的亮度信号强度值,则积分器根据比较结果将存储的亮度信号强度值减小固定值。
-
公开(公告)号:US08594111B2
公开(公告)日:2013-11-26
申请号:US13422698
申请日:2012-03-16
申请人: Wan Lam , Xinwei Han , Zhengrong Liu , Xu Chen
发明人: Wan Lam , Xinwei Han , Zhengrong Liu , Xu Chen
CPC分类号: H04L49/90
摘要: The present invention discloses a method for buffering a cell by a crossbar switching matrix, which includes: sending a jitter timestamp to a switching port connected to the crossbar switching matrix through a link, and receiving a cell that is sent by the switching port and carries the jitter timestamp, in which the jitter timestamp indicates a jitter of the link itself; and using a sum of the jitter timestamp carried in the cell and a relative delay timestamp of the corresponding link as a total timestamp, and storing the cell in a buffering unit corresponding to the total timestamp in a cell buffer of the link, in which the relative delay timestamp indicates a difference of a delay of the link relative to a delay of a lowest link.
摘要翻译: 本发明公开了一种通过交叉开关矩阵来缓冲单元的方法,包括:通过链路向连接到交叉开关矩阵的交换端口发送抖动时间戳,并接收由交换端口发送的小区,并携带 抖动时间戳,其中抖动时间戳表示链路本身的抖动; 以及使用所述小区中承载的所述抖动时间戳和所述相应链路的相对延迟时间戳的总和作为总时间戳,并且将所述小区存储在与所述链路的小区缓冲器中的所述总时间戳对应的缓冲单元中,其中 相对延迟时间戳表示链路相对于最低链路的延迟的延迟的差异。
-
公开(公告)号:US20130064312A1
公开(公告)日:2013-03-14
申请号:US13613112
申请日:2012-09-13
申请人: Chunxing Huang , Wan Lam , Pongbo Guo , Zhengrong Liu
发明人: Chunxing Huang , Wan Lam , Pongbo Guo , Zhengrong Liu
CPC分类号: H04L1/009 , H04L1/0083 , H04L1/1809 , H04L1/205
摘要: The present invention provides a data transmission method including: sending, by a transmitter, a source data frame to a receiver, and saving, the source data frame; sending, by the transmitter, other data frames to the receiver, and saving the other data frames; receiving, by the transmitter, a data retransmission notification which is related to the source data frame and sent by the receiver; and retrieving, by the transmitter, the source data frame and other data frames from a storage space, where the other data frames are sent by the transmitter to the receiver in a time period from sending the source data frame by the transmitter to receiving the data retransmission notification by the transmitter, and retransmitting the source data frame and the other data frames to the receiver.
摘要翻译: 本发明提供一种数据传输方法,包括:由发射机向接收机发送源数据帧,并保存源数据帧; 由发射机向接收机发送其他数据帧,并保存其他数据帧; 由所述发射机接收与所述源数据帧相关并由所述接收机发送的数据重传通知; 以及由所述发射机从存储空间检索所述源数据帧和其他数据帧,其中在由所述发射机发送所述源数据帧以接收所述数据的时间段中,由所述发射机向所述接收机发送其他数据帧 由发射机进行重发通知,并将源数据帧和其他数据帧重发给接收机。
-
公开(公告)号:US08797372B2
公开(公告)日:2014-08-05
申请号:US13395483
申请日:2010-07-20
申请人: Zhengrong Liu
发明人: Zhengrong Liu
IPC分类号: G09G5/10 , H04N5/58 , H04M1/725 , H04N21/431 , H04N21/422 , G09G3/34
CPC分类号: H04N5/58 , G09G3/3406 , G09G5/10 , G09G2320/0626 , G09G2320/0653 , G09G2360/144 , H04M1/72569 , H04N21/42202 , H04N21/4318
摘要: The present invention provides a device and method for controlling screen brightness. The method comprises: a light sensor acquiring a brightness signal intensity value of external environment and transmitting the brightness signal intensity value to a comparator; the comparator comparing the received brightness signal intensity value with a stored brightness signal intensity value and outputting a comparison result to an integrator; if the comparison result is that the received brightness signal intensity value is greater than the stored brightness signal intensity value, the integrator increasing the stored brightness signal intensity value by a fixed value according to the comparison result; and if the comparison result is that the received brightness signal intensity value is less than the stored brightness signal intensity value, the integrator decreasing the stored brightness signal intensity value by a fixed value according to the comparison result.
摘要翻译: 本发明提供了一种用于控制屏幕亮度的装置和方法。 该方法包括:光传感器,获取外部环境的亮度信号强度值,并将亮度信号强度值发送到比较器; 所述比较器将所接收的亮度信号强度值与存储的亮度信号强度值进行比较,并将比较结果输出到积分器; 如果比较结果是接收到的亮度信号强度值大于存储的亮度信号强度值,则积分器根据比较结果将存储的亮度信号强度值增加固定值; 如果比较结果是接收到的亮度信号强度值小于存储的亮度信号强度值,则积分器根据比较结果将存储的亮度信号强度值减小固定值。
-
10.发明授权Use of kernel authorization data to maintain security in a digital processing system 失效使用内核授权数据来维护数字处理系统的安全性公开(公告)号:US07552326B2
公开(公告)日:2009-06-23
申请号:US10893763
申请日:2004-07-15
IPC分类号: H04L9/00
CPC分类号: G06F21/57
摘要: A system to manage and control usage rights for cryptographic keys. A kernel process is provided with secure and exclusive authorization to access certain keys in a key hierarchy. Special authorization is required for other processes or users to access keys used by the kernel. A persistent storage area is used to hold a Kernel Authorization Data field for the root key and/or other keys used by the kernel or other specialized processes. The authorization data, and the keys it protects, can be used to protect other portions of, or the entire, key structure. The persistent storage area is reserved in a TPM or similar security hardware.
摘要翻译: 用于管理和控制加密密钥的使用权限的系统。 内核进程提供安全和排他的权限,以访问密钥层次结构中的某些密钥。 其他进程或用户需要特殊授权来访问内核使用的密钥。 持久存储区域用于保存内核或其他专门进程使用的根密钥和/或其他密钥的内核授权数据字段。 授权数据及其保护的密钥可用于保护键结构的其他部分或全部。 持久存储区域在TPM或类似的安全硬件中保留。
-
-
-
-
-
-
-
-
-
搜索结果
13 条记录 (耗时 0.021 秒)
