MXPA04010157A - Provision de entrada y salida seguras a un agente confiable en un sistema con un ambiente de ejecucion de alta seguridad. - Google Patents
Provision de entrada y salida seguras a un agente confiable en un sistema con un ambiente de ejecucion de alta seguridad.Info
- Publication number
- MXPA04010157A MXPA04010157A MXPA04010157A MXPA04010157A MXPA04010157A MX PA04010157 A MXPA04010157 A MX PA04010157A MX PA04010157 A MXPA04010157 A MX PA04010157A MX PA04010157 A MXPA04010157 A MX PA04010157A MX PA04010157 A MXPA04010157 A MX PA04010157A
- Authority
- MX
- Mexico
- Prior art keywords
- output
- trusted
- input
- manager
- nexus
- Prior art date
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F1/00—Details not covered by groups G06F3/00 - G06F13/00 and G06F21/00
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/83—Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/53—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/57—Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/84—Protecting input, output or interconnection devices output devices, e.g. displays or monitors
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2105—Dual mode as a secondary aspect
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2113—Multi-level security, e.g. mandatory access control
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
- User Interface Of Digital Computer (AREA)
- Multi Processors (AREA)
Abstract
Se describen tecnicas para proveer seguridad para salida y entrada de usuario en las cuales un primer sistema operativo central se usa junto con un segundo sistema operativo de alta seguridad (nexo), donde el primer sistema provee al menos algo de la infraestructura para el segundo sistema. Un motor Ul confiable tiene un administrador de entrada confiable y un administrador de salida confiable. El administrador de entrada confiable controla el acceso a entrada confiable, distribuyendo entrada descifrada al sistema operativo central donde sea apropiado, o al proceso apropiado que opera en el nexo. El administrador de salida confiable administra salida a la pantalla y permite que agentes confiables en el nexo hagan salir datos para despliegues sin necesitar consistentes de detalles dependientes del dispositivo de salida.
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US10/693,407 US7496768B2 (en) | 2003-10-24 | 2003-10-24 | Providing secure input and output to a trusted agent in a system with a high-assurance execution environment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| MXPA04010157A true MXPA04010157A (es) | 2005-04-28 |
Family
ID=34394590
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| MXPA04010157A MXPA04010157A (es) | 2003-10-24 | 2004-10-15 | Provision de entrada y salida seguras a un agente confiable en un sistema con un ambiente de ejecucion de alta seguridad. |
Country Status (10)
| Country | Link |
|---|---|
| US (1) | US7496768B2 (es) |
| EP (1) | EP1526425A3 (es) |
| JP (1) | JP4838505B2 (es) |
| KR (1) | KR101109361B1 (es) |
| CN (1) | CN1609810A (es) |
| AU (1) | AU2004214620B2 (es) |
| BR (1) | BRPI0404095A (es) |
| CA (1) | CA2481040C (es) |
| MX (1) | MXPA04010157A (es) |
| RU (1) | RU2365045C2 (es) |
Families Citing this family (28)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7464412B2 (en) | 2003-10-24 | 2008-12-09 | Microsoft Corporation | Providing secure input to a system with a high-assurance execution environment |
| US7690033B2 (en) * | 2004-09-28 | 2010-03-30 | Exobox Technologies Corp. | Electronic computer system secured from unauthorized access to and manipulation of data |
| US20060075236A1 (en) * | 2004-09-30 | 2006-04-06 | Marek James A | Method and apparatus for high assurance processing |
| US7721094B2 (en) * | 2005-05-06 | 2010-05-18 | Microsoft Corporation | Systems and methods for determining if applications executing on a computer system are trusted |
| US7752436B2 (en) * | 2005-08-09 | 2010-07-06 | Intel Corporation | Exclusive access for secure audio program |
| US20070179897A1 (en) * | 2006-01-27 | 2007-08-02 | Stefan Andersson | Conditional stream access |
| US20070192826A1 (en) * | 2006-02-14 | 2007-08-16 | Microsoft Corporation | I/O-based enforcement of multi-level computer operating modes |
| US8214296B2 (en) * | 2006-02-14 | 2012-07-03 | Microsoft Corporation | Disaggregated secure execution environment |
| JP4233585B2 (ja) | 2006-07-25 | 2009-03-04 | 株式会社エヌ・ティ・ティ・ドコモ | ペリフェラル切替装置及びペリフェラル切替制御装置 |
| US7913292B2 (en) * | 2006-10-18 | 2011-03-22 | Microsoft Corporation | Identification and visualization of trusted user interface objects |
| JP4998019B2 (ja) * | 2007-03-06 | 2012-08-15 | 富士通株式会社 | 状態表示制御装置 |
| JP5066112B2 (ja) * | 2009-02-19 | 2012-11-07 | 株式会社エヌ・ティ・ティ・ドコモ | 情報処理装置 |
| US9588803B2 (en) | 2009-05-11 | 2017-03-07 | Microsoft Technology Licensing, Llc | Executing native-code applications in a browser |
| US9323921B2 (en) * | 2010-07-13 | 2016-04-26 | Microsoft Technology Licensing, Llc | Ultra-low cost sandboxing for application appliances |
| US9495183B2 (en) | 2011-05-16 | 2016-11-15 | Microsoft Technology Licensing, Llc | Instruction set emulation for guest operating systems |
| JP5673834B2 (ja) * | 2011-08-30 | 2015-02-18 | 富士通株式会社 | バックアップ方法、およびバックアッププログラム |
| US9413538B2 (en) | 2011-12-12 | 2016-08-09 | Microsoft Technology Licensing, Llc | Cryptographic certification of secure hosted execution environments |
| US9389933B2 (en) * | 2011-12-12 | 2016-07-12 | Microsoft Technology Licensing, Llc | Facilitating system service request interactions for hardware-protected applications |
| US9781118B2 (en) | 2013-03-14 | 2017-10-03 | Intel Corporation | Differentiated containerization and execution of web content based on trust level and other attributes |
| US9477823B1 (en) | 2013-03-15 | 2016-10-25 | Smart Information Flow Technologies, LLC | Systems and methods for performing security authentication based on responses to observed stimuli |
| KR102210995B1 (ko) * | 2013-04-24 | 2021-02-02 | 삼성전자 주식회사 | 전자 장치에서 보안 정보를 통지하기 위한 장치와 방법 및 이를 위한 컴퓨터로 판독 가능한 기록 매체 |
| US9633210B2 (en) | 2013-09-13 | 2017-04-25 | Microsoft Technology Licensing, Llc | Keying infrastructure |
| US20150113241A1 (en) * | 2013-10-21 | 2015-04-23 | Jason Martin | Establishing physical locality between secure execution environments |
| US10097513B2 (en) | 2014-09-14 | 2018-10-09 | Microsoft Technology Licensing, Llc | Trusted execution environment extensible computing device interface |
| CN104317651A (zh) * | 2014-10-13 | 2015-01-28 | 浪潮电子信息产业股份有限公司 | 一种基于可信软件栈的接口调用方法 |
| RU2606556C2 (ru) * | 2015-02-20 | 2017-01-10 | Закрытое акционерное общество "Лаборатория Касперского" | Способ ввода конфиденциальных данных |
| US11405383B2 (en) * | 2017-01-13 | 2022-08-02 | Huawei Technologies Co., Ltd. | Authorization credential migration method, terminal device, and service server |
| CN113168476A (zh) * | 2018-11-30 | 2021-07-23 | 百可德罗德公司 | 操作系统中个性化密码学安全的访问控制 |
Family Cites Families (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| IT1250834B (it) | 1991-07-31 | 1995-04-21 | Fiat Auto Spa | Sonda per impianti di climatizzazione per veicoli. |
| US5596718A (en) * | 1992-07-10 | 1997-01-21 | Secure Computing Corporation | Secure computer network using trusted path subsystem which encrypts/decrypts and communicates with user through local workstation user I/O devices without utilizing workstation processor |
| US5537544A (en) | 1992-09-17 | 1996-07-16 | Kabushiki Kaisha Toshiba | Portable computer system having password control means for holding one or more passwords such that the passwords are unreadable by direct access from a main processor |
| US6630926B2 (en) | 2000-12-07 | 2003-10-07 | International Business Machines Corporation | Apparatus and method for verifying keystrokes within a computing system |
| GB2376761A (en) * | 2001-06-19 | 2002-12-24 | Hewlett Packard Co | An arrangement in which a process is run on a host operating system but may be switched to a guest system if it poses a security risk |
| JP2003258795A (ja) * | 2002-02-28 | 2003-09-12 | Hitachi Ltd | コンピュータ集合体運用方法及びその実施システム並びにその処理プログラム |
| US7464412B2 (en) * | 2003-10-24 | 2008-12-09 | Microsoft Corporation | Providing secure input to a system with a high-assurance execution environment |
-
2003
- 2003-10-24 US US10/693,407 patent/US7496768B2/en active Active
-
2004
- 2004-09-06 EP EP04021162A patent/EP1526425A3/en not_active Ceased
- 2004-09-09 CA CA2481040A patent/CA2481040C/en not_active Expired - Fee Related
- 2004-09-10 KR KR1020040072652A patent/KR101109361B1/ko active IP Right Grant
- 2004-09-23 BR BR0404095-3A patent/BRPI0404095A/pt not_active IP Right Cessation
- 2004-09-24 JP JP2004278412A patent/JP4838505B2/ja not_active Expired - Fee Related
- 2004-09-28 AU AU2004214620A patent/AU2004214620B2/en not_active Ceased
- 2004-10-15 MX MXPA04010157A patent/MXPA04010157A/es active IP Right Grant
- 2004-10-22 CN CNA2004100882785A patent/CN1609810A/zh active Pending
- 2004-10-22 RU RU2004131021/09A patent/RU2365045C2/ru not_active IP Right Cessation
Also Published As
| Publication number | Publication date |
|---|---|
| CA2481040A1 (en) | 2005-04-24 |
| RU2004131021A (ru) | 2006-04-10 |
| AU2004214620A1 (en) | 2005-05-12 |
| AU2004214620B2 (en) | 2010-04-01 |
| JP2005129034A (ja) | 2005-05-19 |
| RU2365045C2 (ru) | 2009-08-20 |
| KR20050039548A (ko) | 2005-04-29 |
| JP4838505B2 (ja) | 2011-12-14 |
| EP1526425A2 (en) | 2005-04-27 |
| BRPI0404095A (pt) | 2005-06-21 |
| US20050091503A1 (en) | 2005-04-28 |
| CN1609810A (zh) | 2005-04-27 |
| EP1526425A3 (en) | 2005-07-20 |
| CA2481040C (en) | 2012-03-13 |
| KR101109361B1 (ko) | 2012-01-31 |
| US7496768B2 (en) | 2009-02-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| MXPA04010157A (es) | Provision de entrada y salida seguras a un agente confiable en un sistema con un ambiente de ejecucion de alta seguridad. | |
| GB2440697A (en) | Computer security system and method | |
| US7987374B2 (en) | Security chip | |
| GB2387937B (en) | Secure cpu and memory management unit with cryptographic extensions | |
| BRPI0608201A2 (pt) | segredo compartilhado de contexto limitado | |
| TW200516541A (en) | Providing a graphical user interface in a system with a high-assurance execution environment | |
| GB2440854A (en) | System and method for key recovery | |
| RU2010114241A (ru) | Многофакторная защита контента | |
| AU2003293531A1 (en) | Trusted system clock | |
| WO2003044640A3 (en) | System and method for managing confidential data | |
| WO2008054456A3 (en) | Hardware-facilitated secure software execution environment | |
| GB2430781A (en) | Security for computer software | |
| WO2008048712A3 (en) | Device-independent management of cryptographic information | |
| DE60232106D1 (de) | Robuste und flexible verwaltung von digitalen rechten unter einbezug eines fälschungssicheren identitätsmoduls | |
| WO2002052386A3 (en) | Method and system for software integrity control using secure hardware assisting device | |
| CN104268444A (zh) | 一种云OS Java源代码保护方法 | |
| US7636441B2 (en) | Method for secure key exchange | |
| EP1365306A3 (en) | Data protection system | |
| CN111079097A (zh) | 一种基于网络的编程开发系统 | |
| CN112016104A (zh) | 一种金融敏感数据的加密方法、装置和系统 | |
| CN102111321A (zh) | 一种用于vpn的加解密芯片驱动方法 | |
| CN107967430B (zh) | 一种文档保护方法、设备以及系统 | |
| CN107563228A (zh) | 一种内存数据加解密的方法 | |
| US9003192B2 (en) | Protocol for protecting third party cryptographic keys | |
| ATE386972T1 (de) | Verfahren und schaltung zum identifizieren und/oder verifizieren von hardware und/oder software eines geräts und eines mit dem gerät arbeitenden datenträgers |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| FG | Grant or registration |