专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

21. 发明授权

US07971056B2 Direct memory access for compliance checking 有权
标题翻译：直接内存访问进行合规性检查
公开(公告)号：US07971056B2
公开(公告)日：2011-06-28
申请号：US11612433
申请日：2006-12-18
申请人： William J. Westerinen , Todd L. Carpenter
发明人： William J. Westerinen , Todd L. Carpenter
IPC分类号： H04L29/00
CPC分类号： G06F21/554 , G06F21/74 , G06F21/78 , H04L9/3236 , H04L2209/56 , H04L2209/60
摘要： A computer is configured for either full operation with metering or limited mode operation. When in limited mode operation, the system memory may be partitioned into active and restricted memory. The active memory may be limited to an amount needed to execute a limited mode operation application. The remaining restricted memory may be made inaccessible to the computer's processor. To verify the restricted memory remains unused, it may be filled with a pattern and the pattern periodically verified to determine that unauthorized programs are not using the restricted memory.
摘要翻译：计算机配置为在计量或限制模式操作时进行全面操作。当处于限制模式操作时，系统存储器可以被划分成活动和受限的存储器。活动存储器可以被限制为执行限制模式操作应用所需的量。剩余的受限内存可能使计算机的处理器无法访问。为了验证受限存储器保持未使用，可以填充图案并且周期性地验证模式以确定未经授权的程序不使用受限制的存储器。

22. 发明授权

US07913295B2 Method and apparatus to enable a securely provisioned computing environment 失效
标题翻译：实现安全提供计算环境的方法和装置
公开(公告)号：US07913295B2
公开(公告)日：2011-03-22
申请号：US11696351
申请日：2007-04-04
申请人： Mark Myers , William J. Westerinen , Todd L. Carpenter , Shaun Wiley , Don Hyun
发明人： Mark Myers , William J. Westerinen , Todd L. Carpenter , Shaun Wiley , Don Hyun
IPC分类号： G06F21/22 , H04L9/32 , H04N7/16
CPC分类号： G06F21/62 , G06F21/34 , G06F2221/2137
摘要： A form of removable memory, such as a universal serial bus (USB) flash device, may enable a subscription-based computing system from any PC. The device may include an execution unit including a processor, a private memory including an encrypted application, a computing system interface, a cryptographic unit including a secure storage with a number of metering units, and a computer-readable medium. The computer-readable medium may include instructions for routing messages and data from the execution unit through the computing system interface to a connected computing system. Further, encrypted application data may be routed through the cryptographic unit to the execution unit to thereby transform the encrypted application into executable data for use by the computing system. Also, the device may decrement a number of metering units stored at the device during execution of the encrypted application by the computer.
摘要翻译：诸如通用串行总线（USB）闪存设备的可移动存储器的形式可以实现来自任何PC的基于订阅的计算系统。该设备可以包括执行单元，其包括处理器，包括加密应用的专用存储器，计算系统接口，包括具有多个计量单元的安全存储器的加密单元和计算机可读介质。计算机可读介质可以包括用于将消息和数据从执行单元通过计算系统接口路由到连接的计算系统的指令。此外，加密的应用数据可以通过加密单元被路由到执行单元，从而将加密的应用转换成可供计算系统使用的可执行数据。而且，由计算机执行加密的应用程序期间，设备可以减少存储在设备处的多个计费单元。

23. 发明授权

US07769993B2 Method for ensuring boot source integrity of a computing system 有权
标题翻译：确保计算系统引导源完整性的方法
公开(公告)号：US07769993B2
公开(公告)日：2010-08-03
申请号：US11684312
申请日：2007-03-09
申请人： Todd L. Carpenter , William J. Westerinen
发明人： Todd L. Carpenter , William J. Westerinen
IPC分类号： G06F9/00
CPC分类号： G06F21/575
摘要： A security circuit in a computer monitors data busses that support memory capable of booting the computer during the computer reset/boot cycle. When activity oil one of the data busses indicates the computer is booting from a non-authorized memory location, the security circuit disrupts the computer, for example, by causing a reset. Execution from the non-authorized memory location may occur when an initial jump address at a known location, such as the top of memory, is re-programmed to a memory location having a rogue BIOS program.
摘要翻译：计算机中的安全电路监视支持在计算机复位/引导周期期间能够引导计算机的存储器的数据总线。当活动油数据总线中的一个指示计算机从非授权存储器位置引导时，安全电路例如通过引起复位来中断计算机。当已知位置（诸如存储器顶部）的初始跳转地址被重新编程到具有流氓BIOS程序的存储器位置时，可能会发生来自非授权存储器位置的执行。

24. 发明申请

US20090113210A1 Program and operation verification 有权
标题翻译：程序和操作验证
公开(公告)号：US20090113210A1
公开(公告)日：2009-04-30
申请号：US11977273
申请日：2007-10-24
申请人： William J. Westerinen , Hanumant Kumar Yadav , Todd L. Carpenter
发明人： William J. Westerinen , Hanumant Kumar Yadav , Todd L. Carpenter
IPC分类号： G06F12/14
CPC分类号： G06F21/52 , G06F21/51
摘要： A security module may be used to verify integrity of an executable program and may also be used to verify execution of the executable program on a computer. The security module may directly read a computer memory by asserting bus master control of a system bus. The executable program may be directly verified by calculating a hash or may be indirectly verified by an intermediate program that calculates the hash and passes it to the security module. To verify operation, the executable program may cause an interrupt to be generated when the executable program is in a known state. An interrupt service routine may trigger the security module to read registers in the computer processor via a debug port. If either the verification of the executable program fails or the register values are inconsistent with operation of the executable program, the security module may interrupt operation of the computer.
摘要翻译：可以使用安全模块来验证可执行程序的完整性，并且也可以用于验证计算机上的可执行程序的执行。安全模块可以通过断言系统总线的总线主控制来直接读取计算机存储器。可执行程序可以通过计算散列来直接验证，或者可以由计算哈希的中间程序间接验证，并将其传递给安全模块。为了验证操作，当可执行程序处于已知状态时，可执行程序可能导致产生中断。中断服务程序可以触发安全模块通过调试端口读取计算机处理器中的寄存器。如果可执行程序的验证失败或寄存器值与可执行程序的操作不一致，则安全模块可能会中断计算机的操作。

25. 发明申请

US20080222663A1 Policy-Based Direct Memory Access Control 有权
标题翻译：基于策略的直接内存访问控制
公开(公告)号：US20080222663A1
公开(公告)日：2008-09-11
申请号：US11684307
申请日：2007-03-09
申请人： Todd L. Carpenter , William J. Westerinen
发明人： Todd L. Carpenter , William J. Westerinen
IPC分类号： G06F9/44
CPC分类号： G06F13/28 , G06F12/1081 , G06F12/145 , G06F2009/45583
摘要： A computer that operates in a metered mode for normal use and a restricted mode uses an input/output memory management unit (I/O MMU) in conjunction with a security policy to determine which peripheral devices are allowed direct memory access during the restricted mode of operation. During restricted mode operation, non-authorized peripheral devices are removed from virtual address page tables or given vectors to non-functioning memory areas.
摘要翻译：以正常使用的计量模式操作的计算机和受限模式使用输入/输出存储器管理单元（I / O MMU）结合安全策略来确定在受限模式期间允许哪些外围设备被允许直接存储器访问操作。在限制模式操作期间，未授权的外围设备从虚拟地址页表或给定向量移除到非功能存储区。

26. 发明申请

US20080148065A1 Direct Memory Access for Compliance Checking 有权
标题翻译：直接内存访问进行合规检查
公开(公告)号：US20080148065A1
公开(公告)日：2008-06-19
申请号：US11612433
申请日：2006-12-18
申请人： William J. Westerinen , Todd L. Carpenter
发明人： William J. Westerinen , Todd L. Carpenter
IPC分类号： H04L9/32
CPC分类号： G06F21/554 , G06F21/74 , G06F21/78 , H04L9/3236 , H04L2209/56 , H04L2209/60
摘要： A computer is configured for either full operation with metering or limited mode operation. When in limited mode operation, the system memory may be partitioned into active and restricted memory. The active memory may be limited to an amount needed to execute a limited mode operation application. The remaining restricted memory may be made inaccessible to the computer's processor. To verify the restricted memory remains unused, it may be filled with a pattern and the pattern periodically verified to determine that unauthorized programs are not using the restricted memory.
摘要翻译：计算机配置为在计量或限制模式操作时进行全面操作。当处于限制模式操作时，系统存储器可以被划分成活动和受限的存储器。活动存储器可以被限制为执行限制模式操作应用所需的量。剩余的受限内存可能使计算机的处理器无法访问。为了验证受限存储器保持未使用，可以填充图案并且周期性地验证模式以确定未经授权的程序不使用受限制的存储器。

27. 发明申请

US20090094455A1 Frequency Managed Performance 审中-公开
标题翻译：频率管理性能
公开(公告)号：US20090094455A1
公开(公告)日：2009-04-09
申请号：US11869072
申请日：2007-10-09
申请人： Shon Schmidt , Todd L. Carpenter , David James Foster , Harjit Singh
发明人： Shon Schmidt , Todd L. Carpenter , David James Foster , Harjit Singh
IPC分类号： H04L9/00 , G06Q20/00
CPC分类号： G06Q40/12 , G06F21/725 , H04L9/3234 , H04L2209/56
摘要： A computer or other electronic device may use a security module to securely control a system or processor clock to set a predetermined performance level. In an exemplary embodiment, the performance level may be high, medium, or low, supporting a range of application performance requirements. Changes to the performance level may be authorized by a third party presenting cryptographic rights to alter the performance level. Alternatively, postpaid ro pre-paid value may be accumulated at a rate corresponding to the predetermined performance level set by the security module.
摘要翻译：计算机或其他电子设备可以使用安全模块来安全地控制系统或处理器时钟来设置预定的性能水平。在示例性实施例中，性能水平可以是高的，中等的或低的，支持一系列应用性能要求。性能级别的更改可能由提供更改性能级别的加密权限的第三方授权。或者，可以以与安全模块设定的预定性能等级对应的速率累积后付费预付费值。

28. 发明申请

US20080184341A1 Master-Slave Protocol for Security Devices 审中-公开
标题翻译：安全设备主从协议
公开(公告)号：US20080184341A1
公开(公告)日：2008-07-31
申请号：US11668445
申请日：2007-01-29
申请人： David Jaroslav Sebesta , Shon Schmidt , Zhangwei Xu , Todd L. Carpenter , William I. Westerinen
发明人： David Jaroslav Sebesta , Shon Schmidt , Zhangwei Xu , Todd L. Carpenter , William I. Westerinen
IPC分类号： H04L9/32
CPC分类号： H04L63/0807
摘要： A computer or electronic device uses a dedicated communication protocol for configuring, managing, and end-of-life operation of a master device controlling a plurality of security devices. The protocol includes messages for binding each security device to the master, for installing cryptographic keys, periodic heartbeat signals, as well as shutdown and disable-security messages.
摘要翻译：计算机或电子设备使用专用通信协议来配置，管理和结束控制多个安全设备的主设备的操作。该协议包括用于将每个安全设备绑定到主设备的消息，用于安装加密密钥，定期心跳信号以及关闭和禁用安全消息。

29. 发明授权

US09065812B2 Protecting transactions 有权
标题翻译：保护交易
公开(公告)号：US09065812B2
公开(公告)日：2015-06-23
申请号：US12359215
申请日：2009-01-23
申请人： David J. Steeves , Kim Cameron , Todd L. Carpenter , David Foster , Quentin S. Miller , Gregory D. Hartrell
发明人： David J. Steeves , Kim Cameron , Todd L. Carpenter , David Foster , Quentin S. Miller , Gregory D. Hartrell
IPC分类号： H04L29/06 , G06F21/74
CPC分类号： G06Q20/027 , G06F21/74 , G06Q20/40 , H04L63/08 , H04L2463/102
摘要： Technology is described for protecting transactions. The technology may include a switching component that a user can employ to switch an associated mobile device into a secure mode so that a user can confirm the transaction. After initiating a transaction request, the user can confirm the transaction request by activating the switching component, which can cause the mobile device to switch into a secure mode. In the secure mode, the mobile device may prevent the mobile device from conducting various normal activities, such as executing applications, receiving input, providing output, and so forth. The switching component may disable other processing temporarily. Upon receiving the confirmation from the user, the switching component may send a confirmation communication to complete the transaction.
摘要翻译：技术描述为保护交易。该技术可以包括用户可以使用的切换组件来将相关联的移动设备切换到安全模式，使得用户可以确认交易。在启动交易请求之后，用户可以通过激活交换组件来确认交易请求，这可以使移动设备切换到安全模式。在安全模式下，移动设备可以防止移动设备进行各种正常的活动，例如执行应用，接收输入，提供输出等等。切换组件可能暂时禁用其他处理。在接收到来自用户的确认之后，交换组件可以发送确认通信来完成交易。

30. 发明授权

US08091115B2 Device-side inline pattern matching and policy enforcement 有权
标题翻译：设备端内联模式匹配和策略执行
公开(公告)号：US08091115B2
公开(公告)日：2012-01-03
申请号：US12245060
申请日：2008-10-03
申请人： David Abzarian , Todd L. Carpenter , Harish S. Kulkarni , Mark A. Myers , David J. Steeves
发明人： David Abzarian , Todd L. Carpenter , Harish S. Kulkarni , Mark A. Myers , David J. Steeves
IPC分类号： H04L29/06
CPC分类号： G06F21/554 , G06F21/56 , G06F21/78 , G06F21/85
摘要： Inline pattern matching and policy enforcement may be implemented by a memory storage device. In an example embodiment, a device-implemented method includes acts of receiving, intercepting, and performing and conditional acts of invoking or permitting. A request from a host to perform a memory access operation is received at a memory storage device. Data flowing between an I/O channel and physical storage of the memory storage device is intercepted. A pattern matching procedure is performed on the data with reference to multiple target patterns in real-time while the data is being intercepted. If a pattern match is detected between the data and a target pattern, a policy enforcement mechanism is invoked. If a pattern match is not detected between the data and the multiple target patterns, the request from the host to perform the memory access operation is permitted.
摘要翻译：内联模式匹配和策略实施可以由存储器存储设备实现。在示例实施例中，设备实现的方法包括接收，拦截和执行以及调用或许可的条件动作的动作。在存储器存储设备处接收来自主机执行存储器访问操作的请求。在I / O通道和存储器存储设备的物理存储之间流动的数据被截取。在数据被截获的同时，实时参照多个目标模式对数据执行模式匹配过程。如果在数据和目标模式之间检测到模式匹配，则调用策略实施机制。如果在数据和多个目标模式之间未检测到模式匹配，则允许来自主机执行存储器访问操作的请求。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式