专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

EP2973142B1 SECURITY SERVICES MANAGEMENT FOR COMPUTER APPLICATIONS BY MODIFYING THEIR OBJECT CODE 有权
标题翻译：通过修改对象代码为计算机应用程序提供安全服务管理
公开(公告)号：EP2973142B1
公开(公告)日：2018-04-25
申请号：EP14765558.3
申请日：2014-03-14
申请人： Oracle International Corporation
发明人： BOYER, John Jules Alexander , AHMED, Ali Kamran , SHEPHARD, Tim , PRABHU, Vinay , TEWARI, Ruchir
IPC分类号： G06F21/00 , G06F9/44 , G06F21/54 , G06F21/64 , G06F21/60 , G06F21/62 , H04L29/06
CPC分类号： G06F21/57 , G06F21/125 , G06F21/54 , G06F21/602 , G06F21/62 , G06F21/64 , H04L63/061 , H04L2463/062
摘要： Systems, methods and machine-readable media for providing a security service are disclosed. The methods include receiving a modification of the application object code to allow the software application to transmit a request for the security service; retrieving the modified application object code corresponding to the software application from memory; receiving, via a processor, the request for the security service from the modified application object code; and providing, via the processor, the security service. The systems and machine-readable media performing operations according to the methods disclosed.

2. 发明公开

EP3283995A1 METHOD AND SYSTEM FOR PROTECTING COMPUTERIZED SYSTEMS FROM MALICIOUS CODE BY MEANS OF MUTABLE INSTRUCTIONS 有权
标题翻译：通过可转位说明保护计算机系统免受恶意代码的方法和系统
公开(公告)号：EP3283995A1
公开(公告)日：2018-02-21
申请号：EP16779701.8
申请日：2016-03-28
申请人： Morphisec Information Security 2014 Ltd.
发明人： GURI, Mordechai , ELOVICI, Yuval , KEDMA, Gabi
IPC分类号： G06F21/12 , G06F21/56
CPC分类号： G06F21/566 , G06F21/125 , G06F21/14 , G06F21/51 , G06F21/53 , G06F21/562
摘要： The invention relates to a method for providing a computerized system which is protected from unauthorized programs coming from an external source, the method comprises the steps of (a) secretly, and in a manner unknown to authors of external programs, providing a non-standard compiler which mutates (modifies) each high level program to one or more non-standard mutated machine code instructions that a standard CPU cannot properly execute! (b) subjecting all authorized programs to said non-standard compiler; and (c) providing a translator which converts each mutated machine code instruction resulting from said non-standard compiler to a respective standard instruction which the CPU can properly execute, whereas any program which is not subjected to both said non-standard compiler and said translator will result in one or more instructions that the CPU cannot properly execute.

3. 发明授权

EP2973140B1 ESTABLISHING TRUST BETWEEN APPLICATIONS ON A COMPUTER 有权
标题翻译：在计算机上建立应用程序之间的信任
公开(公告)号：EP2973140B1
公开(公告)日：2018-02-21
申请号：EP14762378.9
申请日：2014-03-14
申请人： Oracle International Corporation
发明人： BOYER, John, Jules, Alexander , AHMED, Ali, Kamran , SHEPHARD, Tim , PRABHU, Vinay , TEWARI, Ruchir
IPC分类号： G06F21/60 , G06F21/62 , H04L29/06 , G06F21/64 , G06F21/54
CPC分类号： G06F21/57 , G06F21/125 , G06F21/54 , G06F21/602 , G06F21/62 , G06F21/64 , H04L63/061 , H04L2463/062
摘要： Systems, methods and machine-readable media for providing a security service are disclosed. The methods include receiving a modification of the application object code to allow the software application to transmit a request for the security service; retrieving the modified application object code corresponding to the software application from memory; receiving, via a processor, the request for the security service from the modified application object code; and providing, via the processor, the security service. The systems and machine-readable media performing operations according to the methods disclosed.

4. 发明公开

EP3270310A1 MOBILE DEVICE APPLICATIONS SECURITY PROTECTION BASED ON PERSONALIZATION AND SECURED CODE DOMAINS PAIRING 有权
标题翻译：移动设备应用基于个性化和安全代码域配对的安全保护
公开(公告)号：EP3270310A1
公开(公告)日：2018-01-17
申请号：EP16178926.8
申请日：2016-07-11
申请人： Afirma Consulting & Technologies, S.L.
发明人： Pérez Lafuente, Carlos Alberto
IPC分类号： G06F21/12 , G06F21/14
CPC分类号： G06F21/14 , G06F21/125
摘要： Methods and apparatus to personalize a mobile device software application on security terms. The mobile device software application comprises one or more first code domains, which are are paired on security terms to one or more second code domains via a security personalization. Said security personalization must be carried out in order to enable regular operation of the one or more first code domains. A protected mobile device software application comprising several code domains is generated, personalized on security terms by using data of a security personalization registry, and one or more first code domains are paired on security terms to one or more second code domains via the security personalization. Security personalization data associated to a life cycle security personalization registry that relates to the user's mobile device is sent to the non-security personalized protected mobile device software application in the user's mobile device, the security personalization data enabling in the application at least one of the one or more first code domains for regular operation.
摘要翻译：以安全条款个性化移动设备软件应用程序的方法和设备。移动设备软件应用程序包括一个或多个第一代码域，其通过安全个性化在安全条件上与一个或多个第二代码域配对。所述安全个性化必须被执行以便能够定期操作一个或多个第一代码域。生成包括若干代码域的受保护的移动设备软件应用程序，通过使用安全个性化注册表的数据对安全条件进行个性化，并且一个或多个第一代码域通过安全个性化以安全条款与一个或多个第二代码域配对。将与用户的移动设备有关的生命周期安全个性化注册表相关联的安全个性化数据发送到用户的移动设备中的非安全个性化保护的移动设备软件应用程序，安全个性化数据在应用程序中启用至少一个一个或多个用于常规操作的第一代码域。

5. 发明公开

EP3246832A2 VERFAHREN ZUM SCHUTZ EINES FPGAS VOR EINER UNAUTORISIERTEN ANWENDUNG DES RTL-QUELLCODES 有权
标题翻译：在未经授权使用RTL源代码之前保护FPGAS的过程
公开(公告)号：EP3246832A2
公开(公告)日：2017-11-22
申请号：EP17170688.0
申请日：2017-05-11
申请人： Siemens Aktiengesellschaft
发明人： Hinterstoisser, Thomas , Matschnig, Martin , Taucher, Herbert
IPC分类号： G06F17/50 , G06F21/12
CPC分类号： G06F21/125 , G06F17/5054
摘要： Verfahren zum Schutz eines FPGAs vor einer unautorisierten Anwendung des RTL-Quellcodes,
wobei das FPGA aus vielen Logikelementen (LE) besteht, die über ein Gitter miteinander verbindbar sind,
wobei ein Logikelement (LE) jeweils eine Logikschaltung (L; L1,L2,L3) und ein Register (R1) enthält,
wobei durch ein Synthesewerkzeug aus dem RTL-Quellcode die Konfigurationsdaten erzeugt werden, welche beim Einschalten der Versorgungsspannung des FPGAs in die Logikschaltungen (L; L1,L2,L3) und die Register (R1,R2) geladen werden,
wobei dem Synthesewerkzeug bei der Erzeugung der Konfigurationsdaten neben dem RTL-Quellcode ein Befehl, in Form einer Synthese-Bedingung, zugeführt wird, mit welchem zumindest ein Signalpfad (S) für ein Logikelement (LE) so festgelegt wird, dass sich im Betrieb des FPGAs auf diesem Signalpfad eine Laufzeit ergibt, die länger als ein Takt des FPGA ist.
摘要翻译：对于未经授权的使用的RTL源代码之前保护的FPGA，方法，其中从许多逻辑元件（LE），其被连接到彼此上的网格，其中一个逻辑元件（LE）的每一个包括一个逻辑电路（L的FPGA; L1，L2，L3 包含），并且其中所述配置数据是通过从RTL源代码，一个合成工具所产生的寄存器（R1），其（在逻辑电路时的FPGA L的供电电压; L1，L2，L3）和寄存器（R1，R2）被加载，其中在产生除了RTL源代码的配置数据综合工具中的合成条件的形式，也就是与其中至少一个信号路径（S）为一个逻辑元件（LE）被设置的命令被供给，使得在在该信号路径上运行FPGA会导致运行时间超过FPGA的一个时钟。

6. 发明公开

EP3234843A1 VERFAHREN ZUM BEREITSTELLEN EINER SICHERHEITSKRITISCHEN SOFTWAREAPPLIKATION AUF EINER COMPUTEREINHEIT 审中-公开
公开(公告)号：EP3234843A1
公开(公告)日：2017-10-25
申请号：EP15816668.6
申请日：2015-12-17
申请人： Giesecke+Devrient Mobile Security GmbH
发明人： ALBERT, Daniel , SCHÄFER, Frank
IPC分类号： G06F21/12 , G06F21/14
CPC分类号： G06F21/125 , G06F21/14
摘要： A method for providing a software application on a computer unit is provided. In this case, the method comprises the following steps: performing AOT compilation of the software application available in the form of source code in order to generate assembly code from the source code of the software application; obfuscating the assembly code of the software application; uploading the obfuscated assembly code of the software application to a software distribution platform; and downloading the obfuscated assembly code to the computer unit. In addition, a corresponding computer unit is provided.
摘要翻译：提供了一种用于在计算机单元上提供软件应用程序的方法。在这种情况下，该方法包括以下步骤：以源代码的形式对可用的软件应用进行AOT编译，以从软件应用的源代码生成汇编代码; 混淆软件应用程序的汇编代码; 将软件应用的模糊汇编代码上传到软件分发平台; 并将混淆的汇编代码下载到计算机单元。另外还提供了相应的计算机单元。

7. 发明授权

EP2897074B1 APPLICATION CODE OBFUSCATION DEVICE BASED ON SELF-CONVERSION AND METHOD THEREFOR 有权
标题翻译：基于自我转换的应用程序代码混淆装置及其方法
公开(公告)号：EP2897074B1
公开(公告)日：2017-06-14
申请号：EP13894475.6
申请日：2013-09-30
申请人： Soongsil University Research Consortium Techno-Park
发明人： YI, Jeong Hyun , JUNG, Jin Hyuk
IPC分类号： G06F21/14 , G06F9/45 , G06F21/12
CPC分类号： G06F21/602 , G06F8/44 , G06F21/125 , G06F21/14 , G06F21/60

8. 发明公开

EP3127028A1 PROTECTING AN ITEM OF SOFTWARE 审中-公开
标题翻译： SCHUTZ EINES软件元素
公开(公告)号：EP3127028A1
公开(公告)日：2017-02-08
申请号：EP14713497.7
申请日：2014-03-31
申请人： Irdeto B.V.
发明人： SISTANY, Bahman
IPC分类号： G06F21/12 , G06F21/14 , G06F21/52
CPC分类号： G06F21/54 , G06F21/125 , G06F21/14 , G06F21/629 , G06F2221/033
摘要： There is described a method of protecting an item of software. The method comprises (a) identifying an invariant which holds true at a specified point in the item of software; and (b) generating a protected item of software by inserting code at the specified point in the item of software. The code, when executed by a processor, is arranged to check whether the invariant holds true and, in response to the invariant not holding true, is arranged to invoke a security incident procedure. There is further described an apparatus arranged to carry out the method of protecting an item of software. There is also described a computer program which, when executed by a processor, causes the processor to carry out the method of protecting an item of software. There is additionally described a computer-readable medium storing the aforementioned computer program. Moreover, there is described an item of software comprising code at a first location, wherein the code, when executed by a processor, is arranged to check whether an invariant holds true at the first location and, in response to the invariant not holding true, is arranged to invoke a security incident procedure.
摘要翻译：描述了一种保护软件项目的方法。该方法包括（a）识别在软件项中的指定点处成立的不变量; 和（b）通过在软件项目的指定点插入代码来产生受保护的软件项目。该代码当由处理器执行时被安排来检查不变量是否成立，并且响应于不变量不成立，被安排为调用安全事件过程。进一步描述了一种设备，用于执行保护软件项目的方法。还描述了一种计算机程序，其在由处理器执行时使处理器执行保护软件项目的方法。另外描述了存储上述计算机程序的计算机可读介质。此外，描述了在第一位置处包括代码的软件项，其中，当由处理器执行时，所述代码被布置为检查在第一位置处的不变量是否成立，并且响应于不变量不为真，被安排调用安全事件程序。

9. 发明公开

EP3111355A1 VERFAHREN ZUM SCHUTZ EINES COMPUTERPROGRAMMS GEGEN BEEINFLUSSUNG UND COMPUTERSYSTEM 有权
公开(公告)号：EP3111355A1
公开(公告)日：2017-01-04
申请号：EP15706462.7
申请日：2015-02-24
申请人： Wibu-Systems AG
发明人： WICHMANN, Peer , WINZENRIED, Oliver , KÜGLER, Rüdiger
IPC分类号： G06F21/12 , G06F21/14
CPC分类号： G06F21/125 , G06F21/123 , G06F21/14 , G06F21/602 , G06F21/72
摘要： The invention relates to a method for protecting a computer program from being influenced by an invasive program or by manipulation software for manipulating computer programs on a computer system comprising a processor, a main storage unit, and a storage medium. The method involves the Kerckhoffs's principle such that the protected computer program is freely accessible and can be read by an invasive program or manipulation software. Parts of the protected computer program are provided multiple times in the program code of the protected computer program as a result of the specialization of the computer program. Parts of the computer program are encrypted in order to prevent a statistical analysis of the computer program without the processor running the computer program, wherein a key which is required to decrypt the encrypted parts of the computer program is stored in a protected key storage unit which communicates with the computer.
摘要翻译：本发明涉及一种用于保护计算机程序不受侵入程序的影响或用于在包括处理器，主存储单元和存储介质的计算机系统上操纵计算机程序的操纵软件的方法。该方法涉及Kerckhoffs的原理，使得受保护的计算机程序可以自由访问，并且可以由侵入程序或操纵软件读取。作为计算机程序专业化的结果，受保护的计算机程序的一部分被多次提供在受保护的计算机程序的程序代码中。计算机程序的一部分被加密以防止计算机程序的统计分析，而没有运行计算机程序的处理器，其中将计算机程序的加密部分解密所需的密钥存储在受保护的密钥存储单元中，与电脑通讯。

10. 发明授权

EP2291787B1 TECHNIQUES FOR ENSURING AUTHENTICATION AND INTEGRITY OF COMMUNICATIONS 有权转让
标题翻译： VERFAHREN ZUR SICHERUNG DER AUTHENTIFIZIERUNG UNDINTEGRITÄTVON KOMMUNIKATIONEN
公开(公告)号：EP2291787B1
公开(公告)日：2016-09-21
申请号：EP09770621.2
申请日：2009-05-21
申请人： Microsoft Technology Licensing, LLC
发明人： HSU, Wen-Pin, Scott , SOULAMI, Tarik , ZAGORSKI, Mark , ZHANG, Mark , PERLMAN, Brian
IPC分类号： G06F21/12 , G06F21/31 , H04L9/00 , G06F21/44 , H04L29/06 , G06F21/60 , H04L9/08 , H04L9/30 , H04L9/32 , H04M3/16 , H04W12/06
CPC分类号： H04L9/30 , G06F21/121 , G06F21/125 , G06F21/31 , G06F21/608 , G06F2221/2103 , G06F2221/2107 , G06F2221/2137 , H04L9/08 , H04L9/32 , H04L9/3242 , H04L9/3247 , H04L63/0442 , H04L63/08 , H04L63/0869 , H04L63/12 , H04L63/123 , H04L2209/60 , H04M3/16 , H04W12/06
摘要： Techniques are described for ensuring data integrity and authentication of received messages. One technique includes sending a request from a first module to a second module in which the request includes a first portion that is a shared secret encrypted with a public key, obtaining by the second module a private key from a secure and trusted information store, such as a license information store, including license information or other application specific information for the first module, using the private key to decrypt the first portion and obtain the shared secret, sending a response from the second module to the first module in which the response includes authentication data and at least one data item used with the shared secret to determine the authentication data, and performing by the first module verification processing to verify the authentication data included in the response.
摘要翻译：描述了确保接收到的消息的数据完整性和认证的技术。一种技术包括将请求从第一模块发送到第二模块，其中请求包括作为使用公开密钥加密的共享秘密的第一部分，由第二模块从安全和受信任的信息存储获得私钥，作为许可证信息存储，包括用于第一模块的许可证信息或其他应用特定信息，使用私钥对第一部分进行解密并获得共享秘密，将响应从第二模块发送到响应包括的第一模块认证数据和与所述共享秘密一起使用的至少一个数据项以确定所述认证数据，以及通过所述第一模块验证处理来执行所述响应中包括的认证数据。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式