CN1723465A - 加载可信操作系统的方法和装置 - Google Patents
加载可信操作系统的方法和装置 Download PDFInfo
- Publication number
- CN1723465A CN1723465A CN03804546.XA CN03804546A CN1723465A CN 1723465 A CN1723465 A CN 1723465A CN 03804546 A CN03804546 A CN 03804546A CN 1723465 A CN1723465 A CN 1723465A
- Authority
- CN
- China
- Prior art keywords
- zone
- cpu
- processor
- storer
- computing machine
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
- G06F21/575—Secure boot
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/445—Program loading or initiating
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/45583—Memory management, e.g. access or allocation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/45587—Isolation or security of virtual machine instances
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Storage Device Security (AREA)
- Stored Programmes (AREA)
- Pharmaceuticals Containing Other Organic And Inorganic Compounds (AREA)
Abstract
本发明提供了一种方法和装置,可将可信操作系统加载到存储器的一个区域中。在多处理器计算机中,起始安全操作(SSO)触发连接安全操作(JSO),以停顿除一个中央处理单元(CPU)之外的所有其他CPU。SSO使得活动的CPU将操作系统的组件加载到存储器中的指定区域中,通过在存储器中记录所指定的区域的内容的加密哈希来注册所加载的操作系统的身份,在所指定的区域中的已知入口点处开始运行,并触发JSO来使得被停顿的CPU同样在所述已知入口点处开始运行。
Description
技术领域
本发明涉及微处理器。具体地说,本发明涉及处理器安全性。
背景技术
微处理器和通信技术的进展已经为超越传统经商方法的应用提供了许多机会。电子商务和“企业到企业”交易正变得非常普及,以很快的速度达到了全球市场。不幸的是,尽管现代微处理器系统向用户提供了方便而有效的经商、通信和交易方法,但是它们也容易受到肆无忌惮的攻击。这些攻击的例子包括病毒、入侵、安全性破坏以及篡改等等。因此,计算机安全性对于保护计算机系统的完整性并增加用户的信任来说都变得越来越重要。
在操作系统的上下文中,计算机安全性最初是由确认“你正在加载(或已经加载了)一个可信操作系统”来确定的。在可信操作系统中,用户或第三方随后可检查该系统,并确定是否已加载了给定的操作系统,如果是的话,则确定该系统是否已加载到安全的环境中。
然而,当引导普通操作系统时,必须引导多种代码组件。即使你可以选择应该加载哪个代码组件,操作系统仍包含了极大量的代码,以致难于确认该操作系统的具体身份,也难于确认你是否应信任它,即它是否已被加载到安全的环境中。
在多处理器环境中,确定是否可信任操作系统尤其困难。这是因为每个中央处理单元(CPU)(有时甚至是一个系统设备)都可以执行可能会改变并损害已加载的代码的完整性的代码流。因此,经常需要至少在操作系统级别来假设该操作系统是可信的。这一假设可能是错误的,并可导致计算机安全中的灾难性故障。
附图说明
在附图中以示例性实施例而非限制性地描述了本发明,类似的标号表示类似的元件,其中:
图1示出了典型的操作系统组件及对应的特权级的组织的一般性概要;
图2的框图示出了包含本发明的计算机系统的一个通用实施例,其中可实施本发明的某些方面;
图3的流程图示出了一种方法的某些方面,该方法将由执行图2所示的本发明一个实施例的计算设备所执行;
图4的流程图示出了一种方法的某些其他方面,该方法将由执行图2所示的本发明一个实施例的计算设备所执行;
图5的流程图示出了一种方法的某些方面,该方法将由执行图2所示的本发明另一个实施例的计算设备所执行;并且
图6的框图示出了一种计算机系统的一个通用实施例,在其中可实施本发明在图2-5中所示的某些方面。
具体实施方式
在下面对本发明若干方面的描述中,将描述用于加载可信操作系统的方法和装置。将给出具体细节以透彻地理解本发明。然而,对本领域内的技术人员来说,很清楚利用(或没有)所有这些具体细节(或其中一些),并且只是利用本发明在此描述的一些或所有方面,也可以实施本发明。在一些情形下,省略或简化了一些公知特征,以免混淆本发明。
本说明书的一些部分所使用的术语是本领域内的技术人员用来向其同行描述其工作的本质时采用的术语,包括计算机系统所执行的操作及其操作数的术语,例如发送、接收、检索、确定、生成、记录、存储等等。本领域内的技术人员将会理解到,这些操作数采用了电、磁或光信号的形式,所述操作涉及通过系统的电、磁或光组件来存储、传输、结合以及操作这些信号。所述系统包括这些组件的通用及专用设置,所述组件可以是单独的、附属的或嵌入式的。
若干操作将被描述为依次执行的多个分离步骤,该描述方式对理解本发明来说是很有帮助的。然而,所述描述顺序不应被理解为意味着这些操作必须以提供它们的顺序来执行,也不一定是顺序相关的。最后,重复使用的短语“在一个实施例中”未必指的是相同的实施例,尽管可能是相同的实施例。
在计算机系统或平台中提供安全性的一个原理是“实施特权级”这一概念。特权级限制了特定软件组件可以访问哪些系统资源(例如特权指令、存储器、输入/输出设备等等)。图1示出了典型的操作系统组件及对应的特权级的组织的一般性概要。在没有虚拟机(VM)技术的系统100中,操作系统120包括一个称为特权软件核125的小驻留程序组件,其以最高特权级170运行,即特权软件核125可以执行特权和非特权指令,并可访问存储器和I/O设备。另一类系统组件,即设备驱动程序130也可以以高特权级170运行,尤其是在系统支持直接存储器访问(DMA)事务的情况下,在DMA事务中,设备驱动程序130可以将其设备的内容直接写到存储器而不涉及处理器(例如不使用用于访问存储器的特权软件核125)。其他类型的系统组件例如应用程序140以较低的特权级180运行,只能执行非特权或较低特权指令,或者可在操作系统120中对特权软件核125作出管理性调用(SVC)以执行特权指令,或者更一般地说是代表应用程序140访问特权系统资源。
在具有VM技术的系统110中,另一类系统组件以最高特权运行:虚拟机监控器(VMM)150。在VM系统110中,操作系统120实际运行的特权低于VMM 150。在一些VMM实现中,VMM 150可被分割成VMM核心组件150和一个或多个VMM扩展160,VMM扩展160的运行特权低于VMM核心组件150但高于操作系统120。按照这种方式,VMM核心组件150在出现有问题的VMM扩展160时也可保持其完整性。
图2的框图示出了包含本发明的计算机系统200的一个通用实施例,其中可实施本发明的某些方面。应理解到,计算机系统200的各个组件之间的差别仅仅是逻辑上的差别;在实际中,这些组件中的任一个都可被集成到同一硅管芯(die)上、被划分成多个管芯或以上二者的组合,而不偏离本发明的范围。在所示出的计算机系统200中,中央处理单元(CPU)210/220/230或设备240/245/250具有使它们可启动存储器270中的事务所需的高特权级170。存储器控制器260负责将来自存储器270的存储器事务转发到适当的目的地。
计算机系统200还包括加密哈希值的哈希摘要280,所述哈希值标识出已被加载到存储器270的多个区域中的一个或多个操作系统组件的内容。应注意,加密哈希值在本领域中公知为由一个单向数学或其他函数生成,该函数具有一个称为预映射(pre-image)的可变长度输入串,并将之转换成固定长度的输出串,该输出串称为哈希值,一般较小。哈希函数是单向的,这是因为难于生成与另一个预映射的哈希值相匹配的预映射。哈希摘要签名引擎290具有可访问哈希摘要280的的安全通道,并在接收到请求时对哈希摘要280的内容进行签名。对哈希摘要280的内容进行签名在本领域中是公知的,并被用来产生数字签名,该签名以后可用来认证签名者的身份,并确保哈希摘要280的内容未被篡改。通过请求这一签名,外部实体可观测系统组件由所述哈希报告的状态,并决定是否信任计算机系统200,即哈希摘要280的签名内容是否与所述系统组件的预期签名相匹配。
为了确保由所述哈希报告的所述组件状态使得可信任计算机系统200,该计算机系统的各个CPU 210/220/230都包含或都能够包含本发明的方法和装置的实施例,以促进可信操作系统的安装(或加载)。
在一个实施例中,本发明的方法和装置包括起始安全操作(startsecure operation,SSO)206和连接安全操作(join secure operation,JSO)204,二者都能够运行在该计算机系统的任一CPU 210/220/230上。SSO206和JSO 204是原子性地执行、以确保计算机系统200的完整性的逻辑操作。SSO 206和JSO 204可被实现为在软件、硬件或其结合中执行的一系列特权指令,而不偏离本发明的范围。
在一个实施例中,SSO 206取得存储器270在存储器区域参数202中已指定的一个区域(或多个区域),并使得计算机系统200执行多个操作,所述操作使得CPU 210/220/230中的一个将操作系统代码中的一个或多个组件加载并注册到存储器270的指定区域中,而JSO 204防止其他CPU进行干预。加载所述一个或多个操作系统组件后,JSO 204和SSO206还迫使CPU 210/220/230跳转到存储器270中现在已确保其安全性的指定区域中的已知入口点(也称为安全性内核275),该入口点处于已知的特权状态中,即根据所述CPU的对应的高特权级170,可访问计算机系统200的资源的状态。
在一个实施例中,在通过存储器区域参数202或以其他方式标识出存储器270中将确保其安全性的区域或多个区域后,SSO 206将要确保其安全性的代码置入存储器270中所标识出的区域中,即将所述操作系统代码(或其一部分)置入安全性内核275中。所述代码可以是任何希望被信任的代码,例如操作系统120的特权软件核125,或者在具有VM的系统110中,所述代码是VMM核心150,即VM监控器核心代码。
在一个实施例中,将所述代码置入安全性内核275之后,SSO 206通过注册所述操作系统代码(例如特权软件核125或VMM核心150)的身份来安全地启动该操作系统。SSO 206通过计算并记录所述代码的哈希摘要280,并使用哈希摘要签名引擎290来对哈希摘要280进行密码签名,从而注册所述代码的身份。注册后,所述操作系统成为可信操作系统,能够被外部实体所验证。
在具有多个CPU的计算机系统200中,如图2所示,计算机系统200必须还能够防止执行SSO 206的CPU 210之外的CPU 220/230干预可信操作系统的安全启动。因此,每个CPU 210/220/230都还设置了JSO 204。当在CPU 210上启动SSO 206时,SSO 206通知其他CPU 220/230执行JSO204。
在一个实施例中,JSO 204迫使各CPU 220/230进入一个专用停顿状态,并将它们进入停顿状态这一事件发信号通知给启动SSO的CPU 210。当启动SSO的CPU 210接收到来自所有其他CPU 220/230的停顿信号时,SSO 206通过将所期望的代码置入安全性内核275并注册它,从而开始加载可信操作系统。启动SSO 206的CPU 210完成可信操作系统的加载后,即当已在安全性内核275中注册所述代码的身份时,SSO 206迫使CPU210跳转到安全性内核275中的已知入口点,由于SSO 206的操作,安全性内核275此时已具有已知的特权状态。另外,SSO 206发信号通知其他CPU 220/230退出它们各自的专用停顿状态。在退出停顿状态后,JSO 204迫使CPU 220/230也跳转到安全性内核275中的已知入口点。
在一个实施例中,将存储器区域参数202指定为存储器270中的一个地址范围,该参数包括一个或多个起始地址和停止地址对。然而,也可采用其他方式来指定将确保存储器270中的哪个或哪些区域的安全性,而不偏离本发明的范围。例如,存储器区域参数202的另一个实施例也可被指定为起始地址和区域长度。
现在参考图3-5,参考一系列流程图,以计算机软件的方式来描述本发明的特定方法。将由计算机执行的所述方法构成了由计算机可执行指令组成的计算机程序。通过参考流程图来描述所述方法,这使得本领域内的技术人员可开发包括这些指令的程序,以在适当配置的计算机上执行所述方法(所述计算机的处理器执行来自计算机可访问介质的指令)。所述计算机可执行指令可以计算机编程语言来编写,或可以包含在固件逻辑或微引擎代码中等等。如果以遵从公认标准的编程语言编写,则这些指令可以在多种硬件平台上运行,并可接口到多种操作系统。另外,本发明并非是参考任何特定的编程语言来描述的。将可认识到,可使用多种编程语言来实现本发明在此的教导。而且,本领域中将具有多种形式(例如程序、过程、进程、应用程序等等)的软件视作为采取一个动作或造成某种结果是很常见的。这些表述仅仅是“计算机对软件的执行使得计算机的处理器执行一个动作或产生某种结果”的便捷表达方式。
图3的流程图示出了一种方法的某些方面,该方法将由执行图2所示的本发明一个实施例的计算设备所执行。具体地说,图3示出了将由执行SSO 206的计算机执行的一些动作,其中SSO 206包含了本发明的一个实施例。处理开始于过程305,在此,计算机系统200的CPU之一例如CPU210通过在过程310确保计算机系统200的所有其他CPU 220/230已执行204,从而准备执行SSO 206。JSO 204使得计算机系统200的其他CPU220/230进入停顿状态,因此它们在可信操作系统的加载期间不能干预SSO 206和CPU 210。在一个实施例中,在已停顿所有其他CPU 220/230之后,SSO 206在过程315处继续,使得CPU 210(或者在其他情形下是存储器控制器260)阻止计算机系统200的设备240/245/250访问存储器270在存储器区域参数202中指定的区域(即安全性内核275)。在SSO206的持续期间阻止设备访问安全性内核275一般只是在支持直接存储器访问(DMA)的计算机系统200中才是必需的。在一个实施例中,阻止设备访问安全性内核275也可由标准芯片集来执行。
在一个实施例中,在过程320,SSO 206清除哈希摘要280的当前内容,以准备记录当前的平台和哈希摘要信息。在过程325,SSO 206将所述平台信息记录在哈希摘要280中。平台信息的记录可以是也可不是必需的,这取决于计算机系统200的体系结构,并可包括执行SSO 206的CPU210的版本号等等。在过程330,SSO 206还计算当前出现在安全性内核275中的代码(即特权软件核125或VMM核心150)的加密哈希摘要。SSO 206还将这一信息记录在哈希摘要280中。在过程335,在哈希摘要280中记录必要的信息后,SSO 206将CPU 210置入到已知的特权状态中。一旦CPU 210处于已知的特权状态,SSO 206就可以进一步迫使CPU210跳转到安全性内核275中的已知入口点。所述已知的入口点可以是安全性内核275的任意可寻址区域。CPU 210跳转到已知入口点后,SSO206完成,发信号通知其他CPU 220/230恢复活动并将控制权返回给CPU210。
SSO 206完成后,外部实体可向哈希摘要签名引擎290发送请求,以激活可访问哈希摘要280的安全通道,并使得哈希摘要签名引擎290读取SSO 206所记录的摘要280的内容并对之进行密码签名。如前所述,通过请求这一签名,外部实体可观测由所述哈希报告的组件状态,并决定是否信任计算机系统200,即是否已加载可信操作系统。
图4的流程图示出了一种方法的某些方面,该方法将由执行图2所示的本发明一个实施例的计算设备所执行。具体地说,图4示出了运行JSO204的计算机执行的一些动作,其中JSO 204包含了本发明的一个实施例。处理开始于过程405,在此,计算机系统200的每一个非SSO CPU例如CPU 220/230响应于CPU 210上的SSO 206的动作而进入专用停顿状态。所述停顿状态防止CPU 220/230在可信操作系统的加载期间干预SSO206和CPU 210。CPU 220/230中的每一个都在进入停顿状态时发信号通知CPU 210上的SSO 206。JSO 204继续过程415处的判定,一直等到接收到“CPU 210上的SSO 206已完成可信操作系统的初始化”这一信号为止。所述初始化一完成,JSO 204就继续过程420,使得CPU 220/230退出所述专用停顿状态。在过程425,JSO 204使得CPU 220/230跳转到安全性内核275中的已知入口点,之后,JSO 204在终点430处完成处理,并将控制权返回给各CPU 220/230。
图3-4描述了SSO 206和JSO 204的处理的通用实施例,图5描述了SSO 206和JSO 204在具有VM的计算机系统200(包括具有32位CPU的VM系统和VMM扩展160)上的示例性实现。处理开始于过程505,在此,计算机系统200的CPU之一(例如CPU 210)上的SSO 206接收存储器区域参数202,该参数具有表示为参数EAX的起始物理地址和表示为ECX的结束物理地址的形式。EAX和ECX中指定的地址一起指定了存储器270中将确保其安全性的区域。SSO 206在过程510采取准备性动作,以提供SSO 206将在其中运行的所需环境。所述准备性动作取决于计算机系统200的体系结构,并可包括(但不局限于)确保所述起始物理地址EAX具有小于结束物理地址ECX的值。另外,SSO 206可确保启用了CPU 210的保护模式并禁止了调页(paging)、物理地址扩展和VM扩展模式,并将CPU 210的特权级暂时设置为零。其他可能的准备性动作可包括禁止对存储器270中将确保其安全性的一个区域或多个区域(即安全性内核275)的直接存储器访问(DMA),以及禁止到CPU 210的硬件中断。禁止硬件中断有助于确保原子性地执行SSO 206和JSO 204。更重要的是,SSO 206使得其他CPU 220/230中的每一个启动JSO 204以确保所有其他非SSO CPU都停顿,从而防止其干预SSO 206的操作,这样,SSO206就提供加载可信操作系统所需的环境。
完成所述准备性动作后,SSO 206在过程515处继续,为存储器270中的指定区域创建加密哈希280,所述区域开始于地址EAX,结束于地址ECX。当确保存储器270中的多个区域的安全性时,重复过程515,直到其安全性受确保的所有区域即整个安全性内核275都被包含在加密哈希280中。在过程520,SSO 206将加密哈希280记录在作为哈希摘要280的芯片集寄存器中。SSO 206继续过程525,引导CPU 210进入已知状态,并进一步继续过程530,使得CPU 210跳转到存储器270中的哈希(即其安全性受确保的)区域,即安全性内核275。SSO 206结束在过程535,在此CPU 210将处于所引导的已知状态,所有的中断被禁止,并且将确保安全性内核275的安全性。
图6示出了一种通用计算机系统600的一个实施例,在其中可实施本发明在图2-5中所示的一个实施例。本发明的一个实施例可实现在个人计算机(PC)体系结构上。然而,对本领域内的普通技术人员来说,很清楚也可采用其他计算机系统体系结构或其他处理器、可编程或电子设备。
一般地,图6所示的计算机系统包括一个或多个处理器602,其通过总线601耦合到随机访问存储器(RAM)603、只读存储器(ROM)604和大容量存储设备607。大容量存储设备607表示持久性数据存储设备,例如软盘驱动器、(例如磁、光、磁光等等的)固定盘驱动器,或者流式磁带驱动器。处理器602表示任意体系结构类型的中央处理单元,例如复杂指令集计算机(CISC)、精简指令集计算机(RISC)、超长指令字(VLIW)或混杂式体系结构。在一个实施例中,处理器602与英特尔体系结构(IA)处理器(例如PentiumTM系列、IA-32TM和IA-64TM)兼容。在一个实施例中,计算机系统600包括任意数量的处理器,例如图2所示的CPU 210/220/230。
显示设备605通过总线601耦合到(多个)处理器602,并提供计算机系统600的图形输出。输入设备606例如键盘或鼠标耦合到总线601,以传送信息和命令选择到处理器602。输入/输出接口610也通过总线601耦合到处理器602,该接口可用于控制连接到计算机系统600的电子设备(打印机、其他计算机等等)并向其传输数据。计算机系统600包括网络设备608,用于将计算系统600连接到网络614,可通过该网络从例如远程设备612接收数据。网络设备608可包括以太网设备、电话插孔和卫星链路。对本领域内的普通技术人员来说很清楚也可利用其他网络设备。
本发明的一个实施例可全部存储为大容量存储设备607上的软件产品。本发明的另一个实施例可嵌入在硬件产品上,例如印刷电路板中、专用处理器中或可通信地耦合到总线601的专用编程逻辑设备中。本发明的其他实施例可部分实现为软件产品而部分实现为硬件产品。
当本发明的实施例被表示为存储在机器可访问介质(也称为计算机可访问介质或处理器可访问介质)例如大容量存储设备607上的软件产品时,该机器可访问介质可以是任何类型的磁、光或电存储设备,包括磁盘、CD-ROM、存储器设备(易失性或非易失性的)或类似的存储机构。所述机器可访问介质可包含指令、代码序列、配置信息或其他数据的各种集合。本领域内的技术人员将会认识到,实现在此描述的本发明所需的其他指令和操作也可存储在所述机器可访问介质上。在本发明的一个实施例中,所述机器可访问介质包括一些指令,所述指令被机器执行时可使得该机器执行包含SSO 206和JSO 204在内的操作。
因此,在此描述了一种用于加载可信操作系统的新方法。从前面的描述中,本领域内的技术人员将会认识到可对本发明作出许多变动。例如,当在大型机或可比较的机器类型上实现本发明时,可以不必禁止对存储器270中将确保其安全性的一个区域或多个区域(即安全性内核275)的直接存储器访问(DMA),或者不必禁止到CPU 210的硬件中断。另一方面,当在具有PC体系结构的机器上实现本发明时,可能需要这些附加的保护机制来提供可在其中实施本发明的操作环境。因此,本发明并不受限于所描述的细节。相反,在所附权利要求的精神和范围之内,可以对本发明进行修正和改动来实施本发明。
Claims (38)
1.一种加载可信操作系统的方法,包括:
多个处理器中的一个处理器标识出计算机的存储器中的一个区域;
将内容加载到所述区域中;
注册其安全性受确保的所述区域的所述内容的身份;以及
使得所述一个处理器跳转到所述内容中的已知入口点。
2.如权利要求1所述的方法,还包括:
防止所述多个处理器中的每一个其余处理器干预所述标识、加载和注册。
3.如权利要求2所述的方法,其中防止干预包括停顿所述多个处理器中的每一个其余处理器,直到所述标识、加载和注册完成。
4.如权利要求2所述的方法,还包括:
使得所述多个处理器中的每一个其余处理器跳转到所述内容中的已知入口点。
5.如权利要求1所述的方法,其中“标识”包括接收一个区域参数,该区域参数指定了所述区域的位置。
6.如权利要求5所述的方法,其中所述位置是所述计算机的存储器中可定位所述区域的地址范围。
7.如权利要求5所述的方法,其中所述位置包括所述计算机的存储器中可定位所述区域的起始地址和长度。
8.如权利要求1所述的方法,其中“注册”包括:
记录所述其安全性受确保的所述区域的所述内容的哈希摘要;以及
签名所述哈希摘要,该签名的哈希摘要存储在所述计算机的存储器中的寄存器中。
9.如权利要求1所述的方法,其中所述内容是将操作所述计算机的操作系统的组件。
10.如权利要求9所述的方法,其中所述操作系统是Windows操作系统、Windows 95操作系统、Windows 98操作系统、Windows NT操作系统、Windows 2000操作系统、虚拟机监控器以及特权软件核中之一。
11.如权利要求1所述的方法,其中所述标识、加载和注册不可中断。
12.一种制品,包括:
包含数据的机器可读介质,所述数据被机器访问时使得该机器执行以下操作:
在计算机中的多个CPU中,停顿除一个CPU之外的所有其他CPU;
在该计算机的存储器中标识一个区域;
阻止除了所述未被停顿的CPU之外的所有其他资源访问所标识的区域;
将内容加载到所标识的区域中;
将所述内容的加密哈希记录在所标识的区域中;以及
使得所述未被停顿的CPU在所标识的区域中的已知入口点处开始运行。
13.如权利要求12所述的制品,其中,使得所述机器停顿多个CPU中除一个CPU之外的所有其他CPU的数据包括使得多个CPU中除一个CPU之外的所有其他CPU进入停顿状态的数据。
14.如权利要求13所述的制品,其中所述数据还使得所述被停顿的CPU在所述未被停顿的CPU已开始在所标识的区域中的已知入口点处开始运行后退出所述停顿状态。
15.如权利要求14所述的制品,其中所述数据还使得以前被停顿的CPU在退出所述停顿状态后,在所标识的区域中的已知入口点处开始运行。
16.如权利要求13所述的制品,其中使得所述机器记录所述加密哈希的数据包括还使得该机器进行下述操作的数据
清除所述计算机的存储器中的哈希摘要区域;
将所需的平台信息记录在所述哈希摘要区域中;
计算所标识的区域的加密哈希;以及
将所计算的加密哈希记录在所述哈希摘要区域中。
17.如权利要求16所述的制品,其中所述哈希摘要区域是所述计算机的存储器中的寄存器。
18.如权利要求13所述的制品,其中使得所述机器标识所述计算机的存储器中的所述区域的数据包括下述数据,其还使得所述机器接收至少一个包含所标识的区域的位置的区域参数。
19.如权利要求13所述的制品,其中所述位置包括所标识的区域的地址。
20.如权利要求13所述的制品,其中所述位置包括所标识的区域的长度。
21.一种确保计算机的存储器中某个区域的安全性的方法,包括:
在计算机中的多个CPU中,停顿除一个CPU之外的所有其他CPU;
阻止除了所述未被停顿的CPU之外的所有其他资源访问该计算机的存储器中的某个区域;
记录所述区域的加密哈希;以及
将所述未被停顿的CPU置入已知的特权状态。
22.如权利要求21所述的方法,还包括使得所述未被停顿的CPU跳转到所述区域中的已知入口点。
23.如权利要求21所述的方法,其中“停顿”包括使得多个CPU中除一个CPU之外的所有其他CPU进入专用停顿状态。
24.如权利要求23所述的方法,还包括:使得所述被停顿的CPU在所述未被停顿的CPU已被置入所述已知特权状态后退出所述专用停顿状态。
25.如权利要求24所述的方法,还包括:使得以前被停顿的CPU在退出所述专用停顿状态后在所述区域中的已知入口点处开始运行。
26.如权利要求21所述的方法,其中记录所述加密哈希包括:
清除所述计算机的存储器中的哈希摘要区域;
将所需的平台信息记录在所述哈希摘要区域中;
计算所述区域的内容的加密哈希;以及
将所计算的加密哈希记录在所述哈希摘要区域中。
27.如权利要求26所述的方法,其中所述哈希摘要区域是所述计算机的存储器中的寄存器。
28.如权利要求26所述的方法,其中计算所述区域的内容的加密哈希由耦合到所述计算机的存储器的摘要签名引擎执行。
29.如权利要求21所述的方法,其中在至少一个区域参数中指定所述区域。
30.如权利要求29所述的方法,其中所述至少一个区域参数是所述计算机的存储器中其安全性将受确保的区域的地址。
31.如权利要求29所述的方法,其中所述至少一个区域参数是所述计算机的存储器中其安全性将受确保的区域的长度。
32.一种加载可信操作系统的装置,包括:
具有起始安全操作的第一处理器,所述起始安全操作具有存储器区域参数,其中所述第一处理器执行所述起始安全操作,以阻止对所述存储器区域参数中指定的存储器区域的访问,并将内容置入所指定的区域中;
哈希摘要,其中所述第一处理器还执行所述起始安全操作,以清除所述哈希摘要的当前内容,并在所述哈希摘要中记录所指定的区域的内容的加密哈希;并且
其中,所述第一处理器还执行所述起始安全操作,以解除对所指定的区域的访问禁止,并跳转到所指定的区域的内容中的已知入口点。
33.如权利要求32所述的装置,还包括:
第二处理器,所述第二处理器具有连接安全操作,其中所述第二处理器执行所述连接安全操作来防止所述第二处理器干预所述第一处理器对所述起始安全操作的执行。
34.如权利要求33所述的装置,其中当所述第一处理器开始执行所述起始安全操作时,所述第二处理器开始执行所述连接安全操作。
35.如权利要求33所述的装置,其中,为了防止所述第二处理器干预所述第一处理器对起始安全操作的执行,所述连接安全操作使得所述第二处理器进入停顿状态,直到所述第一处理器完成所述起始安全操作的执行。
36.如权利要求35所述的装置,其中所述第一处理器执行连接安全操作来进一步使得所述第二处理器退出所述停顿状态,所述退出发生在所述第一处理器完成所述起始安全操作的执行并在所指定的区域的内容中的已知入口点处开始运行后。
37.如权利要求32所述的装置,还包括具有可访问所述哈希摘要的安全通道的摘要签名引擎,该摘要签名引擎响应于执行所述起始安全操作的所述第一处理器的请求,计算所指定的区域中的内容的加密哈希。
38.如权利要求32所述的装置,其中所述哈希摘要是所述装置的存储器中所指定的区域之外的寄存器。
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US10/085,839 US7631196B2 (en) | 2002-02-25 | 2002-02-25 | Method and apparatus for loading a trustable operating system |
US10/085,839 | 2002-02-25 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN1723465A true CN1723465A (zh) | 2006-01-18 |
CN100423013C CN100423013C (zh) | 2008-10-01 |
Family
ID=27753730
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CNB03804546XA Expired - Lifetime CN100423013C (zh) | 2002-02-25 | 2003-02-13 | 加载可信操作系统的方法和装置 |
Country Status (7)
Country | Link |
---|---|
US (3) | US7631196B2 (zh) |
CN (1) | CN100423013C (zh) |
AU (1) | AU2003213080A1 (zh) |
DE (4) | DE10394383B4 (zh) |
GB (1) | GB2402521B (zh) |
HK (1) | HK1068178A1 (zh) |
WO (1) | WO2003073269A2 (zh) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103119601A (zh) * | 2010-08-18 | 2013-05-22 | 英特尔公司 | 用于在独立于操作系统(os)的防病毒(av)扫描器上执行强制性安全策略的方法和装置 |
CN108595981A (zh) * | 2018-05-09 | 2018-09-28 | 深圳市桑格尔科技股份有限公司 | 加密安卓系统的方法 |
Families Citing this family (48)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7752419B1 (en) | 2001-03-22 | 2010-07-06 | Qst Holdings, Llc | Method and system for managing hardware resources to implement system functions using an adaptive computing architecture |
US7653710B2 (en) | 2002-06-25 | 2010-01-26 | Qst Holdings, Llc. | Hardware task manager |
US7249242B2 (en) | 2002-10-28 | 2007-07-24 | Nvidia Corporation | Input pipeline registers for a node in an adaptive computing engine |
US6836839B2 (en) | 2001-03-22 | 2004-12-28 | Quicksilver Technology, Inc. | Adaptive integrated circuitry with heterogeneous and reconfigurable matrices of diverse and adaptive computational units having fixed, application specific computational elements |
US7962716B2 (en) | 2001-03-22 | 2011-06-14 | Qst Holdings, Inc. | Adaptive integrated circuitry with heterogeneous and reconfigurable matrices of diverse and adaptive computational units having fixed, application specific computational elements |
US6577678B2 (en) | 2001-05-08 | 2003-06-10 | Quicksilver Technology | Method and system for reconfigurable channel coding |
US7046635B2 (en) | 2001-11-28 | 2006-05-16 | Quicksilver Technology, Inc. | System for authorizing functionality in adaptable hardware devices |
US8412915B2 (en) | 2001-11-30 | 2013-04-02 | Altera Corporation | Apparatus, system and method for configuration of adaptive integrated circuitry having heterogeneous computational elements |
US6986021B2 (en) | 2001-11-30 | 2006-01-10 | Quick Silver Technology, Inc. | Apparatus, method, system and executable module for configuration and operation of adaptive integrated circuitry having fixed, application specific computational elements |
US7215701B2 (en) | 2001-12-12 | 2007-05-08 | Sharad Sambhwani | Low I/O bandwidth method and system for implementing detection and identification of scrambling codes |
US7403981B2 (en) | 2002-01-04 | 2008-07-22 | Quicksilver Technology, Inc. | Apparatus and method for adaptive multimedia reception and transmission in communication environments |
US7631196B2 (en) | 2002-02-25 | 2009-12-08 | Intel Corporation | Method and apparatus for loading a trustable operating system |
US7069442B2 (en) | 2002-03-29 | 2006-06-27 | Intel Corporation | System and method for execution of a secured environment initialization instruction |
US7660984B1 (en) * | 2003-05-13 | 2010-02-09 | Quicksilver Technology | Method and system for achieving individualized protected space in an operating system |
US7328414B1 (en) | 2003-05-13 | 2008-02-05 | Qst Holdings, Llc | Method and system for creating and programming an adaptive computing engine |
US8108656B2 (en) | 2002-08-29 | 2012-01-31 | Qst Holdings, Llc | Task definition for specifying resource requirements |
US7937591B1 (en) | 2002-10-25 | 2011-05-03 | Qst Holdings, Llc | Method and system for providing a device which can be adapted on an ongoing basis |
US8276135B2 (en) | 2002-11-07 | 2012-09-25 | Qst Holdings Llc | Profiling of software and circuit designs utilizing data operation analyses |
US7225301B2 (en) | 2002-11-22 | 2007-05-29 | Quicksilver Technologies | External memory controller node |
US20050044408A1 (en) * | 2003-08-18 | 2005-02-24 | Bajikar Sundeep M. | Low pin count docking architecture for a trusted platform |
US7496961B2 (en) * | 2003-10-15 | 2009-02-24 | Intel Corporation | Methods and apparatus to provide network traffic support and physical security support |
US8239673B2 (en) * | 2004-04-08 | 2012-08-07 | Texas Instruments Incorporated | Methods, apparatus and systems with loadable kernel architecture for processors |
GB0411654D0 (en) * | 2004-05-25 | 2004-06-30 | Hewlett Packard Development Co | A generic trusted platform architecture |
US7698552B2 (en) * | 2004-06-03 | 2010-04-13 | Intel Corporation | Launching a secure kernel in a multiprocessor system |
US7694121B2 (en) * | 2004-06-30 | 2010-04-06 | Microsoft Corporation | System and method for protected operating system boot using state validation |
US7886293B2 (en) * | 2004-07-07 | 2011-02-08 | Intel Corporation | Optimizing system behavior in a virtual machine environment |
US7370189B2 (en) | 2004-09-30 | 2008-05-06 | Intel Corporation | Method and apparatus for establishing safe processor operating points in connection with a secure boot |
WO2006082994A2 (en) * | 2005-02-07 | 2006-08-10 | Sony Computer Entertainment Inc. | Methods and apparatus for facilitating a secure session between a processor and an external device |
WO2006082985A2 (en) * | 2005-02-07 | 2006-08-10 | Sony Computer Entertainment Inc. | Methods and apparatus for providing a secure booting sequence in a processor |
US7647589B1 (en) * | 2005-02-07 | 2010-01-12 | Parallels Software International, Inc. | Methods and systems for safe execution of guest code in virtual machine context |
JP4606339B2 (ja) * | 2005-02-07 | 2011-01-05 | 株式会社ソニー・コンピュータエンタテインメント | セキュアなプロセッサの処理の移行を実施する方法および装置 |
US8272058B2 (en) | 2005-07-29 | 2012-09-18 | Bit 9, Inc. | Centralized timed analysis in a network security system |
US8984636B2 (en) | 2005-07-29 | 2015-03-17 | Bit9, Inc. | Content extractor and analysis system |
US7895651B2 (en) | 2005-07-29 | 2011-02-22 | Bit 9, Inc. | Content tracking in a network security system |
CN100345112C (zh) * | 2005-11-25 | 2007-10-24 | 中国科学院软件研究所 | 操作系统的构件化扩充方法 |
DE102006008248A1 (de) * | 2006-02-22 | 2007-08-23 | Giesecke & Devrient Gmbh | Betriebssystem für eine Chipkarte mit einem Multi-Tasking Kernel |
US7840795B2 (en) * | 2006-10-17 | 2010-11-23 | Zachary Nathaniel Joseph Peterson | Method and apparatus for limiting access to sensitive data |
WO2011091323A1 (en) | 2010-01-21 | 2011-07-28 | Qst Holdings, Llc | A method and apparatus for a general-purpose, multiple-core system for implementing stream-based computations |
US9830163B2 (en) * | 2012-06-08 | 2017-11-28 | Advanced Micro Devices, Inc. | Control flow in a heterogeneous computer system |
US8938796B2 (en) | 2012-09-20 | 2015-01-20 | Paul Case, SR. | Case secure computer architecture |
US9854841B2 (en) | 2012-10-08 | 2018-01-02 | Rai Strategic Holdings, Inc. | Electronic smoking article and associated method |
US9275248B1 (en) * | 2013-02-13 | 2016-03-01 | Amazon Technologies, Inc. | Updating processor microcode |
US9563457B2 (en) | 2013-11-18 | 2017-02-07 | Bitdefender IPR Management Ltd. | Enabling a secure environment through operating system switching |
US9117081B2 (en) | 2013-12-20 | 2015-08-25 | Bitdefender IPR Management Ltd. | Strongly isolated malware scanning using secure virtual containers |
US9652631B2 (en) * | 2014-05-05 | 2017-05-16 | Microsoft Technology Licensing, Llc | Secure transport of encrypted virtual machines with continuous owner access |
US9519787B2 (en) | 2014-11-14 | 2016-12-13 | Microsoft Technology Licensing, Llc | Secure creation of encrypted virtual machines from encrypted templates |
US10395039B2 (en) * | 2016-09-12 | 2019-08-27 | Dell Products, L.P. | Customer-owned trust of device firmware |
US11537421B1 (en) * | 2019-06-07 | 2022-12-27 | Amazon Technologies, Inc. | Virtual machine monitor providing secure cryptographic operations |
Family Cites Families (288)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US3699532A (en) * | 1970-04-21 | 1972-10-17 | Singer Co | Multiprogramming control for a data handling system |
US3996449A (en) | 1975-08-25 | 1976-12-07 | International Business Machines Corporation | Operating system authenticator |
US4162536A (en) | 1976-01-02 | 1979-07-24 | Gould Inc., Modicon Div. | Digital input/output system and method |
US4037214A (en) | 1976-04-30 | 1977-07-19 | International Business Machines Corporation | Key register controlled accessing system |
US4247905A (en) | 1977-08-26 | 1981-01-27 | Sharp Kabushiki Kaisha | Memory clear system |
US4278837A (en) | 1977-10-31 | 1981-07-14 | Best Robert M | Crypto microprocessor for executing enciphered programs |
US4276594A (en) | 1978-01-27 | 1981-06-30 | Gould Inc. Modicon Division | Digital computer with multi-processor capability utilizing intelligent composite memory and input/output modules and method for performing the same |
US4207609A (en) * | 1978-05-08 | 1980-06-10 | International Business Machines Corporation | Method and means for path independent device reservation and reconnection in a multi-CPU and shared device access system |
JPS5823570B2 (ja) * | 1978-11-30 | 1983-05-16 | 国産電機株式会社 | 液面検出装置 |
JPS5576447A (en) | 1978-12-01 | 1980-06-09 | Fujitsu Ltd | Address control system for software simulation |
US4307447A (en) | 1979-06-19 | 1981-12-22 | Gould Inc. | Programmable controller |
US4529870A (en) * | 1980-03-10 | 1985-07-16 | David Chaum | Cryptographic identification, financial transaction, and credential device |
US4319323A (en) | 1980-04-04 | 1982-03-09 | Digital Equipment Corporation | Communications device for data processing system |
US4419724A (en) * | 1980-04-14 | 1983-12-06 | Sperry Corporation | Main bus interface package |
US4366537A (en) | 1980-05-23 | 1982-12-28 | International Business Machines Corp. | Authorization mechanism for transfer of program control or data between different address spaces having different storage protect keys |
US4403283A (en) * | 1980-07-28 | 1983-09-06 | Ncr Corporation | Extended memory system and method |
DE3034581A1 (de) | 1980-09-13 | 1982-04-22 | Robert Bosch Gmbh, 7000 Stuttgart | Auslesesicherung bei einchip-mikroprozessoren |
JPS58140862A (ja) * | 1982-02-16 | 1983-08-20 | Toshiba Corp | 相互排他方式 |
US4521852A (en) | 1982-06-30 | 1985-06-04 | Texas Instruments Incorporated | Data processing device formed on a single semiconductor substrate having secure memory |
JPS59111561A (ja) | 1982-12-17 | 1984-06-27 | Hitachi Ltd | 複合プロセツサ・システムのアクセス制御方式 |
US4759064A (en) | 1985-10-07 | 1988-07-19 | Chaum David L | Blind unanticipated signature systems |
US4571972A (en) * | 1984-02-27 | 1986-02-25 | Kinefac Corp. | Skewed-axis cylindrical die rolling |
US4975836A (en) | 1984-12-19 | 1990-12-04 | Hitachi, Ltd. | Virtual computer system |
JPS61206057A (ja) | 1985-03-11 | 1986-09-12 | Hitachi Ltd | アドレス変換装置 |
FR2592510B1 (fr) * | 1985-12-31 | 1988-02-12 | Bull Cp8 | Procede et appareil pour certifier des services obtenus a l'aide d'un support portatif tel qu'une carte a memoire |
FR2601476B1 (fr) * | 1986-07-11 | 1988-10-21 | Bull Cp8 | Procede pour authentifier une donnee d'habilitation externe par un objet portatif tel qu'une carte a memoire |
FR2601525B1 (fr) | 1986-07-11 | 1988-10-21 | Bull Cp8 | Dispositif de securite interdisant le fonctionnement d'un ensemble electronique apres une premiere coupure de son alimentation electrique |
FR2601535B1 (fr) * | 1986-07-11 | 1988-10-21 | Bull Cp8 | Procede pour certifier l'authenticite d'une donnee echangee entre deux dispositifs connectes en local ou a distance par une ligne de transmission |
FR2618002B1 (fr) * | 1987-07-10 | 1991-07-05 | Schlumberger Ind Sa | Procede et systeme d'authentification de cartes a memoire electronique |
US4843541A (en) * | 1987-07-29 | 1989-06-27 | International Business Machines Corporation | Logical resource partitioning of a data processing system |
FR2620248B1 (fr) | 1987-09-07 | 1989-11-24 | France Etat | Procedes d'authentification d'accreditations ou de messages a apport nul de connaissance et de signature de messages |
US5007082A (en) | 1988-08-03 | 1991-04-09 | Kelly Services, Inc. | Computer software encryption apparatus |
US4974159A (en) * | 1988-09-13 | 1990-11-27 | Microsoft Corporation | Method of transferring control in a multitasking computer system |
US5079737A (en) | 1988-10-25 | 1992-01-07 | United Technologies Corporation | Memory management unit for the MIL-STD 1750 bus |
US5434999A (en) | 1988-11-09 | 1995-07-18 | Bull Cp8 | Safeguarded remote loading of service programs by authorizing loading in protected memory zones in a terminal |
FR2640798B1 (fr) | 1988-12-20 | 1993-01-08 | Bull Cp8 | Dispositif de traitement de donnees comportant une memoire non volatile electriquement effacable et reprogrammable |
JPH02171934A (ja) | 1988-12-26 | 1990-07-03 | Hitachi Ltd | 仮想計算機システム |
JPH02208740A (ja) | 1989-02-09 | 1990-08-20 | Fujitsu Ltd | 仮想計算機制御方式 |
US5781753A (en) | 1989-02-24 | 1998-07-14 | Advanced Micro Devices, Inc. | Semi-autonomous RISC pipelines for overlapped execution of RISC-like instructions within the multiple superscalar execution units of a processor having distributed pipeline control for speculative and out-of-order execution of complex instructions |
US5442645A (en) | 1989-06-06 | 1995-08-15 | Bull Cp8 | Method for checking the integrity of a program or data, and apparatus for implementing this method |
JP2590267B2 (ja) | 1989-06-30 | 1997-03-12 | 株式会社日立製作所 | 仮想計算機における表示制御方式 |
US5022077A (en) | 1989-08-25 | 1991-06-04 | International Business Machines Corp. | Apparatus and method for preventing unauthorized access to BIOS in a personal computer system |
JP2825550B2 (ja) | 1989-09-21 | 1998-11-18 | 株式会社日立製作所 | 多重仮想空間アドレス制御方法および計算機システム |
CA2010591C (en) | 1989-10-20 | 1999-01-26 | Phillip M. Adams | Kernels, description tables and device drivers |
CA2027799A1 (en) | 1989-11-03 | 1991-05-04 | David A. Miller | Method and apparatus for independently resetting processors and cache controllers in multiple processor systems |
US5075842A (en) | 1989-12-22 | 1991-12-24 | Intel Corporation | Disabling tag bit recognition and allowing privileged operations to occur in an object-oriented memory protection mechanism |
EP0473913A3 (en) | 1990-09-04 | 1992-12-16 | International Business Machines Corporation | Method and apparatus for providing a service pool of virtual machines for a plurality of vm users |
US5108590A (en) | 1990-09-12 | 1992-04-28 | Disanto Dennis | Water dispenser |
US5230069A (en) | 1990-10-02 | 1993-07-20 | International Business Machines Corporation | Apparatus and method for providing private and shared access to host address and data spaces by guest programs in a virtual machine computer system |
US5317705A (en) | 1990-10-24 | 1994-05-31 | International Business Machines Corporation | Apparatus and method for TLB purge reduction in a multi-level machine system |
US5287363A (en) * | 1991-07-01 | 1994-02-15 | Disk Technician Corporation | System for locating and anticipating data storage media failures |
US5437033A (en) | 1990-11-16 | 1995-07-25 | Hitachi, Ltd. | System for recovery from a virtual machine monitor failure with a continuous guest dispatched to a nonguest mode |
US5255379A (en) | 1990-12-28 | 1993-10-19 | Sun Microsystems, Inc. | Method for automatically transitioning from V86 mode to protected mode in a computer system using an Intel 80386 or 80486 processor |
US5453003A (en) * | 1991-01-09 | 1995-09-26 | Pfefferle; William C. | Catalytic method |
US5446904A (en) * | 1991-05-17 | 1995-08-29 | Zenith Data Systems Corporation | Suspend/resume capability for a protected mode microprocessor |
JPH04348434A (ja) | 1991-05-27 | 1992-12-03 | Hitachi Ltd | 仮想計算機システム |
US5319760A (en) | 1991-06-28 | 1994-06-07 | Digital Equipment Corporation | Translation buffer for virtual machines with address space match |
US5522075A (en) | 1991-06-28 | 1996-05-28 | Digital Equipment Corporation | Protection ring extension for computers having distinct virtual machine monitor and virtual machine address spaces |
US5276863A (en) * | 1991-06-28 | 1994-01-04 | Digital Equipment Corporation | Computer system console |
US5455909A (en) * | 1991-07-05 | 1995-10-03 | Chips And Technologies Inc. | Microprocessor with operation capture facility |
JPH06236284A (ja) | 1991-10-21 | 1994-08-23 | Intel Corp | コンピュータシステム処理状態を保存及び復元する方法及びコンピュータシステム |
WO1993009494A1 (en) * | 1991-10-28 | 1993-05-13 | Digital Equipment Corporation | Fault-tolerant computer processing using a shadow virtual processor |
US5627987A (en) | 1991-11-29 | 1997-05-06 | Kabushiki Kaisha Toshiba | Memory management and protection system for virtual memory in computer system |
US5574936A (en) | 1992-01-02 | 1996-11-12 | Amdahl Corporation | Access control mechanism controlling access to and logical purging of access register translation lookaside buffer (ALB) in a computer system |
US5486529A (en) * | 1992-04-16 | 1996-01-23 | Zeneca Limited | Certain pyridyl ketones for treating diseases involving leukocyte elastase |
US5421006A (en) | 1992-05-07 | 1995-05-30 | Compaq Computer Corp. | Method and apparatus for assessing integrity of computer system software |
US5237616A (en) * | 1992-09-21 | 1993-08-17 | International Business Machines Corporation | Secure computer system having privileged and unprivileged memories |
US5293424A (en) | 1992-10-14 | 1994-03-08 | Bull Hn Information Systems Inc. | Secure memory card |
US5796835A (en) | 1992-10-27 | 1998-08-18 | Bull Cp8 | Method and system for writing information in a data carrier making it possible to later certify the originality of this information |
JP2765411B2 (ja) | 1992-11-30 | 1998-06-18 | 株式会社日立製作所 | 仮想計算機方式 |
EP0600112A1 (de) | 1992-11-30 | 1994-06-08 | Siemens Nixdorf Informationssysteme Aktiengesellschaft | Datenverarbeitungsanlage mit virtueller Speicheradressierung und schlüsselgesteuertem Speicherzugriff |
US5668971A (en) * | 1992-12-01 | 1997-09-16 | Compaq Computer Corporation | Posted disk read operations performed by signalling a disk read complete to the system prior to completion of data transfer |
EP0602867A1 (en) | 1992-12-17 | 1994-06-22 | NCR International, Inc. | An apparatus for securing a system platform |
JPH06187178A (ja) | 1992-12-18 | 1994-07-08 | Hitachi Ltd | 仮想計算機システムの入出力割込み制御方法 |
FR2700430B1 (fr) | 1992-12-30 | 1995-02-10 | Jacques Stern | Procédé d'authentification d'au moins un dispositif d'identification par un dispositif de vérification et dispositif pour sa mise en Óoeuvre. |
US5483656A (en) * | 1993-01-14 | 1996-01-09 | Apple Computer, Inc. | System for managing power consumption of devices coupled to a common bus |
US5469557A (en) | 1993-03-05 | 1995-11-21 | Microchip Technology Incorporated | Code protection in microcontroller with EEPROM fuses |
FR2703800B1 (fr) | 1993-04-06 | 1995-05-24 | Bull Cp8 | Procédé de signature d'un fichier informatique, et dispositif pour la mise en Óoeuvre. |
US5628023A (en) * | 1993-04-19 | 1997-05-06 | International Business Machines Corporation | Virtual storage computer system having methods and apparatus for providing token-controlled access to protected pages of memory via a token-accessible view |
FR2704341B1 (fr) | 1993-04-22 | 1995-06-02 | Bull Cp8 | Dispositif de protection des clés d'une carte à puce. |
JPH06348867A (ja) | 1993-06-04 | 1994-12-22 | Hitachi Ltd | マイクロコンピュータ |
FR2706210B1 (fr) | 1993-06-08 | 1995-07-21 | Bull Cp8 | Procédé d'authentification d'un objet portatif par un terminal hors ligne, objet portatif et terminal correspondants. |
US5444850A (en) * | 1993-08-04 | 1995-08-22 | Trend Micro Devices Incorporated | Method and apparatus for controlling network and workstation access prior to workstation boot |
US5555385A (en) | 1993-10-27 | 1996-09-10 | International Business Machines Corporation | Allocation of address spaces within virtual machine compute system |
FR2714780B1 (fr) | 1993-12-30 | 1996-01-26 | Stern Jacques | Procédé d'authentification d'au moins un dispositif d'identification par un dispositif de vérification. |
US5825880A (en) * | 1994-01-13 | 1998-10-20 | Sudia; Frank W. | Multi-step digital signature method and system |
US5459869A (en) | 1994-02-17 | 1995-10-17 | Spilo; Michael L. | Method for providing protected mode services for device drivers and other resident software |
US5604805A (en) * | 1994-02-28 | 1997-02-18 | Brands; Stefanus A. | Privacy-protected transfer of electronic information |
FR2717286B1 (fr) * | 1994-03-09 | 1996-04-05 | Bull Cp8 | Procédé et dispositif pour authentifier un support de données destiné à permettre une transaction ou l'accès à un service ou à un lieu, et support correspondant. |
US5684881A (en) | 1994-05-23 | 1997-11-04 | Matsushita Electric Industrial Co., Ltd. | Sound field and sound image control apparatus and method |
US5539828A (en) | 1994-05-31 | 1996-07-23 | Intel Corporation | Apparatus and method for providing secured communications |
US5473692A (en) | 1994-09-07 | 1995-12-05 | Intel Corporation | Roving software license for a hardware agent |
US5533123A (en) | 1994-06-28 | 1996-07-02 | National Semiconductor Corporation | Programmable distributed personal security |
FR2752122B1 (fr) | 1994-07-28 | 1998-11-27 | France Telecom | Procede d'authentification a nombre reduit de bits transmis |
US5978481A (en) | 1994-08-16 | 1999-11-02 | Intel Corporation | Modem compatible method and apparatus for encrypting data that is transparent to software applications |
JPH0883211A (ja) * | 1994-09-12 | 1996-03-26 | Mitsubishi Electric Corp | データ処理装置 |
EP0706275B1 (en) | 1994-09-15 | 2006-01-25 | International Business Machines Corporation | System and method for secure storage and distribution of data using digital signatures |
US6058478A (en) * | 1994-09-30 | 2000-05-02 | Intel Corporation | Apparatus and method for a vetted field upgrade |
FR2725537B1 (fr) | 1994-10-11 | 1996-11-22 | Bull Cp8 | Procede de chargement d'une zone memoire protegee d'un dispositif de traitement de l'information et dispositif associe |
US5903752A (en) * | 1994-10-13 | 1999-05-11 | Intel Corporation | Method and apparatus for embedding a real-time multi-tasking kernel in a non-real-time operating system |
US5606617A (en) | 1994-10-14 | 1997-02-25 | Brands; Stefanus A. | Secret-key certificates |
US5564040A (en) | 1994-11-08 | 1996-10-08 | International Business Machines Corporation | Method and apparatus for providing a server function in a logically partitioned hardware machine |
US6269392B1 (en) | 1994-11-15 | 2001-07-31 | Christian Cotichini | Method and apparatus to monitor and locate an electronic device using a secured intelligent agent |
US5560013A (en) * | 1994-12-06 | 1996-09-24 | International Business Machines Corporation | Method of using a target processor to execute programs of a source architecture that uses multiple address spaces |
US5555414A (en) | 1994-12-14 | 1996-09-10 | International Business Machines Corporation | Multiprocessing system including gating of host I/O and external enablement to guest enablement at polling intervals |
US5615263A (en) | 1995-01-06 | 1997-03-25 | Vlsi Technology, Inc. | Dual purpose security architecture with protected internal operating system |
US5764969A (en) | 1995-02-10 | 1998-06-09 | International Business Machines Corporation | Method and system for enhanced management operation utilizing intermixed user level and supervisory level instructions with partial concept synchronization |
FR2731536B1 (fr) * | 1995-03-10 | 1997-04-18 | Schlumberger Ind Sa | Procede d'inscription securisee d'informations dans un support portable |
US5717903A (en) | 1995-05-15 | 1998-02-10 | Compaq Computer Corporation | Method and appartus for emulating a peripheral device to allow device driver development before availability of the peripheral device |
KR0146438B1 (ko) | 1995-05-17 | 1998-09-15 | 조백제 | 인증교환 방법과 복원형 전자서명 방법 및 부가형 전자서명 방법 |
JP3451595B2 (ja) | 1995-06-07 | 2003-09-29 | インターナショナル・ビジネス・マシーンズ・コーポレーション | 二つの別個の命令セット・アーキテクチャへの拡張をサポートすることができるアーキテクチャ・モード制御を備えたマイクロプロセッサ |
US5684948A (en) * | 1995-09-01 | 1997-11-04 | National Semiconductor Corporation | Memory management circuit which provides simulated privilege levels |
US5633929A (en) * | 1995-09-15 | 1997-05-27 | Rsa Data Security, Inc | Cryptographic key escrow system having reduced vulnerability to harvesting attacks |
US6093213A (en) * | 1995-10-06 | 2000-07-25 | Advanced Micro Devices, Inc. | Flexible implementation of a system management mode (SMM) in a processor |
US5737760A (en) | 1995-10-06 | 1998-04-07 | Motorola Inc. | Microcontroller with security logic circuit which prevents reading of internal memory by external program |
JP3693721B2 (ja) | 1995-11-10 | 2005-09-07 | Necエレクトロニクス株式会社 | フラッシュメモリ内蔵マイクロコンピュータ及びそのテスト方法 |
IL116708A (en) | 1996-01-08 | 2000-12-06 | Smart Link Ltd | Real-time task manager for a personal computer |
AU1690597A (en) | 1996-01-11 | 1997-08-01 | Mitre Corporation, The | System for controlling access and distribution of digital property |
US5657445A (en) | 1996-01-26 | 1997-08-12 | Dell Usa, L.P. | Apparatus and method for limiting access to mass storage devices in a computer system |
US5835594A (en) | 1996-02-09 | 1998-11-10 | Intel Corporation | Methods and apparatus for preventing unauthorized write access to a protected non-volatile storage |
US5815665A (en) * | 1996-04-03 | 1998-09-29 | Microsoft Corporation | System and method for providing trusted brokering services over a distributed network |
US5978484A (en) | 1996-04-25 | 1999-11-02 | Microsoft Corporation | System and method for safety distributing executable objects |
US5978892A (en) | 1996-05-03 | 1999-11-02 | Digital Equipment Corporation | Virtual memory allocation in a virtual address space having an inaccessible gap |
US5809546A (en) * | 1996-05-23 | 1998-09-15 | International Business Machines Corporation | Method for managing I/O buffers in shared storage by structuring buffer table having entries including storage keys for controlling accesses to the buffers |
US6175925B1 (en) * | 1996-06-13 | 2001-01-16 | Intel Corporation | Tamper resistant player for scrambled contents |
US6205550B1 (en) * | 1996-06-13 | 2001-03-20 | Intel Corporation | Tamper resistant methods and apparatus |
US6178509B1 (en) * | 1996-06-13 | 2001-01-23 | Intel Corporation | Tamper resistant methods and apparatus |
US5729760A (en) | 1996-06-21 | 1998-03-17 | Intel Corporation | System for providing first type access to register if processor in first mode and second type access to register if processor not in first mode |
US5944821A (en) * | 1996-07-11 | 1999-08-31 | Compaq Computer Corporation | Secure software registration and integrity assessment in a computer system |
US6199152B1 (en) * | 1996-08-22 | 2001-03-06 | Transmeta Corporation | Translated memory protection apparatus for an advanced microprocessor |
US5740178A (en) * | 1996-08-29 | 1998-04-14 | Lucent Technologies Inc. | Software for controlling a reliable backup memory |
US6055637A (en) * | 1996-09-27 | 2000-04-25 | Electronic Data Systems Corporation | System and method for accessing enterprise-wide resources by presenting to the resource a temporary credential |
US5937063A (en) | 1996-09-30 | 1999-08-10 | Intel Corporation | Secure boot |
US5844986A (en) | 1996-09-30 | 1998-12-01 | Intel Corporation | Secure BIOS |
US5935242A (en) * | 1996-10-28 | 1999-08-10 | Sun Microsystems, Inc. | Method and apparatus for initializing a device |
JPH10134008A (ja) * | 1996-11-05 | 1998-05-22 | Mitsubishi Electric Corp | 半導体装置およびコンピュータシステム |
US5852717A (en) * | 1996-11-20 | 1998-12-22 | Shiva Corporation | Performance optimizations for computer networks utilizing HTTP |
DE19649292A1 (de) * | 1996-11-28 | 1998-06-04 | Deutsche Telekom Ag | Verfahren zum Sichern eines durch eine Schlüsselhierarchie geschützten Systems |
US5901225A (en) | 1996-12-05 | 1999-05-04 | Advanced Micro Devices, Inc. | System and method for performing software patches in embedded systems |
US5757919A (en) | 1996-12-12 | 1998-05-26 | Intel Corporation | Cryptographically protected paging subsystem |
US5818939A (en) | 1996-12-18 | 1998-10-06 | Intel Corporation | Optimized security functionality in an electronic system |
GB9626241D0 (en) * | 1996-12-18 | 1997-02-05 | Ncr Int Inc | Secure data processing method and system |
US5953422A (en) * | 1996-12-31 | 1999-09-14 | Compaq Computer Corporation | Secure two-piece user authentication in a computer network |
US6412035B1 (en) | 1997-02-03 | 2002-06-25 | Real Time, Inc. | Apparatus and method for decreasing the response times of interrupt service routines |
WO1998036517A1 (en) | 1997-02-13 | 1998-08-20 | Jpc, Inc. | Security coprocessor for enhancing computer system security |
US5953502A (en) * | 1997-02-13 | 1999-09-14 | Helbig, Sr.; Walter A | Method and apparatus for enhancing computer system security |
JP4000654B2 (ja) | 1997-02-27 | 2007-10-31 | セイコーエプソン株式会社 | 半導体装置及び電子機器 |
US5867658A (en) * | 1997-04-04 | 1999-02-02 | International Business Machines Corporation | Method and apparatus for implementing a stop state for a processor in a multiprocessor system |
US6272637B1 (en) | 1997-04-14 | 2001-08-07 | Dallas Semiconductor Corporation | Systems and methods for protecting access to encrypted information |
US6557104B2 (en) * | 1997-05-02 | 2003-04-29 | Phoenix Technologies Ltd. | Method and apparatus for secure processing of cryptographic keys |
FR2763452B1 (fr) | 1997-05-13 | 1999-06-18 | France Telecom | Procede d'identification a cle publique |
US6044478A (en) * | 1997-05-30 | 2000-03-28 | National Semiconductor Corporation | Cache with finely granular locked-down regions |
US6307214B1 (en) | 1997-06-06 | 2001-10-23 | Semiconductor Energy Laboratory Co., Ltd. | Semiconductor thin film and semiconductor device |
US6075938A (en) | 1997-06-10 | 2000-06-13 | The Board Of Trustees Of The Leland Stanford Junior University | Virtual machine monitors for scalable multiprocessors |
US5987557A (en) | 1997-06-19 | 1999-11-16 | Sun Microsystems, Inc. | Method and apparatus for implementing hardware protection domains in a system with no memory management unit (MMU) |
US6175924B1 (en) * | 1997-06-20 | 2001-01-16 | International Business Machines Corp. | Method and apparatus for protecting application data in secure storage areas |
US6035374A (en) * | 1997-06-25 | 2000-03-07 | Sun Microsystems, Inc. | Method of executing coded instructions in a multiprocessor having shared execution resources including active, nap, and sleep states in accordance with cache miss latency |
US6584565B1 (en) | 1997-07-15 | 2003-06-24 | Hewlett-Packard Development Company, L.P. | Method and apparatus for long term verification of digital signatures |
US6014745A (en) * | 1997-07-17 | 2000-01-11 | Silicon Systems Design Ltd. | Protection for customer programs (EPROM) |
US5978475A (en) | 1997-07-18 | 1999-11-02 | Counterpane Internet Security, Inc. | Event auditing system |
US6212635B1 (en) * | 1997-07-18 | 2001-04-03 | David C. Reardon | Network security system allowing access and modification to a security subsystem after initial installation when a master token is in place |
US5919257A (en) * | 1997-08-08 | 1999-07-06 | Novell, Inc. | Networked workstation intrusion detection system |
DE19735948C1 (de) * | 1997-08-19 | 1998-10-01 | Siemens Nixdorf Inf Syst | Verfahren zur Verbesserung der Steuerungsmöglichkeit in Datenverarbeitungsanlagen mit Adreßübersetzung |
US6282657B1 (en) | 1997-09-16 | 2001-08-28 | Safenet, Inc. | Kernel mode protection |
US5935247A (en) * | 1997-09-18 | 1999-08-10 | Geneticware Co., Ltd. | Computer system having a genetic code that cannot be directly accessed and a method of maintaining the same |
US6148379A (en) | 1997-09-19 | 2000-11-14 | Silicon Graphics, Inc. | System, method and computer program product for page sharing between fault-isolated cells in a distributed shared memory system |
US6182089B1 (en) * | 1997-09-23 | 2001-01-30 | Silicon Graphics, Inc. | Method, system and computer program product for dynamically allocating large memory pages of different sizes |
US6061794A (en) * | 1997-09-30 | 2000-05-09 | Compaq Computer Corp. | System and method for performing secure device communications in a peer-to-peer bus architecture |
US6357004B1 (en) * | 1997-09-30 | 2002-03-12 | Intel Corporation | System and method for ensuring integrity throughout post-processing |
US5970147A (en) | 1997-09-30 | 1999-10-19 | Intel Corporation | System and method for configuring and registering a cryptographic device |
US6085296A (en) | 1997-11-12 | 2000-07-04 | Digital Equipment Corporation | Sharing memory pages and page tables among computer processes |
US6219787B1 (en) | 1997-12-22 | 2001-04-17 | Texas Instruments Incorporated | Method and apparatus for extending security model to native code |
US6378072B1 (en) * | 1998-02-03 | 2002-04-23 | Compaq Computer Corporation | Cryptographic system |
US6308270B1 (en) | 1998-02-13 | 2001-10-23 | Schlumberger Technologies, Inc. | Validating and certifying execution of a software program with a smart card |
US6108644A (en) * | 1998-02-19 | 2000-08-22 | At&T Corp. | System and method for electronic transactions |
US6131166A (en) * | 1998-03-13 | 2000-10-10 | Sun Microsystems, Inc. | System and method for cross-platform application level power management |
US6192455B1 (en) * | 1998-03-30 | 2001-02-20 | Intel Corporation | Apparatus and method for preventing access to SMRAM space through AGP addressing |
US6374286B1 (en) * | 1998-04-06 | 2002-04-16 | Rockwell Collins, Inc. | Real time processor capable of concurrently running multiple independent JAVA machines |
US6298443B1 (en) | 1998-04-24 | 2001-10-02 | Dell Usa, L.P. | Method and system for supplying a custom software image to a computer system |
US6173417B1 (en) * | 1998-04-30 | 2001-01-09 | Intel Corporation | Initializing and restarting operating systems |
US6496847B1 (en) * | 1998-05-15 | 2002-12-17 | Vmware, Inc. | System and method for virtualizing computer systems |
US6795966B1 (en) * | 1998-05-15 | 2004-09-21 | Vmware, Inc. | Mechanism for restoring, porting, replicating and checkpointing computer systems using state extraction |
US6397242B1 (en) | 1998-05-15 | 2002-05-28 | Vmware, Inc. | Virtualization system including a virtual machine monitor for a computer with a segmented architecture |
FR2778998B1 (fr) | 1998-05-20 | 2000-06-30 | Schlumberger Ind Sa | Procede d'authentification d'un code personnel d'un utilisateur d'une carte a circuit integre |
DE69942712D1 (de) | 1998-05-29 | 2010-10-14 | Texas Instruments Inc | Sichere Rechnervorrichtung |
US6421702B1 (en) | 1998-06-09 | 2002-07-16 | Advanced Micro Devices, Inc. | Interrupt driven isochronous task scheduler system |
US6473800B1 (en) * | 1998-07-15 | 2002-10-29 | Microsoft Corporation | Declarative permission requests in a computer system |
US6505279B1 (en) * | 1998-08-14 | 2003-01-07 | Silicon Storage Technology, Inc. | Microcontroller system having security circuitry to selectively lock portions of a program memory address space |
US6339815B1 (en) * | 1998-08-14 | 2002-01-15 | Silicon Storage Technology, Inc. | Microcontroller system having allocation circuitry to selectively allocate and/or hide portions of a program memory address space |
US6735696B1 (en) * | 1998-08-14 | 2004-05-11 | Intel Corporation | Digital content protection using a secure booting method and apparatus |
JP2000076139A (ja) | 1998-08-28 | 2000-03-14 | Nippon Telegr & Teleph Corp <Ntt> | 携帯型情報記憶媒体 |
US20020004900A1 (en) * | 1998-09-04 | 2002-01-10 | Baiju V. Patel | Method for secure anonymous communication |
US6363485B1 (en) * | 1998-09-09 | 2002-03-26 | Entrust Technologies Limited | Multi-factor biometric authenticating device and method |
US6463535B1 (en) | 1998-10-05 | 2002-10-08 | Intel Corporation | System and method for verifying the integrity and authorization of software before execution in a local platform |
US6230248B1 (en) | 1998-10-12 | 2001-05-08 | Institute For The Development Of Emerging Architectures, L.L.C. | Method and apparatus for pre-validating regions in a virtual addressing scheme |
US7194092B1 (en) * | 1998-10-26 | 2007-03-20 | Microsoft Corporation | Key-based secure storage |
US6330670B1 (en) * | 1998-10-26 | 2001-12-11 | Microsoft Corporation | Digital rights management operating system |
US6609199B1 (en) * | 1998-10-26 | 2003-08-19 | Microsoft Corporation | Method and apparatus for authenticating an open system application to a portable IC device |
US6327652B1 (en) * | 1998-10-26 | 2001-12-04 | Microsoft Corporation | Loading and identifying a digital rights management operating system |
US6138239A (en) * | 1998-11-13 | 2000-10-24 | N★Able Technologies, Inc. | Method and system for authenticating and utilizing secure resources in a computer system |
US6445797B1 (en) | 1998-12-16 | 2002-09-03 | Secure Choice Llc | Method and system for performing secure electronic digital streaming |
US6473508B1 (en) * | 1998-12-22 | 2002-10-29 | Adam Lucas Young | Auto-recoverable auto-certifiable cryptosystems with unescrowed signature-only keys |
US6463537B1 (en) | 1999-01-04 | 2002-10-08 | Codex Technologies, Inc. | Modified computer motherboard security and identification system |
US6671808B1 (en) | 1999-01-15 | 2003-12-30 | Rainbow Technologies, Inc. | USB-compliant personal key |
US6282650B1 (en) | 1999-01-25 | 2001-08-28 | Intel Corporation | Secure public digital watermark |
US7111290B1 (en) * | 1999-01-28 | 2006-09-19 | Ati International Srl | Profiling program execution to identify frequently-executed portions and to assist binary translation |
US6560627B1 (en) * | 1999-01-28 | 2003-05-06 | Cisco Technology, Inc. | Mutual exclusion at the record level with priority inheritance for embedded systems using one semaphore |
US6188257B1 (en) * | 1999-02-01 | 2001-02-13 | Vlsi Technology, Inc. | Power-on-reset logic with secure power down capability |
EP1030237A1 (en) | 1999-02-15 | 2000-08-23 | Hewlett-Packard Company | Trusted hardware device in a computer |
US6988250B1 (en) * | 1999-02-15 | 2006-01-17 | Hewlett-Packard Development Company, L.P. | Trusted computing platform using a trusted device assembly |
US6272533B1 (en) | 1999-02-16 | 2001-08-07 | Hendrik A. Browne | Secure computer system and method of providing secure access to a computer system including a stand alone switch operable to inhibit data corruption on a storage device |
US7225333B2 (en) * | 1999-03-27 | 2007-05-29 | Microsoft Corporation | Secure processor architecture for use with a digital rights management (DRM) system on a computing device |
US6615278B1 (en) * | 1999-03-29 | 2003-09-02 | International Business Machines Corporation | Cross-platform program, system, and method having a global registry object for mapping registry equivalent functions in an OS/2 operating system environment |
US6684326B1 (en) * | 1999-03-31 | 2004-01-27 | International Business Machines Corporation | Method and system for authenticated boot operations in a computer system of a networked computing environment |
US6651171B1 (en) * | 1999-04-06 | 2003-11-18 | Microsoft Corporation | Secure execution of program code |
US6389537B1 (en) * | 1999-04-23 | 2002-05-14 | Intel Corporation | Platform and method for assuring integrity of trusted agent communications |
US6275933B1 (en) | 1999-04-30 | 2001-08-14 | 3Com Corporation | Security system for a computerized apparatus |
EP1055989A1 (en) | 1999-05-28 | 2000-11-29 | Hewlett-Packard Company | System for digitally signing a document |
EP1056014A1 (en) | 1999-05-28 | 2000-11-29 | Hewlett-Packard Company | System for providing a trustworthy user interface |
US6321314B1 (en) | 1999-06-09 | 2001-11-20 | Ati International S.R.L. | Method and apparatus for restricting memory access |
US6633981B1 (en) | 1999-06-18 | 2003-10-14 | Intel Corporation | Electronic system and method for controlling access through user authentication |
US6158546A (en) | 1999-06-25 | 2000-12-12 | Tenneco Automotive Inc. | Straight through muffler with conically-ended output passage |
US6301646B1 (en) | 1999-07-30 | 2001-10-09 | Curl Corporation | Pointer verification system and method |
US6529909B1 (en) * | 1999-08-31 | 2003-03-04 | Accenture Llp | Method for translating an object attribute converter in an information services patterns environment |
JP2001148344A (ja) | 1999-09-09 | 2001-05-29 | Nikon Corp | 露光装置、エネルギ源の出力制御方法、該方法を用いるレーザ装置、及びデバイス製造方法 |
EP1085396A1 (en) | 1999-09-17 | 2001-03-21 | Hewlett-Packard Company | Operation of trusted state in computing platform |
US6535988B1 (en) * | 1999-09-29 | 2003-03-18 | Intel Corporation | System for detecting over-clocking uses a reference signal thereafter preventing over-clocking by reducing clock rate |
US6374317B1 (en) * | 1999-10-07 | 2002-04-16 | Intel Corporation | Method and apparatus for initializing a computer interface |
US6292874B1 (en) | 1999-10-19 | 2001-09-18 | Advanced Technology Materials, Inc. | Memory management method and apparatus for partitioning homogeneous memory and restricting access of installed applications to predetermined memory ranges |
EP1269425A2 (en) | 2000-02-25 | 2003-01-02 | Identix Incorporated | Secure transaction system |
AU2001243365A1 (en) | 2000-03-02 | 2001-09-12 | Alarity Corporation | System and method for process protection |
JP3710671B2 (ja) * | 2000-03-14 | 2005-10-26 | シャープ株式会社 | 1チップマイクロコンピュータ及びそれを用いたicカード、並びに1チップマイクロコンピュータのアクセス制御方法 |
CA2341931C (en) | 2000-03-24 | 2006-05-30 | Contentguard Holdings, Inc. | System and method for protection of digital works |
US6990579B1 (en) * | 2000-03-31 | 2006-01-24 | Intel Corporation | Platform and method for remote attestation of a platform |
US6678825B1 (en) * | 2000-03-31 | 2004-01-13 | Intel Corporation | Controlling access to multiple isolated memories in an isolated execution environment |
US7013481B1 (en) * | 2000-03-31 | 2006-03-14 | Intel Corporation | Attestation key memory device and bus |
US6633963B1 (en) | 2000-03-31 | 2003-10-14 | Intel Corporation | Controlling access to multiple memory zones in an isolated execution environment |
US6996710B1 (en) * | 2000-03-31 | 2006-02-07 | Intel Corporation | Platform and method for issuing and certifying a hardware-protected attestation key |
US6507904B1 (en) * | 2000-03-31 | 2003-01-14 | Intel Corporation | Executing isolated mode instructions in a secure system running in privilege rings |
US20010056533A1 (en) | 2000-06-23 | 2001-12-27 | Peter Yianilos | Secure and open computer platform |
US6678833B1 (en) * | 2000-06-30 | 2004-01-13 | Intel Corporation | Protection of boot block data and accurate reporting of boot block contents |
US6889378B2 (en) * | 2000-07-24 | 2005-05-03 | Sony Corporation | Information processing method, inter-task communication method, and computer-executable program for the same |
US6594736B1 (en) * | 2000-08-15 | 2003-07-15 | Src Computers, Inc. | System and method for semaphore and atomic operation management in a multiprocessor |
GB0020441D0 (en) | 2000-08-18 | 2000-10-04 | Hewlett Packard Co | Performance of a service on a computing platform |
GB0020416D0 (en) * | 2000-08-18 | 2000-10-04 | Hewlett Packard Co | Trusted system |
KR100613201B1 (ko) * | 2000-08-28 | 2006-08-18 | 마이크로코넥트 엘엘씨 | 씨피유 사용량 측정 방법 |
AU2001293563A1 (en) * | 2000-09-21 | 2002-04-02 | Research In Motion Limited | Code signing system and method |
US6938164B1 (en) | 2000-11-22 | 2005-08-30 | Microsoft Corporation | Method and system for allowing code to be securely initialized in a computer |
US7036023B2 (en) * | 2001-01-19 | 2006-04-25 | Microsoft Corporation | Systems and methods for detecting tampering of a computer system by calculating a boot signature |
DE10296460T5 (de) * | 2001-03-27 | 2004-04-22 | Danfoss A/S | Motoraktuator mit Momentregelung |
US7272831B2 (en) * | 2001-03-30 | 2007-09-18 | Intel Corporation | Method and apparatus for constructing host processor soft devices independent of the host processor operating system |
FR2822971A1 (fr) * | 2001-04-03 | 2002-10-04 | St Microelectronics Sa | Systeme et procede de controle d'acces a des donnees protegees stockees dans une memoire |
US7631160B2 (en) * | 2001-04-04 | 2009-12-08 | Advanced Micro Devices, Inc. | Method and apparatus for securing portions of memory |
US6976136B2 (en) * | 2001-05-07 | 2005-12-13 | National Semiconductor Corporation | Flash memory protection scheme for secured shared BIOS implementation in personal computers with an embedded controller |
US7676430B2 (en) * | 2001-05-09 | 2010-03-09 | Lenovo (Singapore) Ptd. Ltd. | System and method for installing a remote credit card authorization on a system with a TCPA complaint chipset |
EP1271277A3 (en) | 2001-06-26 | 2003-02-05 | Redstrike B.V. | Security system and software to prevent unauthorized use of a computing device |
US20030002668A1 (en) * | 2001-06-30 | 2003-01-02 | Gary Graunke | Multi-level, multi-dimensional content protections |
US20030018892A1 (en) * | 2001-07-19 | 2003-01-23 | Jose Tello | Computer with a modified north bridge, security engine and smart card having a secure boot capability and method for secure booting a computer |
US7191440B2 (en) * | 2001-08-15 | 2007-03-13 | Intel Corporation | Tracking operating system process and thread execution and virtual machine execution in hardware or in a virtual machine monitor |
US7484105B2 (en) * | 2001-08-16 | 2009-01-27 | Lenovo (Singapore) Ptd. Ltd. | Flash update using a trusted platform module |
FR2830147B1 (fr) | 2001-09-24 | 2003-10-31 | Gemplus Card Int | Procede et dispositif de la verification de la detention d'une donnee confidentielle sans communication de celle-ci, selon un processus dit de "a divulgation nulle" |
US7103529B2 (en) * | 2001-09-27 | 2006-09-05 | Intel Corporation | Method for providing system integrity and legacy environment emulation |
US7191464B2 (en) * | 2001-10-16 | 2007-03-13 | Lenovo Pte. Ltd. | Method and system for tracking a secure boot in a trusted computing environment |
JP4019266B2 (ja) * | 2001-10-25 | 2007-12-12 | 日本電気株式会社 | データ送信方法 |
DE10158531B4 (de) * | 2001-11-29 | 2006-09-28 | Universitätsklinikum Freiburg | Verfahren zur Messung der Magnetresonanz (NMR) mittels Spin-Echos |
US7103771B2 (en) * | 2001-12-17 | 2006-09-05 | Intel Corporation | Connecting a virtual token to a physical token |
US20030126453A1 (en) * | 2001-12-31 | 2003-07-03 | Glew Andrew F. | Processor supporting execution of an authenticated code instruction |
US7308576B2 (en) * | 2001-12-31 | 2007-12-11 | Intel Corporation | Authenticated code module |
US7107460B2 (en) * | 2002-02-15 | 2006-09-12 | International Business Machines Corporation | Method and system for securing enablement access to a data security device |
US7631196B2 (en) | 2002-02-25 | 2009-12-08 | Intel Corporation | Method and apparatus for loading a trustable operating system |
US7130999B2 (en) * | 2002-03-27 | 2006-10-31 | Intel Corporation | Using authentication certificates for authorization |
US7343493B2 (en) | 2002-03-28 | 2008-03-11 | Lenovo (Singapore) Pte. Ltd. | Encrypted file system using TCPA |
US7028149B2 (en) * | 2002-03-29 | 2006-04-11 | Intel Corporation | System and method for resetting a platform configuration register |
US20030226040A1 (en) * | 2002-06-03 | 2003-12-04 | International Business Machines Corporation | Controlling access to data stored on a storage device of a trusted computing platform system |
US20030231328A1 (en) * | 2002-06-07 | 2003-12-18 | Xerox Corporation | Multiple printer driver |
US6879574B2 (en) | 2002-06-24 | 2005-04-12 | Nokia Corporation | Mobile mesh Ad-Hoc networking |
US6996748B2 (en) | 2002-06-29 | 2006-02-07 | Intel Corporation | Handling faults associated with operation of guest software in the virtual-machine architecture |
US7165181B2 (en) * | 2002-11-27 | 2007-01-16 | Intel Corporation | System and method for establishing trust without revealing identity |
US7318141B2 (en) | 2002-12-17 | 2008-01-08 | Intel Corporation | Methods and systems to control virtual machines |
US7962545B2 (en) * | 2002-12-27 | 2011-06-14 | Intel Corporation | Dynamic service registry for virtual machines |
US20040128345A1 (en) * | 2002-12-27 | 2004-07-01 | Robinson Scott H. | Dynamic service registry |
US7624272B2 (en) * | 2003-03-31 | 2009-11-24 | Intel Corporation | Platform information for digital signatures |
US20050021968A1 (en) * | 2003-06-25 | 2005-01-27 | Zimmer Vincent J. | Method for performing a trusted firmware/bios update |
US7366305B2 (en) * | 2003-09-30 | 2008-04-29 | Intel Corporation | Platform and method for establishing trust without revealing identity |
US7299354B2 (en) * | 2003-09-30 | 2007-11-20 | Intel Corporation | Method to authenticate clients and hosts to provide secure network boot |
US7797544B2 (en) * | 2003-12-11 | 2010-09-14 | Microsoft Corporation | Attesting to establish trust between computer entities |
US20050137889A1 (en) * | 2003-12-18 | 2005-06-23 | Wheeler David M. | Remotely binding data to a user device |
EP1737108A1 (en) * | 2005-06-20 | 2006-12-27 | Yi-Yin Lin | Bicycle generator with a plurality of wound poles |
-
2002
- 2002-02-25 US US10/085,839 patent/US7631196B2/en active Active
-
2003
- 2003-02-13 WO PCT/US2003/004612 patent/WO2003073269A2/en not_active Application Discontinuation
- 2003-02-13 DE DE10394383.8A patent/DE10394383B4/de not_active Expired - Lifetime
- 2003-02-13 GB GB0419314A patent/GB2402521B/en not_active Expired - Lifetime
- 2003-02-13 DE DE10397004.5A patent/DE10397004B4/de not_active Expired - Lifetime
- 2003-02-13 DE DE10392320T patent/DE10392320B4/de not_active Expired - Lifetime
- 2003-02-13 CN CNB03804546XA patent/CN100423013C/zh not_active Expired - Lifetime
- 2003-02-13 DE DE10397004.5T patent/DE10397004A5/de active Granted
- 2003-02-13 AU AU2003213080A patent/AU2003213080A1/en not_active Abandoned
-
2004
- 2004-12-14 HK HK04109921A patent/HK1068178A1/xx not_active IP Right Cessation
-
2009
- 2009-11-10 US US12/615,475 patent/US8386788B2/en not_active Expired - Lifetime
- 2009-11-10 US US12/615,519 patent/US8407476B2/en not_active Expired - Lifetime
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103119601A (zh) * | 2010-08-18 | 2013-05-22 | 英特尔公司 | 用于在独立于操作系统(os)的防病毒(av)扫描器上执行强制性安全策略的方法和装置 |
CN103119601B (zh) * | 2010-08-18 | 2016-01-27 | 英特尔公司 | 用于在独立于操作系统(os)的防病毒(av)扫描器上执行强制性安全策略的方法和装置 |
CN108595981A (zh) * | 2018-05-09 | 2018-09-28 | 深圳市桑格尔科技股份有限公司 | 加密安卓系统的方法 |
CN108595981B (zh) * | 2018-05-09 | 2021-07-20 | 深圳市桑格尔科技股份有限公司 | 加密安卓系统的方法 |
Also Published As
Publication number | Publication date |
---|---|
GB2402521B (en) | 2005-10-12 |
US20030163723A1 (en) | 2003-08-28 |
WO2003073269A3 (en) | 2004-09-23 |
GB2402521A (en) | 2004-12-08 |
US8386788B2 (en) | 2013-02-26 |
HK1068178A1 (en) | 2005-04-22 |
GB0419314D0 (en) | 2004-09-29 |
DE10397004B4 (de) | 2024-01-11 |
DE10394383B4 (de) | 2014-01-16 |
CN100423013C (zh) | 2008-10-01 |
AU2003213080A1 (en) | 2003-09-09 |
AU2003213080A8 (en) | 2003-09-09 |
DE10392320B4 (de) | 2011-02-24 |
DE10392320T5 (de) | 2005-02-17 |
US8407476B2 (en) | 2013-03-26 |
US7631196B2 (en) | 2009-12-08 |
US20100058075A1 (en) | 2010-03-04 |
WO2003073269A2 (en) | 2003-09-04 |
US20100058076A1 (en) | 2010-03-04 |
DE10397004A5 (de) | 2014-01-30 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN100423013C (zh) | 加载可信操作系统的方法和装置 | |
US8516589B2 (en) | Apparatus and method for preventing virus code execution | |
US10460099B2 (en) | System and method of detecting malicious code in files | |
Williams et al. | Device Driver Safety Through a Reference Validation Mechanism. | |
RU2263343C2 (ru) | Механизм для управления внешними прерываниями в системе виртуальных машин | |
KR102255767B1 (ko) | 가상 머신 감사를 위한 시스템 및 방법들 | |
US7873794B2 (en) | Mechanism that provides efficient multi-word load atomicity | |
US9129106B2 (en) | Systems and methods for secure in-VM monitoring | |
KR101835250B1 (ko) | 트랜잭셔널 메모리를 사용한 비인가 메모리 수정 및 액세스의 검출 | |
EP1761850B1 (en) | Support for nested faults in a virtual machine environment | |
US7581089B1 (en) | Method of protecting a computer stack | |
KR101955189B1 (ko) | 스왑 아웃된 메모리 페이지의 가상 머신 가상화된 메모리로의 맵핑을 위한 가상 머신에서의 페이지 오류 삽입 | |
US6886094B1 (en) | Apparatus and method for detecting and handling exceptions | |
US7555592B1 (en) | Kernel acceleration technology for virtual machine optimization | |
WO2015072689A1 (ko) | 안티디버깅 방법 | |
TW201941049A (zh) | 用於轉換詮釋資料處理的指令的系統和方法 | |
US8875114B2 (en) | Employing identifiers provided by an operating system of a processing environment to optimize the processing environment | |
WO2012148080A2 (ko) | Dll 인젝션 기능을 구비한 컴퓨팅 장치 및 dll 인젝션 방법 | |
US5371857A (en) | Input/output interruption control system for a virtual machine | |
US20050114578A1 (en) | Secure software SMI dispatching using caller address | |
JPS60171552A (ja) | アドレス変換処理方法 | |
US8903776B2 (en) | Caching socket connections while ensuring that there are file descriptors available for the applications | |
US6779188B1 (en) | Apparatus and method for improved devirtualization of method calls | |
CN111931191A (zh) | Linux平台二进制软件堆溢漏洞动态检测方法及系统 | |
US11500982B2 (en) | Systems and methods for reliably injecting control flow integrity into binaries by tokenizing return addresses |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CX01 | Expiry of patent term |
Granted publication date: 20081001 |
|
CX01 | Expiry of patent term |