-
公开(公告)号:US20130191643A1
公开(公告)日:2013-07-25
申请号:US13358372
申请日:2012-01-25
申请人: Zhexuan Song , Maarten Wiggers , Ryusuke Masuoka
发明人: Zhexuan Song , Maarten Wiggers , Ryusuke Masuoka
CPC分类号: H04L9/3247 , G06F21/57 , H04L9/3265
摘要: According to an aspect of an embodiment, a method of establishing a chain of trust into a virtual machine on a hardware system is described. The method may include measuring an immutable portion of a virtual machine image configured to instantiate as the virtual machine to generate a trust anchor measurement. The method may also include storing the trust anchor measurement in a sealed memory.
摘要翻译: 根据实施例的一个方面,描述了在硬件系统上建立到虚拟机的信任链的方法。 该方法可以包括测量被配置为实例化为虚拟机以生成信任锚测量的虚拟机映像的不可变部分。 该方法还可以包括将信任锚测量存储在密封存储器中。
-
公开(公告)号:US20120260113A1
公开(公告)日:2012-10-11
申请号:US13082951
申请日:2011-04-08
IPC分类号: G06F1/32 , G06F15/177
CPC分类号: G06Q10/06 , H04L12/2829 , H04L2012/285
摘要: A first electronic device comprises an information-filtering module configured to identify one or more second electronic devices that supply one or more types of information needed by the first electronic device; an information-gathering module coupled to the information-filtering module configured to collect information from the second electronic devices; and an operation module coupled to the information-gathering module configured to adjust operational behavior of the first electronic device based on the collected information.
摘要翻译: 第一电子设备包括信息过滤模块,其被配置为识别提供第一电子设备所需的一种或多种类型的信息的一个或多个第二电子设备; 信息收集模块,耦合到所述信息过滤模块,被配置为从所述第二电子设备收集信息; 以及耦合到所述信息收集模块的操作模块,所述操作模块被配置为基于所收集的信息来调整所述第一电子设备的操作行为。
-
公开(公告)号:US20090235068A1
公开(公告)日:2009-09-17
申请号:US12048096
申请日:2008-03-13
申请人: Zhexuan Song , Seigo Kotani , Sung Lee , Keishiro Tanaka , Houcheng Lee , Jesus Molina , Ryusuke Masuoka , Tomihiro Yamazaki
发明人: Zhexuan Song , Seigo Kotani , Sung Lee , Keishiro Tanaka , Houcheng Lee , Jesus Molina , Ryusuke Masuoka , Tomihiro Yamazaki
IPC分类号: H04L9/32
CPC分类号: H04L9/3231 , H04L9/3263 , H04L2209/80
摘要: A method for identity verification includes receiving a request for proof of identity from a service provider and receiving biometric information associated with a user of a communication device. The method also includes determining that the received biometric information matches a biometric profile that contains biometric information associated with a registered user of the communication device. The method also includes unlocking a private key associated with the registered user in response to determining that the received biometric information matches a biometric profile and sending a request for a digital certificate that is signed with the private key associated with the registered user. The method further includes receiving the digital certificate that includes a public key associated with the registered user and satisfies the request for proof of identity. The method also includes with forwarding the digital certificate to the service provider.
摘要翻译: 用于身份验证的方法包括从服务提供商接收身份证明请求并接收与通信设备的用户相关联的生物特征信息。 该方法还包括确定所接收的生物特征信息与包含与通信设备的注册用户相关联的生物特征信息的生物特征信息匹配。 该方法还包括响应于确定所接收的生物测定信息与生物特征谱匹配并且发送用与注册用户相关联的私钥签名的数字证书的请求来解锁与注册用户相关联的私钥。 该方法还包括接收包括与注册用户相关联的公钥的数字证书,并且满足身份证明请求。 该方法还包括将数字证书转发到服务提供商。
-
公开(公告)号:US08533469B2
公开(公告)日:2013-09-10
申请号:US12623861
申请日:2009-11-23
申请人: Zhexuan Song , Ryusuke Masuoka , Jesus Molina
发明人: Zhexuan Song , Ryusuke Masuoka , Jesus Molina
IPC分类号: H04L29/00
CPC分类号: G06F21/6218 , G06F2221/2107
摘要: A method for securely sharing electronic documents on a document storage system. The method includes receiving an electronic document from a creating user, generating an encryption key unique to the electronic document, encrypting the electronic document using the encryption key to create an encrypted electronic document, and communicating the encrypted electronic document to a document repository for storage/ The method also includes identifying a resource locator for uniquely identifying the storage location of the encrypted electronic document and communicating the encryption key and the resource locator to the creating user. The method also includes receiving the encryption key and the resource locator from a requesting user, retrieving the encrypted electronic document from the document repository using the resource locator, decrypting the encrypted electronic document using the encryption key, and communicating the decrypted electronic document to the requesting user.
摘要翻译: 一种用于在文件存储系统上安全地共享电子文档的方法。 该方法包括从创建用户接收电子文档,生成电子文档特有的加密密钥,使用加密密钥加密电子文档以创建加密的电子文档,以及将加密的电子文档传送到文档储存库,用于存储/ 该方法还包括识别用于唯一地识别加密电子文档的存储位置并将加密密钥和资源定位符传送给创建用户的资源定位符。 该方法还包括从请求用户接收加密密钥和资源定位符,使用资源定位器从文档库中检索加密的电子文档,使用加密密钥解密加密的电子文档,并将解密的电子文档传送到请求 用户。
-
公开(公告)号:US20070266384A1
公开(公告)日:2007-11-15
申请号:US11691807
申请日:2007-03-27
申请人: Yannis Labrou , Ryusuke Masuoka , Zhexuan Song , Guang Huang
发明人: Yannis Labrou , Ryusuke Masuoka , Zhexuan Song , Guang Huang
IPC分类号: G06F9/46
CPC分类号: G06F8/00
摘要: Associating a semantic service description (SSD) with a service, wherein the SSD comprises a semantic description of the service, including a semantic description of a parameter of the service, according to a computer interpretable language, and, as a service grounding, a mapping between the computer interpretable language expressing the SSD and an interface, including an interface parameter, of the service. A dynamic composition of a task based upon a user selection of a plurality of known services is supported and a dynamic association of the task with a user interface of an application is supported, based upon associating the task with the user selection of a UI object, a UI display screen, and a UI event for the application.
摘要翻译: 将语义服务描述(SSD)与服务相关联,其中所述SSD包括所述服务的语义描述,所述语义描述包括所述服务的参数的语义描述,根据计算机可解释语言,并且作为服务接地,映射 在表示SSD的计算机可解释语言和包括接口参数的接口之间。 支持基于多个已知服务的用户选择的任务的动态组合,并且基于将任务与UI对象的用户选择相关联来支持任务与应用的用户界面的动态关联, UI显示屏幕,以及应用程序的UI事件。
-
公开(公告)号:US09992024B2
公开(公告)日:2018-06-05
申请号:US13358372
申请日:2012-01-25
CPC分类号: H04L9/3247 , G06F21/57 , H04L9/3265
摘要: According to an aspect of an embodiment, a method of establishing a chain of trust into a virtual machine on a hardware system is described. The method may include measuring an immutable portion of a virtual machine image configured to instantiate as the virtual machine to generate a trust anchor measurement. The method may also include storing the trust anchor measurement in a sealed memory.
-
公开(公告)号:US08874745B2
公开(公告)日:2014-10-28
申请号:US12748054
申请日:2010-03-26
申请人: Zhexuan Song , Jesus Molina , Ryusuke Masuoka
发明人: Zhexuan Song , Jesus Molina , Ryusuke Masuoka
IPC分类号: G06F15/173 , G06F9/54
CPC分类号: G06F9/54 , G06F2209/541
摘要: Methods and systems for providing services and/or computing resources are provided. A method may include receiving an application from an application provider. The method may further include receiving data from a data provider. The method may also include receiving a first request from the data provider to execute the application and apply the data as input to the application. Additionally, the method may include executing the application in response to receiving the first request. The method may also include storing output data resulting from execution of the application. The method may further include receiving a second request from the data provider to transmit the output data to the data provider. The method may additionally include communicating the output data to the data provider in response to the second request.
摘要翻译: 提供了用于提供服务和/或计算资源的方法和系统。 方法可以包括从应用提供商接收应用。 该方法还可以包括从数据提供者接收数据。 该方法还可以包括从数据提供者接收第一请求以执行应用并将该数据作为输入应用于应用。 另外,该方法可以包括响应于接收到第一请求而执行该应用。 该方法还可以包括存储由应用的执行产生的输出数据。 该方法还可以包括从数据提供者接收第二请求以将输出数据发送到数据提供者。 该方法还可以包括响应于第二请求将输出数据传送到数据提供者。
-
公开(公告)号:US08539551B2
公开(公告)日:2013-09-17
申请号:US12326676
申请日:2008-12-02
申请人: Ryusuke Masuoka , Zhexuan Song
发明人: Ryusuke Masuoka , Zhexuan Song
CPC分类号: H04L63/105 , H04L63/0823 , H04L63/083
摘要: The embodiments provide generating a dedicated virtual machine image (DVMI) including functionality for a target service provider and launching the DVMI in the host device as a dedicated virtual machine (DVM). A measurement of the DVMI and/or the launched DVM, as a Trusted Dedicated Virtual Machine (TDVM), is transmitted to the target service provider server. The target service provider determines a trust level for the TDVM, based upon the measurement and provides a level of service by the target service provider server to the TDVM, according to the trust level of the TDVM.
摘要翻译: 这些实施例提供了生成专用虚拟机映像(DVMI),其包括用于目标服务提供商的功能,并且在主机设备中启动作为专用虚拟机(DVM)的DVMI。 作为可信专用虚拟机(TDVM)的DVMI和/或启动的DVM的测量被发送到目标服务提供商服务器。 目标服务提供商根据测量结果确定TDVM的信任级别,并根据TDVM的信任级别将目标服务提供商服务器的服务级别提供给TDVM。
-
公开(公告)号:US20110314549A1
公开(公告)日:2011-12-22
申请号:US12816998
申请日:2010-06-16
申请人: Zhexuan Song , Ryusuke Masuoka
发明人: Zhexuan Song , Ryusuke Masuoka
CPC分类号: G06F21/31 , G06F21/554 , G06F2221/2137
摘要: A method for authenticating access to an electronic document. The method includes identifying a context event associated with a user seeking access to the electronic document, receiving from the user a plurality of context data, and analyzing the plurality of context data to generate a one or more derived context data. The method may also include receiving from an authentication module a context request, and in response to the context request, generating a context report, wherein the context report includes at least the one or more derived context data, and is configured to enable the authentication module to authenticate the user's access to the electronic document using a first authentication mechanism. The method may also include communicating the context report to the authentication module, monitoring the user to identify an occurrence of the context event, and upon identifying the occurrence of the context event, generating a context event flag, the context event flag configured to inform the authentication module to reauthenticate the user's access to the electronic document.
摘要翻译: 用于认证对电子文档的访问的方法。 该方法包括识别与寻求对电子文档的访问的用户相关联的上下文事件,从用户接收多个上下文数据,以及分析多个上下文数据以生成一个或多个导出的上下文数据。 该方法还可以包括从认证模块接收上下文请求,并且响应于上下文请求生成上下文报告,其中上下文报告至少包括一个或多个导出的上下文数据,并且被配置为使能认证模块 以使用第一认证机制来认证用户对电子文档的访问。 所述方法还可以包括将上下文报告传送到认证模块,监视用户以识别上下文事件的发生,以及在识别上下文事件的发生时,生成上下文事件标志,所述上下文事件标志被配置为通知 认证模块来重新认证用户对电子文档的访问。
-
公开(公告)号:US08065336B2
公开(公告)日:2011-11-22
申请号:US11014904
申请日:2004-12-20
CPC分类号: G06F17/30734 , G06F17/30731
摘要: A computer-implemented method of defining a set of annotation elements to map a concept to electronic data as input data; generating a mapping rule, according to the set of annotation elements defined and a sample of the input data; mapping the concept to the input data by applying the mapping rule to the input data; and generating a semantic instance of the input data based upon the mapping of the concept to the input data. The set of annotation elements to map the concept to the input data are a selected ontology corresponding to the input data, a selected ontology concept from the selected ontology, a mapping of a word or word phrase in the sample input data to the selected ontology concept from the selected ontology, and a pattern of the mapped word or word phrase relative to a structure of the sample input data.
摘要翻译: 一种计算机实现的方法,用于定义一组注释元素以将概念映射为电子数据作为输入数据; 根据定义的注释元素集合和输入数据的样本生成映射规则; 通过将映射规则应用于输入数据,将概念映射到输入数据; 以及基于所述概念与所述输入数据的映射来生成所述输入数据的语义实例。 用于将概念映射到输入数据的注释元素集合是对应于输入数据的选定本体,来自所选本体的所选择的本体概念,将样本输入数据中的单词或单词短语映射到所选择的本体概念 来自所选择的本体,以及相对于样本输入数据的结构的映射词或词组的模式。
-
-
-
-
-
-
-
-
-