专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US07502471B2 System and method for protecting data streams in hardware components 有权
标题翻译：用于保护硬件组件中数据流的系统和方法
公开(公告)号：US07502471B2
公开(公告)日：2009-03-10
申请号：US11277012
申请日：2006-03-20
申请人： Henrique Malvar , Paul England
发明人： Henrique Malvar , Paul England
IPC分类号： H04N7/167
CPC分类号： H04K1/02 , G11B20/00086 , G11B20/0021 , H04N5/913 , H04N7/1675 , H04N2005/91364
摘要： A scrambling architecture protects data streams in the operating system and hardware components of a computer by scrambling the otherwise raw data prior to the data being handled by the operating system. Scrambled content is passed to a filter graph (or other processing system) where the content is processed while scrambled. A scrambler also generates a random signal based on a first key and a second key. After processing, the scrambled data is passed to a driver for output. A driver may implement a descrambler to detect tone patterns in the content and recovers the first key from varying amplitudes of the tone patterns. The descrambler may also receive the second key via a separate channel and generates the same random signal using the recovered first key and the second key. The descrambler subtracts the tone patterns and the random signal from the scrambled content to restore the content.
摘要翻译：加扰架构通过在操作系统处理数据之前加扰原始数据来保护计算机的操作系统和硬件组件中的数据流。加扰的内容被传递到滤波器图（或其他处理系统），其中内容被加扰处理。加扰器还基于第一密钥和第二密钥生成随机信号。处理后，将加扰的数据传递给驱动程序进行输出。驱动器可以实现解扰器来检测内容中的音调模式，并从不同的音调模式的幅度恢复第一个键。解扰器还可以经由单独的信道接收第二密钥，并使用恢复的第一密钥和第二密钥生成相同的随机信号。解扰器从加扰的内容中减去音调模式和随机信号以恢复内容。

2. 发明申请

US20060149678A1 System and Method for Protecting Data Streams in Hardware Components 审中-公开
公开(公告)号：US20060149678A1
公开(公告)日：2006-07-06
申请号：US11276371
申请日：2006-02-27
申请人： Henrique Malvar , Paul England
发明人： Henrique Malvar , Paul England
IPC分类号： G06Q99/00
CPC分类号： H04K1/02 , G11B20/00086 , G11B20/0021 , H04N5/913 , H04N7/1675 , H04N2005/91364
摘要： A scrambling architecture protects data streams in the operating system and hardware components of a computer by scrambling the otherwise raw data prior to the data being handled by the operating system. The architecture has a scrambler implemented at either the client or the server that adds noise to the content. More specifically, the scrambler produces periodic sets of tone patterns having varying amplitudes based on a first key. The scrambler also generates a random signal based on the first key and a second key. The tone patterns and random signal are added to the content to scramble the content. The scrambled content is then passed to the filter graph (or other processing system) where the content is processed while scrambled. Any attacker attempting to siphon off the bits during processing will steal only noisy data, which is worthless for redistribution or copying purposes. After processing, the scrambled data is passed to a driver for output. The driver implements a descrambler to unscramble the content by subtracting out the random noise signal. The descrambler detects the tone patterns in the content and recovers the first key from the varying amplitudes of the tone patterns. The descrambler also receives the second key via a separate channel (e.g., a cryptographically secured path) and generates the same random signal using the recovered first key and the second key. The descrambler subtracts the tone patterns and the random signal from the scrambled content to restore the content.

3. 发明申请

US20060156412A1 System and Method for Protecting Data Streams in Hardware Components 有权
标题翻译：用于保护硬件组件中数据流的系统和方法
公开(公告)号：US20060156412A1
公开(公告)日：2006-07-13
申请号：US11277012
申请日：2006-03-20
申请人： Henrique Malvar , Paul England
发明人： Henrique Malvar , Paul England
IPC分类号： H04N7/16 , H04L9/32 , G06F17/30 , G06F7/04 , G06K9/00 , H03M1/68 , H04K1/00 , H04L9/00
CPC分类号： H04K1/02 , G11B20/00086 , G11B20/0021 , H04N5/913 , H04N7/1675 , H04N2005/91364
摘要： A scrambling architecture protects data streams in the operating system and hardware components of a computer by scrambling the otherwise raw data prior to the data being handled by the operating system. The architecture has a scrambler implemented at either the client or the server that adds noise to the content. More specifically, the scrambler produces periodic sets of tone patterns having varying amplitudes based on a first key. The scrambler also generates a random signal based on the first key and a second key. The tone patterns and random signal are added to the content to scramble the content. The scrambled content is then passed to the filter graph (or other processing system) where the content is processed while scrambled. Any attacker attempting to siphon off the bits during processing will steal only noisy data, which is worthless for redistribution or copying purposes. After processing, the scrambled data is passed to a driver for output. The driver implements a descrambler to unscramble the content by subtracting out the random noise signal. The descrambler detects the tone patterns in the content and recovers the first key from the varying amplitudes of the tone patterns. The descrambler also receives the second key via a separate channel (e.g., a cryptographically secured path) and generates the same random signal using the recovered first key and the second key. The descrambler subtracts the tone patterns and the random signal from the scrambled content to restore the content.
摘要翻译：加扰架构通过在操作系统处理数据之前加扰原始数据来保护计算机的操作系统和硬件组件中的数据流。该架构具有在客户端或服务器上实现的加扰器，从而对内容增加噪声。更具体地，扰频器基于第一密钥产生具有变化幅度的周期性音调模式集合。加扰器还基于第一密钥和第二密钥生成随机信号。将音调模式和随机信号添加到内容以加扰内容。然后，加扰的内容被传递到滤波器图（或其他处理系统），其中处理内容被加扰。任何在处理过程中试图虹吸位的攻击者都将窃取嘈杂的数据，这对于重新分配或复制目的是无价值的。处理后，将加扰的数据传递给驱动程序进行输出。驱动器通过减去随机噪声信号实现解扰器来解扰内容。解扰器检测内容中的音调模式，并从音调模式的变化幅度恢复第一个键。解扰器还经由单独的信道（例如，密码保护的路径）接收第二密钥，并且使用恢复的第一密钥和第二密钥生成相同的随机信号。解扰器从加扰的内容中减去音调模式和随机信号以恢复内容。

4. 发明授权

US07069590B1 System and method for protecting data streams in hardware components 失效
标题翻译：用于保护硬件组件中数据流的系统和方法
公开(公告)号：US07069590B1
公开(公告)日：2006-06-27
申请号：US09507478
申请日：2000-02-17
申请人： Henrique Malvar , Paul England
发明人： Henrique Malvar , Paul England
IPC分类号： H04L9/00
CPC分类号： H04K1/02 , G11B20/00086 , G11B20/0021 , H04N5/913 , H04N7/1675 , H04N2005/91364
摘要： A scrambling architecture protects data streams in the operating system and hardware components of a computer by scrambling the otherwise raw data prior to the data being handled by the operating system. The architecture has a scrambler implemented at either the client or the server that adds noise to the content. More specifically, the scrambler produces periodic sets of tone patterns having varying amplitudes based on a first key. The scrambler also generates a random signal based on the first key and a second key. The tone patterns and random signal are added to the content to scramble the content. The scrambled content is then passed to the filter graph (or other processing system) where the content is processed while scrambled. Any attacker attempting to siphon off the bits during processing will steal only noisy data, which is worthless for redistribution or copying purposes. After processing, the scrambled data is passed to a driver for output. The driver implements a descrambler to unscramble the content by subtracting out the random noise signal. The descrambler detects the tone patterns in the content and recovers the first key from the varying amplitudes of the tone patterns. The descrambler also receives the second key via a separate channel (e.g., a cryptographically secured path) and generates the same random signal using the recovered first key and the second key. The descrambler subtracts the tone patterns and the random signal from the scrambled content to restore the content.
摘要翻译：加扰架构通过在操作系统处理数据之前加扰原始数据来保护计算机的操作系统和硬件组件中的数据流。该架构具有在客户端或服务器上实现的加扰器，从而对内容增加噪声。更具体地，扰频器基于第一密钥产生具有变化幅度的周期性音调模式集合。加扰器还基于第一密钥和第二密钥生成随机信号。将音调模式和随机信号添加到内容以加扰内容。然后，加扰的内容被传递到滤波器图（或其他处理系统），其中处理内容被加扰。任何在处理过程中试图虹吸位的攻击者都将窃取嘈杂的数据，这对于重新分配或复制目的是无价值的。处理后，将加扰的数据传递给驱动程序进行输出。驱动器通过减去随机噪声信号实现解扰器来解扰内容。解扰器检测内容中的音调模式，并从音调模式的变化幅度恢复第一个键。解扰器还经由单独的信道（例如，密码保护的路径）接收第二密钥，并且使用恢复的第一密钥和第二密钥生成相同的随机信号。解扰器从加扰的内容中减去音调模式和随机信号以恢复内容。

5. 发明授权

US10496824B2 Trusted language runtime on a mobile platform 有权
公开(公告)号：US10496824B2
公开(公告)日：2019-12-03
申请号：US13167699
申请日：2011-06-24
申请人： Himanshu Raj , Nuno Santos , Paul England , Stefan Saroiu , Alastair Wolman
发明人： Himanshu Raj , Nuno Santos , Paul England , Stefan Saroiu , Alastair Wolman
IPC分类号： G06F21/57 , G06F21/53
CPC分类号： G06F21/575 , G06F21/53
摘要： Disclosed is a trusted language runtime (TLR) architecture that provides abstractions for developing a runtime for executing trusted applications or portions thereof securely on a mobile device (e.g., a smartphone). TLR offers at least two abstractions to mobile developers: a trustbox and a trustlet. The trustbox is a runtime environment that offers code and data integrity, and confidentiality. Code and data running inside a trustbox cannot be read or modified by any code running outside the trustbox. A trustlet is the code portion of an application that runs inside a trustbox. With TLR, programmers can write applications in .NET and specify which parts of the application handle sensitive data, and thus, run inside the trustbox. With the TLR, the developer places these parts in a trustlet class, and the TLR provides all support needed to run the parts in the trustbox.

6. 发明授权

US09183406B2 Saving and retrieving data based on public key encryption 有权
标题翻译：基于公钥加密保存和检索数据
公开(公告)号：US09183406B2
公开(公告)日：2015-11-10
申请号：US13012573
申请日：2011-01-24
申请人： Paul England , Marcus Peinado
发明人： Paul England , Marcus Peinado
IPC分类号： G06F21/00 , G06F21/62
CPC分类号： G06F21/6218
摘要： In accordance with certain aspects, data is received from a calling program. Ciphertext that includes the data is generated, using public key encryption, in a manner that allows the data to be obtained from the ciphertext only if one or more conditions are satisfied. In accordance with another aspect, a bit string is received from a calling program. Data in the bit string is decrypted using public key decryption and returned to the calling program only if one or more conditions included in the bit string are satisfied.
摘要翻译：根据某些方面，从呼叫程序接收数据。使用公钥加密来生成包含数据的密文，只有满足一个或多个条件，才允许从密文获得数据。根据另一方面，从调用程序接收位串。使用公钥解密解密比特串中的数据，只有满足包含在比特串中的一个或多个条件时才返回给调用程序。

7. 发明授权

US08738890B2 Coupled symbiotic operating system 有权
标题翻译：耦合共生操作系统
公开(公告)号：US08738890B2
公开(公告)日：2014-05-27
申请号：US13178908
申请日：2011-07-08
申请人： Paul England , Jork Loeser , Luis Irun-Briz
发明人： Paul England , Jork Loeser , Luis Irun-Briz
IPC分类号： G06F9/52 , G06F12/08
CPC分类号： G06F12/1036 , G06F9/545 , G06F12/109 , G06F2212/656
摘要： A single application can be executed across multiple execution environments in an efficient manner if at least a relevant portion of the virtual memory assigned to the application was equally accessible by each of the multiple execution environments. A request by a process in one execution environment can, thereby, be directed to an operating system, or other core software, in another execution environment and can be made by a shadow of the requesting process in the same manner as the original request was made by the requesting process itself. Because of the memory invariance between the execution environments, the results of the request will be equally accessible to the original requesting process even though the underlying software that responded to the request may be executing in a different execution environment. A similar thread invariance can be maintained to provide for accurate translation of requests between execution environments.
摘要翻译：如果分配给应用的虚拟存储器的至少相关部分可以被多个执行环境中的每个执行环境同等地访问，则可以以有效的方式在多个执行环境中执行单个应用。一个执行环境中的进程的请求可以由此被引导到另一执行环境中的操作系统或其他核心软件，并且可以以与原始请求相同的方式通过请求进程的阴影来进行通过请求过程本身。由于执行环境之间的内存不变性，即使响应请求的底层软件可能在不同的执行环境中执行，原始请求进程的请求结果也可以同样访问。可以维护类似的线程不变性，以便在执行环境之间提供精确的请求转换。

8. 发明授权

US08619971B2 Local secure service partitions for operating system security 有权
标题翻译：用于操作系统安全的本地安全服务分区
公开(公告)号：US08619971B2
公开(公告)日：2013-12-31
申请号：US11097697
申请日：2005-04-01
申请人： Thekkthalackal Varugis Kurien , Paul England , Ravindra Nath Pandya , Niels Ferguson
发明人： Thekkthalackal Varugis Kurien , Paul England , Ravindra Nath Pandya , Niels Ferguson
IPC分类号： H04K1/04 , H04K1/06
CPC分类号： G06F21/57 , G06F9/5077 , G06F2221/2149
摘要： Systems and methods provide multiple partitions hosted on an isolation technology such as a hypervisor where at least one of the partitions, a local secure service partition (LSSP), provides security services to other partitions. The service partitions (LSSPs) host those high assurance services that require strict security isolation, where the service can be shared across partitions and accessed even when the user is not connected to a network. The LSSP also can certify the results of any computation using a key signed by a TPM attestation identity key (AIK), or other key held securely by the hypervisor or a service partition. The LSSPs may be configured to provide trusted audit logs, trusted security scans, trusted cryptographic services, trusted compilation and testing, trusted logon services, and the like.
摘要翻译：系统和方法提供了诸如管理程序之类的隔离技术上托管的多个分区，其中至少一个分区本地安全服务分区（LSSP）为其他分区提供安全服务。服务分区（LSSP）承载需要严格安全隔离的高保证服务，即使在用户未连接到网络时，也可以跨分区共享服务并进行访问。 LSSP还可以使用由TPM认证身份密钥（AIK）签名的密钥或由管理程序或服务分区安全地保存的其他密钥来证明任何计算的结果。可以将LSSP配置为提供可信的审核日志，可信的安全扫描，可信密码服务，可信的编译和测试，可信登录服务等。

9. 发明授权

US08601286B2 Saving and retrieving data based on public key encryption 有权
标题翻译：基于公钥加密保存和检索数据
公开(公告)号：US08601286B2
公开(公告)日：2013-12-03
申请号：US13015440
申请日：2011-01-27
申请人： Paul England , Marcus Peinado
发明人： Paul England , Marcus Peinado
IPC分类号： G06F12/14
CPC分类号： G06F21/6218
摘要： In accordance with certain aspects, data is received and a digital signature is generated and output. The digital signature can be a digital signature of the data and one or more conditions that are to be satisfied in order for the data to be revealed, or a digital signature over data generated using a private key associated with a bound key that is bound to one or more processors.
摘要翻译：根据某些方面，接收数据并生成并输出数字签名。数字签名可以是数据的数字签名以及为了使数据被显示而被满足的一个或多个条件，或者使用与绑定的绑定密钥相关联的私有密钥生成的数据的数字签名一个或多个处理器。

10. 发明授权

US08352740B2 Secure execution environment on external device 有权
标题翻译：外部设备上的安全执行环境
公开(公告)号：US08352740B2
公开(公告)日：2013-01-08
申请号：US12125929
申请日：2008-05-23
申请人： Paul England
发明人： Paul England
IPC分类号： G06F21/00
CPC分类号： H04L9/0897 , H04L9/3234 , H04L9/3263 , H04L9/3271 , H04L2209/76
摘要： A device, such as a smartcard, may be externally-connected to a host platform and may be used to enhance or extend security services provided by the host platform's Trusted Platform Module (TPM). The device and the platform exchange keys in order to facilitate reliable identification of the platform by the device and vice versa, and to support cryptographic tunneling. A proxy component on the host device tunnels information between the platform and the device, and also provides the device with access to the TPM's services such as sealing and attestation. The device can provide secure services to the platform, and may condition provision of these services on conditions such as confirming the platform's identity through the exchanged keys, or platform state measurements reported by the TPM.
摘要翻译：诸如智能卡的设备可以被外部连接到主机平台，并且可以用于增强或扩展由主机平台的可信平台模块（TPM）提供的安全服务。设备和平台交换密钥，以便于设备对平台的可靠识别，反之亦然，并支持加密隧道。主机上的代理组件可以在平台和设备之间隧道传输信息，还可以让设备访问TPM的服务，如密封和认证。该设备可以向平台提供安全服务，并且可以在诸如通过交换的密钥确认平台的身份或由TPM报告的平台状态测量的条件下对这些服务的提供进行调节。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式