会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 4. 发明授权
    • Integration of high-assurance features into an application through application factoring
    • 通过应用程序保理将高保证功能集成到应用程序中
    • US07730318B2
    • 2010-06-01
    • US10693749
    • 2003-10-24
    • Thekkthalackal Varugis KurienKenneth D. RayMarcus PeinadoPaul England
    • Thekkthalackal Varugis KurienKenneth D. RayMarcus PeinadoPaul England
    • H04L9/32
    • G06F21/53
    • Application factoring or partitioning is used to integrate secure features into a conventional application. An application's functionality is partitioned into two sets according to whether a given action does, or does not, involve the handling of sensitive data. Separate software objects (processors) are created to perform these two sets of actions. A trusted processor handles secure data and runs in a high-assurance environment. When another processor encounters secure data, that data is sent to the trusted processor. The data is wrapped in such a way that allows it to be routed to the trusted processor, and prevents the data from being deciphered by any entity other than the trusted processor. An infrastructure is provided that wraps objects, routes them to the correct processor, and allows their integrity to be attested through a chain of trust leading back to base component that is known to be trustworthy.
    • 应用因子分解或分区用于将安全特征集成到常规应用中。 应用程序的功能根据给定操作是否涉及敏感数据的处理而分为两组。 创建独立的软件对象(处理器)来执行这两组操作。 值得信赖的处理器处理安全数据并在高保证环境中运行。 当另一个处理器遇到安全数据时,该数据被发送到可信处理器。 以允许将数据路由到可信处理器的方式包装数据,并且防止数据被除可信处理器之外的任何实体解密。 提供了一个基础设施,用于包装对象,将它们路由到正确的处理器,并通过一系列信任来验证其完整性,并将其引导回已知可靠的基础组件。
    • 8. 发明授权
    • Program authentication on environment
    • 环境方案认证
    • US07591014B2
    • 2009-09-15
    • US11072982
    • 2005-03-04
    • Paul EnglandThekkthalackal Varugis Kurien
    • Paul EnglandThekkthalackal Varugis Kurien
    • G06F7/04
    • G06F21/57
    • To authenticate a program on a computing device to a resource local to or remote from the computing device, a stored program security identifier (PSID) corresponding to the program is retrieved, where the stored PSID includes information taking into account the program itself, the execution setting of the program, and any inputs and initializations that are provided to the program. The PSID is re-constructed based on the same information as obtained from local sources, and the stored and reconstructed PSIDs are compared to determine whether a match exists. If so, it may be concluded that the program operates in a trusted manner according to an approved set of conditions.
    • 为了将计算设备上的程序认证到本地或远离计算设备的资源,检索与程序相对应的存储的程序安全标识符(PSID),其中存储的PSID包括考虑程序本身的信息,执行 程序的设置以及提供给程序的任何输入和初始化。 基于从本地源获得的相同信息重新构建PSID,并且比较存储和重建的PSID以确定是否存在匹配。 如果是这样,可以得出结论,该程序根据一组批准的条件以可信任的方式运行。
    • 9. 发明授权
    • Integrating security protection tools with computer device integrity and privacy policy
    • 将安全保护工具与计算机设备完整性和隐私政策集成
    • US08117441B2
    • 2012-02-14
    • US11472052
    • 2006-06-20
    • Thekkthalackal Varugis KurienJeffrey B HamblinNarasimha Rao NagampalliPeter T BrundrettScott Field
    • Thekkthalackal Varugis KurienJeffrey B HamblinNarasimha Rao NagampalliPeter T BrundrettScott Field
    • H04L29/00H04L29/06
    • G06F21/50G06F21/51G06F21/53
    • At computer device power on, the operating system of the computer device initiates a monitor. The monitor assigns a monitoring program to each program and object (collectively, “program”) running on the computer device to monitor the activities of the program. When the monitoring program is assigned to a program, the monitoring program is assigned an integrity and/or privacy label (collectively, “integrity label”) based on predetermined criteria applied to the monitored program. The monitoring program, in turn, assigns an integrity label to the program monitored by the monitoring program. The integrity label assigned to the monitored program is less than or equal to the integrity label of the monitoring program. The monitor enforces an integrity policy of the computer device based on the integrity label assigned to monitored programs and the integrity label associated with data, another program, or a remote network resource that the monitored program is seeking to access.
    • 在计算机设备上电时,计算机设备的操作系统启动监视器。 监视器为在计算机设备上运行的每个程序和对象(统称为“程序”)分配监视程序,以监视程序的活动。 当监视程序被分配给程序时,基于应用于监视程序的预定标准,向监视程序分配完整性和/或隐私标签(统称为“完整性标签”)。 监控程序又向监控程序监控的程序分配一个完整性标签。 分配给被监视程序的完整性标签小于或等于监视程序的完整性标签。 监视器基于分配给被监视程序的完整性标签和与监视程序正在寻求访问的数据,另一程序或远程网络资源相关联的完整性标签来强制执行计算机设备的完整性策略。