专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明公开

EP1467513A3 Method and apparatus for preventing unauthorised write access to a protected non-volatile storage 失效
标题翻译：用于防止对受保护的非易失性存储器中的未经授权的写访问的方法和装置
公开(公告)号：EP1467513A3
公开(公告)日：2007-11-07
申请号：EP04014094.9
申请日：1997-02-06
申请人： INTEL CORPORATION
发明人： Albrecht, Mark , Wildgrube, Frank
IPC分类号： G06F1/00 , G06F12/14 , H04L9/00
CPC分类号： G06F21/79 , G06F12/1408 , G06F12/1466 , G06F21/572 , G06F21/75 , G06F2211/008 , G06F2211/1097
摘要： A transferable unit of non-volatile storage write data (100) is provided with an electronic signature (102) to facilitate authenticating write data (100) prior to allowing write data (100) to be written in a non-volatile storage. The electronic signature (102) is generated by encrypting a reference digest (104) with a secret private key (106) using an encryption function (108). The reference digest (104) is generated using a message digest function (110). In other words, the content of the reference digest (104) is functionally dependent upon the content of the write data (100).

2. 发明公开

EP1271282A3 Multiple trusted computing environments 审中-公开
标题翻译：更安全的计算环境
公开(公告)号：EP1271282A3
公开(公告)日：2007-10-03
申请号：EP02254079.3
申请日：2002-06-12
申请人： Hewlett-Packard Company
发明人： Griffin,, Jonathan , Dalton, Christopher I. , Child, Michael , Chen, Liqun , Norman, Andrew Patrick
IPC分类号： G06F1/00
CPC分类号： G06F21/64 , G06F21/57 , G06F2211/009 , G06F2211/1097 , G06F2221/2101 , G06F2221/2103 , G06F2221/2129 , G06F2221/2141 , G06F2221/2149 , G06F2221/2153
摘要： A computing platform 20 provides multiple computing environments 24 each containing a guest operating system 25 provided by a virtual machine application 26. Optionally, each computing environment 24 is formed in a compartment 220 of a compartmented host operating system 22. A trusted device 213 verifies that the host operating system 22 and each guest operating system 25 operates in a secure and trusted manner by forming integrity metrics which can be interrogated by a user 10. Each computing environment is isolated and secure, and can be verified as trustworthy independent of any other computing environment.

3. 发明公开

EP1467513A2 Method and apparatus for preventing unauthorised write access to a protected non-volatile storage 失效
标题翻译：用于防止对受保护的非易失性存储器中的未经授权的写访问的方法和装置
公开(公告)号：EP1467513A2
公开(公告)日：2004-10-13
申请号：EP04014094.9
申请日：1997-02-06
申请人： INTEL CORPORATION
发明人： Albrecht, Mark , Wildgrube, Frank
IPC分类号： H04L9/00 , G06F1/00 , G06F12/14
CPC分类号： G06F21/79 , G06F12/1408 , G06F12/1466 , G06F21/572 , G06F21/75 , G06F2211/008 , G06F2211/1097
摘要： A transferable unit of non-volatile storage write data (100) is provided with an electronic signature (102) to facilitate authenticating write data (100) prior to allowing write data (100) to be written in a non-volatile storage. The electronic signature (102) is generated by encrypting a reference digest (104) with a secret private key (106) using an encryption function (108). The reference digest (104) is generated using a message digest function (110). In other words, the content of the reference digest (104) is functionally dependent upon the content of the write data (100).
摘要翻译：非易失性存储写数据（100）的转移单元设置有在电子签名（102），以方便允许写入数据（100），以在非易失性存储被写之前写入数据（100）进行认证。通过加密用加密函数（108）一个专用密钥（106）的基准摘要（104）生成的电子签名（102）。基准摘要（104）使用消息摘要函数（110）生成的。换句话说，该引用的内容摘要（104）在功能上依赖于写入数据（100）的内容。

4. 发明授权

EP0932953B1 BIOS PROTECTED BY A SECURITY PROCESSOR 失效
标题翻译： MEANS安全处理器保护的输入输出系统（BIOS）
公开(公告)号：EP0932953B1
公开(公告)日：2004-10-13
申请号：EP97939354.3
申请日：1997-07-30
申请人： INTEL CORPORATION
发明人： DAVIS, Derek, L.
IPC分类号： H04K1/00 , G06F9/445 , G06F1/00
CPC分类号： G06F21/71 , G06F21/572 , G06F21/575 , G06F2211/008 , G06F2211/1097 , H04L9/3247
摘要： A subsystem prevents unauthorized modifications of BIOS program code embedded in modifiable non-volatile memory devices such as flash memory. A cryptographic coprocessor (34) containing the BIOS memory device (42) performs authentication and validation on the BIOS upgrade based on a public/private key protocol. The authentication is performed by verifying the digital signature embedded in the BIOS upgrade.

5. 发明公开

EP1258005A1 HAND-HELD AUDIO DECODER 审中-公开
标题翻译： HAND音频解码器
公开(公告)号：EP1258005A1
公开(公告)日：2002-11-20
申请号：EP01903335.6
申请日：2001-01-25
申请人： Cirrus Logic, Inc.
发明人： NORTH, Gregory, Allen , PERRY, Matthew, Richard , KIRCHER, Brian, Christopher
IPC分类号： G11C7/16
CPC分类号： G06F21/71 , G06F12/126 , G06F21/572 , G06F2211/1097 , G11C7/16
摘要： A hand-held audio decoder including a central processing unit operating in response to a set of instructions for decoding a stream of encoded digital audio data. The audio decoder also includes memory for storing the set of instructions and digital to analog converter circuitry for generating audio from the decoded stream of digital audio data.

6. 发明公开

EP1085396A1 Operation of trusted state in computing platform 审中-公开
标题翻译：在einer Computerplattform中的Betrieb von gesicherten Zustand
公开(公告)号：EP1085396A1
公开(公告)日：2001-03-21
申请号：EP99307380.8
申请日：1999-09-17
申请人： Hewlett-Packard Company
发明人： Proudler, Graeme John
IPC分类号： G06F1/00
CPC分类号： G06F21/575 , G06F21/57 , G06F2211/009 , G06F2211/1097 , G06F2221/2101 , G06F2221/2105 , G06F2221/2143 , G06F2221/2153
摘要： A computing entity comprises a trusted monitoring component having a first processing means and a first memory means, the trusted monitoring component being a self-contained autonomous data processing unit, and a computer platform having a main processing means and a main memory area, along with a plurality of associated physical and logical resources such as peripheral devices including printers, modems, application programs, operating systems and the like. The computer platform is capable of entering a plurality of different states of operation, each state of operation having a different level of security and trustworthiness. Selected ones of the states comprise trusted states in which a user can enter sensitive confidential information with a high degree of certainty that the computer platform has not been compromised by external influences such as viruses, hackers or hostile attacks. To enter a trusted state, references made automatically to the trusted component, and to exit a trusted state reference must be made to the trusted component. On exiting the trusted state, all references to the trusted state are deleted from the computer platform. On entering the trusted state, the state is entered in a reproducible and known manner, having a reproducible and known configuration which is confirmed by the trusted component.
摘要翻译：计算实体包括具有第一处理装置和第一存储装置的信任监视组件，所述可信监视组件是独立的自主数据处理单元，以及具有主处理装置和主存储区域的计算机平台，以及多个关联的物理和逻辑资源，诸如包括打印机，调制解调器，应用程序，操作系统等的外围设备。计算机平台能够输入多种不同的操作状态，每种操作状态具有不同的安全性和可信度。所选择的状态包括可信状态，用户可以高度确定地输入敏感的机密信息，使得计算机平台未被诸如病毒，黑客或敌对攻击之类的外部影响所破坏。要进入受信任状态，必须对受信任的组件进行自动对可信组件的引用，并退出受信任状态引用。退出可信状态时，从计算机平台中删除对受信任状态的所有引用。在进入可信状态时，状态以可再现和已知的方式输入，具有由可信部件确认的可再现和已知配置。

7. 发明公开

EP1030237A1 Trusted hardware device in a computer 审中-公开
标题翻译：在einem Rechner的Vertrautes Hardware-Gerät
公开(公告)号：EP1030237A1
公开(公告)日：2000-08-23
申请号：EP99301100.6
申请日：1999-02-15
申请人： Hewlett-Packard Company
发明人： Proudler, John , Balacheff, Boris , Pearson, Sian Lynne , Chen, Liquin , Chan, David , Gupta, Dipankar
IPC分类号： G06F1/00 , G06F12/14
CPC分类号： G06F21/57 , G06F2207/7219 , G06F2211/008 , G06F2211/009 , G06F2211/1097
摘要： In a computing platform, a trusted hardware device (14) is added to the motherboard (10). The trusted hardware device (14) is configured to acquire an integrity metric, for example a hash of the BIOS memory (19), of the computing platform. The trusted hardware device (14) is tamper-resistant, difficult to forge and inaccessible to other functions of the platform. The hash can be used to convince users that that the operation of the platform (hardware or software) has not been subverted in some way, and is safe to interact with in local or remote applications.
In more detail, the main processing unit (11) of the computing platform is directed to address the trusted hardware device (14), in advance of the BIOS memory, after release from 'reset'. The trusted hardware device (14) is configured to receive memory read signals from the main processing unit (11) and, in response, return instructions, in the native language of the main processing unit (11), that instruct the main processing unit to establish the hash and return the value to be stored by the trusted hardware device (14). Since the hash is calculated in advance of any other system operations, this is a relatively strong method of verifying the integrity of the system. Once the hash has been returned, the final instruction calls the BIOS program and the system boot procedure continues as normal.
Whenever a user wishes to interact with the computing platform, he first requests the integrity metric, which he compares with an authentic integrity metric that was measured by a trusted party. If the metrics are the same, the platform is verified and interactions can continue. Otherwise, interaction halts on the basis that the operation of the platform may have been subverted.
摘要翻译：在计算平台中，可信硬件设备（14）被添加到主板（10）。可信硬件设备（14）被配置为获取计算平台的完整性度量，例如BIOS存储器（19）的散列。受信任的硬件设备（14）是防篡改的，难以伪造并且不能访问平台的其他功能。该哈希可用于说服用户，平台（硬件或软件）的操作未以某种方式颠覆，并且可以安全地与本地或远程应用程序进行交互。更详细地，计算平台的主处理单元（11）被指向在从“重置”释放之后，在BIOS存储器之前对可信硬件设备（14）进行寻址。可信硬件设备（14）被配置为从主处理单元（11）接收存储器读取信号，并响应于主处理单元（11）的母语的返回指令，其指示主处理单元建立哈希并返回由可信硬件设备（14）存储的值。由于散列是在任何其他系统操作之前计算出来的，所以这是验证系统完整性的相对较强的方法。一旦散列已经返回，最后的指令调用BIOS程序，并且系统引导过程正常进行。每当用户希望与计算平台交互时，他首先请求完整性度量，他与被信任方测量的真实完整性度量进行比较。如果指标相同，则会验证平台并继续进行交互。否则，交互停止，基于平台的操作可能已被颠覆。

8. 发明公开

EP0990326A1 APPARATUS AND METHOD OF READING A PROGRAM INTO A PROCESSOR 审中-公开
标题翻译： DEVICE AND METHOD FOR读取程序在处理器
公开(公告)号：EP0990326A1
公开(公告)日：2000-04-05
申请号：EP99913850.6
申请日：1999-03-11
申请人： MOTOROLA, INC.
发明人： BRIGHT, Michael, W. , FUCHS, Kenneth, Carl , MARQUARDT, Kelly, Jo
IPC分类号： H04L9/00
CPC分类号： G06F21/6209 , G06F21/572 , G06F21/575 , G06F2211/007 , G06F2211/1097 , G06F2221/2147
摘要： The following describes an apparatus for and method of providing a secure method of downloading a program into a processor (101) from a device (103) external to the processor (101). The program may be encrypted (207) prior to its entry into the external device (103). The program may also have authentication information added (203 and 207) to it. Authentication information may be provided on an unencrypted and/or an encrypted program. The processor (101) decrypts (307) and/or successfully authenticates (311) the program before allowing the program to be executed by the processor (101).

9. 发明公开

EP0848315A3 Securely generating a computer system password by utilizing an external encryption algorithm 失效
标题翻译：用于通过使用外部加密算法来生成的计算机系统安全密码
公开(公告)号：EP0848315A3
公开(公告)日：1999-06-16
申请号：EP97309424.6
申请日：1997-11-21
申请人： Compaq Computer Corporation
发明人： Angelo, Michael F.
IPC分类号： G06F1/00
CPC分类号： G06F21/81 , G06F21/31 , G06F21/34 , G06F21/575 , G06F21/77 , G06F2211/007 , G06F2211/1097
摘要： A method for generating system passwords derived from an external encryption algorithm and plain text user passwords entered during a secure power-on procedure. At some point during the secure power-up procedure, the computer system checks for the presence of an external token or smart card that is coupled to the computer through specialized hardware. The token or smart card is used to store an encryption algorithm furnished with an encryption key that is unique or of limited production. Following detection of the external token, the computer user is required to enter a user password. The user password is encrypted using the encryption algorithm contained in the external token, thereby creating a system password. The system password is then compared to a value stored in secure memory. If the two values match, the power-on sequence is completed and the user is allowed access to the computer system or individually secured resources. The two-piece nature of the authorization process requires the presence of both the user password and the external token in order to generate the system password.

10. 发明公开

EP0848315A2 Securely generating a computer system password by utilizing an external encryption algorithm 失效
标题翻译：用于通过使用外部加密算法来生成的计算机系统安全密码
公开(公告)号：EP0848315A2
公开(公告)日：1998-06-17
申请号：EP97309424.6
申请日：1997-11-21
申请人： Compaq Computer Corporation
发明人： Angelo, Michael F.
IPC分类号： G06F1/00
CPC分类号： G06F21/81 , G06F21/31 , G06F21/34 , G06F21/575 , G06F21/77 , G06F2211/007 , G06F2211/1097
摘要： A method for generating system passwords derived from an external encryption algorithm and plain text user passwords entered during a secure power-on procedure. At some point during the secure power-up procedure, the computer system checks for the presence of an external token or smart card that is coupled to the computer through specialized hardware. The token or smart card is used to store an encryption algorithm furnished with an encryption key that is unique or of limited production. Following detection of the external token, the computer user is required to enter a user password. The user password is encrypted using the encryption algorithm contained in the external token, thereby creating a system password. The system password is then compared to a value stored in secure memory. If the two values match, the power-on sequence is completed and the user is allowed access to the computer system or individually secured resources. The two-piece nature of the authorization process requires the presence of both the user password and the external token in order to generate the system password.
摘要翻译：一种用于产生从在外部加密算法和加密通电程序期间输入的明文的用户密码导出系统口令的方法。在加密通电过程期间的某一时刻，计算机系统检查外部令牌或智能卡的存在也被耦合到通过专用硬件计算机。令牌或智能卡用来存储在加密密钥配有加密算法确实是独一无二的或限量生产。继检测外部令牌的，需要计算机用户输入用户密码。用户密码利用包含在外部令牌中的加密算法，从而产生系统口令加密。然后，系统密码与存储在安全存储器的值。如果这两个值匹配，则通电程序完成，并且用户被允许访问计算机系统或独立固定的资源。授权过程的两件式的性质要求，以产生系统口令两个用户密码和外部令牌的存在。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式