公开(公告)号：WO2008157455A3

公开(公告)日：2009-03-05

申请号：PCT/US2008067052

申请日：2008-06-15

Applicant: MICROSOFT CORP

Inventor： KLEIN MATTHEW D ,  ENGLAND PAUL

IPC: G06F9/46

CPC classification number: G06F9/485 ,  G06F9/524

Abstract: Various technologies and techniques are disclosed for detecting and handling blocking events. A user mode thread is assigned a dedicated backing thread. System calls are made on the dedicated backing thread. The kernel detects when a system call results in a blocking event. A core that the dedicated backing thread is currently running on is observed. An entry in a per process table that maps cores to a currently associated primary thread waiting to be woken is consulted. The currently associated primary thread for the core is woken with a special result code to indicate that it was woken due to the blocking system call. The primary thread is released back to the application. A user mode scheduler is notified of the blocking event so a core can continue to be utilized.

Abstract translation: 公开了用于检测和处理阻塞事件的各种技术和技术。 用户模式线程被分配一个专用的背衬线程。 系统调用在专用后备线上进行。 内核检测系统调用何时导致阻塞事件。 观察到专用背衬线程正在运行的核心。 在每个进程表中将核心映射到等待被唤醒的当前关联的主线程的一个条目。 用于核心的当前关联的主线程用特殊结果代码唤醒，以指示由于阻塞系统调用而唤醒它。 主线程被释放回应用程序。 通知用户模式调度器阻塞事件，以便核心可以继续被利用。

公开(公告)号：WO2008157561A3

公开(公告)日：2009-03-19

申请号：PCT/US2008067255

申请日：2008-06-18

Applicant: MICROSOFT CORP

Inventor： KLEIN MATTHEW D ,  ENGLAND PAUL

IPC: G06F9/46 ,  G06F9/00

CPC classification number: G06F9/545 ,  G06F9/45537

Abstract: Various technologies and techniques are disclosed for virtualizing threads. An operating system thread is virtualized by intercepting accesses of the operating system thread state and emulating a normal operating system behavior. A kernel mode thread state is virtualized by intercepting kernel accesses of the kernel mode thread state and emulating a normal kernel mode behavior. A user mode thread state is virtualized by intercepting user mode accesses of the user mode thread state and emulating a normal user mode behavior. If the access is a write access, then the write access is applied to a virtual thread structure. If the access is a read access, then the read access is applied to the virtual thread structure.

Abstract translation: 公开了用于虚拟化线程的各种技术和技术。 通过拦截操作系统线程状态的访问并仿真正常的操作系统行为来虚拟化操作系统线程。 内核模式线程状态通过截取内核模式线程状态的内核访问并模拟正常内核模式行为进行虚拟化。 通过拦截用户模式线程状态的用户模式访问并模拟正常的用户模式行为来虚拟化用户模式线程状态。 如果访问是写入访问，则写访问被应用于虚拟线程结构。 如果访问是读访问，则读访问被应用于虚拟线程结构。

公开(公告)号：WO2006071630A3

公开(公告)日：2007-08-02

申请号：PCT/US2005046091

申请日：2005-12-20

Applicant: MICROSOFT CORP

Inventor： FRANK ALEXANDER ,  ENGLAND PAUL

IPC: G06F15/18

CPC classification number: G06F21/57 ,  H04L9/3234 ,  H04L9/3247 ,  H04L2209/56 ,  H04L2209/80

Abstract: A computer may be secured from attack by including a trusted environment used to verify a known monitor. The monitor may be used to determine a state of the computer for compliance to a set of conditions. The conditions may relate to terms of use, such as credits available for pay-per-use, or that the computer is running certain software, such as virus protection, or that unauthorized peripherals are not attached, or that a required token is present. The monitor may send a signal directly or through the trusted environment to a watchdog circuit. The watchdog circuit disrupts the use of the computer when the signal is not received in a given timeout period.

Abstract translation: 可以通过包括用于验证已知监视器的可信环境来保护计算机免受攻击。 监视器可以用于确定计算机的状态以符合一组条件。 条件可能与使用条款有关，例如可用于每次使用付费的信用额，或者计算机正在运行某些软件，例如病毒防护，或者未附加未授权的外围设备，或者存在所需的令牌。 监视器可以直接或通过可信环境发送信号到看门狗电路。 当给定的超时时间内没有收到信号时，看门狗电路会中断计算机的使用。

公开(公告)号：WO2008157567A3

公开(公告)日：2009-03-05

申请号：PCT/US2008067262

申请日：2008-06-18

Applicant: MICROSOFT CORP

Inventor： KLEIN MATTHEW D ,  ENGLAND PAUL

IPC: G06F9/30 ,  G06F9/00 ,  G06F12/00

CPC classification number: G06F9/545 ,  G06F9/544

Abstract: Various technologies and techniques are disclosed for allowing a user mode stack to be shared by multiple contexts. A user mode stack can be shared between execution contexts that are guaranteed to not need the user mode stack at the same time. For example, each user mode portion of a kernel thread is provided with a dedicated backing thread. When a respective dedicated backing thread is sleeping and not using a respective user mode stack, the user mode stack is allowed to float with a respective user mode portion to other kernel threads. The user mode stack is disassociated from the kernel portion of the thread. The kernel is notified of an address of a user mode thread context. The kernel mode portion of the converted thread becomes a backing thread that waits. The user mode portion of the converted thread can be switched without entering the kernel.

Abstract translation: 公开了允许用户模式堆栈由多个上下文共享的各种技术和技术。 用户模式堆栈可以在保证不需要用户模式堆栈的执行上下文之间共享。 例如，内核线程的每个用户模式部分被提供有专用背衬线程。 当相应的专用后备线程正在休眠而不使用相应的用户模式堆栈时，允许用户模式堆栈以相应的用户模式部分浮动到其他内核线程。 用户模式堆栈与线程的内核部分取消关联。 内核被通知用户模式线程上下文的地址。 转换的线程的内核模式部分成为等待的后备线程。 可以切换转换后的线程的用户模式部分而不进入内核。

公开(公告)号：WO2006110521A3

公开(公告)日：2007-10-25

申请号：PCT/US2006013006

申请日：2006-04-06

Applicant: MICROSOFT CORP

Inventor： KRAMER MICHAEL ,  RAY KENNETH D ,  ENGLAND PAUL ,  FIELD SCOTT A ,  SCHWARTZ JONATHAN D

IPC: G06F11/00 ,  G06F11/30 ,  G06F12/14 ,  G06F12/16 ,  G06F15/18 ,  H04L9/00

CPC classification number: G06F21/51 ,  G06F21/56

Abstract: Systems and methods for validating integrity of an executable file are described. In one aspect, the systems and methods determine that an executable file is being introduced into a path of execution. The executable file is then automatically evaluated in view of multiple malware checks to detect if the executable file represents a type of malware. If the executable file represents a type of malware, a protection path is implemented.

Abstract translation: 描述用于验证可执行文件的完整性的系统和方法。 在一个方面，系统和方法确定可执行文件正被引入到执行的路径中。 然后，根据多个恶意软件检查自动评估可执行文件，以检测可执行文件是否代表一种恶意软件。 如果可执行文件代表一种恶意软件，则会实现保护路径。

公开(公告)号：WO0058859A3

公开(公告)日：2002-09-26

申请号：PCT/US0004949

申请日：2000-02-25

Applicant: MICROSOFT CORP

Inventor： PEINADO MARCUS ,  ABBURI RAJASEKHAR ,  ENGLAND PAUL ,  GANESAN KRISHNAMURTHY ,  BELL JEFFREY R C ,  BLINN ARNOLD N ,  JONES THOMAS C

IPC: G06F1/00 ,  G06F21/00 ,  G06Q20/36 ,  G06Q30/06 ,  H04L29/06 ,  G06F17/60

CPC classification number: G07F11/002 ,  G06F21/10 ,  G06F21/71 ,  G06F2211/007 ,  G06F2221/0797 ,  G06F2221/2105 ,  G06F2221/2137 ,  G06Q20/3678 ,  G06Q30/06 ,  H04L63/0442 ,  H04L63/068 ,  H04L63/0823 ,  H04L63/12 ,  H04L2463/101

Abstract: To obtain a digital license for rendering a piece of digital content, a license requestor contacts a license provider and sends a license request. The license provider checks the license request for validity and negotiates with the license requestor terms and conditions for the requested license. The license provider generates the requested license and issues the generated license to the license requestor.

Abstract translation: 为了获得一个数字内容的数字许可证，许可证请求者联系许可证提供者并发送许可证请求。 许可证提供商检查许可证请求的有效性，并与许可证请求者协商所请求的许可证的条款和条件。 许可证提供者生成请求的许可证，并向许可证请求者发出生成的许可证。

公开(公告)号：WO2008157587A3

公开(公告)日：2009-03-19

申请号：PCT/US2008067308

申请日：2008-06-18

Applicant: MICROSOFT CORP

Inventor： KLEIN MATTHEW D ,  ENGLAND PAUL

IPC: G06F9/46 ,  G06F9/00

CPC classification number: G06F9/461

Abstract: Various technologies and techniques are disclosed for switching user mode thread context. A user mode portion of a thread can be switched without entering a kernel by using execution context directly based on registers. Upon receiving a request to switch a user mode part of a thread to a new thread, user mode register contexts are switched, as well as a user mode thread block by changing an appropriate register to point at the user mode thread block of the new thread. Switching is available in environments using segment registers with offsets. Each user mode thread block in a process has a descriptor in a local descriptor table. When switching a user mode thread context to a new thread, a descriptor is located for a user mode thread block of the new thread. A shadow register is updated with a descriptor base address of the new thread.

Abstract translation: 公开了用于切换用户模式线程上下文的各种技术和技术。 线程的用户模式部分可以通过直接基于寄存器使用执行上下文来切换而不进入内核。 在接收到将线程的用户模式部分切换到新线程的请求时，通过将适当的寄存器改变为指向新线程的用户模式线程块来切换用户模式注册上下文以及用户模式线程块 。 在具有偏移量的段寄存器的环境中可以进行切换。 进程中的每个用户模式线程块在本地描述符表中都有描述符。 当将用户模式线程上下文切换到新线程时，将为新线程的用户模式线程块定位描述符。 影子寄存器用新线程的描述符基地址更新。

公开(公告)号：WO0059150A8

公开(公告)日：2003-01-03

申请号：PCT/US0004947

申请日：2000-02-25

Applicant: MICROSOFT CORP

Inventor： PEINADO MARCUS ,  ABBURI RAJASEKHAR ,  BLINN ARNOLD N ,  JONES THOMAS C ,  MANFERDELLI JOHN L ,  BELL JEFFREY R C ,  VENKATESAN RAMARANTHNAM ,  ENGLAND PAUL ,  JAKUBOWSKI MARIUSZ H ,  YU HAI YING VINCENT

IPC: G06F1/00 ,  G06F12/14 ,  G06F21/00 ,  G06F21/24 ,  G06Q30/06 ,  H04L9/08 ,  H04L9/32 ,  H04L29/06 ,  G06F17/60

CPC classification number: H04L63/0442 ,  G06F21/10 ,  G06F21/71 ,  G06F21/84 ,  G06F2211/007 ,  G06F2221/0797 ,  G06F2221/2105 ,  G06F2221/2137 ,  G06Q30/06 ,  G06Q30/0601 ,  G07F11/002 ,  H04L63/068 ,  H04L63/0823 ,  H04L63/12 ,  H04L2463/101

公开(公告)号：WO0142889A2

公开(公告)日：2001-06-14

申请号：PCT/US0042678

申请日：2000-12-07

Applicant: MICROSOFT CORP

Inventor： ENGLAND PAUL

IPC: G06F1/00 ,  G06F9/445 ,  G06F21/00 ,  G06F21/22

CPC classification number: G06F21/33 ,  G06F9/4416 ,  G06F21/121 ,  G06F2211/1097

Abstract: Each software component loaded for a verified operating system on a client computer must satisfy a set of boot rules for a boot certificate. A verified operating system identifier is created from the boot certificate. The boot certificate is published and signed by a boot authority that attests to the validity of the operating system booted under the boot certificate. Each software component for the operating system is associated with a component certificate published and signed by the same boot authority that signed the boot certificate. The boot rules determine the validity of the software component based on the contents of the component and boot certificates. The client computer transmits the verified operating system identity and the boot certificate to a server computer, such as a content provider, and the content provider determines whether to trust the verified operating system with its content. Downloaded data is secured on permanent storage through a key derived from the verified operating system identifier. The boot certificate, component certificates, and secured content define the boot domain.

Abstract translation: 为客户端计算机上的经过验证的操作系统加载的每个软件组件必须满足一组引导证书的引导规则。 从引导证书创建验证的操作系统标识符。 引导证书由引导权限发布和签名，该引导证书证明在引导证书下启动的操作系统的有效性。 用于操作系统的每个软件组件与由签名引导证书的相同引导权限发布和签名的组件证书相关联。 引导规则基于组件和引导证书的内容来确定软件组件的有效性。 客户端计算机将验证的操作系统身份和引导证书发送到诸如内容提供商的服务器计算机，并且内容提供商确定是否以其内容信任已验证的操作系统。 下载的数据通过从验证的操作系统标识符导出的密钥保护在永久存储上。 启动证书，组件证书和安全内容定义了引导域。

公开(公告)号：WO2009085877A2

公开(公告)日：2009-07-09

申请号：PCT/US2008087292

申请日：2008-12-17

Applicant: MICROSOFT CORP

Inventor： ENGLAND PAUL ,  LOESER JORK ,  IRUN-BRIZ LUIS

IPC: G06F9/06 ,  G06F9/00

CPC classification number: G06F12/1036 ,  G06F9/545 ,  G06F12/109 ,  G06F2212/656

Abstract: A single application can be executed across multiple execution environments in an efficient manner if at least a relevant portion of the virtual memory assigned to the application was equally accessible by each of the multiple execution environments. A request by a process in one execution environment can, thereby, be directed to an operating system, or other core software, in another execution environment and can be made by a shadow of the requesting process in the same manner as the original request was made by the requesting process itself. Because of the memory invariance between the execution environments, the results of the request will be equally accessible to the original requesting process even though the underlying software that responded to the request may be executing in a different execution environment. A similar thread invariance can be maintained to provide for accurate translation of requests between execution environments.

Abstract translation: 如果分配给应用的虚拟存储器的至少相关部分可以被多个执行环境中的每个执行环境同等地访问，则可以以有效的方式在多个执行环境中执行单个应用。 一个执行环境中的进程的请求可以由此被引导到另一执行环境中的操作系统或其他核心软件，并且可以以与原始请求相同的方式通过请求进程的阴影来进行 通过请求过程本身。 由于执行环境之间的内存不变性，即使响应请求的底层软件可能在不同的执行环境中执行，原始请求进程的请求结果也可以同样访问。 可以维护类似的线程不变性，以便在执行环境之间提供精确的请求转换。