专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20070169172A1 Method and system for memory protection and security using credentials 失效
标题翻译：用于内存保护和安全使用凭证的方法和系统
公开(公告)号：US20070169172A1
公开(公告)日：2007-07-19
申请号：US11333066
申请日：2006-01-17
申请人： Michael Backes , Shmuel Ben-Yehuda , Jan Camenisch , Ton Engbersen , Zorik Machulsky , Julian Satran , Leah Shalev , Ilan Shimony , Thomas Smith , Michael Waidner
发明人： Michael Backes , Shmuel Ben-Yehuda , Jan Camenisch , Ton Engbersen , Zorik Machulsky , Julian Satran , Leah Shalev , Ilan Shimony , Thomas Smith , Michael Waidner
IPC分类号： H04L9/32
CPC分类号： G06F12/1433 , G06F12/1441 , G06F12/1466
摘要： A computer-implemented system and method for protecting a memory are provided. The system includes a memory section with privileged and non-privileged sections, a host gateway (HG) to generate a capability credential, a device controller (DC) to append the credential to data transmitted to the memory, and at least one IO device enabled to do direct memory access (DMA) transactions with the memory.
摘要翻译：提供了一种用于保护存储器的计算机实现的系统和方法。该系统包括具有特权和非特权部分的存储器部分，用于生成能力证书的主机网关（HG），将证书附加到传输到存储器的数据的设备控制器（DC），以及启用的至少一个IO设备与内存进行直接内存访问（DMA）事务。

2. 发明申请

US20100242108A1 METHOD AND SYSTEM FOR MEMORY PROTECTION AND SECURITY USING CREDENTIALS 失效
标题翻译：使用证书的内存保护和安全的方法和系统
公开(公告)号：US20100242108A1
公开(公告)日：2010-09-23
申请号：US12792766
申请日：2010-06-03
申请人： Michael Backes , Shmuel Ben-Yehuda , Jan Leonhard Camenisch , Ton Engbersen , Zorik Machulsky , Julian Satran , Leah Shalev , Ilan Shimony , Thomas Basil Smith, III , Michael Waidner
发明人： Michael Backes , Shmuel Ben-Yehuda , Jan Leonhard Camenisch , Ton Engbersen , Zorik Machulsky , Julian Satran , Leah Shalev , Ilan Shimony , Thomas Basil Smith, III , Michael Waidner
IPC分类号： G06F21/00 , G06F12/14
CPC分类号： G06F12/1433 , G06F12/1441 , G06F12/1466
摘要： A computer-implemented system and method for protecting a memory are provided. The system includes a memory section with privileged and non-privileged sections, a host gateway (HG) to generate a capability credential, a device controller (DC) to append the credential to data transmitted to the memory, and at least one IO device enabled to do direct memory access (DMA) transactions with the memory.
摘要翻译：提供了一种用于保护存储器的计算机实现的系统和方法。该系统包括具有特权和非特权部分的存储器部分，用于生成能力证书的主机网关（HG），将证书附加到传输到存储器的数据的设备控制器（DC），以及启用的至少一个IO设备与内存进行直接内存访问（DMA）事务。

3. 发明申请

US20120159610A1 MEMORY PROTECTION AND SECURITY USING CREDENTIALS 有权
标题翻译：使用证书的内存保护和安全
公开(公告)号：US20120159610A1
公开(公告)日：2012-06-21
申请号：US13405367
申请日：2012-02-27
申请人： Michael Backes , Shmuel Ben-Yehuda , Jan Leonhard Camenisch , Ton Engbersen , Zorik Machulsky , Julian Satran , Leah Shalev , Ilan Shimony , Thomas Basil Smith, III , Michael Waidner
发明人： Michael Backes , Shmuel Ben-Yehuda , Jan Leonhard Camenisch , Ton Engbersen , Zorik Machulsky , Julian Satran , Leah Shalev , Ilan Shimony , Thomas Basil Smith, III , Michael Waidner
IPC分类号： G06F21/00 , G06F13/28
CPC分类号： G06F12/1433 , G06F12/1441 , G06F12/1466
摘要： A computer-implemented system and method for protecting a memory are provided. The system includes a memory section with privileged and non-privileged sections, a host gateway (HG) to generate a capability credential, a device controller (DC) to append the credential to data transmitted to the memory, and at least one IO device enabled to do direct memory access (DMA) transactions with the memory.
摘要翻译：提供了一种用于保护存储器的计算机实现的系统和方法。该系统包括具有特权和非特权部分的存储器部分，用于生成能力证书的主机网关（HG），将证书附加到传输到存储器的数据的设备控制器（DC），以及启用的至少一个IO设备与内存进行直接内存访问（DMA）事务。

4. 发明授权

US07757280B2 Method and system for memory protection and security using credentials 失效
标题翻译：用于内存保护和安全使用凭证的方法和系统
公开(公告)号：US07757280B2
公开(公告)日：2010-07-13
申请号：US11333066
申请日：2006-01-17
申请人： Michael Backes , Shmuel Ben-Yehuda , Jan Leonhard Camenisch , Ton Engbersen , Zorik Machulsky , Julian Satran , Leah Shalev , Ilan Shimony , Thomas Basil Smith, III , Michael Waidner
发明人： Michael Backes , Shmuel Ben-Yehuda , Jan Leonhard Camenisch , Ton Engbersen , Zorik Machulsky , Julian Satran , Leah Shalev , Ilan Shimony , Thomas Basil Smith, III , Michael Waidner
IPC分类号： G06F21/00 , H04L12/14
CPC分类号： G06F12/1433 , G06F12/1441 , G06F12/1466
摘要： A computer-implemented method for protecting a memory is provided. The method includes responsive to a direct memory access (DMA) request received from a consumer for a transaction of data from an IO device to the memory, the request including an IO command and a capability (CAP), generating a cryptographically signed capability (CAPB), forming a credential from CAP and CAPB, appending the credential to the IO command, configuring the IO device according to the credential and the IO command, transmitting the data from the IO device to the memory and prior to allowing execution of the DMA, authenticating that the credential is valid, further includes regenerating CAPB from a key available to an authenticating entity and from the CAP (included in CAPB) and verifying that the memory region information described in the cryptographically signed capability is the same as the requested region that was originally created, and that the cryptographically signed capability encompasses the IO command.
摘要翻译：提供了一种用于保护存储器的计算机实现的方法。该方法包括响应于从消费者接收的用于从IO设备到存储器的数据交易的直接存储器访问（DMA）请求，该请求包括IO命令和能力（CAP），生成加密签名的能力（CAPB ），从CAP和CAPB形成证书，将凭证附加到IO命令，根据凭证和IO命令配置IO设备，将数据从IO设备发送到存储器，并且在允许执行DMA之前，认证证书是有效的，还包括从认证实体和CAP（包括在CAPB中）的可用密钥中重新生成CAPB，并验证以加密签名能力描述的存储器区域信息是否与被请求的区域相同最初创建，并且加密签名的功能包含IO命令。

5. 发明授权

US08161287B2 Method and system for memory protection and security using credentials 失效
标题翻译：用于内存保护和安全使用凭证的方法和系统
公开(公告)号：US08161287B2
公开(公告)日：2012-04-17
申请号：US12792766
申请日：2010-06-03
申请人： Michael Backes , Shmuel Ben-Yehuda , Jan Leonard Camenisch , Ton Engbersen , Zorik Machulsky , Julian Satran , Leah Shalev , Ilan Shimony , Thomas Basil Smith , Michael Waidner
发明人： Michael Backes , Shmuel Ben-Yehuda , Jan Leonard Camenisch , Ton Engbersen , Zorik Machulsky , Julian Satran , Leah Shalev , Ilan Shimony , Thomas Basil Smith , Michael Waidner
IPC分类号： G06F21/00
CPC分类号： G06F12/1433 , G06F12/1441 , G06F12/1466
摘要： A computer-implemented system and method for protecting a memory are provided. The system includes a memory section with privileged and non-privileged sections, a host gateway (HG) to generate a capability credential, a device controller (DC) to append the credential to data transmitted to the memory, and at least one IO device enabled to do direct memory access (DMA) transactions with the memory.
摘要翻译：提供了一种用于保护存储器的计算机实现的系统和方法。该系统包括具有特权和非特权部分的存储器部分，用于生成能力证书的主机网关（HG），将证书附加到传输到存储器的数据的设备控制器（DC），以及启用的至少一个IO设备与内存进行直接内存访问（DMA）事务。

6. 发明授权

US08650406B2 Memory protection and security using credentials 有权
标题翻译：内存保护和安全使用凭证
公开(公告)号：US08650406B2
公开(公告)日：2014-02-11
申请号：US13405367
申请日：2012-02-27
申请人： Michael Backes , Shmuel S Ben-Yehuda , Jan Leonhard Camenisch , Ton Engbersen , Zorik Machulsky , Julian Satran , Leah Shalev , Ilan Shimony , Thomas Basil Smith, III , Michael Waidner
发明人： Michael Backes , Shmuel S Ben-Yehuda , Jan Leonhard Camenisch , Ton Engbersen , Zorik Machulsky , Julian Satran , Leah Shalev , Ilan Shimony , Thomas Basil Smith, III , Michael Waidner
IPC分类号： G06F12/14 , G06F13/16
CPC分类号： G06F12/1433 , G06F12/1441 , G06F12/1466
摘要： A computer-implemented system and method for protecting a memory are provided. The system includes a memory section with privileged and non-privileged sections, a host gateway (HG) to generate a capability credential, a device controller (DC) to append the credential to data transmitted to the memory, and at least one IO device enabled to do direct memory access (DMA) transactions with the memory.
摘要翻译：提供了一种用于保护存储器的计算机实现的系统和方法。该系统包括具有特权和非特权部分的存储器部分，用于生成能力证书的主机网关（HG），将证书附加到传输到存储器的数据的设备控制器（DC），以及启用的至少一个IO设备与内存进行直接内存访问（DMA）事务。

7. 发明申请

US20080229097A1 Privacy-protecting integrity attestation of a computing platform 有权
标题翻译：计算平台的隐私保护完整性认证
公开(公告)号：US20080229097A1
公开(公告)日：2008-09-18
申请号：US12126978
申请日：2008-05-26
申请人： Endre Bangerter , Matthias Schunter , Michael Waidner , Jan Camenisch
发明人： Endre Bangerter , Matthias Schunter , Michael Waidner , Jan Camenisch
IPC分类号： H04L9/32
CPC分类号： H04L9/3218 , H04L9/3234 , H04L2209/80
摘要： Systems, apparatus and methods for privacy-protecting integrity attestation of a computing platform. An example method for privacy-protecting integrity attestation of a computing platform (P) has a trusted platform module (TPM), and comprises the following steps. First, the computing platform (P) receives configuration values (PCR1 . . . PCRn). Then, by means of the trusted platform module (TPM), a configuration value (PCRp) is determined which depends on the configuration of the computing platform (P). In a further step the configuration value (PCRp) is signed by means of the trusted platform module. Finally, in the event that the configuration value (PCRp) is one of the received configuration values (PCR1 . . . PCRn), the computing platform (P) proves to a verifier (V) that it knows the signature (sign(PCRp)) on one of the received configuration values (PCR1 . . . PCRn).
摘要翻译：用于隐私保护计算平台完整性认证的系统，设备和方法。用于隐私保护计算平台（P）的完整性认证的示例方法具有可信平台模块（TPM），并且包括以下步骤。首先，计算平台（P）接收配置值（PCR1 ... PCRn）。然后，通过可信平台模块（TPM），确定取决于计算平台（P）的配置的配置值（PCRp）。在进一步的步骤中，配置值（PCRp）通过可信平台模块进行签名。最后，如果配置值（PCRp）是接收到的配置值（PCR1 ... PCRn）之一，则计算平台（P）向验证者（V）证明其知道签名（sign（PCRp ））接收配置值之一（PCR1 ... PCRn）。

8. 发明申请

US20060026423A1 Privacy-protecting integrity attestation of a computing platform 审中-公开
标题翻译：计算平台的隐私保护完整性认证
公开(公告)号：US20060026423A1
公开(公告)日：2006-02-02
申请号：US11178722
申请日：2005-07-11
申请人： Endre Bangerter , Matthias Schunter , Michael Waidner , Jan Camenisch
发明人： Endre Bangerter , Matthias Schunter , Michael Waidner , Jan Camenisch
IPC分类号： H04L9/00
CPC分类号： H04L9/3218 , H04L9/3234 , H04L2209/80
摘要： Systems, apparatus and methods for privacy-protecting integrity attestation of a computing platform. An example method for privacy-protecting integrity attestation of a computing platform (P) has a trusted platform module (TPM), and comprises the following steps. First, the computing platform (P) receives configuration values (PCR1 . . . PCRn). Then, by means of the trusted platform module (TPM), a configuration value (PCRp) is determined which depends on the configuration of the computing platform (P). In a further step the configuration value (PCRp) is signed by means of the trusted platform module. Finally, in the event that the configuration value (PCRp) is one of the received configuration values (PCR1 . . . PCRn), the computing platform (P) proves to a verifier (V) that it knows the signature (sign(PCRp)) on one of the received configuration values (PCR1 . . . PCRn).
摘要翻译：用于隐私保护计算平台完整性认证的系统，设备和方法。用于隐私保护计算平台（P）的完整性认证的示例方法具有可信平台模块（TPM），并且包括以下步骤。首先，计算平台（P）接收配置值（PCR1 ... PCRn）。然后，通过可信平台模块（TPM），确定取决于计算平台（P）的配置的配置值（PCRp）。在进一步的步骤中，配置值（PCRp）通过可信平台模块进行签名。最后，如果配置值（PCRp）是接收到的配置值（PCR1 ... PCRn）之一，则计算平台（P）向验证者（V）证明其知道签名（sign（PCRp ））接收配置值之一（PCR1 ... PCRn）。

9. 发明申请

US20120331285A1 PRIVACY-PROTECTING INTEGRITY ATTESTATION OF A COMPUTING PLATFORM 审中-公开
标题翻译：隐私保护计算平台的完整性
公开(公告)号：US20120331285A1
公开(公告)日：2012-12-27
申请号：US13602169
申请日：2012-09-02
申请人： Endre Bangerter , Matthias Schunter , Michael Waidner , Jan Camenisch
发明人： Endre Bangerter , Matthias Schunter , Michael Waidner , Jan Camenisch
IPC分类号： H04L29/06
CPC分类号： H04L9/3218 , H04L9/3234 , H04L2209/80
摘要： Systems, apparatus and methods for privacy-protecting integrity attestation of a computing platform. An example method for privacy-protecting integrity attestation of a computing platform (P) has a trusted platform module (TPM}, and comprises the following steps. First, the computing platform (P) receives configuration values (PCRI . . . PCRn). Then, by means of the trusted platform module (TPM}, a configuration value (PCRp) is determined which depends on the configuration of the computing platform (P). In a further step the configuration value (PCRp) is signed by means of the trusted platform module. Finally, in the event that the configuration value (PCRp) is one of the received configuration values (PCRI . . . PCRn), the computing platform (P) proves to a verifier (V) that it knows the signature (sign(PCRp}} on one of the received configuration values (PCRI . . . PCRn).
摘要翻译：用于隐私保护计算平台完整性认证的系统，设备和方法。计算平台（P）的隐私保护完整性认证的一个示例性方法具有可信赖的平台模块（TPM），包括以下步骤：首先，计算平台（P）接收配置值（PCRI ...，PCRn）。然后，通过可信平台模块（TPM），确定取决于计算平台（P）的配置的配置值（PCRp），在另一步骤中，配置值（PCRp）通过最后，如果配置值（PCRp）是接收到的配置值（PCRI ...，PCRn）之一，则计算平台（P）向验证者（V）证明其知道签名（在PCR接收的配置值之一（PCRI ... PCRn）上签名（PCRp}}。

10. 发明申请

US20050289340A1 Reducing access to sensitive information 失效
标题翻译：减少访问敏感信息
公开(公告)号：US20050289340A1
公开(公告)日：2005-12-29
申请号：US10874421
申请日：2004-06-23
申请人： Jan Camenisch , Birgit Pfitzmann , Matthias Schunter , Michael Waidner
发明人： Jan Camenisch , Birgit Pfitzmann , Matthias Schunter , Michael Waidner
IPC分类号： G06F21/00 , H04L9/00
CPC分类号： G06F21/6245
摘要： Method, system, and storage medium for reducing or minimizing access to sensitive information. A method includes identifying processes and data associated with a computer system and classifying each of the data as one of either sensitive information or non-sensitive information. The sensitive information includes at least one of: data that is personal to an individual, confidential data, and data that is legally subject to conditions of restricted use. For each of the processes the method includes selecting a process and a sensitive data item, modifying the sensitive data item, analyzing the behavior of at least the selected process, and preventing access of the sensitive data item by the selected process if, as a result of the analyzing, the sensitive data item is determined not to be needed by the selected process.
摘要翻译：用于减少或最小化敏感信息访问的方法，系统和存储介质。一种方法包括识别与计算机系统相关联的过程和数据，并将每个数据分类为敏感信息或非敏感信息之一。敏感信息包括以下至少一项：对个人个人的数据，机密数据和法律上受限于使用条件的数据。对于每个过程，该方法包括选择过程和敏感数据项，修改敏感数据项，分析至少所选过程的行为，以及如果结果，则阻止敏感数据项的访问。在分析的情况下，敏感数据项被确定为所选择的处理不需要。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式