-
公开(公告)号:WO2023083500A1
公开(公告)日:2023-05-19
申请号:PCT/EP2022/064614
申请日:2022-05-30
Applicant: BAYERISCHE MOTOREN WERKE AKTIENGESELLSCHAFT
Inventor: HILD, Sebastian , SCHOCH, Elmar , WIMMER, Richard , RAITH, Maximilian , GRUFFKE, Michael
Abstract: Ausführungsbeispiele der vorliegenden Erfindung beziehen sich auf ein Verfahren, auf eine Fahrzeugkomponente und auf ein Computerprogramm zum Einräumen einer Berechtigung zum Ausführen eines Computerprogramms durch eine Fahrzeugkomponente eines Fahrzeugs, und auf ein Fahrzeug mit einer entsprechenden Fahrzeugkomponente. Das Verfahren umfasst ein Hinterlegen, im Rahmen eines Herstellungsprozesses, einer Identifikationsinformation auf der Fahrzeugkomponente. Die Identifikationsinformation ist spezifisch für die Fahrzeugkomponente. Das Verfahren umfasst ferner ein Hinterlegen eines zusätzlichen Prüfschlüssels in die Fahrzeugkomponente während eines Entwicklungsprozesses, der an die Identifikationsinformation durch eine kryptografische Signatur gekoppelt ist. Das Verfahren umfasst ferner ein Erhalten des Computerprogramms für die Fahrzeugkomponente. Das Computerprogramm ist kryptographisch signiert. Das Verfahren umfasst ferner ein Ausführen des Computerprogramms, falls die kryptographische Signatur des Computerprogramms nach Prüfung mit dem eingebrachten Prüfschlüssel gültig ist und auf der Identifikationsinformation basiert.
-
公开(公告)号:WO2023082340A1
公开(公告)日:2023-05-19
申请号:PCT/CN2021/132932
申请日:2021-11-24
Applicant: 浙江大学
IPC: G06F21/57
Abstract: 本发明公开了一种基于形式化验证的嵌入式设备安全启动方案设计方法,基于形式化的分析与验证,通过分析威胁模型,得到安全需求,并以此为基础建立形式化模型,最终转换成安全启动方案,并通过定理证明的方法确保嵌入式设备安全启动方案的可用性和安全性,本发明针对嵌入式系统设备在安全启动过程中存在的安全性问题,提供了一种基于形式化验证的解决方法。该方法系统全面地分析了安全启动过程中所面临的问题,给出具体的安全启动方案设计,并通过使用定理证明的方法给出具体方案的可用性和安全性的证明,本发明不仅可以快速的解决安全启动过程中的威胁,还从理论上证明了方案的安全性和可靠性。
-
公开(公告)号:WO2023080974A1
公开(公告)日:2023-05-11
申请号:PCT/US2022/045530
申请日:2022-10-03
Applicant: INTEL CORPORATION
Inventor: YAO, Jiewen , HARRIMAN, David , RUAN, Xiaoyu , NATU, Mahesh
Abstract: Various embodiments provide apparatuses, systems, and methods for establishing, by a data object exchange (DOE entity) of a peripheral component interconnect express (PCIe) device, a first session for communication between a first host entity of a host device and a first PCIe entity of the PCIe device, and a second session for communication between a second host entity of the host device and a second PCIe entity of the PCIe device. The first session may have a first security policy and be a session of a first connection between the PCIe device and the host device. The second session may have a second security policy and be a session of a second connection between the PCIe device and the host device. Other embodiments may be described and claimed.
-
公开(公告)号:WO2023075965A1
公开(公告)日:2023-05-04
申请号:PCT/US2022/044777
申请日:2022-09-27
Applicant: MICROSOFT TECHNOLOGY LICENSING, LLC.
Inventor: HEN, Idan , GROSSMAN, Ilay , DAVID, Avichai Ben
Abstract: A system to detect an abnormal classic authorizations, such as in a classic authorization system of a resource access management system, and take action is described. The system determines an anomaly score in from a model applied to a classic assignment event. An indicator score is determined from the classic assignment event applied to domain-based rules. The security action is taken based on a combination of the anomaly score and the indicator score.
-
公开(公告)号:WO2023075906A1
公开(公告)日:2023-05-04
申请号:PCT/US2022/041413
申请日:2022-08-24
Applicant: ORACLE INTERNATIONAL CORPORATION
Inventor: GOPALAKRISHNAN, Venkatakrishnan , ŠTERBA, Ján , LAM, May Bich Nhi , XUE, Yunjiao , LEI, Nana , CHENG, Edward C. , WELCHER, Hayward Ivan Craig , WEST, Jacob Becker , CAO, Qi Wen
Abstract: Machine-learning techniques and models are described for alerting users to attacks on accounts in real-time or near real-time. In some embodiments, an attack detection model uses Natural Language Processing (NLP) and multi-level classification techniques to monitor login attempts and detect attacks. The model may use NLP to convert text associated with account activity to numerical vectors, where the vectors include scores and/or other numerical values computed based on the meaning of the converted text. The model may further include a set of classifiers trained to learn patterns in the numerical vectors that are predictive of a network attack. The model may assign labels to events based on the predicted likelihood that the event is an attack. The system may deploy real-time preventative or corrective measures based on the ML model output to counter or mitigate the effects of an attack.
-
Patent Agency Ranking
公开(公告)号:WO2023075768A1
公开(公告)日:2023-05-04
申请号:PCT/US2021/056932
申请日:2021-10-28
Applicant: GOOGLE LLC
Inventor: SCHNEIDER, Christopher
Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media, for preserving user privacy when selecting content are described. In some aspects, a method includes receiving a data element identifying a set of candidate digital components and, for each candidate digital component, a set of distribution parameters for the candidate digital component. For each candidate digital component, encrypted selection data for the candidate digital component is provided as input to a cryptographic analysis application running in a trusted hardware module of a client device. The encrypted selection data represents the set of distribution parameters for the candidate digital component and is encrypted using a zero-knowledge proof protocol. The cryptographic analysis application is configured to determine a measure of match between the selection data and user attributes of a user of the client device.
-
公开(公告)号:WO2023075500A1
公开(公告)日:2023-05-04
申请号:PCT/KR2022/016692
申请日:2022-10-28
Applicant: 주식회사 지엔
Abstract: IoT 기기 점검 방법 및 그 장치가 개시된다. 분석서버는 IoT 기기에 정보수집모듈을 전송하고, 정보수집모듈을 통해 IoT 기기의 상태정보를 수집하고, 상태정보를 기초로 취약점에 관한 정보를 포함하는 데이터베이스를 탐색하여 IoT 기기의 취약점을 분석한다.
-
公开(公告)号:WO2023073124A1
公开(公告)日:2023-05-04
申请号:PCT/EP2022/080122
申请日:2022-10-27
Applicant: THALES DIS FRANCE SAS
Inventor: FOKLE KOKOU, Milas , HUYSMANS, Guillaume , TEGLIA, Yannick
Abstract: The present invention relates to a method for securely executing an application on a second device, wherein a memory space of said application comprises an execution enclave configured to access a memory of the second device storing sealed data obtained by a sealing enclave by sealing on a first device a predetermined message with a first hardware key associated to said first device based on a value depending on an identity of said sealing enclave, and comprising, performed by said execution enclave to verify that the second device is authorized to execute the application, − a) retrieving (E1) said sealed data in said memory, − b) retrieving (E2) an enclave identity of said execution enclave, − c) based on said retrieved enclave identity, obtaining a second hardware key associated to said second device and verifying that the second device is authorized to execute the application using said obtained second hardware key and said retrieved sealed data (E3), − d) if verification is successful, continuing (E4) said application's execution on said second device.
-
公开(公告)号:WO2023072057A1
公开(公告)日:2023-05-04
申请号:PCT/CN2022/127338
申请日:2022-10-25
Applicant: 中移(苏州)软件技术有限公司 , 中国移动通信集团有限公司
Inventor: 沈宁敏
IPC: G06F21/57
Abstract: 一种提供安全服务的方法及装置、电子设备及计算机存储介质,所述方法包括:在规范化语句的约束下创建主机安全模型(S101);获取租户下的主机信息;其中,所述主机信息至少包括:主机的订购信息以及所述主机的资产信息(S102);将所述主机信息输入到所述安全模型,得到所述安全模型输出的安全服务信息(S103);基于所述安全服务信息,向所述租户的主机提供对应的安全服务(S104);通过规范化语句的约束创建安全模型,并且利用安全模型输出的安全服务信息向租户的所有主机提供对应的全局化的安全服务,进行相应的安全预防和加固。
-
公开(公告)号:WO2023071424A1
公开(公告)日:2023-05-04
申请号:PCT/CN2022/112614
申请日:2022-08-15
Applicant: 中国银联股份有限公司
IPC: G06F21/57
Abstract: 本申请公开了一种电子设备、可信应用调用方法、装置、设备及介质,用于准确的管理可信应用。本申请中CA发起调用信息后,可信应用开发平台可以接收该调用信息,并从可信应用开发平台包含的至少两个TEE OS分别对应的原生可信应用中,确定调用信息携带的第一标识信息对应的原生可信应用,将调用信息发送给第一标识信息对应的原生可信应用;第一标识信息对应的原生可信应用接收调用信息,并根据调用信息携带的第二标识信息,从安装在自身中的至少一个字节码可信应用中,确定第二标识信息对应的字节码可信应用,并根据调用信息,调用第二标识信息对应的字节码可信应用,实现在原生可信应用中管理多个字节码可信应用,实现准确管理可信应用的目的。
-
-
-
-
-
-
-
-
-
Search Results
1980
records
(took 0.019 seconds)
