WO2006089472A1 - Méthode de surveillance de dispositifs gérés - Google Patents
Méthode de surveillance de dispositifs gérés Download PDFInfo
- Publication number
- WO2006089472A1 WO2006089472A1 PCT/CN2005/002123 CN2005002123W WO2006089472A1 WO 2006089472 A1 WO2006089472 A1 WO 2006089472A1 CN 2005002123 W CN2005002123 W CN 2005002123W WO 2006089472 A1 WO2006089472 A1 WO 2006089472A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- integrity
- managed device
- application software
- integrity value
- value
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 37
- 238000012544 monitoring process Methods 0.000 title claims abstract description 19
- 238000012545 processing Methods 0.000 claims description 11
- 230000008439 repair process Effects 0.000 claims description 4
- 238000005192 partition Methods 0.000 claims description 3
- 230000002093 peripheral effect Effects 0.000 claims description 3
- 230000008569 process Effects 0.000 abstract description 3
- 238000010586 diagram Methods 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L43/00—Arrangements for monitoring or testing data switching networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
Definitions
- the invention belongs to the field of monitoring technology and trusted computer technology, and in particular to a method for monitoring a managed device. Background technique
- the management center for device management is usually a server that collects information about managed devices, such as log events of managed devices, CPU running load, current network performance, and attack events that have occurred. An alarm is generated when the management center finds that the managed device is in the attack state.
- the information monitored by the Management Center is limited to information about specific modules or components in the managed device, as well as known attack events that cannot be monitored for the current state of the managed device and unknown attack events.
- the main object of the present invention is to provide a method for monitoring a managed device, so that the management center can monitor whether the managed device currently has an unknown attack.
- a method for monitoring a managed device the management center pre-preserving an integrity list, where the integrity list includes a system integrity value of the managed device, and a correspondence between the managed device and its own system integrity value,
- the management device collects its current system integrity value and saves it when it starts; this method includes the following steps:
- the managed device After receiving the monitoring command from the management center, the managed device sends the information including the current system integrity value to the management center;
- the management center determines, according to the received information and the integrity list, whether the current system integrity value of the managed device in the received information is consistent with the integrity value of the managed device that has been saved by itself. And in case of inconsistency, the alarm processing is performed.
- the alarm processing comprises: issuing an alarm message, or issuing an alarm message and repairing the corrupted parameter.
- the integrity list further includes: application software provided by each managed device, and integrity values of the application software;
- the method further includes the steps of: calculating, by the management device, the integrity value of the application software, and transmitting information including the current integrity value of the application software to the management center; and receiving, by the management center, the received information and The integrity list, determining whether the received integrity value of the application software currently applied by the managed device is consistent with the integrity value of the application software corresponding to the managed device that is saved by itself, and in case of inconsistency, Send an alarm message, or issue an alarm message and repair the damaged application. ⁇
- the management center pre-stores an operating system version list and/or an application software version list, where the operating system version list includes integrity values of different versions of different operating systems, and integrity of different versions of the same operating system.
- the application software version list includes integrity values of different versions of different application software, correspondences between integrity values of different versions of the same application software, and the operating system version list further includes a security vulnerability.
- the patch corresponding to the operating system version, the application software version list further includes a patch corresponding to the version of the application software with a security vulnerability;
- Step a further includes transmitting information including an integrity value of the current operating system version and/or an integrity value of the application software version to the management center; step b further comprising: according to an operating system and/or application currently from the managed device
- the integrity version of the software version and the operating system and/or application software version list determine the operating system and/or application software version currently applied by the managed device, and determine the operating system and/or application software according to the pre-configuration. Whether the version has a security vulnerability, and when it is determined that the operating system and/or application software version has a security vulnerability, sending an alarm message, and sending a patch corresponding to the operating system and/or application software version to the managed device.
- the information including the current system integrity value in step a is the plaintext of the current system integrity value.
- the information including the current system integrity value in step a is a ciphertext encrypted by using a preset symmetric key to encrypt the current system integrity value;
- the method includes: applying a preset symmetric key to decrypt the received information.
- the information including the current system integrity value in step a is the plaintext of the current system integrity value, and the information obtained by signing the current system integrity value by using the pre-generated private key;
- the method Before the determining, by the management center, based on the received information and the integrity list, the method includes: applying a pre-stored public key corresponding to the private key in step a to verify the signature of the current system integrity value. .
- the information including the current system integrity value in step a is the plaintext of the current system integrity value, the information obtained by using the pre-generated private key to sign the current system integrity value, and pre-generated.
- the information including the current system integrity value in step a is the plaintext of the current system integrity value, the information obtained by using the pre-generated private key to sign the current system integrity value, and pre-generated.
- Step b Before the management center determines according to the received information and the integrity list, the method includes: applying the received public key to verify the signature of the current system integrity value.
- the information including the current system integrity value in step a is the plaintext of the current system integrity value, the information obtained by applying the pre-generated private key to sign the current system integrity value, and the pre-generated information.
- the public key corresponding to the privacy and the anonymous certificate
- the method Before the determining, by the management center, based on the received information and the integrity list, the method includes: applying the received anonymous certificate to authenticate the identity of the sender, and applying the received public key to the current after the authentication The signature of the system integrity value is verified. .
- the managed device is a computer
- the step of collecting the current system integrity value and saving the managed device when the device is started includes the following steps:
- BIOS or EFI After the BIOS or EFI is started, calculate all the parameter information of the system that has been configured, the integrity of the main boot sector and the system boot partition, and store it in the secure storage unit;
- Iii Calculate the integrity value of the operating system load code and store it in the secure storage unit before the BIOS or EFI loads the boot operating system;
- the parameter information that has been configured includes: CPU microcode software, enable (disable) state configuration of various functions of the system, various authentication passwords, disk configuration parameters, peripheral configuration parameters, security functions Configuration parameters.
- the secure storage component is a security chip TPM, a hard disk with security protection, a USB-key or a smart-card.
- the key to the present invention is that the management center pre-stores an integrity list, which includes the system integrity value of the managed device and the correspondence between the managed device and its own system integrity value, and collects itself when the managed device starts.
- the current system integrity value is saved; after receiving the monitoring command from the management center, the managed device sends the information including the current system integrity value to the management center; the management center according to the received information and the integrity list And determining whether the current system integrity value of the managed device is consistent with the integrity value of the managed device that is saved by itself, and performing alarm processing in case of inconsistency.
- the management center can know whether the managed device is currently in a trusted state.
- the management center can determine whether the managed device currently has an unknown state. attack. Furthermore, the present invention also monitors the application software currently applied by the management device, and further monitors whether the application software is attacked or destroyed. In addition, the present invention also monitors the version of the operating system of the managed device, and monitors whether the current operating system of the managed device has a vulnerability and needs to be patched.
- FIG. 1 is a schematic diagram showing an implementation flow of an embodiment of the present invention.
- FIG. 2 is a schematic flow chart showing the calculation of the system integrity value of the device to be accessed by applying the present invention. detailed description
- the idea of the present invention is: The management center pre-stores an integrity list, which includes the system integrity value of the managed device and the correspondence between the managed device and its own system integrity value, and is collected when the managed device starts.
- the current system integrity value is saved and saved; after receiving the monitoring command from the management center, the managed device sends the information including the current system integrity value to the management center; the management center according to the received information and the integrity
- the list determines whether the current system integrity value of the managed device is consistent with the integrity value of the managed device that is saved by itself, and performs alarm processing in case of inconsistency.
- FIG. 1 is a schematic diagram showing an implementation flow of an embodiment of the present invention.
- the management center pre-stores an integrity list containing the system integrity values of the managed devices, as well as the managed devices and The correspondence between its own system integrity values;
- Step 101 When the managed device starts, collect its current system integrity value and save it;
- Step 102 After receiving the monitoring command from the management center, the managed device sends the information including the saved current system integrity value to the management center.
- Step 103 The management center determines, according to the received information and the integrity list, whether the current system integrity value of the managed device is consistent with the integrity value of the managed device that is saved by itself, and if they are consistent, The managed device is in the trusted state and is not processed. If the management device is inconsistent, the management center considers that the managed device is in an untrusted state and performs alarm processing.
- the above untrusted status includes but is not limited to: firmware and various system parameters are destroyed.
- the above alarm processing includes: sending an alarm message, or sending an alarm message and repairing the corrupted parameter.
- Figure 2 is a flow chart showing the process of collecting the system integrity value of the managed device to which the present invention is applied.
- the managed device is a computer.
- Step 201 After the power is turned on, the CPU calculates the system ROM, the firmware code of the basic input/output system (BIOS) or the expandable firmware interface (EFI), and the integrity values of the hardware configuration parameters, and stores them in the security. In the storage unit.
- BIOS basic input/output system
- EFI expandable firmware interface
- Step 202 After the BIOS or EFI is started, calculate all the parameter information of the system that has been configured, the integrity values of the primary boot sector and the system boot partition, and store them in the secure storage component;
- the information includes: CPU microcode software, enabling (enable or disable) state configuration of various functions of the system, various authentication passwords, disk configuration parameters, peripheral configuration parameters, and security function configuration parameters.
- Step 203 Calculate the integrity value of the operating system load code and store it in the secure storage unit before the BIOS or EFI loads the boot operating system.
- Step 204 After the operating system loads the code, calculate the integrity values of the operating system kernel, the system startup file, the system configuration file, and the driver software, and store them in the secure storage unit.
- Step 205 Calculate a system integrity value according to all the integrity values described in steps 201 to 204.
- the above secure storage component is a security chip (TPM, Trusted Platform Module), a hard disk with security protection, a USB-key or a smart-card.
- TPM Trusted Platform Module
- the integrity list may further include: application software provided by each managed device, and integrity value of the application software; after the managed device is normally started, before the application software is started, The step includes: calculating an integrity value of the applied application software, and transmitting information including the current integrity value of the application software to the management center; and determining, by the management center, the received information according to the received information and the integrity list. Whether the integrity value of the application software currently applied by the managed device is consistent with the integrity value of the application software corresponding to the managed device that is saved by itself, and if the values are consistent, the managed device is in a normal state and is not processed. If the application is inconsistent, the application software is destroyed, the management center sends an alarm message, or the management center issues an alarm message and repairs the damaged application software.
- an operating system (OS) version list and/or an application software version list may be preset, and the OS version list includes integrity values of different versions of different operating systems, and different versions of the same operating system.
- the correspondence between the integrity values; the version list of the application software includes the integrity values of different versions of different application software, and the correspondence between the integrity values of different versions of the same application software.
- the OS version list and the application software version list respectively include patches corresponding to OS versions and application software versions with security vulnerabilities.
- the management center determines that the managed device is in a normal state, according to the integrity value of the current version of the OS from the managed device and/or the integrity value of the application software version, and the OS version list and/or
- the application software version list determines the OS version and/or the application software version currently applied by the managed device, and determines whether the OS version and/or the application software version has a security vulnerability according to the pre-configuration, and if so, the OS version The corresponding patch is sent to the managed device, otherwise, no processing is performed.
- the management process of the operating system version and the application software version is the same. The following only uses the operating system as an example.
- the integrity values of the three versions of the Windows 2000 operating system are pre-stored in the OS version list of the management center, as shown in Table 1.
- the management center When the management center receives the integrity value of the operating system version from the managed device, if it is confirmed that the received integrity value is the same as the integrity value of the original version of the WI DOWS2000 saved by itself, that is, the same as version 1 Sending an alarm message to the managed device, and sending the patch corresponding to the version to the managed device; if it is confirmed that the received integrity value is consistent with the integrity value of the original version of WINDOWS2000 after installing the patch, Consistent with the integrity value of version 2, or consistent with the integrity value of the latest version of WINDOWS2000, that is, consistent with the integrity value of version 2, the operating system is considered normal and is not processed. "
- the information sent by the managed device to the management center is directly sent in clear text, such as the integrity value of the current operating system, the integrity value of the application software, and the integrity value of the OS version.
- the managed device can also send the information to be sent to the application key or signature protection and then send it to t ;
- the following is an example of sending the integrity of the current operating system as an example to specify the sending method of the application key or signature protection:
- the symmetric key is pre-stored in the management center and the managed device; after the managed device encrypts the current system integrity value by applying the symmetric key, the current system integrity value is encrypted.
- the information is sent to the management center, and the management center decrypts the received information. After the decryption is successful, the integrity judgment operation is performed.
- the managed device pre-generates the public and private keys.
- the managed device applies the private key to sign the current system integrity value.
- the management center uses the public key to verify the signature. After the verification is passed, the integrity is judged. .
- the information sent by the managed device to the management center only needs to include the current system integrity.
- the plaintext of the value and the signature of the current system integrity value may be; if the public key generated by the managed device has been signed by a trusted third party, but the management center does not save the public key corresponding to the private key, the managed device.
- the information sent to the management center needs to include the plaintext of the current system integrity value, the signature of the current system integrity value, and the public key corresponding to the private key used for the signature; if the public key of the managed device is not generated in advance If the trusted third party signs, the information sent by the management device to the management center needs to include the plaintext of the current system integrity value, the signature of the current system integrity value, the public key corresponding to the private key used for the signature, and the anonymous.
- Identity certificate At this point, the management center verifies that the sender is legal through the anonymous identity certificate, and then
- the above operation of calculating the integrity value of the system is performed by the integrity information collection module in the managed device.
- the above encryption or signature operation is performed by the signature encryption module in the managed device.
- the operation of receiving the monitoring command from the management center and transmitting the information to the management center is performed by the management agent module.
- the management center is a server, and the verification operation performed by the management center is completed by the trusted information collection module of the managed device, and the alarm processing performed by the management center is performed by the event processing alarm module therein.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Description
Claims
Priority Applications (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/817,194 US8533829B2 (en) | 2005-02-28 | 2005-12-08 | Method for monitoring managed device |
JP2007556478A JP2008532123A (ja) | 2005-02-28 | 2005-12-08 | 被管理装置を監視制御する方法 |
DE112005003485.2T DE112005003485B4 (de) | 2005-02-28 | 2005-12-08 | Verfahren zur Überwachung einer verwalteten Einrichtung |
GB0718762A GB2439493B (en) | 2005-02-28 | 2007-09-26 | Method for monitoring managed device |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CNB2005100511188A CN100358303C (zh) | 2005-02-28 | 2005-02-28 | 一种对被管理设备进行监控的方法 |
CN200510051118.8 | 2005-02-28 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2006089472A1 true WO2006089472A1 (fr) | 2006-08-31 |
Family
ID=35632546
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2005/002123 WO2006089472A1 (fr) | 2005-02-28 | 2005-12-08 | Méthode de surveillance de dispositifs gérés |
Country Status (6)
Country | Link |
---|---|
US (1) | US8533829B2 (zh) |
JP (1) | JP2008532123A (zh) |
CN (1) | CN100358303C (zh) |
DE (1) | DE112005003485B4 (zh) |
GB (1) | GB2439493B (zh) |
WO (1) | WO2006089472A1 (zh) |
Families Citing this family (14)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN100426755C (zh) * | 2006-11-06 | 2008-10-15 | 吉林大学 | 可信网络核心设备 |
US8191075B2 (en) | 2008-03-06 | 2012-05-29 | Microsoft Corporation | State management of operating system and applications |
US9721101B2 (en) * | 2013-06-24 | 2017-08-01 | Red Hat, Inc. | System wide root of trust chaining via signed applications |
US9208318B2 (en) * | 2010-08-20 | 2015-12-08 | Fujitsu Limited | Method and system for device integrity authentication |
WO2012038211A1 (en) | 2010-09-22 | 2012-03-29 | International Business Machines Corporation | Attesting use of an interactive component during a boot process |
US8869264B2 (en) | 2010-10-01 | 2014-10-21 | International Business Machines Corporation | Attesting a component of a system during a boot process |
CN103294502B (zh) * | 2012-03-05 | 2016-10-05 | 联想(北京)有限公司 | 一种获得操作系统加载路径的方法及电子设备 |
CN103294498A (zh) * | 2012-03-05 | 2013-09-11 | 联想(北京)有限公司 | 一种信息处理的方法及电子设备 |
CN104252598B (zh) * | 2013-06-28 | 2018-04-27 | 深圳市腾讯计算机系统有限公司 | 一种检测应用漏洞的方法及装置 |
CN105159847A (zh) * | 2015-08-12 | 2015-12-16 | 北京因特信安软件科技有限公司 | 基于可信芯片的磁盘变更记录方法 |
DE102017102677A1 (de) | 2017-02-10 | 2018-08-16 | Endress+Hauser Conducta Gmbh+Co. Kg | Verfahren zur Authentifizierung eines Feldgeräts der Automatisierungstechnik |
US10409734B1 (en) * | 2017-03-27 | 2019-09-10 | Symantec Corporation | Systems and methods for controlling auxiliary device access to computing devices based on device functionality descriptors |
CN110197073A (zh) * | 2019-05-30 | 2019-09-03 | 苏州浪潮智能科技有限公司 | 一种基于自校验机制保护主机完整性的方法与系统 |
CN113761512A (zh) * | 2020-06-02 | 2021-12-07 | 深圳兆日科技股份有限公司 | 第三方软件包处理方法、工具及存储介质 |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5954797A (en) * | 1997-05-14 | 1999-09-21 | Ncr Corporation | System and method for maintaining compatibility among network nodes connected to a computer network |
US20020099666A1 (en) * | 2000-11-22 | 2002-07-25 | Dryer Joseph E. | System for maintaining the security of client files |
US6681331B1 (en) * | 1999-05-11 | 2004-01-20 | Cylant, Inc. | Dynamic software system intrusion detection |
Family Cites Families (16)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6185678B1 (en) * | 1997-10-02 | 2001-02-06 | Trustees Of The University Of Pennsylvania | Secure and reliable bootstrap architecture |
US7409546B2 (en) * | 1999-10-20 | 2008-08-05 | Tivo Inc. | Cryptographically signed filesystem |
GB0020441D0 (en) * | 2000-08-18 | 2000-10-04 | Hewlett Packard Co | Performance of a service on a computing platform |
TW480444B (en) * | 2000-11-29 | 2002-03-21 | Mitac Technology Corp | Computer system boot-up method capable of completing the startup procedure even the system BIOS code is damaged |
US7661134B2 (en) * | 2001-12-21 | 2010-02-09 | Cybersoft, Inc. | Apparatus, methods and articles of manufacture for securing computer networks |
JP3863447B2 (ja) * | 2002-03-08 | 2006-12-27 | インターナショナル・ビジネス・マシーンズ・コーポレーション | 認証システム、ファームウェア装置、電気機器、及び認証方法 |
US6715085B2 (en) * | 2002-04-18 | 2004-03-30 | International Business Machines Corporation | Initializing, maintaining, updating and recovering secure operation within an integrated system employing a data access control function |
JP4399704B2 (ja) * | 2003-03-27 | 2010-01-20 | ソニー株式会社 | 情報処理装置および方法、プログラム、並びに記録媒体 |
US7464270B2 (en) * | 2003-07-23 | 2008-12-09 | Microsoft Corporation | Application identification and license enforcement |
US7475427B2 (en) * | 2003-12-12 | 2009-01-06 | International Business Machines Corporation | Apparatus, methods and computer programs for identifying or managing vulnerabilities within a data processing network |
JP4772291B2 (ja) * | 2004-04-09 | 2011-09-14 | 富士通株式会社 | セキュリティ機能を備えた情報処理装置 |
US7747862B2 (en) * | 2004-06-28 | 2010-06-29 | Intel Corporation | Method and apparatus to authenticate base and subscriber stations and secure sessions for broadband wireless networks |
WO2006014554A2 (en) * | 2004-07-07 | 2006-02-09 | University Of Maryland | Method and system for monitoring system memory integrity |
KR20070098835A (ko) * | 2004-11-29 | 2007-10-05 | 시그나서트, 인크. | 정보 시스템 구성요소 분석에 의해 계산된 트러스트스코어에 기초하여 네트워크 단말간의 액세스를 제어하는방법 |
US7603422B2 (en) * | 2004-12-27 | 2009-10-13 | Microsoft Corporation | Secure safe sender list |
US7907531B2 (en) | 2005-06-13 | 2011-03-15 | Qualcomm Incorporated | Apparatus and methods for managing firmware verification on a wireless device |
-
2005
- 2005-02-28 CN CNB2005100511188A patent/CN100358303C/zh active Active
- 2005-12-08 JP JP2007556478A patent/JP2008532123A/ja active Pending
- 2005-12-08 WO PCT/CN2005/002123 patent/WO2006089472A1/zh not_active Application Discontinuation
- 2005-12-08 US US11/817,194 patent/US8533829B2/en active Active
- 2005-12-08 DE DE112005003485.2T patent/DE112005003485B4/de active Active
-
2007
- 2007-09-26 GB GB0718762A patent/GB2439493B/en not_active Expired - Fee Related
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5954797A (en) * | 1997-05-14 | 1999-09-21 | Ncr Corporation | System and method for maintaining compatibility among network nodes connected to a computer network |
US6681331B1 (en) * | 1999-05-11 | 2004-01-20 | Cylant, Inc. | Dynamic software system intrusion detection |
US20020099666A1 (en) * | 2000-11-22 | 2002-07-25 | Dryer Joseph E. | System for maintaining the security of client files |
Also Published As
Publication number | Publication date |
---|---|
DE112005003485B4 (de) | 2014-07-24 |
JP2008532123A (ja) | 2008-08-14 |
GB2439493A (en) | 2007-12-27 |
CN1703014A (zh) | 2005-11-30 |
GB0718762D0 (en) | 2007-11-07 |
US8533829B2 (en) | 2013-09-10 |
GB2439493B (en) | 2010-03-31 |
CN100358303C (zh) | 2007-12-26 |
US20080250501A1 (en) | 2008-10-09 |
DE112005003485T5 (de) | 2007-12-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2006089472A1 (fr) | Méthode de surveillance de dispositifs gérés | |
US8789037B2 (en) | Compatible trust in a computing device | |
EP3210155B1 (en) | Trust service for a client device | |
US9336394B2 (en) | Securely recovering a computing device | |
EP2913956B1 (en) | Management control method and device for virtual machines | |
US8671439B2 (en) | Techniques for authenticated posture reporting and associated enforcement of network access | |
US9596085B2 (en) | Secure battery authentication | |
US8019994B2 (en) | Authentication of a request to alter at least one of a BIOS and a setting associated with the BIOS | |
US20100303240A1 (en) | Key management to protect encrypted data of an endpoint computing device | |
WO2006089473A1 (fr) | Méthode pour effectuer l’authentification d’accès réseau | |
TW201333749A (zh) | 用以保全運算裝置之方法 | |
WO2014026518A1 (zh) | 软件密钥更新方法和装置 | |
CN106790045B (zh) | 一种基于云环境分布式虚拟机代理装置及数据完整性保障方法 | |
TW201735578A (zh) | 受控的安全碼認證 | |
TW201706898A (zh) | 安全軟體認證及驗證 | |
CN113626803A (zh) | 一种bmc固件的保护方法、系统、装置及可读存储介质 | |
JP4874007B2 (ja) | 認証システム、サーバコンピュータ、プログラム、及び、記録媒体 | |
CN109891823B (zh) | 用于凭证加密的方法、系统以及非暂态计算机可读介质 | |
CN114651251A (zh) | 恢复密钥 | |
US8607343B2 (en) | Ticket-based personalization | |
CN117897704A (zh) | 产生消息 | |
CN113434865A (zh) | 一种用于移动端的安全检测方法、装置、设备及存储介质 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
WWE | Wipo information: entry into national phase |
Ref document number: 2007556478 Country of ref document: JP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 1120050034852 Country of ref document: DE |
|
ENP | Entry into the national phase |
Ref document number: 0718762 Country of ref document: GB Kind code of ref document: A Free format text: PCT FILING DATE = 20051208 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 0718762.8 Country of ref document: GB |
|
REG | Reference to national code |
Ref country code: GB Ref legal event code: 789A Ref document number: 0718762 Country of ref document: GB |
|
WWE | Wipo information: entry into national phase |
Ref document number: 11817194 Country of ref document: US |
|
RET | De translation (de og part 6b) |
Ref document number: 112005003485 Country of ref document: DE Date of ref document: 20071227 Kind code of ref document: P |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 05818768 Country of ref document: EP Kind code of ref document: A1 |
|
WWW | Wipo information: withdrawn in national office |
Ref document number: 5818768 Country of ref document: EP |