BRPI0404008A - Integração de recursos de alta asseguração em uma aplicação através de fatoração de aplicação - Google Patents

Integração de recursos de alta asseguração em uma aplicação através de fatoração de aplicação

Info

Publication number
BRPI0404008A
BRPI0404008A BR0404008-2A BRPI0404008A BRPI0404008A BR PI0404008 A BRPI0404008 A BR PI0404008A BR PI0404008 A BRPI0404008 A BR PI0404008A BR PI0404008 A BRPI0404008 A BR PI0404008A
Authority
BR
Brazil
Prior art keywords
application
data
processor
factoring
trusted processor
Prior art date
Application number
BR0404008-2A
Other languages
English (en)
Inventor
Kenneth D Ray
Marcus Peinado
Thekkthalackal Varugis Kurien
Paul England
Original Assignee
Microsoft Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Microsoft Corp filed Critical Microsoft Corp
Publication of BRPI0404008A publication Critical patent/BRPI0404008A/pt
Publication of BRPI0404008B1 publication Critical patent/BRPI0404008B1/pt

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/40Transformation of program code
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Storage Device Security (AREA)
  • Multi Processors (AREA)

Abstract

"INTEGRAçãO DE RECURSOS DE ALTA ASSEGURAçãO EM UMA APLICAçãO ATRAVéS DE FATORAçãO DE APLICAçãO". Fatoração ou partição de aplicação é usada para integrar recursos seguros em uma aplicação convencional. A funcionalidade de uma aplicação é partilhada em dois conjuntos de acordo com o fato de se uma determinada ação envolve, ou não envolve, a manipulação de dados sensíveis. objetos de software separados (processadores) são criados para realizar esses dois conjuntos de ações. Um processador de confiança lida com os dados seguros e executa em um ambiente de alta asseguração. Quando um outro processador encontra dados seguros, esses dados são enviados para o processador de confiança. Os dados são envolvidos de tal forma que permite que os mesmos sejam roteados para o processador de confiança, e impede que os dados sejam decifrados por qualquer outra entidade que não seja o processador de confiança. é provida uma infra-estrutura que envolve os objetos, roteia os mesmos para o processador correto, e permite que a integridade deles seja atestada através de um encadeamento de confiança que conduz de volta ao componente básico que se sabe ser de confiança.
BRPI0404008A 2003-10-24 2004-09-23 sistema que gerencia o particionamento de uma aplicação, método de um primeiro objeto de software que executa em um primeiro ambiente manipulando dados aos quais se aplica uma política, sistema que suporta o particionamento de uma aplicação em pelo menos um primeiro objeto de software e um segundo objeto de software BRPI0404008B1 (pt)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US10/693,749 US7730318B2 (en) 2003-10-24 2003-10-24 Integration of high-assurance features into an application through application factoring

Publications (2)

Publication Number Publication Date
BRPI0404008A true BRPI0404008A (pt) 2005-06-21
BRPI0404008B1 BRPI0404008B1 (pt) 2017-03-28

Family

ID=34394598

Family Applications (1)

Application Number Title Priority Date Filing Date
BRPI0404008A BRPI0404008B1 (pt) 2003-10-24 2004-09-23 sistema que gerencia o particionamento de uma aplicação, método de um primeiro objeto de software que executa em um primeiro ambiente manipulando dados aos quais se aplica uma política, sistema que suporta o particionamento de uma aplicação em pelo menos um primeiro objeto de software e um segundo objeto de software

Country Status (11)

Country Link
US (1) US7730318B2 (pt)
EP (1) EP1526456B1 (pt)
JP (1) JP4896385B2 (pt)
KR (1) KR101149998B1 (pt)
CN (1) CN100426224C (pt)
AT (1) ATE519156T1 (pt)
AU (1) AU2004216595B2 (pt)
BR (1) BRPI0404008B1 (pt)
CA (1) CA2480906C (pt)
MX (1) MXPA04010158A (pt)
RU (1) RU2367006C2 (pt)

Families Citing this family (31)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7484247B2 (en) 2004-08-07 2009-01-27 Allen F Rozman System and method for protecting a computer system from malicious software
US20060075236A1 (en) * 2004-09-30 2006-04-06 Marek James A Method and apparatus for high assurance processing
CN100464295C (zh) * 2006-05-17 2009-02-25 联想(北京)有限公司 一种基于虚拟机的安全输入方法
US7877506B2 (en) * 2006-05-26 2011-01-25 International Business Machines Corporation System, method and program for encryption during routing
US9747426B2 (en) * 2006-08-31 2017-08-29 Invention Science Fund I, Llc Handling masquerading elements
EP2083372A4 (en) * 2006-10-20 2012-02-29 Panasonic Corp DEVICE AND METHOD FOR MONITORING FALSIFICATION OF APPLICATION INFORMATION
JP5007867B2 (ja) * 2007-05-11 2012-08-22 ナグラスター エル.エル.シー. 安全な環境におけるプロセッサ実行を制御するための装置
US8249257B2 (en) * 2007-09-28 2012-08-21 Intel Corporation Virtual TPM keys rooted in a hardware TPM
US8259948B2 (en) * 2007-12-29 2012-09-04 Intel Corporation Virtual TPM key migration using hardware keys
DK3046062T3 (da) * 2009-01-18 2021-05-31 Gilbarco Inc Betalingsbehandlingssystem til anvendelse i et detailsalgsmiljø med segmenteret arkitektur
US20100250903A1 (en) * 2009-03-26 2010-09-30 Celio Technology Corporation Apparatuses and systems including a software application adaptation layer and methods of operating a data processing apparatus with a software adaptation layer
FR2948789B1 (fr) * 2009-07-28 2016-12-09 Airbus Composant logiciel et dispositif pour le traitement automatise de donnees multi-usages, mettant en oeuvre des fonctions ayant besoin de differents niveaux de surete ou limites de responsabilite
RU2467389C1 (ru) * 2011-06-07 2012-11-20 Антон Андреевич Краснопевцев Способ защиты программно-информационного обеспечения от несанкционированного использования
US8874935B2 (en) 2011-08-30 2014-10-28 Microsoft Corporation Sector map-based rapid data encryption policy compliance
US9916439B2 (en) * 2012-03-22 2018-03-13 Microsoft Technology Licensing, Llc Securing a computing environment against malicious entities
CN103379089B (zh) * 2012-04-12 2016-06-22 中国航空工业集团公司第六三一研究所 基于安全域隔离的访问控制方法及其系统
US8938796B2 (en) 2012-09-20 2015-01-20 Paul Case, SR. Case secure computer architecture
CN103346886B (zh) * 2013-07-01 2016-12-28 天地融科技股份有限公司 一种发送签名数据的方法和电子签名令牌
CN103390142B (zh) * 2013-07-30 2016-09-21 东莞宇龙通信科技有限公司 一种终端
US10615967B2 (en) 2014-03-20 2020-04-07 Microsoft Technology Licensing, Llc Rapid data protection for storage devices
US9825945B2 (en) 2014-09-09 2017-11-21 Microsoft Technology Licensing, Llc Preserving data protection with policy
US9853812B2 (en) 2014-09-17 2017-12-26 Microsoft Technology Licensing, Llc Secure key management for roaming protected content
WO2016072310A1 (ja) 2014-11-05 2016-05-12 キヤノン電子株式会社 特定装置、その制御方法、及びプログラム
US9900295B2 (en) 2014-11-05 2018-02-20 Microsoft Technology Licensing, Llc Roaming content wipe actions across devices
US20160352783A1 (en) * 2015-05-27 2016-12-01 Microsoft Technology Licensing, Llc Partitioning Media Data
US9853820B2 (en) 2015-06-30 2017-12-26 Microsoft Technology Licensing, Llc Intelligent deletion of revoked data
US9900325B2 (en) 2015-10-09 2018-02-20 Microsoft Technology Licensing, Llc Passive encryption of organization data
RU2638000C1 (ru) 2017-02-08 2017-12-08 Акционерное общество "Лаборатория Касперского" Способ контроля системы исполнения программируемого логического контроллера
US11188639B2 (en) * 2018-07-19 2021-11-30 Intel Corporation System, method and apparatus for automatic program compartmentalization
DE102018120347A1 (de) * 2018-08-21 2020-02-27 Pilz Gmbh & Co. Kg Automatisierungssystem zur Überwachung eines sicherheitskritischen Prozesses
CN117354068B (zh) * 2023-12-06 2024-03-01 国网浙江省电力有限公司金华供电公司 提高分布式能量管理系统通信安全性方法与系统

Family Cites Families (32)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5892900A (en) * 1996-08-30 1999-04-06 Intertrust Technologies Corp. Systems and methods for secure transaction management and electronic rights protection
US5859966A (en) * 1995-10-10 1999-01-12 Data General Corporation Security system for computer systems
US6006332A (en) 1996-10-21 1999-12-21 Case Western Reserve University Rights management system for digital media
US6496823B2 (en) 1997-11-07 2002-12-17 International Business Machines Corporation Apportioning a work unit to execute in parallel in a heterogeneous environment
US6496847B1 (en) * 1998-05-15 2002-12-17 Vmware, Inc. System and method for virtualizing computer systems
US6397242B1 (en) * 1998-05-15 2002-05-28 Vmware, Inc. Virtualization system including a virtual machine monitor for a computer with a segmented architecture
US6327652B1 (en) * 1998-10-26 2001-12-04 Microsoft Corporation Loading and identifying a digital rights management operating system
US6192477B1 (en) * 1999-02-02 2001-02-20 Dagg Llc Methods, software, and apparatus for secure communication over a computer network
GB2380303B (en) * 2000-05-28 2005-09-14 Yaron Mayer System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages
US7039801B2 (en) * 2000-06-30 2006-05-02 Microsoft Corporation System and method for integrating secure and non-secure software objects
US20020124177A1 (en) * 2001-01-17 2002-09-05 Harper Travis Kelly Methods for encrypting and decrypting electronically stored medical records and other digital documents for secure storage, retrieval and sharing of such documents
DK1305708T3 (da) * 2001-05-11 2003-07-14 Sospita As Rækkefølge-nummereringsmekanisme til at sikre integriteten af eksekveringsrækkefølgen for indbyrdes afhængige smartcard-applikationer
US20020184520A1 (en) * 2001-05-30 2002-12-05 Bush William R. Method and apparatus for a secure virtual machine
GB2378272A (en) * 2001-07-31 2003-02-05 Hewlett Packard Co Method and apparatus for locking an application within a trusted environment
US7272832B2 (en) * 2001-10-25 2007-09-18 Hewlett-Packard Development Company, L.P. Method of protecting user process data in a secure platform inaccessible to the operating system and other tasks on top of the secure platform
US20030107584A1 (en) * 2001-12-12 2003-06-12 Intel Corporation Security system and method for visual display
US7228426B2 (en) * 2002-04-03 2007-06-05 Microsoft Corporation Integrity ordainment and ascertainment of computer-executable instructions with consideration for execution context
US7058768B2 (en) 2002-04-17 2006-06-06 Microsoft Corporation Memory isolation through address translation data edit control
US7165135B1 (en) * 2002-04-18 2007-01-16 Advanced Micro Devices, Inc. Method and apparatus for controlling interrupts in a secure execution mode-capable processor
US7082507B1 (en) * 2002-04-18 2006-07-25 Advanced Micro Devices, Inc. Method of controlling access to an address translation data structure of a computer system
US7043616B1 (en) * 2002-04-18 2006-05-09 Advanced Micro Devices, Inc. Method of controlling access to model specific registers of a microprocessor
US7130951B1 (en) * 2002-04-18 2006-10-31 Advanced Micro Devices, Inc. Method for selectively disabling interrupts on a secure execution mode-capable processor
US7603551B2 (en) * 2003-04-18 2009-10-13 Advanced Micro Devices, Inc. Initialization of a computer system including a secure execution mode-capable processor
US7130977B1 (en) * 2002-04-18 2006-10-31 Advanced Micro Devices, Inc. Controlling access to a control register of a microprocessor
US7266658B2 (en) * 2002-09-12 2007-09-04 International Business Machines Corporation System, method, and computer program product for prohibiting unauthorized access to protected memory regions
US7309004B1 (en) * 2002-12-26 2007-12-18 Diebold Self-Service Systems, Division Of Diebold, Incorporated Cash dispensing automated banking machine firmware authentication system and method
US7313687B2 (en) * 2003-01-10 2007-12-25 Microsoft Corporation Establishing a secure context at an electronic communications end-point
US7146477B1 (en) * 2003-04-18 2006-12-05 Advanced Micro Devices, Inc. Mechanism for selectively blocking peripheral device accesses to system memory
US7788669B2 (en) * 2003-05-02 2010-08-31 Microsoft Corporation System for isolating first computing environment from second execution environment while sharing resources by copying data from first portion to second portion of memory
US7269702B2 (en) * 2003-06-06 2007-09-11 Microsoft Corporation Trusted data store for use in connection with trusted computer operating system
US7398432B2 (en) * 2003-07-24 2008-07-08 International Business Machines Corporation Identify indicators in a data processing system
US7530103B2 (en) * 2003-08-07 2009-05-05 Microsoft Corporation Projection of trustworthiness from a trusted environment to an untrusted environment

Also Published As

Publication number Publication date
AU2004216595B2 (en) 2010-02-18
JP4896385B2 (ja) 2012-03-14
US7730318B2 (en) 2010-06-01
BRPI0404008B1 (pt) 2017-03-28
CA2480906C (en) 2014-01-28
RU2367006C2 (ru) 2009-09-10
ATE519156T1 (de) 2011-08-15
KR20050039541A (ko) 2005-04-29
EP1526456B1 (en) 2011-08-03
JP2005129033A (ja) 2005-05-19
EP1526456A2 (en) 2005-04-27
RU2004131022A (ru) 2006-04-10
US20050091661A1 (en) 2005-04-28
CN1609801A (zh) 2005-04-27
CN100426224C (zh) 2008-10-15
EP1526456A3 (en) 2006-05-31
AU2004216595A1 (en) 2005-05-12
MXPA04010158A (es) 2005-04-28
CA2480906A1 (en) 2005-04-24
KR101149998B1 (ko) 2012-06-01

Similar Documents

Publication Publication Date Title
BRPI0404008A (pt) Integração de recursos de alta asseguração em uma aplicação através de fatoração de aplicação
US10007808B2 (en) Protecting application programs from malicious software or malware
US8681973B2 (en) Methods, systems, and computer program products for performing homomorphic encryption and decryption on individual operations
EP3238120B1 (en) Binary translation of a trusted binary with input tagging
US9832207B2 (en) Input verification
US9798559B2 (en) Trusted binary translation
ATE539411T1 (de) Projektion von vertrauenswürdigkeit von einer zuverlässigen umgebung auf eine unzuverlässige umgebung
MY144418A (en) Verifying human interaction to a computer entity by way of a trusted component on a computing device or the like
Boivie et al. SecureBlue++: CPU support for secure execution
BR0305273A (pt) Sistema e método para transmitir informação reduzida de um certificado para executar operações de criptografia
EP1376305A2 (en) Secure hardware identifier (HWID) for use in a digital rights management (DRM) system
WO2003034188A3 (en) Method and system for detecting unauthorised executable programs _______________________________________________________________
TW200634620A (en) Mechanism to determine trust of out-of-band management agents
US9678687B2 (en) User mode heap swapping
EP1526425A3 (en) Providing secure input and output to a trusted agent in a system with a high-assurance execution environment
EP3314860A1 (en) Enterprise reputations for uniform resource locators
US9292708B2 (en) Protection of interpreted source code in virtual appliances
ATE418113T1 (de) System und verfahren zur bereitstellung von codesignierungs-diensten
Mazzeo et al. TROS: Protecting Humanoids ROS from Privileged Attackers
Khan et al. A protocol for preventing insider attacks in untrusted infrastructure-as-a-service clouds
WO2004090701A3 (en) Physical presence determination in a trusted platform
Michael Trusted computing: an elusive goal
Shah et al. A unified access control model for calibration traceability in safety-critical IoT
Savagaonkar et al. A Cpu-Instruction-Based Asymmetric Signing/Decryption Mechanism For Secure Handling Of Asymmetric Keys
Teris Securing User-data in Android-A conceptual approach for consumer and enterprise usage

Legal Events

Date Code Title Description
B25A Requested transfer of rights approved

Owner name: MICROSOFT TECHNOLOGY LICENSING, LLC (US)

B15K Others concerning applications: alteration of classification

Free format text: A CLASSIFICACAO ANTERIOR ERA: G06F 15/76

Ipc: G06F 21/53 (2013.01)

B06A Patent application procedure suspended [chapter 6.1 patent gazette]
B09A Decision: intention to grant [chapter 9.1 patent gazette]
B09X Republication of the decision to grant [chapter 9.1.3 patent gazette]
B16A Patent or certificate of addition of invention granted [chapter 16.1 patent gazette]
B21F Lapse acc. art. 78, item iv - on non-payment of the annual fees in time

Free format text: REFERENTE A 16A ANUIDADE.

B24J Lapse because of non-payment of annual fees (definitively: art 78 iv lpi, resolution 113/2013 art. 12)

Free format text: EM VIRTUDE DA EXTINCAO PUBLICADA NA RPI 2599 DE 27-10-2020 E CONSIDERANDO AUSENCIA DE MANIFESTACAO DENTRO DOS PRAZOS LEGAIS, INFORMO QUE CABE SER MANTIDA A EXTINCAO DA PATENTE E SEUS CERTIFICADOS, CONFORME O DISPOSTO NO ARTIGO 12, DA RESOLUCAO 113/2013.