-
公开(公告)号:US20160110556A1
公开(公告)日:2016-04-21
申请号:US14836707
申请日:2015-08-26
发明人: David ALDIS
CPC分类号: G06F21/6209 , G06F21/14 , G06F2221/0755 , H04L9/0891 , H04L9/0894 , H04L2209/16 , H04L2209/603
摘要: A system and method of dynamically altering the encoding, structure or other attribute of a cryptographic key, typically a license activation key, to render useless keys that have been created by illegal key generation “cracks”. An encoding/decoding engine provides a plurality of key obfuscation algorithms that may alter the structure, encoding or any other attribute of a given key. A changeable combination code is supplied to the encoding/decoding engine that specifies a subset of the algorithms to apply during the encoding or decoding phase. The encoding engine is used during key generation and the decoding engine used during key usage. The same combination code must be used during decoding as was used during encoding to recover the original key or a valid key will not be recovered. Thus, a system can be rapidly re-keyed by selecting a new combination of encoding/decoding algorithms. The selection of algorithms comprises a combination code. The new combination code will result in keys that are incompatible with any existing illegal key generators.
摘要翻译: 动态地改变加密密钥(通常是许可证激活密钥)的编码,结构或其他属性的系统和方法,以呈现由非法密钥生成“裂缝”创建的无用密钥。 编码/解码引擎提供可以改变给定键的结构,编码或任何其他属性的多个密钥混淆算法。 将可变组合代码提供给编码/解码引擎,其指定在编码或解码阶段期间应用的算法的子集。 在密钥生成期间使用编码引擎,并在密钥使用期间使用解码引擎。 在解码期间必须使用相同的组合代码,如编码期间使用的恢复原始密钥或不会恢复有效的密钥。 因此,可以通过选择编码/解码算法的新组合来快速重新键入系统。 算法的选择包括组合代码。 新的组合代码将导致与任何现有的非法密钥生成器不兼容的密钥。
-
公开(公告)号:US20160070918A1
公开(公告)日:2016-03-10
申请号:US14779285
申请日:2013-03-28
申请人: Irdeto B.V.
发明人: Calin Ciordas , Fan Zhang
CPC分类号: G06F21/629 , G06F12/1408 , G06F21/14 , G06F21/52 , G06F21/606 , G06F21/6254 , G06F21/755 , G06F21/78 , G06F21/79 , G06F2221/0748 , G06F2221/2123
摘要: There is described a method of obfuscating access to a data store by a software application. The method comprises accessing the data store using access operations. The access operations comprise real access operations and dummy access operations. Each real access operation is operable to access the data store as part of the execution of the software application. There is also described a computer program which, when executed by a processor, causes the processor to carry out the above method. There is also described a computer readable medium storing the above computer program. There is also described a system configured to carry out the above method.
摘要翻译: 描述了由软件应用程序模糊对数据存储的访问的方法。 该方法包括使用访问操作访问数据存储。 访问操作包括实际访问操作和虚拟访问操作。 每个真正的访问操作可操作以作为软件应用的执行的一部分访问数据存储。 还描述了一种计算机程序,其在由处理器执行时使处理器执行上述方法。 还描述了存储上述计算机程序的计算机可读介质。 还描述了配置为执行上述方法的系统。
-
公开(公告)号:US20160042160A1
公开(公告)日:2016-02-11
申请号:US14453116
申请日:2014-08-06
发明人: Witold Gora , Andreas Geiler , Gerd Dirscherl , Albrecht Mayer
CPC分类号: G06F21/12 , G06F21/14 , G06F21/602 , G06F2221/0744
摘要: An apparatus and corresponding method for preventing cloning of code. The apparatus includes a memory, an authentication module, and a device. The memory is configured to store the code, which includes unencrypted code and a fragment of encrypted code. The authentication module is configured to receive and decrypt the fragment of encrypted code from the memory into a fragment of decrypted code, and to store the fragment of decrypted code in an authentication module buffer. The device configured to execute the unencrypted code from the memory and to execute the fragment of decrypted code from the authentication module buffer, wherein the fragment of encrypted code is personalized to the device.
摘要翻译: 一种用于防止代码克隆的装置和相应方法。 该装置包括存储器,认证模块和设备。 存储器被配置为存储代码,其包括未加密的代码和加密代码的片段。 认证模块被配置为将加密代码的片段从存储器接收并解密成解密代码的片段,并将解密的代码片段存储在认证模块缓冲器中。 所述设备被配置为从所述存储器执行未加密的代码并且从所述认证模块缓冲器执行解密代码的片段,其中所述加密代码片段被个性化到所述设备。
-
公开(公告)号:US09178908B2
公开(公告)日:2015-11-03
申请号:US14055583
申请日:2013-10-16
申请人: Shape Security, Inc.
CPC分类号: H04L63/1416 , G06F21/128 , G06F21/14 , G06F21/51 , G06F21/54 , G06F21/563 , G06F21/566 , H04L63/0428 , H04L63/0471 , H04L63/123 , H04L63/1425 , H04L63/145 , H04L63/1483 , H04L67/42
摘要: In one implementation, a computer-implemented method can identify abnormal computer behavior. The method can receive, at a computer server subsystem and from a web server system, computer code to be served in response to a request from a computing client over the internet. The method can also modify the computer code to obscure operational design of the web server system that could be determined from the computer code, and supplement the computer code with instrumentation code that is programmed to execute on the computing client. The method may serve the modified and supplemented computer code to the computing client.
摘要翻译: 在一个实现中,计算机实现的方法可以识别异常的计算机行为。 该方法可以在计算机服务器子系统和web服务器系统处接收响应来自计算客户端通过互联网的请求来服务的计算机代码。 该方法还可以修改计算机代码以掩盖可以从计算机代码确定的Web服务器系统的操作设计,并且使用被编程为在计算客户端上执行的测试代码补充计算机代码。 该方法可以将修改和补充的计算机代码服务于计算客户机。
-
公开(公告)号:US09177117B2
公开(公告)日:2015-11-03
申请号:US13094518
申请日:2011-04-26
IPC分类号: G06F11/00 , H04L29/06 , G06F21/10 , G06F21/14 , G06F21/54 , H04N21/4143 , H04N21/418 , H04N21/443 , H04N21/4627 , H04N21/81
CPC分类号: G06F21/10 , G06F21/14 , G06F21/54 , G06F2221/0797 , G06F2221/2153 , H04N21/4143 , H04N21/4181 , H04N21/443 , H04N21/4627 , H04N21/8173
摘要: A secure module includes a generating unit that executes generation processing of generating a scanning program that causes scan processing, which generates unique code for a program under test, to be executed at a connected device and further executes update processing of randomly updating contents of the scanning program; a storage device storing therein the unique code for the program under test; and an authenticating unit that if the scanning program is executed by the connected device and executed with respect to the program under test stored at a designated storage area in the connected device, authenticates validity of the program under test stored at the designated storage area, based on the unique code stored in the storage device and execution results of the scanning program executed at the connected device.
摘要翻译: 安全模块包括生成单元,该生成单元执行生成扫描程序的生成处理,所述扫描程序使得生成用于被测程序的唯一代码的扫描处理在连接的设备上执行,并进一步执行随机更新扫描内容的更新处理 程序; 存储装置,用于存储被测程序的唯一代码; 以及认证单元,如果扫描程序由连接的设备执行并且相对于连接的设备中的指定存储区域存储的被测程序执行,则验证存储在指定存储区域的被测程序的有效性 存储在存储装置中的唯一代码和在连接的装置上执行的扫描程序的执行结果。
-
106.发明申请CONTROL FLOW FLATTENING FOR CODE OBFUSCATION WHERE THE NEXT BLOCK CALCULATION NEEDS RUN-TIME INFORMATION 审中-公开下一个块计算需要运行时间信息的控制流平滑代码公开(公告)号:US20150310193A1
公开(公告)日:2015-10-29
申请号:US14259395
申请日:2014-04-23
申请人: NXP B.V.
发明人: Jan Hoogerbrugge , Phillippe Teuwen , Wil Michiels
CPC分类号: G06F21/14 , G06F2221/0748
摘要: A method of obscuring software code including a plurality of basic blocks wherein the basic blocks have an associated identifier (ID), including: determining, by a processor, for a first basic block first predecessor basic blocks, wherein first predecessor basic blocks jump to the first basic block and the first basic block jumps to a next basic block based upon a next basic block ID; producing, by the processor, a mask value based upon the IDs of first predecessor basic blocks, wherein the mask value identifies common bits of the IDs of the first predecessor basic blocks; and inserting, by the processor, an instruction in the first basic block to determine a next basic block ID based upon the mask value and an ID of one of the first predecessor basic blocks.
摘要翻译: 一种模糊软件代码的方法,包括多个基本块,其中基本块具有相关联的标识符(ID),包括:由处理器确定第一基本块第一前驱基本块,其中第一前导基本块跳转到 第一基本块,并且第一基本块基于下一个基本块ID跳转到下一个基本块; 由所述处理器基于所述第一先前基本块的ID产生掩码值,其中所述掩码值识别所述第一前导基本块的ID的公共位; 以及由所述处理器插入所述第一基本块中的指令,以基于所述掩码值和所述第一前置基本块之一的ID来确定下一个基本块ID。
-
公开(公告)号:US20150310191A1
公开(公告)日:2015-10-29
申请号:US14742061
申请日:2015-06-17
发明人: Rory A. Koval , Hai Zhu
CPC分类号: G06F21/12 , G01D4/004 , G01R1/025 , G01R19/2513 , G01R22/063 , G06F21/14 , G06F2221/0704 , G06Q10/06 , G06Q50/06 , H04L63/0435 , H04L67/06 , H04L67/12 , Y02B90/242 , Y04S20/322 , Y04S40/18 , Y04S40/24
摘要: The present disclosure provides for improving security in a meter or an intelligent electronic device (IED) through the use of a security key which is unique to each meter or IED. Such a key may be used to prevent password reuse among multiple meters. Such a key may also be used to encrypt critical components of the software, such that only when running on the correct meter can the components of the software be decrypted. Such a key may also be used to uniquely identify the device in a larger data collection and management system. The security key can also be used to prevent the direct copying of meters. The present disclosure also provides for a meter or IED that stores functional software separately from core software.
摘要翻译: 本公开通过使用每个仪表或IED独有的安全密钥来提高仪表或智能电子设备(IED)中的安全性。 这样的密钥可以用于防止在多个米之间的密码重用。 这样的密钥也可以用于加密软件的关键组件,使得仅当在正确的计量表上运行时,软件的组件才能被解密。 这样的密钥还可以用于在更大的数据收集和管理系统中唯一地标识该设备。 安全密钥也可用于防止直接复印米。 本公开还提供了与核心软件分开存储功能软件的仪表或IED。
-
108.发明授权Modifying pre-existing mobile applications to implement enterprise security policies 有权修改现有的移动应用程序来实施企业安全策略公开(公告)号:US09143529B2
公开(公告)日:2015-09-22
申请号:US13649022
申请日:2012-10-10
申请人: Citrix Systems, Inc.
IPC分类号: G06F9/44 , H04L29/06 , G06F21/10 , G06F9/45 , G06F21/14 , H04W4/02 , H04W12/06 , H04W12/08 , G06F21/62
CPC分类号: H04L63/20 , G06F8/53 , G06F21/10 , G06F21/14 , G06F21/53 , G06F21/62 , G06F21/6209 , G06F21/6218 , G06F2221/2113 , H04L9/0822 , H04L9/0825 , H04L9/0891 , H04L63/0428 , H04L63/0471 , H04L63/08 , H04L63/10 , H04L63/105 , H04L67/10 , H04L2209/80 , H04W4/02 , H04W12/06 , H04W12/08
摘要: A system is disclosed that includes components and features for enabling enterprise users to securely access enterprise resources (documents, data, application servers, etc.) using their mobile devices. An enterprise can use some or all components of the system to, for example, securely but flexibly implement a BYOD (bring your own device) policy in which users can run both personal applications and secure enterprise applications on their mobile devices. The system may, for example, implement policies for controlling mobile device accesses to enterprise resources based on device attributes (e.g., what mobile applications are installed), user attributes (e.g., the user's position or department), behavioral attributes, and other criteria. Client-side code installed on the mobile devices may further enhance security by, for example, creating a secure container for locally storing enterprise data, creating a secure execution environment for running enterprise applications, and/or creating secure application tunnels for communicating with the enterprise system.
摘要翻译: 公开了一种系统,其包括使企业用户能够使用其移动设备安全地访问企业资源(文档,数据,应用服务器等)的组件和特征。 企业可以使用系统的部分或全部组件,例如,安全而且灵活地实施BYOD(带有您自己的设备)策略,用户可以在其中运行个人应用程序,并在其移动设备上运行安全的企业应用程序。 例如,系统可以基于设备属性(例如,安装了什么移动应用),用户属性(例如,用户的位置或部门),行为属性和其他标准来实施用于控制对企业资源的移动设备访问的策略。 安装在移动设备上的客户端代码可以通过例如创建用于本地存储企业数据的安全容器,创建用于运行企业应用的安全执行环境和/或创建用于与企业通信的安全应用隧道来进一步增强安全性 系统。
-
公开(公告)号:US09116712B2
公开(公告)日:2015-08-25
申请号:US13781691
申请日:2013-02-28
CPC分类号: G06F8/41 , G06F8/423 , G06F8/4442 , G06F8/445 , G06F8/47 , G06F8/51 , G06F8/52 , G06F8/70 , G06F21/14
摘要: Compiler based obfuscation is described. To protect portions of a code project with obfuscations, the code is modified within a compiler to produce one or more modifications that obfuscate the code as part of a compilation process. A compiled version of the code is generated having the modifications that are produced within the compiler. In one approach, the compiler is configured to consume an obfuscation description that indicates portions of the code to protect and specifies the modifications to make to the indicated portions. Various different modifications of code may be performed during the compilation process to implement corresponding obfuscation features. For example, the modifications made within a compiler may include, but are not limited to, modifications designed to enable tamper detection, anti-debugging, and/or encryption of the code.
摘要翻译: 描述了基于编译器的混淆。 为了使用混淆来保护代码项目的部分,代码在编译器中进行修改,以产生一个或多个将代码混淆的修改,作为编译过程的一部分。 生成代码的编译版本,具有在编译器内生成的修改。 在一种方法中,编译器被配置为消耗模糊描述,其指示代码的部分以保护并指定对所指示的部分进行的修改。 可以在编译过程中执行代码的各种不同的修改以实现相应的模糊特征。 例如,在编译器内进行的修改可以包括但不限于设计用于启用代码的篡改检测,反调试和/或加密的修改。
-
公开(公告)号:US09064099B2
公开(公告)日:2015-06-23
申请号:US13776441
申请日:2013-02-25
发明人: James J. Horning , W. Olin Sibert , Robert E. Tarjan , Umesh Maheshwari , William G. Horne , Andrew K. Wright , Lesley R. Matheson , Susan S. Owicki
CPC分类号: G06F21/14 , G06F21/125 , G06F2221/07
摘要: Systems and methods are disclosed for protecting a computer program from unauthorized analysis and modification. Obfuscation transformations can be applied to the computer program's local structure, control graph, and/or data structure to render the program more difficult to understand and/or modify. Tamper-resistance mechanisms can be incorporated into the computer program to detect attempts to tamper with the program's operation. Once an attempt to tamper with the computer program is detected, the computer program reports it to an external agent, ceases normal operation, and/or reverses any modifications made by the attempted tampering. The computer program can also be watermarked to facilitate identification of its owner. The obfuscation, tamper-resistance, and watermarking transformations can be applied to the computer program's source code, object code, or executable image.
摘要翻译: 公开了用于保护计算机程序免于未经授权的分析和修改的系统和方法。 混淆变换可以应用于计算机程序的本地结构,控制图和/或数据结构,以使程序更难于理解和/或修改。 防篡改机制可以并入计算机程序中,以检测篡改程序操作的尝试。 一旦检测到篡改计算机程序的尝试,则计算机程序将其报告给外部代理,停止正常操作,和/或反转由所尝试的篡改所做的任何修改。 计算机程序也可以加水印以便于其所有者的识别。 混淆,防篡改和水印变换可以应用于计算机程序的源代码,目标代码或可执行映像。
-
-
-
-
-
-
-
-
-
搜索结果
689 条记录 (耗时 0.034 秒)
