CN113056739A - 到瞬态、非持久性存储电路中的文件系统的验证和安装 - Google Patents
到瞬态、非持久性存储电路中的文件系统的验证和安装 Download PDFInfo
- Publication number
- CN113056739A CN113056739A CN201980077802.3A CN201980077802A CN113056739A CN 113056739 A CN113056739 A CN 113056739A CN 201980077802 A CN201980077802 A CN 201980077802A CN 113056739 A CN113056739 A CN 113056739A
- Authority
- CN
- China
- Prior art keywords
- file system
- file
- transient
- processor
- persistent storage
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 230000002085 persistent effect Effects 0.000 title claims abstract description 53
- 230000001052 transient effect Effects 0.000 title claims abstract description 47
- 238000009434 installation Methods 0.000 title claims abstract description 34
- 238000012795 verification Methods 0.000 title claims abstract description 32
- 238000000034 method Methods 0.000 claims abstract description 42
- 230000004044 response Effects 0.000 claims abstract description 34
- 230000000116 mitigating effect Effects 0.000 claims abstract description 6
- 238000013475 authorization Methods 0.000 claims abstract description 5
- 238000012545 processing Methods 0.000 claims abstract description 5
- 230000015654 memory Effects 0.000 claims description 27
- 230000006870 function Effects 0.000 claims description 21
- 230000008859 change Effects 0.000 claims description 12
- 238000001514 detection method Methods 0.000 claims description 4
- 238000012544 monitoring process Methods 0.000 claims 3
- 230000008569 process Effects 0.000 description 7
- 238000012986 modification Methods 0.000 description 6
- 230000004048 modification Effects 0.000 description 6
- 238000007906 compression Methods 0.000 description 5
- 230000006835 compression Effects 0.000 description 5
- 230000001010 compromised effect Effects 0.000 description 4
- 238000010586 diagram Methods 0.000 description 3
- 230000000670 limiting effect Effects 0.000 description 3
- KKIMDKMETPPURN-UHFFFAOYSA-N 1-(3-(trifluoromethyl)phenyl)piperazine Chemical compound FC(F)(F)C1=CC=CC(N2CCNCC2)=C1 KKIMDKMETPPURN-UHFFFAOYSA-N 0.000 description 2
- 238000004891 communication Methods 0.000 description 2
- 238000004590 computer program Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 238000007726 management method Methods 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- 230000007704 transition Effects 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 230000006399 behavior Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 238000013144 data compression Methods 0.000 description 1
- 230000006837 decompression Effects 0.000 description 1
- 238000012217 deletion Methods 0.000 description 1
- 230000037430 deletion Effects 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000018109 developmental process Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000002093 peripheral effect Effects 0.000 description 1
- 230000002688 persistence Effects 0.000 description 1
- 230000002829 reductive effect Effects 0.000 description 1
- 230000008672 reprogramming Effects 0.000 description 1
- 230000000717 retained effect Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
- 239000013598 vector Substances 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/56—Computer malware detection or handling, e.g. anti-virus arrangements
- G06F21/562—Static detection
- G06F21/565—Static detection by checking file integrity
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/51—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/572—Secure firmware programming, e.g. of basic input output system [BIOS]
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/034—Test or assess a computer or a system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Bioethics (AREA)
- Virology (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
Abstract
Description
Claims (20)
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US201862737336P | 2018-09-27 | 2018-09-27 | |
US62/737336 | 2018-09-27 | ||
PCT/US2019/053214 WO2020069168A1 (en) | 2018-09-27 | 2019-09-26 | Validation and installation of a file system into a transient, non-persistent storage circuit |
Publications (2)
Publication Number | Publication Date |
---|---|
CN113056739A true CN113056739A (zh) | 2021-06-29 |
CN113056739B CN113056739B (zh) | 2024-06-11 |
Family
ID=68165887
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201980077802.3A Active CN113056739B (zh) | 2018-09-27 | 2019-09-26 | 用于减轻安全漏洞的方法和计算机可读介质及验证文件系统的系统 |
Country Status (6)
Country | Link |
---|---|
US (1) | US11574055B2 (zh) |
EP (1) | EP3857415A1 (zh) |
JP (1) | JP7439067B2 (zh) |
CN (1) | CN113056739B (zh) |
AU (1) | AU2019346606B2 (zh) |
WO (1) | WO2020069168A1 (zh) |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11423153B2 (en) * | 2020-08-18 | 2022-08-23 | Raytheon Company | Detection of malicious operating system booting and operating system loading |
US11941109B2 (en) * | 2021-12-21 | 2024-03-26 | Cyberark Software Ltd. | Customizable and dynamically mutable operating systems |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080256075A1 (en) * | 2007-04-10 | 2008-10-16 | Advanced Medical Optics, Inc. | External interface access control |
CN102812473A (zh) * | 2010-02-11 | 2012-12-05 | 惠普发展公司,有限责任合伙企业 | 基于可执行程序身份的文件访问 |
US9165143B1 (en) * | 2013-03-15 | 2015-10-20 | Xilinx, Inc. | Image file generation and loading |
US20150332050A1 (en) * | 2012-12-14 | 2015-11-19 | International Business Machines Corporation | Boot mechanisms for bring your own management |
US20170228235A1 (en) * | 2016-02-06 | 2017-08-10 | Verizon Patent And Licensing Inc. | Protecting and verifying contents of files on mobile computing devices |
Family Cites Families (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8639625B1 (en) * | 1995-02-13 | 2014-01-28 | Intertrust Technologies Corporation | Systems and methods for secure transaction management and electronic rights protection |
US7860246B2 (en) * | 2006-11-01 | 2010-12-28 | International Business Machines Corporation | System and method for protecting data in a secure system |
US8254568B2 (en) | 2007-01-07 | 2012-08-28 | Apple Inc. | Secure booting a computing device |
US8375440B2 (en) * | 2007-10-15 | 2013-02-12 | Microsoft Corporation | Secure bait and switch resume |
AU2011323225B2 (en) | 2010-11-05 | 2015-05-28 | Interdigital Patent Holdings, Inc. | Device validation, distress indication, and remediation |
CN102521289B (zh) * | 2011-11-29 | 2013-12-04 | 华为技术有限公司 | 一种文件同步方法、装置及系统 |
EP2884692B1 (en) * | 2013-12-13 | 2020-05-20 | Nxp B.V. | Updating software on a secure element |
US10331892B2 (en) * | 2017-02-24 | 2019-06-25 | Dell Products L.P. | Systems and methods for secure boot and runtime tamper detection |
-
2019
- 2019-09-26 JP JP2021517222A patent/JP7439067B2/ja active Active
- 2019-09-26 US US16/584,101 patent/US11574055B2/en active Active
- 2019-09-26 CN CN201980077802.3A patent/CN113056739B/zh active Active
- 2019-09-26 EP EP19783947.5A patent/EP3857415A1/en active Pending
- 2019-09-26 WO PCT/US2019/053214 patent/WO2020069168A1/en unknown
- 2019-09-26 AU AU2019346606A patent/AU2019346606B2/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20080256075A1 (en) * | 2007-04-10 | 2008-10-16 | Advanced Medical Optics, Inc. | External interface access control |
CN102812473A (zh) * | 2010-02-11 | 2012-12-05 | 惠普发展公司,有限责任合伙企业 | 基于可执行程序身份的文件访问 |
US20150332050A1 (en) * | 2012-12-14 | 2015-11-19 | International Business Machines Corporation | Boot mechanisms for bring your own management |
US9165143B1 (en) * | 2013-03-15 | 2015-10-20 | Xilinx, Inc. | Image file generation and loading |
US20170228235A1 (en) * | 2016-02-06 | 2017-08-10 | Verizon Patent And Licensing Inc. | Protecting and verifying contents of files on mobile computing devices |
Also Published As
Publication number | Publication date |
---|---|
WO2020069168A1 (en) | 2020-04-02 |
AU2019346606B2 (en) | 2024-04-04 |
US20200104495A1 (en) | 2020-04-02 |
CN113056739B (zh) | 2024-06-11 |
JP7439067B2 (ja) | 2024-02-27 |
EP3857415A1 (en) | 2021-08-04 |
US11574055B2 (en) | 2023-02-07 |
AU2019346606A1 (en) | 2021-04-15 |
JP2022502769A (ja) | 2022-01-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10735184B2 (en) | Secure storage of hashes within a distributed ledger | |
US10931451B2 (en) | Securely recovering a computing device | |
US8789037B2 (en) | Compatible trust in a computing device | |
US8254568B2 (en) | Secure booting a computing device | |
CN109937419B (zh) | 安全功能强化的设备的初始化方法及设备的固件更新方法 | |
US8874922B2 (en) | Systems and methods for multi-layered authentication/verification of trusted platform updates | |
US8291480B2 (en) | Trusting an unverified code image in a computing device | |
US11416616B2 (en) | Secure boot chain for live boot systems | |
US20220124122A1 (en) | Attestation service for enforcing payload security policies in a data center | |
US10771462B2 (en) | User terminal using cloud service, integrated security management server for user terminal, and integrated security management method for user terminal | |
CN113056739B (zh) | 用于减轻安全漏洞的方法和计算机可读介质及验证文件系统的系统 | |
CN115248919A (zh) | 一种函数接口的调用方法、装置、电子设备及存储介质 | |
US10942750B2 (en) | System and method to securely load non-UEFI based file format as OEM based UEFI custom capsule format in UEFI loader | |
US20240129127A1 (en) | Systems and methods for dual hash rolling patch secure authentication | |
CN112163224A (zh) | 一种安卓软件完整性校验方法和装置 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
REG | Reference to a national code |
Ref country code: HK Ref legal event code: DE Ref document number: 40055663 Country of ref document: HK |
|
TA01 | Transfer of patent application right | ||
TA01 | Transfer of patent application right |
Effective date of registration: 20240125 Address after: Georgia, USA Applicant after: Landis+Gail Technology Co.,Ltd. Country or region after: U.S.A. Address before: American Georgia Applicant before: LANDIS+GYR INNOVATIONS, Inc. Country or region before: U.S.A. |
|
GR01 | Patent grant | ||
GR01 | Patent grant |