专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20070118769A1 System and Method for Authenticating an Operating System to a Central Processing Unit, Providing the CPU/OS with Secure Storage, and Authenticating the CPU/OS to a Third Party 有权
标题翻译：用于向中央处理单元验证操作系统的系统和方法，向CPU / OS提供安全存储，以及向第三方认证CPU / OS
公开(公告)号：US20070118769A1
公开(公告)日：2007-05-24
申请号：US11615361
申请日：2006-12-22
申请人： Paul England , John DeTreville , Butler Lampson
发明人： Paul England , John DeTreville , Butler Lampson
IPC分类号： G06F12/14
CPC分类号： G06F21/10 , G06F9/4406 , G06F9/468 , G06F21/445 , G06F21/57 , G06F21/575 , G06F2221/0704 , G06F2221/2103 , G06F2221/2113 , G06F2221/2129
摘要： In accordance with certain aspects, a chain of trust is established between a subscriber unit and a content provider. A request is submitted from the subscriber unit to the content provider. A challenge nonce is generated at the content provider and returned to the subscriber unit. At the subscriber unit, an operating system (OS) certificate containing an identity of the operating system from the software identity register, information describing the operating system, the challenge nonce, and a CPU public key is formed, and the OS certificate is signed using a CPU private key. The OS certificate and a CPU manufacturer certificate supplied by a manufacturer of the CPU are passed from the subscriber unit to the content provider, and are evaluated at the content provider to determine whether to reject or fulfill the request.
摘要翻译：根据某些方面，在用户单元和内容提供商之间建立信任链。从用户单元向内容提供商提交请求。挑战随机数在内容提供者处产生并返回到用户单元。在订户单元处，形成包含来自软件身份寄存器的操作系统的身份的操作系统（OS）证书，描述操作系统的信息，挑战随机数和CPU公钥，并且使用一个CPU私钥。由CPU制造商提供的OS证书和CPU制造商证书从用户单元传递到内容提供商，并在内容提供商处进行评估，以确定是否拒绝或完成请求。

2. 发明申请

US20060021064A1 Key-based secure storage 有权
标题翻译：基于密钥的安全存储
公开(公告)号：US20060021064A1
公开(公告)日：2006-01-26
申请号：US11221047
申请日：2005-09-07
申请人： Paul England , John DeTreville , Butler Lampson
发明人： Paul England , John DeTreville , Butler Lampson
IPC分类号： H04L9/32
CPC分类号： G06F9/468 , G06F9/4406 , G06F21/10 , G06F21/575 , G06F2221/2113 , H04L63/0435 , H04L63/0442 , H04L63/166
摘要： A one-way hash function is applied to a seed supplied by an application to produce a hashed seed that is used to generate the application storage key. A one-way hash function is applied to a seed supplied by a user to produce a first hashed seed that is passed to a keyed hash function, which is keyed to an identity for the user, to produce a second hashed seed. The second hashed seed is used to generate the user storage key. An operating system storage key is generated from an unhashed seed. One of the storage keys is used to encrypt the downloaded content. An access predicate attached to the content when it is downloaded is associated with the storage key to enforce certain limitations on the access of the content.
摘要翻译：单向散列函数应用于由应用程序提供的种子以产生用于生成应用程序存储密钥的散列种子。单向散列函数被应用于由用户提供的种子以产生第一散列种子，该第一散列种子被传递给键入的哈希函数，其被键入用户的身份，以产生第二散列种子。第二个散列种子用于生成用户存储密钥。从未分解的种子生成操作系统存储密钥。其中一个存储密钥用于加密下载的内容。在下载时附加到内容的访问谓词与存储密钥相关联，以对内容的访问执行某些限制。

3. 发明申请

US20070104329A1 System and Method for Authenticating an Operating System to a Central Processing Unit, Providing the CPU/OS with Secure Storage, and Authenticating the CPU/OS to a Third Party 审中-公开
标题翻译：用于向中央处理单元验证操作系统的系统和方法，向CPU / OS提供安全存储，以及向第三方认证CPU / OS
公开(公告)号：US20070104329A1
公开(公告)日：2007-05-10
申请号：US11615195
申请日：2006-12-22
申请人： Paul England , John Detreville , Butler Lampson
发明人： Paul England , John Detreville , Butler Lampson
IPC分类号： H04K1/00
CPC分类号： G06F21/10 , G06F9/4406 , G06F9/468 , G06F21/445 , G06F21/57 , G06F21/575 , G06F2221/0704 , G06F2221/2103 , G06F2221/2113 , G06F2221/2129
摘要： In accordance with certain aspects, an operating system is booted for execution on a central processing unit (CPU). An atomic operation is executed, and if the atomic operation completes correctly then a software identity register of the CPU is set to an identity of the operating system.
摘要翻译：根据某些方面，引导操作系统以在中央处理单元（CPU）上执行。执行原子操作，如果原子操作正确完成，则将CPU的软件标识寄存器设置为操作系统的标识。

4. 发明申请

US20050289067A1 System and method for secure storage of data using a key 审中-公开
标题翻译：使用密钥安全存储数据的系统和方法
公开(公告)号：US20050289067A1
公开(公告)日：2005-12-29
申请号：US11207917
申请日：2005-08-19
申请人： Butler Lampson , John De Treville , Paul England
发明人： Butler Lampson , John De Treville , Paul England
IPC分类号： G06F9/445 , G06F9/46 , G06F21/00 , H04L9/00 , H04L29/06
CPC分类号： G06F9/468 , G06F9/4406 , G06F21/10 , G06F21/575 , G06F2221/2113 , H04L63/0435 , H04L63/0442 , H04L63/166
摘要： In one aspect, a data structure to be encrypted is received in a device, the data structure including content along with a statement of conditions under which the content may be decrypted. The data structure is encrypted using a symmetric key of a processor of the device. In another aspect, a data structure is decrypted using a processor symmetric key. A statement of conditions under which content in the data structure can be decrypted is obtained, and testing is performed as to whether the conditions are satisfied. The decrypted content is returned only if the conditions are satisfied.
摘要翻译：一方面，在设备中接收要加密的数据结构，该数据结构包括内容以及内容可被解密的条件语句。使用设备的处理器的对称密钥对数据结构进行加密。在另一方面，使用处理器对称密钥解密数据结构。获得可解密数据结构中的内容的条件声明，并且对条件是否满足进行测试。解密的内容只有在满足条件的情况下才会被返回。

5. 发明申请

US20070118738A1 System and Method for Authenticating an Operating System to a Central Processing Unit, Providing the CPU/OS with Secure Storage, and Authenticating the CPU/OS to a Third Party 有权
标题翻译：用于向中央处理单元验证操作系统的系统和方法，向CPU / OS提供安全存储，以及向第三方认证CPU / OS
公开(公告)号：US20070118738A1
公开(公告)日：2007-05-24
申请号：US11615266
申请日：2006-12-22
申请人： Paul England , John DeTreville , Butler Lampson
发明人： Paul England , John DeTreville , Butler Lampson
IPC分类号： H04L9/00
CPC分类号： G06F21/10 , G06F9/4406 , G06F9/468 , G06F21/445 , G06F21/57 , G06F21/575 , G06F2221/0704 , G06F2221/2103 , G06F2221/2113 , G06F2221/2129
摘要： In accordance with certain aspects, a computer system has a central processing unit (CPU) and an operating system (OS), the CPU having a pair of private and public keys and a software identity register that holds an identity of the operating system. An OS certificate is created including the identity from the software identity register, information describing the operating system, and the CPU public key. The created OS certificate is signed using the CPU private key.
摘要翻译：根据某些方面，计算机系统具有中央处理单元（CPU）和操作系统（OS），所述CPU具有一对专用和公共密钥以及保存操作系统的身份的软件身份寄存器。创建一个OS证书，包括软件身份登记器的身份，描述操作系统的信息和CPU公钥。创建的OS证书使用CPU私钥进行签名。

6. 发明申请

US20050060549A1 Controlling access to content based on certificates and access predicates 审中-公开
标题翻译：基于证书和访问谓词控制对内容的访问
公开(公告)号：US20050060549A1
公开(公告)日：2005-03-17
申请号：US10972507
申请日：2004-10-25
申请人： Paul England , John DeTreville , Butler Lampson
发明人： Paul England , John DeTreville , Butler Lampson
IPC分类号： G06F21/00 , H04L9/00
CPC分类号： G06F21/10 , G06F21/57 , G06F2221/2101 , H04L9/3263 , H04L2209/603
摘要： Digital rights for content downloaded to a subscriber computer from a provider are specified in an access predicate. The access predicate is compared with a rights manager certificate associated with an entity, such as an application, that wants access to the content. If the rights manager certificate satisfies the access predicate, the entity is allowed access to the content. A license that specifies limitations on the use of the content can also be associated with the content and provided to the entity. The use the entity makes of the content is monitored and terminated if the entity violates the license limitations. In one aspect of the invention, the access predicate and the license are protected from tampering through cryptographic techniques.
摘要翻译：在访问谓词中指定了从提供者下载到用户计算机的内容的数字权限。访问谓词与与想要访问内容的实体（例如应用）相关联的权限管理器证书进行比较。如果权限管理器证书满足访问谓词，则允许实体访问内容。指定对使用内容的限制的许可证也可以与内容相关联并提供给实体。如果实体违反许可证限制，使用实体使内容受到监控和终止。在本发明的一个方面，访问谓词和许可证被保护免受通过加密技术的篡改。

7. 发明申请

US20050235362A1 Hierarchical trusted code for content protection in computers 有权
标题翻译：计算机内容保护的层次可信代码
公开(公告)号：US20050235362A1
公开(公告)日：2005-10-20
申请号：US11018065
申请日：2004-12-20
申请人： Paul England , Butler Lampson
发明人： Paul England , Butler Lampson
IPC分类号： G06F21/00 , G06Q10/10 , H04L9/00
CPC分类号： G06Q10/10 , G06F21/57
摘要： An architecture for protecting premium content in a nonsecure computer environment executes only a small number of code modules in a secure memory. The modules are arranged in a hierarchy of trust, where a module names other modules that it is willing to trust, and those modules in turn name other modules that they are willing to trust. A secure loader loads a security manager that oversees a number of content-providing modules for manipulating the content. A memory manager assigns permissions to various pages of the secure memory. The memory has rings of different security. The security model can be extended to program modules and other devices on the computer's bus, such as DMA controllers and peripherals.
摘要翻译：在非安全计算机环境中保护优质内容的架构仅在安全存储器中执行少量代码模块。这些模块被布置在信任层级中，其中模块命名它愿意信任的其他模块，而这些模块又命名他们愿意信任的其他模块。安全加载器加载一个安全管理器，该管理器负责监视用于操纵内容的多个内容提供模块。内存管理员将权限分配给安全内存的各个页面。内存具有不同安全性的环。安全模型可以扩展到计算机总线上的程序模块和其他设备，如DMA控制器和外设。

8. 发明申请

US20050097355A1 Hierarchical trusted code for content protection in computers 失效
公开(公告)号：US20050097355A1
公开(公告)日：2005-05-05
申请号：US11011457
申请日：2004-12-13
申请人： Paul England , Butler Lampson
发明人： Paul England , Butler Lampson
IPC分类号： G06F21/00 , G06Q10/10 , H04L9/00
CPC分类号： G06Q10/10 , G06F21/57
摘要： An architecture for protecting premium content in a nonsecure computer environment executes only a small number of code modules in a secure memory. The modules are arranged in a hierarchy of trust, where a module names other modules that it is willing to trust, and those modules in turn name other modules that they are willing to trust. A secure loader loads a security manager that oversees a number of content-providing modules for manipulating the content. A memory manager assigns permissions to various pages of the secure memory. The memory has rings of different security. The security model can be extended to program modules and other devices on the computer's bus, such as DMA controllers and peripherals.

9. 发明授权

US09400639B2 Generating programs using context-free compositions and probability of determined transformation rules 有权
标题翻译：使用无上下文的构图和确定的转换规则的概率生成程序
公开(公告)号：US09400639B2
公开(公告)日：2016-07-26
申请号：US13530138
申请日：2012-06-22
申请人： Adam Kalai , Butler Lampson , Sumit Gulwani , Aditya Krishna Menon , Omer Tamuz
发明人： Adam Kalai , Butler Lampson , Sumit Gulwani , Aditya Krishna Menon , Omer Tamuz
IPC分类号： G06F9/44 , G06N5/02 , G06F17/22
CPC分类号： G06F8/30 , G05B19/0423 , G05B2219/23246 , G06F8/34 , G06F17/2282 , G06N5/025 , G06N99/005
摘要： There is provided a method and system for generating a program. The method includes detecting a number of steps for performing a task on a computing device and detecting an example relating to each of the steps, wherein the example includes input data and corresponding output data relating to the step. The method also includes, for each example, determining a rule that transforms the input data to the corresponding output data based on cues including textual features within the input data and the corresponding output data. The method further includes generating a program for performing the task based on the rules.
摘要翻译：提供了一种用于生成程序的方法和系统。该方法包括检测用于在计算设备上执行任务的步骤的数量，并且检测与每个步骤相关的示例，其中该示例包括与步骤相关的输入数据和对应的输出数据。该方法还包括，对于每个示例，确定基于包括输入数据和对应的输出数据内的文本特征的提示将输入数据变换为相应的输出数据的规则。该方法还包括基于规则生成用于执行任务的程序。

10. 发明申请

US20060041743A1 Virtual distributed security system 失效
公开(公告)号：US20060041743A1
公开(公告)日：2006-02-23
申请号：US11254264
申请日：2005-10-20
申请人： Giovanni Della-Libera , Christopher Kaler , Scott Konersmann , Butler Lampson , Paul Leach , Bradford Lovering , Steven Lucco , Stephen Millet , Richard Rashid , John Shewchuk
发明人： Giovanni Della-Libera , Christopher Kaler , Scott Konersmann , Butler Lampson , Paul Leach , Bradford Lovering , Steven Lucco , Stephen Millet , Richard Rashid , John Shewchuk
IPC分类号： H04L9/00
CPC分类号： H04L63/08 , G06Q20/3676 , H04L63/10 , H04L63/168 , H04L63/20 , H04L67/02 , H04L67/28 , H04L67/2804 , H04L67/2823
摘要： A distributed security system is provided. The distributed security system uses a security policy that is written in a policy language that is transport and security protocol independent as well as independent of cryptographic technologies. This security policy can be expressed using the language to create different security components allowing for greater scalability and flexibility. By abstracting underlying protocols and technologies, multiple environments and platforms can be supported.

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式