会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 1. 发明授权
    • Secure and reliable bootstrap architecture
    • 安全可靠的引导架构
    • US06185678B2
    • 2001-02-06
    • US09165316
    • 1998-10-02
    • William A. ArbaughDavid J. FarberAngelos D. KeromytisJonathan M. Smith
    • William A. ArbaughDavid J. FarberAngelos D. KeromytisJonathan M. Smith
    • G06F900
    • G06F21/575G06F11/1417G06F2211/1097
    • Integrity is rarely a valid presupposition in many systems architectures, yet it is necessary to make any security guarantees. To address this problem, the present invention discloses a secure bootstrap process, which presumes a minimal amount of integrity. The basic principle is sequencing the bootstrap process as a chain of progressively higher levels of abstraction, and requiring each layer to check a digital signature of the next layer before control is passed to it. A major design decision is the consequence of a failed integrity check. A simplistic strategy is to simply halt the bootstrap process. However, the bootstrap process of the present invention can be augmented with automated recovery procedures which preserve the security properties of the bootstrap process of the present invention under the additional assumption of the availability of a trusted repository. A variety of means by which such a repository can be implemented are disclosed with attention focused on a network-accessible repository. The recovery process is easily generalized to applications other than the bootstrap process of the present invention, such as standardized desktop management and secure automated recovery of network elements such as routers or “Active Network” elements.
    • 在许多系统架构中,完整性很少是有效的前提,但是有必要做出任何安全保证。 为了解决这个问题,本发明公开了一种安全引导过程,其假定最小量的完整性。 基本原理是将引导过程排序为逐渐提高抽象级别的链,并要求每个层在传递控制权之前检查下一层的数字签名。 主要设计决定是完整性检查失败的结果。 简单的策略是简单地停止引导过程。 然而,本发明的引导过程可以通过自动恢复过程进行增强,该自动恢复过程在额外假设可信赖的存储库的可用性的情况下保留本发明的引导进程的安全属性。 在集中在网络可访问存储库上的注意事项中,公开了可以实现这种存储库的各种方式。 恢复过程容易地被概括到除本发明的引导过程之外的应用,诸如标准化桌面管理和诸如路由器或“主动网络”元件之类的网络元件的安全自动恢复。
    • 2. 发明授权
    • Method and system for monitoring system memory integrity
    • 监控系统内存完整性的方法和系统
    • US08955104B2
    • 2015-02-10
    • US11658806
    • 2005-07-06
    • William A. ArbaughNick Louis Petroni, Jr.Timothy Jon FraserJesus Maria Molina-Terriza
    • William A. ArbaughNick Louis Petroni, Jr.Timothy Jon FraserJesus Maria Molina-Terriza
    • G06F11/30G06F11/34
    • G06F11/348G06F11/3495
    • A host system integrity monitor for monitoring memory, operating systems, applications, domain manager, and other host system's structures of interest is isolated and independent of the CPU and operating system of commodity systems. The system requires no modifications to the protected (monitored) host's software, and operates correctly even when the host system is compromised. Either arranged as a stand-alone computer on the add-in card which communicates with the monitored host system through the PCI bus, or as the co-processor based monitor located on the motherboard of the host system, or residing on one of the virtual CPU while the monitored system resides on another virtual CPU, or residing within the domain manager of the host system, the monitor monitors the integrity of the examined structure by calculating hash values of the structure, comparing them with expected hash values, and sending error reports once the discrepancy between these values is detected.
    • 用于监视内存,操作系统,应用程序,域管理器和其他主机系统感兴趣的结构的主机系统完整性监视器是独立于商品系统的CPU和操作系统的独立的。 该系统不需要修改受保护(受监控)主机的软件,并且即使主机系统受到威胁也能正常运行。 被安排为附加卡上的独立计算机,其通过PCI总线与被监视的主机系统通信,或者作为位于主机系统的主板上的基于协处理器的监视器,或者驻留在虚拟 CPU在受监视的系统驻留在另一个虚拟CPU上或驻留在主机系统的域管理器中时,监视器通过计算结构的哈希值,与预期散列值进行比较并发送错误报告来监视被检查结构的完整性 一旦检测到这些值之间的差异。
    • 3. 发明授权
    • Method and system for monitoring integrity of running computer system
    • 监控运行计算机系统完整性的方法和系统
    • US08732824B2
    • 2014-05-20
    • US11656453
    • 2007-01-23
    • William A. ArbaughJeffrey D. ChungNick L. PetroniBryan Boot
    • William A. ArbaughJeffrey D. ChungNick L. PetroniBryan Boot
    • G06F11/00G06F12/14G06F12/16G08B23/00
    • G06F21/57
    • Monitoring integrity of a running computer system is based on creating a Test Model which includes predicates descriptive of invariant properties of security relevant objects and their attributes in the monitored structure known-to-be “healthy”, acquiring memory image of a portion of the running monitored structure, decomposing the acquired memory image to retrieve representation of the security relevant objects of interest, by implementing the attributes of the Test Model, and verifying, by implementing the predicates, whether the invariant properties defined in the Test Model remain unchanged for the running host system. If a discrepancy is detected, a signal indicative of a detected discrepancy is transmitted to a management entity for analysis and formulating a course of action.
    • 监视正在运行的计算机系统的完整性是基于创建一个测试模型,该测试模型包括描述安全相关对象的不变属性的谓词,以及在被称为“健康”的已监测结构中的属性,获取运行的一部分的内存映像 监测结构,通过实施测试模型的属性来分解所获取的存储器图像以检索安全相关对象的表示,并且通过实现测试模型来验证测试模型中定义的不变性质是否保持不变 主机系统。 如果检测到差异,则指示检测到的差异的信号被发送到管理实体以进行分析和制定行动过程。
    • 4. 发明申请
    • Method and system for monitoring system memory integrity
    • 监控系统内存完整性的方法和系统
    • US20090217377A1
    • 2009-08-27
    • US11658806
    • 2005-07-06
    • William A. ArbaughNick Louis PetroniTimothy Jon FraserJesus Maria Molina-Terriza
    • William A. ArbaughNick Louis PetroniTimothy Jon FraserJesus Maria Molina-Terriza
    • G06F21/00G06F12/14
    • G06F11/348G06F11/3495
    • A host system integrity monitor for monitoring memory, operating systems, applications, domain manager, and other host system's structures of interest is isolated and independent of the CPU and operating system of commodity systems. The system requires no modifications to the protected (monitored) host's software, and operates correctly even when the host system is compromised. Either arranged as a stand-alone computer on the add-in card which communicates with the monitored host system through the PCI bus, or as the co-processor based monitor located on the motherboard of the host system, or residing on one of the virtual CPU while the monitored system resides on another virtual CPU, or residing within the domain manager of the host system, the monitor of the present invention monitors the integrity of the examined structure by calculating hash values of the structure, comparing them with expected hash values, and sending error reports once the discrepancy between these values is detected.
    • 用于监视内存,操作系统,应用程序,域管理器和其他主机系统感兴趣的结构的主机系统完整性监视器是独立于商品系统的CPU和操作系统的独立的。 该系统不需要修改受保护(受监控)主机的软件,并且即使主机系统受到威胁也能正常运行。 被安排为附加卡上的独立计算机,其通过PCI总线与被监视的主机系统通信,或者作为位于主机系统的主板上的基于协处理器的监视器,或者驻留在虚拟 当监视的系统驻留在另一个虚拟CPU上或驻留在主机系统的域管理器内时,本发明的监视器通过计算结构的哈希值来监视被检查结构的完整性,将其与预期散列值进行比较, 一旦检测到这些值之间的差异,就发送错误报告。