会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 2. 发明申请
    • TECHNOLOGIES FOR CONTROL FLOW EXPLOIT MITIGATION USING PROCESSOR TRACE
    • 使用处理器跟踪控制流量开采减少的技术
    • US20160283714A1
    • 2016-09-29
    • US14670988
    • 2015-03-27
    • Michael LeMayRavi L. SahitaBeeman C. StrongThilo SchmittYuriy BulyginMarkus T. Metzger
    • Michael LeMayRavi L. SahitaBeeman C. StrongThilo SchmittYuriy BulyginMarkus T. Metzger
    • G06F21/56G06F21/44
    • G06F21/56G06F21/44G06F21/52
    • Technologies for control flow exploit mitigation include a computing device having a processor with real-time instruction tracing support. During execution of a process, the processor generates trace data indicative of control flow of the process. The computing device analyzes the trace data to identify suspected control flow exploits. The computing device may use heuristic algorithms to identify return-oriented programming exploits. The computing device may maintain a shadow stack based on the trace data. The computing device may identify indirect branches to unauthorized addresses based on the trace data to identify jump-oriented programming exploits. The computing device may check the trace data whenever the process is preempted. The processor may detect mispredicted return instructions in real time and invoke a software handler in the process space of the process to verify and maintain the shadow stack. Other embodiments are described and claimed.
    • 用于控制流利用减轻的技术包括具有具有实时指令跟踪支持的处理器的计算设备。 在处理过程中,处理器产生指示过程控制流的跟踪数据。 计算设备分析跟踪数据以识别可疑的控制流攻击。 计算设备可以使用启发式算法来识别返回导向的编程漏洞。 计算设备可以基于跟踪数据来维护阴影栈。 计算设备可以基于跟踪数据来识别对未授权地址的间接分支,以识别面向跳跃的编程漏洞。 每当进程被抢占时,计算设备可以检查跟踪数据。 处理器可以实时地检测错误的返回指令,并且在该过程的过程空间中调用软件处理程序以验证和维护该影子栈。 描述和要求保护其他实施例。
    • 3. 发明申请
    • HARDWARE SHADOW STACK SUPPORT FOR LEGACY GUESTS
    • 硬件阴影堆栈支持LEGACY GUESTS
    • US20160092673A1
    • 2016-03-31
    • US14498075
    • 2014-09-26
    • Michael LeMayBarry E. Huntley
    • Michael LeMayBarry E. Huntley
    • G06F21/52G06F9/455
    • G06F21/52G06F8/30G06F8/31G06F9/4484G06F9/45533G06F9/45558G06F11/3419G06F21/56G06F2009/45587
    • Technologies for shadow stack support for legacy guests include a computing device having a processor with shadow stack support. During execution of a call instruction, the processor determines whether a legacy stack pointer is within bounds and generates a virtual machine exit if the legacy stack pointer is out-of-bounds. If not out-of-bounds, the processor pushes a return address onto the legacy stack and onto a shadow stack protected by a hypervisor. During execution of a return instruction, the processor determines whether top return addresses of the legacy stack and the shadow stack match, and generates a virtual machine exit if the return addresses do not match. If the return addresses match, the processor pops the return addresses off of the legacy stack and off of the shadow stack. The stack out-of-bounds and the stack mismatch virtual machine exits may be handled by the hypervisor. Other embodiments are described and claimed.
    • 用于传统客户端的影子堆栈支持技术包括具有处理器的计算设备,该处理器具有阴影栈支持。 在执行调用指令期间,处理器确定传统堆栈指针是否在边界内,如果传统堆栈指针超出边界,则会生成虚拟机退出。 如果不是超出范围,处理器将返回地址推送到传统堆栈上,并将其保存到由管理程序保护的影子堆栈上。 在执行返回指令期间,处理器确定传统堆栈和影子堆叠的顶部返回地址是否匹配,并且如果返回地址不匹配则生成虚拟机退出。 如果返回地址匹配,处理器会将返回地址从传统堆栈中弹出并离开阴影栈。 虚拟机管理程序可以处理堆栈超出范围和堆栈不匹配的虚拟机退出。 描述和要求保护其他实施例。
    • 7. 发明申请
    • Secure electronic message transport protocol
    • 安全电子消息传输协议
    • US20050198170A1
    • 2005-09-08
    • US11009399
    • 2004-12-10
    • Michael LeMayJack Tan
    • Michael LeMayJack Tan
    • G06F15/16
    • H04L63/045H04L51/00H04L63/126
    • An electronic message transport protocol applies two distinct sub-protocols, a message transport protocol and an encryption key management protocol, which operate in tandem to provide enhanced security. The protocol may employ an existing SMTP infrastructure to transport secure email messages, and a key server implementing the key management protocol to transport key packets associated with the secure email message. However, the protocol need not be limited to email, and may be applicable to other electronic message applications. The message transport protocol permits communicating parties to obscure their identities to enhance security. The key management protocol supports message security, and allows senders to control access to messages even after they have been transmitted. The message transport protocol permits the sender to encrypt the entire message and utilizes the key management protocol for exchange of necessary keys. The message transport protocol relies on a group addressing scheme to obscure individual sender and recipient identities.
    • 电子消息传输协议应用两个不同的子协议,即消息传输协议和加密密钥管理协议,其一起工作以提供增强的安全性。 该协议可以使用现有的SMTP基础设施来传输安全电子邮件消息,以及实施密钥管理协议的密钥服务器来传送与安全电子邮件消息相关联的密钥包。 然而,该协议不限于电子邮件,并且可以适用于其他电子消息应用。 消息传输协议允许通信方掩盖其身份以增强安全性。 密钥管理协议支持消息安全性,并且允许发送者控制对消息的访问,即使它们已经被发送。 消息传输协议允许发送方加密整个消息,并利用密钥管理协议来交换必要的密钥。 消息传输协议依赖于组寻址方案来模糊个体发送者和接收者身份。
    • 8. 发明申请
    • TECHNOLOGIES FOR INDIRECT BRANCH TARGET SECURITY
    • 用于间接分支目标安全的技术
    • US20160170769A1
    • 2016-06-16
    • US14570507
    • 2014-12-15
    • Michael LeMay
    • Michael LeMay
    • G06F9/38H04L9/08G06F9/30G06F12/14G06F12/12G06F9/35
    • G06F9/3863G06F9/30043G06F9/30054G06F9/322G06F9/35G06F12/12G06F12/1408G06F21/566G06F2212/1052G06F2212/70H04L9/0861
    • Technologies for indirect branch target security include a computing device having a processor to execute an indirect branch instruction. The processor may determine an indirect branch target of the indirect branch instruction, load a memory tag associated with the indirect branch target, and determine whether the memory tag is set. The processor may generate a security fault if the memory tag is not set. The processor may load an encrypted indirect branch target, decrypt the encrypted branch target using an activation record key stored in an activation key register, and perform a jump to the indirect branch target. The processor may generate a next activation record coordinate as a function of the activation record key and a return address of a call instruction and generate the next activation record key as a function of the next activation record coordinate. Other embodiments are described and claimed.
    • 用于间接分支目标安全性的技术包括具有执行间接分支指令的处理器的计算设备。 处理器可以确定间接分支指令的间接分支目标,加载与间接分支目标相关联的存储器标签,并确定是否设置了存储器标签。 如果内存标签未设置,则处理器可能会产生安全故障。 处理器可以加载加密的间接分支目标,使用存储在激活密钥寄存器中的激活记录密钥解密加密的分支目标,并执行到间接分支目标的跳转。 处理器可以根据激活记录密钥和呼叫指令的返回地址生成下一个激活记录坐标,并根据下一个激活记录坐标生成下一个激活记录密钥。 描述和要求保护其他实施例。
    • 9. 发明授权
    • Secure electronic message transport protocol
    • 安全电子消息传输协议
    • US07774411B2
    • 2010-08-10
    • US11009399
    • 2004-12-10
    • Michael LeMayJack Tan
    • Michael LeMayJack Tan
    • G06F15/16
    • H04L63/045H04L51/00H04L63/126
    • An electronic message transport protocol applies two distinct sub-protocols, a message transport protocol and an encryption key management protocol, which operate in tandem to provide enhanced security. The protocol may employ an existing SMTP infrastructure to transport secure email messages, and a key server implementing the key management protocol to transport key packets associated with the secure email message. However, the protocol need not be limited to email, and may be applicable to other electronic message applications. The message transport protocol permits communicating parties to obscure their identities to enhance security. The key management protocol supports message security, and allows senders to control access to messages even after they have been transmitted. The message transport protocol permits the sender to encrypt the entire message and utilizes the key management protocol for exchange of necessary keys. The message transport protocol relies on a group addressing scheme to obscure individual sender and recipient identities.
    • 电子消息传输协议应用两个不同的子协议,即消息传输协议和加密密钥管理协议,其一起工作以提供增强的安全性。 该协议可以使用现有的SMTP基础设施来传输安全电子邮件消息,以及实施密钥管理协议的密钥服务器来传送与安全电子邮件消息相关联的密钥包。 然而,该协议不限于电子邮件,并且可以适用于其他电子消息应用。 消息传输协议允许通信方掩盖其身份以增强安全性。 密钥管理协议支持消息安全性,并且允许发送者控制对消息的访问,即使它们已经被发送。 消息传输协议允许发送方加密整个消息,并利用密钥管理协议来交换必要的密钥。 消息传输协议依赖于组寻址方案来模糊个体发送者和接收者身份。