REGISTER now for FREE 
|
FREE patent keyword monitoring and additional FREE benefits. REGISTER now for FREE
|
|
|
Electrical Computers And Digital Processing Systems: Support > Multiple Computer Communication Using Cryptography > Security Kernel Or Utility Security Kernel Or UtilitySecurity Kernel Or Utility patent applications listed are from June 2005 to current and include Date, Patent Application Number, Patent Title, Patent Abstract summary and are linked to the corresponding patent application page.11/08/07 - 20070260880 - System and method for the managed security control of processes on a computer system Managing and controlling the execution of software programs with a computing device to protect the computing device from malicious activities. A protector system implements a two-step process to ensure that software programs do not perform malicious activities which may damage the computing device or other computing resources to which the ... 11/01/07 - 20070255948 - Trusted platform field upgrade system and method A trusted platform field upgrade system comprises a trusted platform module (TPM) having a volatile memory, the volatile memory having a flag for verifying physical presence in a non-ownership state of the TPM, the TPM configured to enable a field upgrade to the TPM in an operating system (OS) environment ... 10/25/07 - 20070250707 - Method and device for accessing data using near field communications The invention relates to an electronic device (10) with a Near Field Communication (NFC) interface, and a method for accessing data using NFC. The NFC interface of the electronic device is positioned within communication range of a second NFC interface of a second device, whereby data is transferred to the ... 10/18/07 - 20070245141 - Trusted cryptographic processor A cryptographic processor for redundantly-processing cryptographic operations is disclosed. The cryptographic processor includes a number of input ports, a first and second cryptographic engines, comparison logic and a plurality of output ports. The number of input ports is configured to accept both plaintext and ciphertext. Each of the number of ... 10/11/07 - 20070239981 - Data communication in an electronic device The invention relates to an electronic device (10) and a method for data communication with such an electronic device. The electronic device combines, on the one hand, a Near Field Communication (NFC) interface, including an antenna and a circuit for generating a modulated electromagnetic wave, and on the other hand ... 09/27/07 - 20070226492 - Secure processor architecture for use with a digital rights management (drm) system on a computing device A secure processor is operable in normal and preferred modes, and includes a security kernel instantiated when the processor enters into preferred mode and a security key accessible by the security kernel during preferred mode. The security kernel employs the accessed security key to authenticate a secure application, and allows ... 08/30/07 - 20070204153 - Trusted host platform The invention provides methods and apparatus, including computer program products, implementing and using techniques for providing access from a trusted host platform to a first secured network operating on a first security domain and a second secured network operating on a second security domain. In some embodiments, a first virtual ... 08/02/07 - 20070180238 - Method, apparatus and system for performing access control and intrusion detection on encrypted data A method, apparatus and system enable access control and intrusion detection on encrypted data. Specifically, application data on a node may be routed to a partition on the host. The partition may utilize Direct Memory Access (“DMA”) to access session key stored in a host OS. The partition may thereafter ... 06/14/07 - 20070136577 - Sealing of data for applications A method, system and computer program product for implementing general purpose PCRs with extended semantics (referred to herein as “ePCRs”) in a trusted, measured software module. The module is designed to run in one of a hypervisor context, an isolated partition, or under other isolated configurations. Because the software module ... 06/14/07 - 20070136576 - Methods and apparatus for the secure handling of data in a microcontroller Apparatus and methods are presented for protecting data in microcontrollers from both malicious software processes running inside the device as well as from unauthorized attempts to read the data from an external data bus and/or external memory. An illustrative embodiment of the invention accomplishes these security improvements, in part, by ... 06/07/07 - 20070130459 - Remote virtual medical diagnostic imaging viewer A medical image and data application service provider system provides a way of remotely viewing and manipulating medical images and data for diagnostic and visualization purposes by users unconstrained by geography. Medical images and data are stored on one or more servers running application service provider software along with meta-data ... 06/07/07 - 20070130458 - Trusted computer system A trusted computer system that offers Linux® compatibility and supports contemporary hardware speeds. It is designed to require no porting of common applications which run on Linux, to be easy to develop for, and to allow the use of a wide variety of modern development tools. The system is further ... 05/31/07 - 20070124582 - System and method for an nsp or isp to detect malware in its network traffic We show how a Network Service Provider (NSP) can detect if any of its customers are involved in malware. Like spamming or phishing. This involves the NSP's router performing a sampled packet analysis of outgoing and incoming messages. And combining this with our earlier methods for detecting spammer domain clusters ... 05/24/07 - 20070118743 - Communication of information via an in-band channel using a trusted configuration space Communication of information via an in-band channel using a trusted configuration space is provided. The introduction of using a trusted configuration space associated with a computer bus system, such as PCI Express® (PCIe™), for example, enables the design of trusted computing platforms capable of providing compliant devices with assurance that ... 05/17/07 - 20070113077 - System and method for establishing trust without revealing identity One aspect of an embodiment of the invention provides a method, system, and device to prove to a challenger that a prover device has a signature from a device manufacturer without revealing the signature to the challenger. According to one implementation, a challenger is provided with the result of a ... 04/26/07 - 20070094496 - System and method for kernel-level pestware management Systems and methods for managing pestware on a protected computer are described. One embodiment is configured to reroute a call to create a process to a kernel-level process monitor, identify a file associated with the process and analyze the file so as to determine whether the file is a pestware ... 04/12/07 - 20070083755 - Operating cell processors over a network Secure operation of cell processors is disclosed. A cell processor receives a secure file image from a client device at a cell processor of a host device (host cell processor), wherein the secure file image includes an encrypted SPU image. ... 04/05/07 - 20070079119 - Encryption key rotation Data in data at rest system such as a database or a file system is re-encrypted so that the data remains accessible during re-encryption. Various embodiments of the invention include virtual tables such as views, parallel tables, indexes that improve the speed of re-encryption, and distributed solutions to re-encryption such ... 03/22/07 - 20070067624 - Saving and retrieving data based on symmetric key encryption In accordance with certain aspects, data is received from a calling program. Ciphertext that includes the data is generated, using a symmetric cipher, in a manner that allows only one or more target programs to be able to obtain the data from the ciphertext. In accordance with other aspects, a ... 03/22/07 - 20070067623 - Detection of system compromise by correlation of information objects The present invention describes a class of techniques for discovering evidence that a computer system has been compromised or attacked successfully. In an illustrative embodiment, a detection method involves detecting discrepancies between what a (compromised) operating system reports about enumerations of system objects, and the specific instances of those objects ... 03/01/07 - 20070050619 - Processor having program protection function A processor having a program protection function, which makes behavior analysis of protected programs difficult and allows improvement in the current program protection level, which is attained by prohibiting reading out/rewriting of instruction codes, is provided. The processor having a program protection function is a processor core module, which protects ... 02/15/07 - 20070038856 - Methods and systems that selectively permit changes to a cryptographic hardware unit's state In at least some embodiments, a system comprises a hardware unit and a plurality of software agents that couple to and utilize at least one function of the hardware unit. The system further comprises a consensus module coupled to the hardware unit and the software agents. The consensus module is ... 01/25/07 - 20070022287 - Detecting user-mode rootkits A method and system for determining whether resources of a computer system are being hidden is provided. The security system invokes a high-level function of user mode that is intercepted and filtered by the malware to identify resources. The security system also directly invokes a low-level function of kernel mode ... 01/18/07 - 20070016770 - System and method for managing the initiation of software programs in an information handling system A system and method is disclosed for authenticating the right of a user to user a software application is disclosed. When the user attempts to access a software application, a software authentication program accesses the operating system directory service of the operating system to determine if the user has rights ... 12/28/06 - 20060294370 - Method, device, and system of maintaining a context of a secure execution environment Some demonstrative embodiments of the invention include a method, device and/or system of maintaining a context of a secure execution environment. According to some demonstrative embodiments of the invention, the device may include a secure context processing module to receive a processed context from a first process operating in the ... 12/28/06 - 20060294369 - Program execution device A program execution device capable of protecting a program against unauthorized analysis and alteration is provided. The program execution device includes an execution unit, a first protection unit, and a second protection unit. The execution unit executes a first program and a second program, and is connected with an external ... 10/26/06 - 20060242406 - Protected computing environment A method of establishing a protected environment within a computing device including validating a kernel component loaded into a kernel of the computing device, establishing a security state for the kernel based on the validation, creating a secure process and loading a software component into the secure process, periodically checking ... 09/07/06 - 20060200663 - Methods for describing processor features A machine readable description of a new feature of a processor is provided by a processor vendor. Control code executing on a processor, such as a traditional operating system kernel, a partitioning kernel, or the like can be programmed to receive the description of the feature and to use information ... 09/07/06 - 20060200662 - Referencing objects in a virtual environment The present invention is directed generally toward referencing objects in a virtual environment. One aspect of the invention is directed toward a computer-implemented method for referencing an object in a virtual environment that includes receiving a command from a user to designate an object and designating the object. The method ... 08/31/06 - 20060195691 - Method and system for random data access for security applications Methods and systems for random data access for security applications are disclosed and may comprise generating on a chip, a random process index. A data process may be randomly selected on the chip utilizing the generated random process index. A time interval may be randomly allocated on the chip. After ... 08/17/06 - 20060184791 - Encryption/decryption mechanism of network deployed executable image for secure boot of a device embedded in an un-trusted host A method for secure remote storage of system-boot executable image for a network access device embedded in an untrusted remote user device operably connected to a service provider's network. In an exemplary embodiment, a copy of service provider's executable image is distributed to provider's network access device by the central ... 08/10/06 - 20060179302 - Methods and apparatus for providing a secure booting sequence in a processor Methods and apparatus provide for: reading encrypted boot code from a storage medium into a local memory associated with a first of a plurality of processors; decrypting the encrypted boot code using a trusted decryption function of the first processor such that the boot code is verified as being authentic; ... 08/03/06 - 20060174109 - System and method for securely storing firmware A mechanism for creating and accessing a secure storage area for firmware that stores a “Virtual ROM” module reference or pointer in the actual ROM that includes a unique identifier for the virtual ROM module to be retrieved is discussed. The actual ROM image also contains a generated unique identifier ... 07/20/06 - 20060161769 - Systems and methods for boot recovery in a secure boot process on a computer with a hardware security module Systems and methods are provided for maintaining and updating a secure boot process on a computer with a trusted platform module (TPM). A boot process may be maintained by inspecting a log of TPM activity, determining data that prevented a secret to unseal, and returning the data to an original ... 07/13/06 - 20060155988 - Systems and methods for securely booting a computer with a trusted processing module In a computer with a trusted platform module (TPM), an expected hash value of a boot component may be placed into a platform configuration register (PCR), which allows a TPM to unseal a secret. The secret may then be used to decrypt the boot component. The hash of the decrypted ... 06/29/06 - 20060143446 - System and method to lock tpm always 'on' using a monitor A computer may be secured from attack by including a trusted environment used to verify a known monitor. The monitor may be used to determine a state of the computer for compliance to a set of conditions. The conditions may relate to terms of use, such as credits available for ... 06/22/06 - 20060136720 - Computer security management, such as in a virtual machine or hardened operating system A security scheme provides security to one or more self-contained operating environment instances executing on a computer. The security scheme may include implementing a set of security applications that may be controlled by a supervisory process, or the like. Both the set of security applications and the supervisory process may ... 06/08/06 - 20060123230 - Using dynamic web components to remotely control the security state of web pages The invention automatically controls whether displayed web pages and associated frames displayed within a web browser are secure or non-secure. A dynamic “Web Component” remotely controls web page security states. The Web Component uses the same script and HTML for all implementations or instantiations of the Web Component, regardless of ... 06/08/06 - 20060123229 - Database integration platform for security systems A database integration platform configured to facilitate automatic population and continued synchronization of two or more databases, provide automatic execution of business rules to assign security privileges based on attributes of individuals as reflected by data in one database, and automatically assign access badges to individuals based on housing assignments ... 05/25/06 - 20060112267 - Trusted platform storage controller A method according to one embodiment includes accessing via a private link at least one security function provided by a trusted platform module (TPM), and controlling storage of data in mass storage utilizing the at least one security function. Of course, many alternatives, variations, and modifications are possible without departing ... 05/11/06 - 20060101263 - System and method of allowing user mode applications with access to file data In accordance with this invention, a system, method, and computer-readable medium that aggregates the knowledge base of a plurality of antivirus software applications are provided. User mode applications, such as antivirus software applications, gain access to file system operations through a common information model, which obviates the need for antivirus ... 04/27/06 - 20060090070 - Method and system for verifying binding of an initial trusted device to a secured processing system A method and system for verifying binding of an initial trusted device to a secured processing system binds an initial device or replacement when no binding information is available from another device in the system. A platform credential is issued only when a valid binding is verified, by sending a ... 04/06/06 - 20060075224 - System for activating multiple applications for concurrent operation A single sign-on system enables a user to access multiple, disparate executable applications for concurrent operation in the system. The system includes a data source, an interface processor, and an authentication processor. The data source provides configuration data for multiple executable applications. The configuration data identifies an individual executable application ... 03/23/06 - 20060064583 - Programming interface for configuring a television settop terminal A software interface (26) is provided to enable television settop middleware (14) and operating system (OS) software (16) to control and interact with core settop system software (20) in a subscriber television terminal to facilitate the provision of desirable digital television services, including authentication and authorization. ... 03/16/06 - 20060059335 - Systems and methods for providing security through sessions Systems and methods are described for providing security through sessions. In an implementation, a method includes initiating a session, by an operating system, in which operating system services are executable and initiating another session, by the operating system, in which a user-interactive application is executable. ... 02/09/06 - 20060031673 - Method and system for detecting infection of an operating system A method and system for detecting that a software system has been infected by software that attempts to hide properties related to the software system is provided. A detection system identifies that a suspect operating system has been infected by malware by comparing properties related to the suspect operating system ... 02/09/06 - 20060031672 - Resource protection in a computer system with direct hardware resource access In one embodiment of the present invention, a computer-implemented method is provided for use in a computer system including a plurality of resources. The plurality of resources include protected resources and unprotected resources. The unprotected resources include critical resources and non-critical resources. The method includes steps of: (A) receiving a ... 02/02/06 - 20060026423 - Privacy-protecting integrity attestation of a computing platform Systems, apparatus and methods for privacy-protecting integrity attestation of a computing platform. An example method for privacy-protecting integrity attestation of a computing platform (P) has a trusted platform module (TPM), and comprises the following steps. First, the computing platform (P) receives configuration values (PCR1 . . . PCRn). Then, by ... 02/02/06 - 20060026422 - Method, apparatus, and product for providing a backup hardware trusted platform module in a hypervisor environment A method, apparatus, and computer program product are described for implementing a trusted computing environment within a data processing system. The data processing system includes a primary hardware trusted platform module (TPM) and a secondary hardware backup TPM. The data processing system also includes multiple logical partitions. The primary hardware ... 01/26/06 - 20060020785 - Secure distribution of a video card public key A system and method for secure distribution of a video card public key. The method provides for loading an authentication code module into a processor, authenticating the authentication code module, and executing the authentication code module. Executing the authentication module causes the authentication code module to assert a hardware indicator ... 01/19/06 - 20060015719 - Platform and method for remote attestation of a platform In one embodiment, a method of remote attestation for a special mode of operation. The method comprises storing an audit log within protected memory of a platform. The audit log is a listing of data representing each of a plurality of IsoX software modules loaded into the platform. The audit ... 01/19/06 - 20060015718 - Use of kernel authorization data to maintain security in a digital processing system A system to manage and control usage rights for cryptographic keys. A kernel process is provided with secure and exclusive authorization to access certain keys in a key hierarchy. Special authorization is required for other processes or users to access keys used by the kernel. A persistent storage area is ... 01/19/06 - 20060015717 - Establishing a trusted platform in a digital processing system A trusted platform in a digital processing system is maintained even when modules, or other processes or data, are loaded after a boot sequence. A configuration file is used to include measurements (e.g., hash values, signatures, etc.) of modules to be loaded. After secure boot-up the operating system kernel uses ... 01/12/06 - 20060010319 - Method of communicating between applications which is intended to secure access to application data A procedure for communication between at least two applications A and B in an operating system intended to prevent application A from accessing information content of an application window B, including creating at least one variable by application B; receiving a request from application A by application B; verifying a ... 01/05/06 - 20060005016 - Operating system installation A programmable electronic device automatically identifies at least a portion of a system configuration for the programmable electronic device and automatically generates an image request based at least in part on the identified system configuration. The programmable electronic device transmits the image request over one or more networks to a ... 01/05/06 - 20060005015 - System and method for secure inter-platform and intra-platform communications A system and method are provided to preserve the confidentiality and/or integrity of a sensitive communication from its source to its destination whether locally on the platform, between platforms, or even the same program over time. ... 12/08/05 - 20050273603 - Mechanism to improve authentication for remote management of a computer system According to one embodiment, a network is disclosed. The network includes a server computer and a client computer. The client computer accesses an authentication stack during power on self test (POST) that enables authentication of boot code that is to be downloaded from the server computer prior to control being ... 12/08/05 - 20050273602 - Launching a secure kernel in a multiprocessor system In one embodiment of the present invention, a method includes verifying an initiating logical processor of a system; validating a trusted agent with the initiating logical processor if the initiating logical processor is verified; and launching the trusted agent on a plurality of processors of the system if the trusted ... 12/01/05 - 20050268093 - Method and apparatus for creating a trusted environment in a computing platform A method for creating a trusted environment within a computing platform comprises the steps, performed at a trusted device, of obtaining authorisation information in relation a process having a mandatory manner of launch; launching the mandatory process in the mandatory manner if the authorisation information meets an authorisation criterion; and ... 12/01/05 - 20050268092 - Methods, apparatus and systems with loadable kernel architecture for processors A device (200, 2200) for improved security includes a processor (200) and a secure writeable memory (2245) coupled to said processor (200) and including code (2240) to download a loadable security kernel to the processor (200), authenticate the loadable security kernel, and transfer the kernel so that the kernel begins ... 11/03/05 - 20050246525 - Method and system for hierarchical platform boot measurements in a trusted computing environment An architecture for a distributed data processing system comprises a system-level service processor along with one or more node-level service processors; each are uniquely associated with a node, and each is extended to comprise any components that are necessary for operating the nodes as trusted platforms, such as a TPM ... 10/20/05 - 20050235141 - Subordinate trusted platform module Systems, methodologies, media, and other embodiments associated with cryptographic key maintenance and/or migration are described. One exemplary system embodiment includes a logic for performing cryptographic key maintenance and/or migration and an interface for operably connecting the system to a trusted platform. ... 10/06/05 - 20050223221 - Apparatus and method for creating a trusted environment A computer apparatus for creating a trusted environment comprising a trusted device arranged to acquire a first integrity metric to allow determination as to whether the computer apparatus is operating in a trusted manner; a processor arranged to allow execution of a first trust routine and associated first operating environment, ... 10/06/05 - 20050223220 - Secure virtual machine monitor to tear down a secure execution environment Disclosed is a processor having a normal execution mode and a secure execution mode to create a secure execution environment. A secure virtual machine monitor (SVMM) implements the secure execution environment in which a plurality of separate virtual machines are created that operate simultaneously and separately from one another including ... 09/08/05 - 20050198500 - System and method for performing security operations on network data A system and method are described for performing security operations on network data. According to an exemplary embodiment, a system for performing security operations on network data includes memory and a data coprocessor configured to transfer data into and out of the memory. A plurality of processors are coupled to ... 08/25/05 - 20050188198 - Managing a secure platform using a hierarchical executive architecture in isolated execution mode An example processing system comprises a processor to execute in an isolated execution mode in a ring 0 operating mode. The processor also supports one or more higher ring operating modes, as well as a normal execution mode. The processing system also comprises memory, as well as a machine-accessible medium ... 08/18/05 - 20050182930 - Method and a device for transforming an operating system to protect a computer program against attack A device (D) is dedicated to transforming an operating system (OS), where applicable within an equipment (PC). The device (D) comprises processing means (MT) for scrambling one or more program support tool(s) (Fst, Fct) of the operating system (OS) by inserting one or more scrambling parameters into its definition. ... 08/18/05 - 20050182929 - Efficient hash table protection for data transport protocols The present invention protects against denial of service attacks on lookup or hash tables used to store state information for data transfer protocols used to transfer data between two host computers. Two hash tables are provided for holding state information, one for verified remote entities (i.e., those where the remote ... 08/18/05 - 20050182928 - System and method for secure html links HTML links published in an HTML framework, such as a web page, select execution of restricted functions requiring a distinct user confirmation. Encrypted protocols associate with the HTML links are decrypted by a web browser retrieving the HTML framework for execution of the restricted function without the distinct user confirmation. ... 08/04/05 - 20050172121 - Method and system for preventing unauthorized recording of media content on a macintosh operating system A method for preventing unauthorized recording of media content on a Macintosh operating system. The present method registers a compliance mechanism on a client system having the Macintosh operating system operating thereon. The compliance mechanism comprises a framework for validating the compliance mechanism on the client system, and a multimedia ... 07/28/05 - 20050166045 - Information processing method, inter-task communication method, and computer-executable program for the same An information processing method has a mechanism wherein mutual verification is performed between tasks and a computer operating system at the time of activating tasks, thereby judging the validity of tasks. The operating system evaluates a key which the task holds at the time of requesting service of the operating ... 07/21/05 - 20050160261 - Method and apparatus for scaling a user interface adaptively to an object discovery/display system with policy driven filtering The present invention provides a method, apparatus and computer instructions for scaling a user interface adaptively to an object discovery or display system with policy driven filtering. A number of filters are defined by the user in an initial setup. The filter includes a target number of discovered objects and ... 07/07/05 - 20050149726 - Systems and methods for secure client applications An innovative security solution which separates a client into a Protected Context, which is the real files and resources of the client, and an Isolated Context, which is a restricted execution environment which makes use of virtualized resources to execute applications and modify content in the Isolated Context, without allowing ... 06/30/05 - 20050144442 - Recovering from device failure In some techniques for resource recovery, a region of code can be considered untrusted. To catch problems in the untrusted region, entry points are wrapped with exception logic for processing exceptions raised within the untrusted region. Until an exception has been raised within the untrusted region, instructions corresponding to the ... 06/23/05 - 20050138370 - Method and system to support a trusted set of operational environments using emulated trusted hardware A method and system to emulate a trusted platform module to execute trusted operations. A virtual machine monitor is executed to support a virtual machine session. An operating system is loaded into the virtual machine session. The trusted platform module is emulated to hold a key associated with the virtual ... ### FreshPatents.com Support |