专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明授权

US09471776B2 Secured execution of a web application 有权
标题翻译：安全执行Web应用程序
公开(公告)号：US09471776B2
公开(公告)日：2016-10-18
申请号：US14389752
申请日：2012-03-30
申请人： Yuan Xiang Gu , Garney David Adams
发明人： Yuan Xiang Gu , Garney David Adams
IPC分类号： G06F21/54 , G06F21/12
CPC分类号： G06F21/54 , G06F21/125 , G06F21/128 , G06F21/602 , G06F2221/033 , H04L63/12 , H04L63/1433 , H04L63/20 , H04L67/10 , H04L67/42
摘要： Methods and nodes for securing execution of a web application by determining that a call dependency from a first to a second function needs to be protected, adding a Partial Execution Stub (PES) function comprising code to establish a communication connection with a trusted module. Methods and nodes for secured execution of a web application by invoking a function of the web application, invoking a Partial Execution Stub (PES) function during execution of the function of the web application, sending, from the PES function, a message call with current execution information to a trusted module and receiving, a verification result from the trusted module.
摘要翻译：通过确定需要保护来自第一功能到第二功能的呼叫依赖性来确保Web应用的执行的方法和节点，添加包括代码以建立与受信任模块的通信连接的代码的部分执行存根（PES）功能。通过调用Web应用程序的功能来安全地执行Web应用程序的方法和节点，在执行Web应用程序的功能期间调用部分执行存根（PES）功能，从PES功能发送具有当前的消息调用执行信息发送到可信模块，并从可信模块接收验证结果。

2. 发明授权

US09460281B2 Method of securing non-native code 有权
标题翻译：保护非本机代码的方法
公开(公告)号：US09460281B2
公开(公告)日：2016-10-04
申请号：US14008384
申请日：2011-03-31
申请人： Garney David Adams , Yuan Xiang Gu , Jack Jiequn Rong
发明人： Garney David Adams , Yuan Xiang Gu , Jack Jiequn Rong
IPC分类号： G06F11/00 , G06F12/14 , G06F12/16 , G08B23/00 , G06F21/51 , G06F21/54 , G06F21/53 , G06F21/52 , G06F9/30 , G06F9/38 , G06F9/455
CPC分类号： G06F21/54 , G06F8/71 , G06F9/3017 , G06F9/30174 , G06F9/3879 , G06F9/45516 , G06F9/45558 , G06F21/51 , G06F21/52 , G06F21/53 , G06F2009/45587 , G06F2221/033
摘要： A method to secure a non-native application. The non-native application is processed to obtain an application stub to be triggered within a virtual machine. The processing of the non-native application also provide a native code function upon which the application stub depends. The non-native function is part of a trusted module that extends security services from the trusted module to the virtual machine. The trusted module is a native code application that creates a trusted zone as a root of trustiness extending to the virtual machine by an execution-enabling mechanism between the application tab and the non-native function.
摘要翻译：一种保护非本地应用程序的方法。处理非本地应用程序以获取在虚拟机中触发的应用程序存根。非本地应用程序的处理还提供应用程序存根所依赖的本机代码功能。非本机功能是将可信模块的安全服务扩展到虚拟机的受信任模块的一部分。可信模块是本地代码应用程序，其通过应用程序选项卡和非本地函数之间的执行启用机制，将受信任区域创建为通过虚拟机延伸的可信任根。

3. 发明申请

US20150113518A1 UPDATING SOFTWARE COMPONENTS 有权
标题翻译：更新软件组件
公开(公告)号：US20150113518A1
公开(公告)日：2015-04-23
申请号：US14387215
申请日：2012-03-22
申请人： Clifford Liem , Hongrui Dong , Sam Martin , Yuan Xiang Gu , Michael Weiner
发明人： Clifford Liem , Hongrui Dong , Sam Martin , Yuan Xiang Gu , Michael Weiner
IPC分类号： G06F9/445
CPC分类号： G06F8/65 , G06F8/656 , G06F8/658 , G06F9/44521 , G06F21/57 , G06F21/572
摘要： A method and system for renewing software at the component-level is provided. A client program includes a base component for loading a software component into at least one loadable region of the program to update the program. Code in the software component is for writing state data associating the state of the update in storage, upon execution of the software component, and testing the state data to verify condition of the updated program and disallowing rollback and roll-forward attacks, the state data comprising hash chain values. The state data for verifying the correctness of the updated program is entangled with application data used for the program functionality. A server includes: an update pool having a plurality of software updates deployed in each client, and a policy control for monitoring and controlling at least one of: the length of time the client runs until the software update is invoked, a chain of the updates; and the granularity of the update.
摘要翻译：提供了一种在组件级更新软件的方法和系统。客户端程序包括用于将软件组件加载到程序的至少一个可加载区域中以更新程序的基础组件。软件组件中的代码用于写入状态数据，将存储器中的更新状态与执行软件组件相关联，并测试状态数据以验证更新程序的状态，并禁止回滚和前滚攻击，状态数据包括哈希链值。用于验证更新的程序的正确性的状态数据与用于程序功能的应用程序数据相互纠缠。服务器包括：具有部署在每个客户端中的多个软件更新的更新池，以及用于监视和控制以下至少之一的策略控制：客户端运行到软件更新被调用的时间长短，更新链 ; 和更新的粒度。

4. 发明申请

US20170147331A1 UPDATING SOFTWARE COMPONENTS 审中-公开
公开(公告)号：US20170147331A1
公开(公告)日：2017-05-25
申请号：US15426090
申请日：2017-02-07
申请人： Clifford LIEM , Hongrui DONG , Sam MARTIN , Yuan Xiang GU , Michael WIENER
发明人： Clifford LIEM , Hongrui DONG , Sam MARTIN , Yuan Xiang GU , Michael WIENER
IPC分类号： G06F9/445 , G06F21/57
CPC分类号： G06F8/656 , G06F9/44521 , G06F21/572
摘要： A method and system for renewing software at the component-level is provided. A client program includes a base component for loading a software component into at least one loadable region of the program to update the program. Code in the software component is for writing state data associating the state of the update in storage, upon execution of the software component, and testing the state data to verify condition of the updated program and disallowing rollback and roll-forward attacks, the state data comprising hash chain values. The state data for verifying the correctness of the updated program is entangled with application data used for the program functionality. A server includes: an update pool having a plurality of software updates deployed in each client, and a policy control for monitoring and controlling at least one of: the length of time the client runs until the software update is invoked, a chain of the updates; and the granularity of the update.

5. 发明授权

US09588756B2 Updating software components in a program 有权
标题翻译：在程序中更新软件组件
公开(公告)号：US09588756B2
公开(公告)日：2017-03-07
申请号：US14387215
申请日：2012-03-22
申请人： Clifford Liem , Hongrui Dong , Sam Martin , Yuan Xiang Gu , Michael Weiner
发明人： Clifford Liem , Hongrui Dong , Sam Martin , Yuan Xiang Gu , Michael Weiner
IPC分类号： G06F9/44 , G06F9/445 , G06F21/57
CPC分类号： G06F8/65 , G06F8/656 , G06F8/658 , G06F9/44521 , G06F21/57 , G06F21/572
摘要： A method and system for renewing software at the component-level is provided. A client program includes a base component for loading a software component into at least one loadable region of the program to update the program. Code in the software component is for writing state data associating the state of the update in storage, upon execution of the software component, and testing the state data to verify condition of the updated program and disallowing rollback and roll-forward attacks, the state data comprising hash chain values. The state data for verifying the correctness of the updated program is entangled with application data used for the program functionality. A server includes: an update pool having a plurality of software updates deployed in each client, and a policy control for monitoring and controlling at least one of: the length of time the client runs until the software update is invoked, a chain of the updates; and the granularity of the update.
摘要翻译：提供了一种在组件级更新软件的方法和系统。客户端程序包括用于将软件组件加载到程序的至少一个可加载区域中以更新程序的基础组件。软件组件中的代码用于写入状态数据，将存储器中的更新状态与执行软件组件相关联，并测试状态数据以验证更新程序的状态，并禁止回滚和前滚攻击，状态数据包括哈希链值。用于验证更新的程序的正确性的状态数据与用于程序功能的应用程序数据相互纠缠。服务器包括：具有部署在每个客户端中的多个软件更新的更新池，以及用于监视和控制以下至少之一的策略控制：客户端运行到软件更新被调用的时间长短，更新链 ; 和更新的粒度。

6. 发明申请

US20080216051A1 System and method of interlocking to protect software-mediated program and device behaviours 有权
标题翻译：联锁系统和方法，以保护软件介导的程序和设备行为
公开(公告)号：US20080216051A1
公开(公告)日：2008-09-04
申请号：US11709654
申请日：2007-02-23
申请人： Harold Joseph Johnson , Yuan Xiang Gu , Yongxin Zhou
发明人： Harold Joseph Johnson , Yuan Xiang Gu , Yongxin Zhou
IPC分类号： G06F9/44
CPC分类号： G06F21/14 , G06F21/10 , G06F21/12 , G06F21/55 , G06F2221/0748 , H04L9/002 , H04L2209/04 , H04L2209/046 , H04L2209/16 , H04L2209/20
摘要： Methods and devices for thwarting code and control flow based attacks on software. The source code of a subject piece of software is automatically divided into basic blocks of logic. Selected basic blocks are amended so that their outputs are extended. Similarly, other basic blocks are amended such that their inputs are correspondingly extended. The amendments increase or create dependencies between basic blocks such that tampering with one basic block's code causes other basic blocks to malfunction when executed.
摘要翻译：阻止代码和控制流攻击软件的方法和设备。主题软件的源代码自动分为基本的逻辑块。修改所选的基本块，使其输出扩展。类似地，修改其他基本块，使得它们的输入相应地被扩展。这些修改增加或创建基本块之间的依赖关系，以便篡改一个基本块的代码导致其他基本块在执行时发生故障。

7. 发明申请

US20080148373A1 Simplified management of authentication credentials for unattended applications 有权
标题翻译：简化管理无人值守应用程序的身份验证凭据
公开(公告)号：US20080148373A1
公开(公告)日：2008-06-19
申请号：US11640371
申请日：2006-12-18
申请人： Garney David Adams , Robert Grapes , Yuan Xiang Gu , Richard Edward Johnston Mehan , Jack Jiequn Rong
发明人： Garney David Adams , Robert Grapes , Yuan Xiang Gu , Richard Edward Johnston Mehan , Jack Jiequn Rong
IPC分类号： H04L9/32
CPC分类号： G06F21/62 , G06F21/31
摘要： Systems and methods for unattended authentication of software applications to provide these applications with access to shared resources. A server password manager (SPM) module resident on a node also occupied by a requester software application requesting access to resources receives the requestor's request. The SPM module creates a request package containing the requestor's information as well as the node's identifying information. The request package is then transmitted to a credentials manager (CM) module in a CM node. The request package, encrypted by the SPM module with encryption keys previously generated by the CM module, is decrypted by the CM module. The contents are checked against data stored by the CM module regarding the SPM module and the requestor application when these were registered with the CM. If the data matches, then the CM provides credentials which are used to give the requestor application access to the requested resources.
摘要翻译：用于软件应用程序的无人值守认证的系统和方法，以便为这些应用程序提供对共享资源的访问。驻留在请求访问资源的请求者软件应用程序所占用的节点上的服务器密码管理器（SPM）模块接收请求者的请求。 SPM模块创建一个包含请求者信息的请求包以及节点的标识信息。然后将请求包发送到CM节点中的凭证管理器（CM）模块。由SPM模块加密的先前由CM模块生成的加密密钥的请求包由CM模块解密。当CM模块向CM注册时，检查与CM模块存储的关于SPM模块和请求者应用程序的数据的内容。如果数据匹配，则CM提供用于给请求者应用程序访问所请求的资源的凭证。

8. 发明授权

US6088452A Encoding technique for software and hardware 失效
标题翻译：软件和硬件的编码技术
公开(公告)号：US6088452A
公开(公告)日：2000-07-11
申请号：US611968
申请日：1996-03-07
申请人： Harold Joseph Johnson , Yuan Xiang Gu , Becky Laiping Chang , Stanley Taihai Chow
发明人： Harold Joseph Johnson , Yuan Xiang Gu , Becky Laiping Chang , Stanley Taihai Chow
IPC分类号： G06F21/22 , G06F1/00 , G06F11/10 , G06F21/00 , G09C5/00 , H04L9/00
CPC分类号： G06F21/14 , G06F11/10
摘要： An encoding technique of the invention protects software programs and hardware designs from being copied, tampered with, and its functions from being exposed. The software programs and hardware designs (collectively called programs) thus encoded still remain executable. The encoding technique employs the concept of complexity of programs and produces proximity inversion in terms of functions contained in the programs, while preserving the behaviors. Various embodiments are possible to achieve this encoding which includes, for example, cascading and intertwining of blocks of the programs.
摘要翻译：本发明的编码技术保护软件程序和硬件设计不被复制，篡改及其功能被暴露。如此编码的软件程序和硬件设计（统称为程序）仍然可执行。编码技术采用程序复杂度的概念，并在程序中包含的功能方面产生接近反转，同时保持行为。各种实施例可以实现该编码，其包括例如程序块的级联和交织。

9. 发明授权

US09811666B2 System and method providing dependency networks throughout applications for attack resistance 有权
公开(公告)号：US09811666B2
公开(公告)日：2017-11-07
申请号：US14006490
申请日：2011-03-24
申请人： Clifford Liem , Yongxin Zhou , Yuan Xiang Gu
发明人： Clifford Liem , Yongxin Zhou , Yuan Xiang Gu
IPC分类号： G06F21/57 , G06F21/14 , G06F21/12
CPC分类号： G06F21/572 , G06F21/125 , G06F21/14
摘要： A method and system is provided to automatically propagate dependencies from one part of a software application to another previously unrelated part. Propagation of essential code functionality and data to other parts of the program serves to augment common arithmetic functions with Mixed Boolean Arithmetic (MBA) formulae that are bound to pre-existing parts of the program. A software application is first analyzed on a compiler level to determine the program properties which hold in the program. Thereafter, conditions are constructed based on these properties and encoded in formulae that encode the condition in data and operations. Real dependencies throughout the application are therefore created such that if a dependency is broken the program will no longer function correctly.

10. 发明授权

US09213826B2 System and method to protect Java bytecode code against static and dynamic attacks within hostile execution environments 有权
标题翻译：保护Java字节码免受恶意执行环境中静态和动态攻击的系统和方法
公开(公告)号：US09213826B2
公开(公告)日：2015-12-15
申请号：US13499495
申请日：2010-11-12
申请人： Yuan Xiang Gu , Garney Adams , Jack Rong
发明人： Yuan Xiang Gu , Garney Adams , Jack Rong
IPC分类号： G06F21/51 , G06F21/14
CPC分类号： G06F21/51 , G06F21/14
摘要： A method and system that provides secure modules that can address Java platform weaknesses and protect Java bytecode during execution time. The secure modules are implemented in C/C++ as an example. Because implementation of the security modules is made in C/C++, this enables use of security technology that secures C/C++ software code.
摘要翻译：提供可以解决Java平台缺点并在执行时保护Java字节码的安全模块的方法和系统。安全模块以C / C ++实现为例。由于安全模块的实现是在C / C ++中实现的，因此可以使用安全技术来保护C / C ++软件代码。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式