BRPI0404008A - Integração de recursos de alta asseguração em uma aplicação através de fatoração de aplicação - Google Patents

Integração de recursos de alta asseguração em uma aplicação através de fatoração de aplicação

Info

Publication number
BRPI0404008A
BRPI0404008A BR0404008-2A BRPI0404008A BRPI0404008A BR PI0404008 A BRPI0404008 A BR PI0404008A BR PI0404008 A BRPI0404008 A BR PI0404008A BR PI0404008 A BRPI0404008 A BR PI0404008A
Authority
BR
Brazil
Prior art keywords
application
data
processor
factoring
trusted processor
Prior art date
Application number
BR0404008-2A
Other languages
English (en)
Inventor
Kenneth D Ray
Marcus Peinado
Thekkthalackal Varugis Kurien
Paul England
Original Assignee
Microsoft Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Microsoft Corp filed Critical Microsoft Corp
Publication of BRPI0404008A publication Critical patent/BRPI0404008A/pt
Publication of BRPI0404008B1 publication Critical patent/BRPI0404008B1/pt

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/40Transformation of program code
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/53Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by executing in a restricted environment, e.g. sandbox or secure virtual machine

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Storage Device Security (AREA)
  • Multi Processors (AREA)

Abstract

"INTEGRAçãO DE RECURSOS DE ALTA ASSEGURAçãO EM UMA APLICAçãO ATRAVéS DE FATORAçãO DE APLICAçãO". Fatoração ou partição de aplicação é usada para integrar recursos seguros em uma aplicação convencional. A funcionalidade de uma aplicação é partilhada em dois conjuntos de acordo com o fato de se uma determinada ação envolve, ou não envolve, a manipulação de dados sensíveis. objetos de software separados (processadores) são criados para realizar esses dois conjuntos de ações. Um processador de confiança lida com os dados seguros e executa em um ambiente de alta asseguração. Quando um outro processador encontra dados seguros, esses dados são enviados para o processador de confiança. Os dados são envolvidos de tal forma que permite que os mesmos sejam roteados para o processador de confiança, e impede que os dados sejam decifrados por qualquer outra entidade que não seja o processador de confiança. é provida uma infra-estrutura que envolve os objetos, roteia os mesmos para o processador correto, e permite que a integridade deles seja atestada através de um encadeamento de confiança que conduz de volta ao componente básico que se sabe ser de confiança.
BRPI0404008A 2003-10-24 2004-09-23 sistema que gerencia o particionamento de uma aplicação, método de um primeiro objeto de software que executa em um primeiro ambiente manipulando dados aos quais se aplica uma política, sistema que suporta o particionamento de uma aplicação em pelo menos um primeiro objeto de software e um segundo objeto de software BRPI0404008B1 (pt)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US10/693,749 US7730318B2 (en) 2003-10-24 2003-10-24 Integration of high-assurance features into an application through application factoring

Publications (2)

Publication Number Publication Date
BRPI0404008A true BRPI0404008A (pt) 2005-06-21
BRPI0404008B1 BRPI0404008B1 (pt) 2017-03-28

Family

ID=34394598

Family Applications (1)

Application Number Title Priority Date Filing Date
BRPI0404008A BRPI0404008B1 (pt) 2003-10-24 2004-09-23 sistema que gerencia o particionamento de uma aplicação, método de um primeiro objeto de software que executa em um primeiro ambiente manipulando dados aos quais se aplica uma política, sistema que suporta o particionamento de uma aplicação em pelo menos um primeiro objeto de software e um segundo objeto de software

Country Status (11)

Country Link
US (1) US7730318B2 (pt)
EP (1) EP1526456B1 (pt)
JP (1) JP4896385B2 (pt)
KR (1) KR101149998B1 (pt)
CN (1) CN100426224C (pt)
AT (1) ATE519156T1 (pt)
AU (1) AU2004216595B2 (pt)
BR (1) BRPI0404008B1 (pt)
CA (1) CA2480906C (pt)
MX (1) MXPA04010158A (pt)
RU (1) RU2367006C2 (pt)

Families Citing this family (33)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7484247B2 (en) 2004-08-07 2009-01-27 Allen F Rozman System and method for protecting a computer system from malicious software
US20060075236A1 (en) * 2004-09-30 2006-04-06 Marek James A Method and apparatus for high assurance processing
CN100464295C (zh) * 2006-05-17 2009-02-25 联想(北京)有限公司 一种基于虚拟机的安全输入方法
US7877506B2 (en) * 2006-05-26 2011-01-25 International Business Machines Corporation System, method and program for encryption during routing
US9747426B2 (en) * 2006-08-31 2017-08-29 Invention Science Fund I, Llc Handling masquerading elements
EP2083372A4 (en) * 2006-10-20 2012-02-29 Panasonic Corp DEVICE AND METHOD FOR MONITORING THE DISTORTION OF APPLICATION INFORMATION
MX2009012134A (es) * 2007-05-11 2009-11-25 Echostar Technologies Llc Aparato para controlar la ejecucion de un procesador en un ambiente seguro.
US8249257B2 (en) * 2007-09-28 2012-08-21 Intel Corporation Virtual TPM keys rooted in a hardware TPM
US8259948B2 (en) * 2007-12-29 2012-09-04 Intel Corporation Virtual TPM key migration using hardware keys
CA2749876C (en) * 2009-01-18 2018-05-22 Gilbarco Inc. Payment processing system for use in a retail environment having segmented architecture
US20100250903A1 (en) * 2009-03-26 2010-09-30 Celio Technology Corporation Apparatuses and systems including a software application adaptation layer and methods of operating a data processing apparatus with a software adaptation layer
FR2948789B1 (fr) * 2009-07-28 2016-12-09 Airbus Composant logiciel et dispositif pour le traitement automatise de donnees multi-usages, mettant en oeuvre des fonctions ayant besoin de differents niveaux de surete ou limites de responsabilite
RU2467389C1 (ru) * 2011-06-07 2012-11-20 Антон Андреевич Краснопевцев Способ защиты программно-информационного обеспечения от несанкционированного использования
US8874935B2 (en) 2011-08-30 2014-10-28 Microsoft Corporation Sector map-based rapid data encryption policy compliance
US9916439B2 (en) * 2012-03-22 2018-03-13 Microsoft Technology Licensing, Llc Securing a computing environment against malicious entities
CN103379089B (zh) * 2012-04-12 2016-06-22 中国航空工业集团公司第六三一研究所 基于安全域隔离的访问控制方法及其系统
US8938796B2 (en) 2012-09-20 2015-01-20 Paul Case, SR. Case secure computer architecture
CN103346886B (zh) * 2013-07-01 2016-12-28 天地融科技股份有限公司 一种发送签名数据的方法和电子签名令牌
CN103390142B (zh) * 2013-07-30 2016-09-21 东莞宇龙通信科技有限公司 一种终端
US10615967B2 (en) 2014-03-20 2020-04-07 Microsoft Technology Licensing, Llc Rapid data protection for storage devices
US9825945B2 (en) 2014-09-09 2017-11-21 Microsoft Technology Licensing, Llc Preserving data protection with policy
US9853812B2 (en) 2014-09-17 2017-12-26 Microsoft Technology Licensing, Llc Secure key management for roaming protected content
US9900295B2 (en) 2014-11-05 2018-02-20 Microsoft Technology Licensing, Llc Roaming content wipe actions across devices
JP6461992B2 (ja) 2014-11-05 2019-01-30 キヤノン電子株式会社 特定装置、その制御方法、及びプログラム
US20160352783A1 (en) * 2015-05-27 2016-12-01 Microsoft Technology Licensing, Llc Partitioning Media Data
US9853820B2 (en) 2015-06-30 2017-12-26 Microsoft Technology Licensing, Llc Intelligent deletion of revoked data
US9900325B2 (en) 2015-10-09 2018-02-20 Microsoft Technology Licensing, Llc Passive encryption of organization data
RU2638000C1 (ru) * 2017-02-08 2017-12-08 Акционерное общество "Лаборатория Касперского" Способ контроля системы исполнения программируемого логического контроллера
US11188639B2 (en) * 2018-07-19 2021-11-30 Intel Corporation System, method and apparatus for automatic program compartmentalization
DE102018120347A1 (de) * 2018-08-21 2020-02-27 Pilz Gmbh & Co. Kg Automatisierungssystem zur Überwachung eines sicherheitskritischen Prozesses
EP3808049B1 (en) 2019-09-03 2022-02-23 Google LLC Systems and methods for authenticated control of content delivery
CN113050940B (zh) * 2021-03-24 2025-02-21 百度在线网络技术(北京)有限公司 小程序的预览方法、相关装置及计算机程序产品
CN117354068B (zh) * 2023-12-06 2024-03-01 国网浙江省电力有限公司金华供电公司 提高分布式能量管理系统通信安全性方法与系统

Family Cites Families (35)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CA1322422C (en) * 1988-07-18 1993-09-21 James P. Emmond Single-keyed indexed file for tp queue repository
US5892900A (en) * 1996-08-30 1999-04-06 Intertrust Technologies Corp. Systems and methods for secure transaction management and electronic rights protection
US5859966A (en) * 1995-10-10 1999-01-12 Data General Corporation Security system for computer systems
US6006332A (en) 1996-10-21 1999-12-21 Case Western Reserve University Rights management system for digital media
US6678744B2 (en) * 1997-10-09 2004-01-13 Ericsson Inc. Application wrapper methods and systems
US6496823B2 (en) 1997-11-07 2002-12-17 International Business Machines Corporation Apportioning a work unit to execute in parallel in a heterogeneous environment
US6496847B1 (en) * 1998-05-15 2002-12-17 Vmware, Inc. System and method for virtualizing computer systems
US6397242B1 (en) * 1998-05-15 2002-05-28 Vmware, Inc. Virtualization system including a virtual machine monitor for a computer with a segmented architecture
US6205465B1 (en) * 1998-07-22 2001-03-20 Cisco Technology, Inc. Component extensible parallel execution of multiple threads assembled from program components specified with partial inter-component sequence information
US6327652B1 (en) * 1998-10-26 2001-12-04 Microsoft Corporation Loading and identifying a digital rights management operating system
US6192477B1 (en) * 1999-02-02 2001-02-20 Dagg Llc Methods, software, and apparatus for secure communication over a computer network
EP1305688A2 (en) * 2000-05-28 2003-05-02 Yaron Mayer System and method for comprehensive general generic protection for computers against malicious programs that may steal information and/or cause damages
US7039801B2 (en) * 2000-06-30 2006-05-02 Microsoft Corporation System and method for integrating secure and non-secure software objects
US20020124177A1 (en) * 2001-01-17 2002-09-05 Harper Travis Kelly Methods for encrypting and decrypting electronically stored medical records and other digital documents for secure storage, retrieval and sharing of such documents
ATE242892T1 (de) * 2001-05-11 2003-06-15 Sospita As Sequenznummerierungsmechanismus zur sicherung der ausführungsordnungs-integrietät von untereinander abhängigen smart-card anwendungen
US20020184520A1 (en) * 2001-05-30 2002-12-05 Bush William R. Method and apparatus for a secure virtual machine
GB2378272A (en) * 2001-07-31 2003-02-05 Hewlett Packard Co Method and apparatus for locking an application within a trusted environment
US7272832B2 (en) * 2001-10-25 2007-09-18 Hewlett-Packard Development Company, L.P. Method of protecting user process data in a secure platform inaccessible to the operating system and other tasks on top of the secure platform
US20030107584A1 (en) * 2001-12-12 2003-06-12 Intel Corporation Security system and method for visual display
US7228426B2 (en) * 2002-04-03 2007-06-05 Microsoft Corporation Integrity ordainment and ascertainment of computer-executable instructions with consideration for execution context
US7058768B2 (en) 2002-04-17 2006-06-06 Microsoft Corporation Memory isolation through address translation data edit control
US7130951B1 (en) * 2002-04-18 2006-10-31 Advanced Micro Devices, Inc. Method for selectively disabling interrupts on a secure execution mode-capable processor
US7165135B1 (en) * 2002-04-18 2007-01-16 Advanced Micro Devices, Inc. Method and apparatus for controlling interrupts in a secure execution mode-capable processor
US7043616B1 (en) * 2002-04-18 2006-05-09 Advanced Micro Devices, Inc. Method of controlling access to model specific registers of a microprocessor
US7082507B1 (en) * 2002-04-18 2006-07-25 Advanced Micro Devices, Inc. Method of controlling access to an address translation data structure of a computer system
US7603551B2 (en) * 2003-04-18 2009-10-13 Advanced Micro Devices, Inc. Initialization of a computer system including a secure execution mode-capable processor
US7130977B1 (en) * 2002-04-18 2006-10-31 Advanced Micro Devices, Inc. Controlling access to a control register of a microprocessor
US7266658B2 (en) * 2002-09-12 2007-09-04 International Business Machines Corporation System, method, and computer program product for prohibiting unauthorized access to protected memory regions
US7309004B1 (en) * 2002-12-26 2007-12-18 Diebold Self-Service Systems, Division Of Diebold, Incorporated Cash dispensing automated banking machine firmware authentication system and method
US7313687B2 (en) * 2003-01-10 2007-12-25 Microsoft Corporation Establishing a secure context at an electronic communications end-point
US7146477B1 (en) * 2003-04-18 2006-12-05 Advanced Micro Devices, Inc. Mechanism for selectively blocking peripheral device accesses to system memory
US7788669B2 (en) * 2003-05-02 2010-08-31 Microsoft Corporation System for isolating first computing environment from second execution environment while sharing resources by copying data from first portion to second portion of memory
US7269702B2 (en) * 2003-06-06 2007-09-11 Microsoft Corporation Trusted data store for use in connection with trusted computer operating system
US7398432B2 (en) * 2003-07-24 2008-07-08 International Business Machines Corporation Identify indicators in a data processing system
US7530103B2 (en) * 2003-08-07 2009-05-05 Microsoft Corporation Projection of trustworthiness from a trusted environment to an untrusted environment

Also Published As

Publication number Publication date
US20050091661A1 (en) 2005-04-28
EP1526456A3 (en) 2006-05-31
RU2004131022A (ru) 2006-04-10
JP2005129033A (ja) 2005-05-19
KR20050039541A (ko) 2005-04-29
MXPA04010158A (es) 2005-04-28
EP1526456A2 (en) 2005-04-27
EP1526456B1 (en) 2011-08-03
CA2480906A1 (en) 2005-04-24
BRPI0404008B1 (pt) 2017-03-28
KR101149998B1 (ko) 2012-06-01
ATE519156T1 (de) 2011-08-15
RU2367006C2 (ru) 2009-09-10
AU2004216595A1 (en) 2005-05-12
AU2004216595B2 (en) 2010-02-18
CN1609801A (zh) 2005-04-27
CA2480906C (en) 2014-01-28
US7730318B2 (en) 2010-06-01
CN100426224C (zh) 2008-10-15
JP4896385B2 (ja) 2012-03-14

Similar Documents

Publication Publication Date Title
BRPI0404008A (pt) Integração de recursos de alta asseguração em uma aplicação através de fatoração de aplicação
EP3238129B1 (en) Input verification
US9798559B2 (en) Trusted binary translation
ATE539411T1 (de) Projektion von vertrauenswürdigkeit von einer zuverlässigen umgebung auf eine unzuverlässige umgebung
EP3238120B1 (en) Binary translation of a trusted binary with input tagging
US20120066510A1 (en) Methods, systems, and computer program products for performing homomorphic encryption and decryption on individual operations
MY144418A (en) Verifying human interaction to a computer entity by way of a trusted component on a computing device or the like
EP1376305A2 (en) Secure hardware identifier (HWID) for use in a digital rights management (DRM) system
WO2003034188A3 (en) Method and system for detecting unauthorised executable programs _______________________________________________________________
TW200634620A (en) Mechanism to determine trust of out-of-band management agents
EP1526425A3 (en) Providing secure input and output to a trusted agent in a system with a high-assurance execution environment
KR20080100171A (ko) 컴퓨터 시스템의 애플리케이션을 인증하는 방법
Sardar et al. Formal foundations for Intel SGX data center attestation primitives
US9292708B2 (en) Protection of interpreted source code in virtual appliances
Alsaffar et al. Digital dna lifecycle security and privacy: an overview
JP2004350271A5 (pt)
ATE315858T1 (de) Externe signaturvorrichtung für pc mit optischer dateneingabe über den monitor
BRPI0411961A (pt) identificação segura de um executável a uma entidade de determinação de confiança
Smith Magic boxes and boots: Security in hardware
Kieu-Do-Nguyen et al. A trusted execution environment risc-v system-on-chip compatible with transport layer security 1.3
Casell et al. A performance analysis for confidential federated learning
Khan et al. A protocol for preventing insider attacks in untrusted infrastructure-as-a-service clouds
SG131062A1 (en) System and method for providing code signing services
Michael Trusted computing: an elusive goal
Faupel Status of Industry Work on Signed Mobile Code

Legal Events

Date Code Title Description
B25A Requested transfer of rights approved

Owner name: MICROSOFT TECHNOLOGY LICENSING, LLC (US)

B15K Others concerning applications: alteration of classification

Free format text: A CLASSIFICACAO ANTERIOR ERA: G06F 15/76

Ipc: G06F 21/53 (2013.01)

B06A Patent application procedure suspended [chapter 6.1 patent gazette]
B09A Decision: intention to grant [chapter 9.1 patent gazette]
B09X Republication of the decision to grant [chapter 9.1.3 patent gazette]
B16A Patent or certificate of addition of invention granted [chapter 16.1 patent gazette]
B21F Lapse acc. art. 78, item iv - on non-payment of the annual fees in time

Free format text: REFERENTE A 16A ANUIDADE.

B24J Lapse because of non-payment of annual fees (definitively: art 78 iv lpi, resolution 113/2013 art. 12)

Free format text: EM VIRTUDE DA EXTINCAO PUBLICADA NA RPI 2599 DE 27-10-2020 E CONSIDERANDO AUSENCIA DE MANIFESTACAO DENTRO DOS PRAZOS LEGAIS, INFORMO QUE CABE SER MANTIDA A EXTINCAO DA PATENTE E SEUS CERTIFICADOS, CONFORME O DISPOSTO NO ARTIGO 12, DA RESOLUCAO 113/2013.