专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20120198514A1 Methods and Apparatuses for User-Verifiable Trusted Path in the Presence of Malware 有权
标题翻译：恶意软件存在的用户可验证信任路径的方法和设备
公开(公告)号：US20120198514A1
公开(公告)日：2012-08-02
申请号：US13389212
申请日：2010-06-29
申请人： Jonathan M. McCune , Adrian M. Perrig , Anupam Datta , Virgil D. Gligor , Ning Qu
发明人： Jonathan M. McCune , Adrian M. Perrig , Anupam Datta , Virgil D. Gligor , Ning Qu
IPC分类号： G06F21/00
CPC分类号： G06F21/57 , G06F21/85
摘要： An apparatus and method for establishing a trusted path between a user interface and a trusted executable, wherein the trusted path includes a hypervisor and a driver shim. The method includes measuring an identity of the hypervisor; comparing the measurement of the identity of the hypervisor with a policy for the hypervisor; measuring an identity of the driver shim; comparing the measurement of the identity of the driver shim with a policy for the driver shim; measuring an identity of the user interface; comparing the measurement of the identity of the user interface with a policy for the user interface; and providing a human-perceptible indication of whether the identity of the hypervisor, the identity of the driver shim, and the identity of the user interface correspond with the policy for the hypervisor, the policy for the driver shim, and the policy for the user interface, respectively.
摘要翻译：一种用于在用户界面和可信赖可执行程序之间建立可信路径的装置和方法，其中所述可信路径包括管理程序和驱动器垫片。该方法包括测量管理程序的身份; 将管理程序的身份的测量与管理程序的策略进行比较; 测量驾驶员垫片的身份; 将驾驶员垫片的身份的测量与驾驶员垫片的策略进行比较; 测量用户界面的身份; 将用户界面的身份的测量与用户界面的策略进行比较; 以及提供关于虚拟机管理程序的身份，驱动程序垫片的身份以及用户界面的身份是否符合管理程序的策略，驱动程序垫片的策略以及用户策略的人为可察觉的指示界面。

2. 发明授权

US08832778B2 Methods and apparatuses for user-verifiable trusted path in the presence of malware 有权
标题翻译：存在恶意软件的用户可验证信任路径的方法和设备
公开(公告)号：US08832778B2
公开(公告)日：2014-09-09
申请号：US13389212
申请日：2010-06-29
申请人： Jonathan M. McCune , Adrian M. Perrig , Anupam Datta , Virgil D. Gligor , Ning Qu
发明人： Jonathan M. McCune , Adrian M. Perrig , Anupam Datta , Virgil D. Gligor , Ning Qu
IPC分类号： G06F21/00 , G06F21/57
CPC分类号： G06F21/57 , G06F21/85
摘要： An apparatus and method for establishing a trusted path between a user interface and a trusted executable, wherein the trusted path includes a hypervisor and a driver shim. The method includes measuring an identity of the hypervisor; comparing the measurement of the identity of the hypervisor with a policy for the hypervisor; measuring an identity of the driver shim; comparing the measurement of the identity of the driver shim with a policy for the driver shim; measuring an identity of the user interface; comparing the measurement of the identity of the user interface with a policy for the user interface; and providing a human-perceptible indication of whether the identity of the hypervisor, the identity of the driver shim, and the identity of the user interface correspond with the policy for the hypervisor, the policy for the driver shim, and the policy for the user interface, respectively.
摘要翻译：一种用于在用户界面和可信赖可执行程序之间建立可信路径的装置和方法，其中所述可信路径包括管理程序和驱动器垫片。该方法包括测量管理程序的身份; 将管理程序的身份的测量与管理程序的策略进行比较; 测量驾驶员垫片的身份; 将驾驶员垫片的身份的测量与驾驶员垫片的策略进行比较; 测量用户界面的身份; 将用户界面的身份的测量与用户界面的策略进行比较; 以及提供关于虚拟机管理程序的身份，驱动程序垫片的身份以及用户界面的身份是否符合管理程序的策略，驱动程序垫片的策略以及用户策略的人为可察觉的指示界面。

3. 发明授权

US08627414B1 Methods and apparatuses for user-verifiable execution of security-sensitive code 有权
标题翻译：用于用户可验证执行安全敏感代码的方法和设备
公开(公告)号：US08627414B1
公开(公告)日：2014-01-07
申请号：US12720008
申请日：2010-03-09
申请人： Jonathan M. McCune , Adrian M. Perrig , Anupam Datta , Virgil Dorin Gligor , Yanlin Li , Bryan Jeffrey Parno , Amit Vasudevan , Ning Qu
发明人： Jonathan M. McCune , Adrian M. Perrig , Anupam Datta , Virgil Dorin Gligor , Yanlin Li , Bryan Jeffrey Parno , Amit Vasudevan , Ning Qu
IPC分类号： G06F7/04 , G06F12/14 , H04L29/06 , H04L9/32 , G06F15/167 , G06F15/16
CPC分类号： H04L9/3234 , G06F21/34 , G06F21/44 , G06F21/57 , H04L63/123 , H04W12/10
摘要： A computer including a processor and a verification device. The processor in the computer performs the steps of authenticating a secure connection between a hypervisor and the verification device, measuring the identity of at least a portion of a select guest before the select guest executes any instruction, and sending a measurement of the identity of the select guest to the verification device. The verification device compares the policy stored in the verification device with the measurement of the select guest received by the verification device. The steps of authenticating, measuring, sending, and comparing are performed after receiving a signal indicative of a request to execute the select guest and without rebooting the computer.
摘要翻译：包括处理器和验证装置的计算机。计算机中的处理器执行以下步骤：在管理程序和验证设备之间验证安全连接，在选择访客执行任何指令之前测量选择访客的至少一部分的身份，以及发送对选择访客到验证设备。验证装置将存储在验证装置中的策略与由验证装置接收的选择客人的测量进行比较。认证，测量，发送和比较的步骤在接收到指示执行选择客人的请求的信号并且不重新启动计算机之后执行。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式