专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

41. 发明授权

US06948073B2 Protecting decrypted compressed content and decrypted decompressed content at a digital rights management client 失效
公开(公告)号：US06948073B2
公开(公告)日：2005-09-20
申请号：US09892283
申请日：2001-06-27
申请人： Paul England , Marcus Peinado , Mukund Sankaranarayan
发明人： Paul England , Marcus Peinado , Mukund Sankaranarayan
IPC分类号： G06F21/00 , G06F11/30
CPC分类号： G06F21/10
摘要： Theft of decompressed digital content as the content is being rendered is prevented. A requested slow-down of the rendering of the content is detected. Transfers of relatively large amounts of data are detected. A re-compressor-based requested slow-down of the rendering of the content is detected. A re-compressor re-compressing the content is detected. In each situation, the detected activity is presumably initiated by a content thief attempting to steal the content. In each situation, the detected activity is responded to in a manner designed to frustrate the presumed attempt of the content thief to steal the content.

42. 发明申请

US20050171904A1 System and method for flexible micropayment of low value electronic assets 审中-公开
公开(公告)号：US20050171904A1
公开(公告)日：2005-08-04
申请号：US11087922
申请日：2005-03-23
申请人： Yacov Yacobi , Paul England
发明人： Yacov Yacobi , Paul England
IPC分类号： G06Q20/02 , G06Q20/06 , G06Q20/10 , G06Q20/12 , G06Q20/22 , G06Q20/38 , G06F17/60
CPC分类号： G06Q20/06 , G06Q20/02 , G06Q20/102 , G06Q20/108 , G06Q20/12 , G06Q20/29 , G06Q20/3825
摘要： An electronic asset system mints a stick of electronic assets that can be spent by the user with multiple vendors. Assets sticks are issued anonymously or non-anonymously in a way without requiring dedication to a particular vendor, hence allowing the user to spend one or more assets from the stick with different vendors. The auditor randomly audit samples of the spent assets to detect whether the assets have been fraudulently used. The electronic asset system employs tamper-resistant electronic wallets constructed as dedicated hardware devices, or as devices with secure-processor architecture. The electronic asset system also facilitates handling of electronic coupons in a manner that enforces compliance between the user and the vendor. The user and vendor each maintain a stick of corresponding coupons with pointers to the most recent and oldest coupons available for expenditure. When a coupon is used or granted, the user and vendor both update the appropriate pointer to their respective sticks and then exchange signed data describing placement of the pointer to verify a correspondence between the referenced coupons.

43. 发明申请

US20050097355A1 Hierarchical trusted code for content protection in computers 失效
公开(公告)号：US20050097355A1
公开(公告)日：2005-05-05
申请号：US11011457
申请日：2004-12-13
申请人： Paul England , Butler Lampson
发明人： Paul England , Butler Lampson
IPC分类号： G06F21/00 , G06Q10/10 , H04L9/00
CPC分类号： G06Q10/10 , G06F21/57
摘要： An architecture for protecting premium content in a nonsecure computer environment executes only a small number of code modules in a secure memory. The modules are arranged in a hierarchy of trust, where a module names other modules that it is willing to trust, and those modules in turn name other modules that they are willing to trust. A secure loader loads a security manager that oversees a number of content-providing modules for manipulating the content. A memory manager assigns permissions to various pages of the secure memory. The memory has rings of different security. The security model can be extended to program modules and other devices on the computer's bus, such as DMA controllers and peripherals.

44. 发明授权

US08621243B2 Saving and retrieving data based on public key encryption 有权
公开(公告)号：US08621243B2
公开(公告)日：2013-12-31
申请号：US13015402
申请日：2011-01-27
申请人： Paul England , Marcus Peinado
发明人： Paul England , Marcus Peinado
IPC分类号： G06F12/14
CPC分类号： G06F21/6218
摘要： In accordance with certain aspects, data is received from a calling program. Ciphertext that includes the data is generated, using public key encryption, in a manner that allows the data to be obtained from the ciphertext only if one or more conditions are satisfied. In accordance with another aspect, a bit string is received from a calling program. Data in the bit string is decrypted using public key decryption and returned to the calling program only if one or more conditions included in the bit string are satisfied.

45. 发明授权

US08028172B2 Systems and methods for updating a secure boot process on a computer with a hardware security module 有权
标题翻译：使用硬件安全模块在计算机上更新安全引导过程的系统和方法
公开(公告)号：US08028172B2
公开(公告)日：2011-09-27
申请号：US11036018
申请日：2005-01-14
申请人： Jamie Hunter , Paul England , Russell Humphries , Stefan Thom , James Anthony Schwartz, Jr. , Kenneth D. Ray , Jonathan Schwartz
发明人： Jamie Hunter , Paul England , Russell Humphries , Stefan Thom , James Anthony Schwartz, Jr. , Kenneth D. Ray , Jonathan Schwartz
IPC分类号： H04L9/32
CPC分类号： G06F21/575
摘要： Systems and methods are provided for maintaining and updating a secure boot process on a computer with a trusted platform module (TPM). A boot process may be maintained by inspecting a log of TPM activity, determining data that prevented a secret to unseal, and returning the data to an original state. In situations where this type of recovery is not workable, techniques for authenticating a user may be used, allowing the authenticated user to bypass the security features of the boot process and reseal the boot secrets to platform configuration register (PCR) values that may have changed. Finally, a secure boot process may be upgraded by migrating TPM sealed secrets to a temporary storage location, updating one or more aspects of a secure boot process, and resealing the secrets to the resulting new platform configuration. Other advantages and features of the invention are described below.
摘要翻译：提供了系统和方法，用于在具有可信平台模块（TPM）的计算机上维护和更新安全引导过程。可以通过检查TPM活动的日志来确定启动过程，确定防止秘密解密的数据，并将数据返回到原始状态。在这种类型的恢复不可行的情况下，可以使用用于验证用户的技术，允许经过身份验证的用户绕过引导过程的安全特征并将启动秘密重新密封到可能已经改变的平台配置寄存器（PCR）值。最后，可以通过将TPM密封的秘密迁移到临时存储位置来升级安全引导过程，更新安全引导过程的一个或多个方面，以及将密码重新密封到所得到的新平台配置。下面描述本发明的其它优点和特征。

46. 发明授权

US07890771B2 Saving and retrieving data based on public key encryption 有权
标题翻译：基于公钥加密保存和检索数据
公开(公告)号：US07890771B2
公开(公告)日：2011-02-15
申请号：US10407117
申请日：2003-04-04
申请人： Paul England , Marcus Peinado
发明人： Paul England , Marcus Peinado
IPC分类号： G06F11/30
CPC分类号： G06F21/6218
摘要： In accordance with certain aspects, data is received from a calling program. Ciphertext that includes the data is generated, using public key encryption, in a manner that allows only one or more target programs to be able to obtain the data from the ciphertext. In accordance with another aspect, a bit string is received from a calling program. An identifier of the calling program is checked to determine whether the calling program is allowed to access data encrypted in ciphertext of the bit string. The data is decrypted using public key decryption and returned to the calling program only if the calling program is allowed to access the data.
摘要翻译：根据某些方面，从呼叫程序接收数据。使用公钥加密来生成包含数据的密文，只允许一个或多个目标程序能够从密文获得数据。根据另一方面，从调用程序接收位串。检查调用程序的标识符以确定是否允许调用程序访问以位串的密文加密的数据。数据使用公开密钥解密解密，只有在允许调用程序访问数据的情况下才能返回到调用程序。

47. 发明授权

US07836299B2 Virtualization of software configuration registers of the TPM cryptographic processor 有权
标题翻译：虚拟化TPM加密处理器的软件配置寄存器
公开(公告)号：US07836299B2
公开(公告)日：2010-11-16
申请号：US11080906
申请日：2005-03-15
申请人： Paul England , Matthew C. Setzer
发明人： Paul England , Matthew C. Setzer
IPC分类号： H04L29/06 , G06F11/30
CPC分类号： G06F21/57
摘要： A virtual PCR (VPCR) construct is provided that can be cryptographically tagged as optionally resettable or as enduring for the life of a client (process, virtual machine, and the like) and that can be loaded into a resettable hardware PCR to make use of the functionality of a Trusted Platform Module (TPM). The VPCRs may cryptographically reflect their characteristics (resettable or not) in their stored values. Also, since the PCRs are virtualized, they are (effectively) unlimited in number and may be given general names (UUIDs) that are less likely to collide. The VPCRs can be loaded into a physical PCR as needed, but in a way that stops one piece of software from impersonating another piece of software. The VPCRs thus enable all software using the TPM to be given access to TPM functionality (sealing, quoting, etc.) without security concerns.
摘要翻译：提供虚拟PCR（VPCR）构造，其可以被加密地标记为可选择地重置或在客户端（过程，虚拟机等）的寿命中持久，并且可以将其加载到可重置的硬件PCR中以利用可信平台模块（TPM）的功能。 VPCR可以加密地反映其存储值的特性（可重置或不可复位）。此外，由于PCR被虚拟化，它们（有效地）数量无限制，并且可以被给予不太可能发生冲突的通用名称（UUID）。 VPCR可以根据需要加载到物理PCR中，但可以阻止一块软件冒充另一块软件。因此，VPCR可以使所有使用TPM的软件都能够获得TPM功能（密封，引用等），而无需安全考虑。

48. 发明授权

US07797544B2 Attesting to establish trust between computer entities 有权
标题翻译：证明在计算机实体之间建立信任
公开(公告)号：US07797544B2
公开(公告)日：2010-09-14
申请号：US10734028
申请日：2003-12-11
申请人： Blair B. Dillaway , Paul England , Marcus Peinado
发明人： Blair B. Dillaway , Paul England , Marcus Peinado
IPC分类号： H04L9/32
CPC分类号： H04L9/0825 , H04L9/3226 , H04L9/3247 , H04L9/3265 , H04L2209/56
摘要： To establish trust between first and second entities, the first entity sends an attestation message to the second entity, including a code ID, relevant data, a digital signature based on the code ID and data, and a certificate chain. The second entity verifies the signature and decides whether to in fact enter into a trust-based relationship with the first entity based on the code ID and the data in the attestation message. Upon so deciding, the second entity sends a trust message to the first entity, including a secret to be shared between the first and second entities. The first entity obtains the shared secret in the trust message and employs the shared secret to exchange information with the second entity.
摘要翻译：为了在第一和第二实体之间建立信任，第一实体向第二实体发送认证消息，包括代码ID，相关数据，基于代码ID和数据的数字签名以及证书链。第二实体验证签名，并且基于代码ID和认证消息中的数据来确定是否实际上与第一实体进行基于信任的关系。在这样确定的情况下，第二实体向第一实体发送信任消息，包括要在第一和第二实体之间共享的秘密。第一实体获取信任消息中的共享密钥，并使用共享密钥与第二实体交换信息。

49. 发明授权

US07765397B2 Generating, migrating or exporting bound keys 失效
标题翻译：生成，迁移或导出绑定键
公开(公告)号：US07765397B2
公开(公告)日：2010-07-27
申请号：US11557581
申请日：2006-11-08
申请人： Paul England , Marcus Peinado
发明人： Paul England , Marcus Peinado
IPC分类号： H04L29/06
CPC分类号： G06F21/6218
摘要： In accordance with certain aspects, data is received from a calling program. Ciphertext that includes the data is generated, using public key encryption, in a manner that allows only one or more target programs to be able to obtain the data from the ciphertext. In accordance with another aspect, a bit string is received from a calling program. An identifier of the calling program is checked to determine whether the calling program is allowed to access data encrypted in ciphertext of the bit string. The data is decrypted using public key decryption and returned to the calling program only if the calling program is allowed to access the data.
摘要翻译：根据某些方面，从呼叫程序接收数据。使用公钥加密来生成包含数据的密文，只允许一个或多个目标程序能够从密文获得数据。根据另一方面，从调用程序接收位串。检查调用程序的标识符以确定是否允许调用程序访问以位串的密文加密的数据。数据使用公开密钥解密解密，只有在允许调用程序访问数据的情况下才能返回到调用程序。

50. 发明授权

US07650478B2 Using limits on address translation to control access to an addressable entity 有权
标题翻译：使用地址转换限制来控制对可寻址实体的访问
公开(公告)号：US07650478B2
公开(公告)日：2010-01-19
申请号：US11299083
申请日：2005-12-09
申请人： Marcus Peinado , Paul England , Bryan Mark Willman
发明人： Marcus Peinado , Paul England , Bryan Mark Willman
IPC分类号： G06F12/00
CPC分类号： G06F12/145
摘要： A data storage resource is identifiable by physical addresses, and optionally by a virtual address. A policy defines which resources are accessible and which resources are not accessible. A request to access a resource is allowed if access to the resource is permitted by the policy, and if carrying out the access will not cause virtual addresses to be assigned to resources to which the policy disallows access. Since resources to which access is disallowed do not have virtual addresses, certain types of access requests that identify a resource by a virtual address can be allowed without consulting the policy.
摘要翻译：数据存储资源可以通过物理地址和可选的虚拟地址来识别。策略定义哪些资源是可访问的，哪些资源不可访问。如果策略允许对资源的访问，则允许访问资源的请求，并且如果执行访问不会导致将虚拟地址分配给策略不允许访问的资源。由于不允许访问的资源没有虚拟地址，因此可以允许在不咨询策略的情况下识别虚拟地址的资源的某些类型的访问请求。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式