BRPI0519371A2 - éltima linha de defesa assegurando e reforÇando càdigo atual/suficientemente vÁlido - Google Patents

éltima linha de defesa assegurando e reforÇando càdigo atual/suficientemente vÁlido

Info

Publication number
BRPI0519371A2
BRPI0519371A2 BRPI0519371-0A BRPI0519371A BRPI0519371A2 BR PI0519371 A2 BRPI0519371 A2 BR PI0519371A2 BR PI0519371 A BRPI0519371 A BR PI0519371A BR PI0519371 A2 BRPI0519371 A2 BR PI0519371A2
Authority
BR
Brazil
Prior art keywords
validation
circuit
computer
valid code
current
Prior art date
Application number
BRPI0519371-0A
Other languages
English (en)
Inventor
Alexander Frank
Original Assignee
Microsoft Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Microsoft Corp filed Critical Microsoft Corp
Publication of BRPI0519371A2 publication Critical patent/BRPI0519371A2/pt

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2135Metering
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2137Time limited access, e.g. to a computer or data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2139Recurrent verification
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2153Using hardware token as a secondary aspect

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

ÚLTIMA LINHA DE DEFESA ASSEGURANDO E REFORÇANDO CàDIGO ATUAL/SUFICIENTEMENTE VÁLIDO. Trata-se de um computador que é adaptado para auto-validação usando um circuito de validação ou processo dedicado. O circuito de validação pode incluir um circuito de tempo para ativar o processo de validação, um circuito de verificação para verificar se o computador está de acordo com um conjunto predeterminado de condições e um circuito de reforço para impor uma sanção ao computador quando o computador for encontrado em um estado não condizente. O circuito de validação pode incluir conjunto de circuitos criptográficos ou processos para fazer verificação e verificação de assinatura digital. O circuito de validação, de preferência, é pequeno e portátil para ajudar a assegurar que o circuito de validação, em si, não está vulnerável a um amplo ataque. Um método de auto-validação para uso por um computador também é descrito.
BRPI0519371-0A 2005-01-12 2005-12-20 éltima linha de defesa assegurando e reforÇando càdigo atual/suficientemente vÁlido BRPI0519371A2 (pt)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US11/034,377 US20060156008A1 (en) 2005-01-12 2005-01-12 Last line of defense ensuring and enforcing sufficiently valid/current code
PCT/US2005/046223 WO2006076134A2 (en) 2005-01-12 2005-12-20 Last line of defense ensuring and enforcing sufficiently valid/current code

Publications (1)

Publication Number Publication Date
BRPI0519371A2 true BRPI0519371A2 (pt) 2009-01-20

Family

ID=36654645

Family Applications (1)

Application Number Title Priority Date Filing Date
BRPI0519371-0A BRPI0519371A2 (pt) 2005-01-12 2005-12-20 éltima linha de defesa assegurando e reforÇando càdigo atual/suficientemente vÁlido

Country Status (9)

Country Link
US (1) US20060156008A1 (pt)
EP (1) EP1851896A2 (pt)
JP (1) JP2008527565A (pt)
KR (1) KR20070102489A (pt)
CN (1) CN101138191A (pt)
BR (1) BRPI0519371A2 (pt)
MX (1) MX2007007035A (pt)
RU (1) RU2007126475A (pt)
WO (1) WO2006076134A2 (pt)

Families Citing this family (36)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8347078B2 (en) 2004-10-18 2013-01-01 Microsoft Corporation Device certificate individualization
US8336085B2 (en) 2004-11-15 2012-12-18 Microsoft Corporation Tuning product policy using observed evidence of customer behavior
US8464348B2 (en) 2004-11-15 2013-06-11 Microsoft Corporation Isolated computing environment anchored into CPU and motherboard
US9436804B2 (en) * 2005-04-22 2016-09-06 Microsoft Technology Licensing, Llc Establishing a unique session key using a hardware functionality scan
US9363481B2 (en) 2005-04-22 2016-06-07 Microsoft Technology Licensing, Llc Protected media pipeline
US7603707B2 (en) * 2005-06-30 2009-10-13 Intel Corporation Tamper-aware virtual TPM
US20070061535A1 (en) * 2005-09-12 2007-03-15 Microsoft Corporation Processing unit enclosed operating system
US7669048B2 (en) * 2005-12-09 2010-02-23 Microsoft Corporation Computing device limiting mechanism
US7793090B2 (en) * 2007-08-30 2010-09-07 Intel Corporation Dual non-volatile memories for a trusted hypervisor
US8984653B2 (en) * 2008-04-03 2015-03-17 Microsoft Technology Licensing, Llc Client controlled lock for electronic devices
EP2591437B1 (en) * 2010-07-09 2018-11-14 BlackBerry Limited Microcode-based challenge/response process
US8539245B2 (en) 2010-08-06 2013-09-17 Intel Corporation Apparatus and method for accessing a secure partition in non-volatile storage by a host system enabled after the system exits a first instance of a secure mode
US9037895B2 (en) 2010-10-13 2015-05-19 The Trustees Of Columbia University In The City Of New York System and methods for silencing hardware backdoors
US9122492B2 (en) * 2010-10-25 2015-09-01 Wms Gaming, Inc. Bios used in gaming machine supporting pluralaties of modules by utilizing subroutines of the bios code
US20120331540A1 (en) * 2011-06-27 2012-12-27 Carrier Iq, Inc. Authentication and authorization method for tasking in profile-based data collection
US8572368B1 (en) * 2011-09-23 2013-10-29 Symantec Corporation Systems and methods for generating code-specific code-signing certificates containing extended metadata
US8458804B1 (en) 2011-12-29 2013-06-04 Elwha Llc Systems and methods for preventing data remanence in memory
US9064118B1 (en) * 2012-03-16 2015-06-23 Google Inc. Indicating whether a system has booted up from an untrusted image
US9779242B2 (en) * 2013-11-13 2017-10-03 Via Technologies, Inc. Programmable secure bios mechanism in a trusted computing system
US9183394B2 (en) 2013-11-13 2015-11-10 Via Technologies, Inc. Secure BIOS tamper protection mechanism
US10055588B2 (en) 2013-11-13 2018-08-21 Via Technologies, Inc. Event-based apparatus and method for securing BIOS in a trusted computing system during execution
US9507942B2 (en) * 2013-11-13 2016-11-29 Via Technologies, Inc. Secure BIOS mechanism in a trusted computing system
US10095868B2 (en) 2013-11-13 2018-10-09 Via Technologies, Inc. Event-based apparatus and method for securing bios in a trusted computing system during execution
US9129113B2 (en) 2013-11-13 2015-09-08 Via Technologies, Inc. Partition-based apparatus and method for securing bios in a trusted computing system during execution
US9547767B2 (en) 2013-11-13 2017-01-17 Via Technologies, Inc. Event-based apparatus and method for securing bios in a trusted computing system during execution
US9367689B2 (en) 2013-11-13 2016-06-14 Via Technologies, Inc. Apparatus and method for securing BIOS in a trusted computing system
US9798880B2 (en) * 2013-11-13 2017-10-24 Via Technologies, Inc. Fuse-enabled secure bios mechanism with override feature
US10049217B2 (en) 2013-11-13 2018-08-14 Via Technologies, Inc. Event-based apparatus and method for securing bios in a trusted computing system during execution
US9767288B2 (en) * 2013-11-13 2017-09-19 Via Technologies, Inc. JTAG-based secure BIOS mechanism in a trusted computing system
TWI560611B (en) * 2013-11-13 2016-12-01 Via Tech Inc Apparatus and method for securing bios
US9779243B2 (en) * 2013-11-13 2017-10-03 Via Technologies, Inc. Fuse-enabled secure BIOS mechanism in a trusted computing system
US10621351B2 (en) 2016-11-01 2020-04-14 Raptor Engineering, LLC. Systems and methods for tamper-resistant verification of firmware with a trusted platform module
CN107707981B (zh) * 2017-09-27 2020-10-30 晶晨半导体(上海)股份有限公司 一种基于Trustzone技术的微码签名安全管理系统及方法
US10530849B2 (en) 2017-10-20 2020-01-07 International Business Machines Corporation Compliance aware service registry and load balancing
US11436315B2 (en) * 2019-08-15 2022-09-06 Nuvoton Technology Corporation Forced self authentication
US11610000B2 (en) 2020-10-07 2023-03-21 Bank Of America Corporation System and method for identifying unpermitted data in source code

Family Cites Families (21)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5870474A (en) * 1995-12-04 1999-02-09 Scientific-Atlanta, Inc. Method and apparatus for providing conditional access in connection-oriented, interactive networks with a multiplicity of service providers
WO1993006695A1 (en) * 1991-09-23 1993-04-01 Z-Microsystems Enhanced security system for computing devices
US5448045A (en) * 1992-02-26 1995-09-05 Clark; Paul C. System for protecting computers via intelligent tokens or smart cards
US5389738A (en) * 1992-05-04 1995-02-14 Motorola, Inc. Tamperproof arrangement for an integrated circuit device
JP3500662B2 (ja) * 1993-06-25 2004-02-23 株式会社三洋物産 制御装置
US5513319A (en) * 1993-07-02 1996-04-30 Dell Usa, L.P. Watchdog timer for computer system reset
US5768382A (en) * 1995-11-22 1998-06-16 Walker Asset Management Limited Partnership Remote-auditing of computer generated outcomes and authenticated biling and access control system using cryptographic and other protocols
US5875236A (en) * 1995-11-21 1999-02-23 At&T Corp Call handling method for credit and fraud management
EP0880840A4 (en) * 1996-01-11 2002-10-23 Mrj Inc DEVICE FOR CONTROLLING ACCESS AND DISTRIBUTION OF DIGITAL PROPERTY
US5892906A (en) * 1996-07-19 1999-04-06 Chou; Wayne W. Apparatus and method for preventing theft of computer devices
US6367017B1 (en) * 1996-11-07 2002-04-02 Litronic Inc. Apparatus and method for providing and authentication system
US6233685B1 (en) * 1997-08-29 2001-05-15 Sean William Smith Establishing and employing the provable untampered state of a device
US6279111B1 (en) * 1998-06-12 2001-08-21 Microsoft Corporation Security model using restricted tokens
US6385727B1 (en) * 1998-09-25 2002-05-07 Hughes Electronics Corporation Apparatus for providing a secure processing environment
US6609201B1 (en) * 1999-08-18 2003-08-19 Sun Microsystems, Inc. Secure program execution using instruction buffer interdependencies
US6625729B1 (en) * 2000-03-31 2003-09-23 Hewlett-Packard Company, L.P. Computer system having security features for authenticating different components
US6716652B1 (en) * 2001-06-22 2004-04-06 Tellabs Operations, Inc. Method and system for adaptive sampling testing of assemblies
US6708893B2 (en) * 2002-04-12 2004-03-23 Lucent Technologies Inc. Multiple-use smart card with security features and method
US6782477B2 (en) * 2002-04-16 2004-08-24 Song Computer Entertainment America Inc. Method and system for using tamperproof hardware to provide copy protection and online security
US6678828B1 (en) * 2002-07-22 2004-01-13 Vormetric, Inc. Secure network file access control system
US7401234B2 (en) * 2004-03-01 2008-07-15 Freescale Semiconductor, Inc. Autonomous memory checker for runtime security assurance and method therefore

Also Published As

Publication number Publication date
CN101138191A (zh) 2008-03-05
RU2007126475A (ru) 2009-01-20
US20060156008A1 (en) 2006-07-13
WO2006076134A3 (en) 2007-06-07
JP2008527565A (ja) 2008-07-24
KR20070102489A (ko) 2007-10-18
WO2006076134A9 (en) 2007-04-19
WO2006076134A2 (en) 2006-07-20
MX2007007035A (es) 2007-07-04
EP1851896A2 (en) 2007-11-07

Similar Documents

Publication Publication Date Title
BRPI0519371A2 (pt) éltima linha de defesa assegurando e reforÇando càdigo atual/suficientemente vÁlido
BRPI0710257A8 (pt) Método para autenticar uma aplicação com uma aplicação de servidor e terminal móvel para autenticação de uma aplicação
PH12018502384A1 (en) A method and system for verifying ownership of a digital asset using a distributed hash table and a peer-to-peer distributed ledger
BR112012014035A2 (pt) Sistemas, equipamentos e métodos usando técnicas probabilísticas em tendências e perfis e previsões baseadas em modelos de comportamento de usuário de modo a oferecer recomendações
DK1257892T3 (da) Adgangskontrol til en ressource ved hjælp af et program, der anvender en digital signatur
ATE522875T1 (de) Identifizierung von textpassagen
DE602005012580D1 (de) Generierungs- und Verifizierungsverfahren durch Benutzung von Time lock puzzle
WO2009002599A3 (en) Electronically securing an electronic device using physically unclonable functions
ATE441155T1 (de) Verfahren und system zum schutz vor computerviren
DK1452940T3 (da) Systemer og fremgangsmåder til at tilvejebringe tids- og vægtbaseret fleksibelt tolerant hardware-ID
MY139166A (en) Secure electronic delivery seal for information handling system
TW200622897A (en) Computer system and its processing method with instantly booting function
BRPI0512165A (pt) dispositivo eletrÈnico, método para gerenciar um dispositivo eletrÈnico, e, produto de programa de computador
BRPI0803574A2 (pt) aparelho e método para autenticação de um programa flash
ATE534089T1 (de) Transaktionsverfahren und verifikationsverfahren
EA200970112A1 (ru) Документ, снабженный идентифицирующими и верификационными данными
BR112022007652A2 (pt) Método e aparelho de proteção de integridade de software, e método e aparelho de verificação de integridade de software
TW200515241A (en) Data management apparatus, data management method and computer program
WO2013044192A3 (en) Securing transactions against cyberattacks
ATE527776T1 (de) Verfahren und vorrichtung zur durchführung einer skalarmultiplikation auf einer elliptischen kurve mittels teilung
DE602004020521D1 (de) Atus von subschlüsseln
TW200729890A (en) Device and method for key block based authentication
ATE497197T1 (de) Feldgerät
FR2846168B1 (fr) Delegation par certificat electronique
WO2009061171A3 (en) Secure software licensing control mechanism

Legal Events

Date Code Title Description
B08F Application dismissed because of non-payment of annual fees [chapter 8.6 patent gazette]

Free format text: REFERENTE A 5A E 6AANUIDADE(S).

B08K Patent lapsed as no evidence of payment of the annual fee has been furnished to inpi [chapter 8.11 patent gazette]

Free format text: REFERENTE AO DESPACHO 8.6 PUBLICADO NA RPI 2167 DE 17/07/2012.