-
公开(公告)号:US10243959B1
公开(公告)日:2019-03-26
申请号:US15415753
申请日:2017-01-25
摘要: A cloud computing system. The system comprises a network, a data store communicatively coupled to the network, a plurality of compute nodes, at least some of the compute nodes comprising a cloud computing framework agent coupled to an agent gate keeper, where the cloud computing framework agent communicates with the network via the agent gate keeper, an image management component coupled to an image management gate keeper, where the image management component manages images that execute in the compute instances on the compute nodes and communicates with the network via the image management gate keeper, and a security engine coupled to the network that receives a request to initiate an image on a compute instance, analyzes the image to determine an authentication metric, and when the authentication metric matches a validated authentication value, sends the image to the image management component for loading and instantiating in the computer instance.
-
2.发明授权Restricting access of a portable communication device to confidential data or applications via a remote network based on event triggers generated by the portable communication device 有权基于由便携式通信设备产生的事件触发,通过远程网络限制便携式通信设备对机密数据或应用的访问公开(公告)号:US09374363B1
公开(公告)日:2016-06-21
申请号:US13844282
申请日:2013-03-15
CPC分类号: H04L63/083 , G06F21/10 , G06F21/32 , G06F21/57 , G06F21/6245 , H04L63/0492 , H04L63/08 , H04L63/102 , H04W12/06 , H04W12/08
摘要: Systems and methods disclosed herein relate to the protection of a plurality of protected personas on a protected network that may be isolated from a telecommunication service provider's network that supports a portable electronic device. The plurality of personas may be generated by the owners and/or administrators of the network on which the personas reside. Activating a persona on a device, whether that device is owned and maintained by the business or businesses affiliated with the protected network, enables access to a plurality of data on the business's network and restricts access to at least some of the capabilities and functionality of the device available under the original persona. Data created or modified while the protected persona is activated on the device may not be accessed while the original persona is active and may be uploaded dynamically or manually to the protected network.
摘要翻译: 本文公开的系统和方法涉及对可能与支持便携式电子设备的电信服务提供商的网络隔离的受保护网络上的多个受保护角色的保护。 多个人物角色可以由角色所在的网络的所有者和/或管理员生成。 激活设备上的角色,无论该设备是否由与受保护网络相关联的业务或业务拥有和维护,都能够访问业务网络上的多个数据,并限制对至少一些该功能的访问 设备可在原始角色下使用。 在设备上激活受保护角色时创建或修改的数据可能在原始角色处于活动状态时可能无法访问,并可能被动态上传或手动上传到受保护的网络。
-
3.发明授权Method for enabling hardware assisted operating system region for safe execution of untrusted code using trusted transitional memory 有权使用可信过渡存储器实现硬件辅助操作系统区域以安全执行不可信代码的方法公开(公告)号:US09069952B1
公开(公告)日:2015-06-30
申请号:US13898435
申请日:2013-05-20
CPC分类号: G06F21/57 , G06F2221/2105
摘要: An electronic device. The device comprises an anti-trusted-security-zone in the trusted security zone that, when installed and managed by the trusted security zone manager, places non-trusted applications into the anti-trusted-security-zone for execution, restricts access of the non-trusted applications to at least some resources of the electronic device outside the anti-trusted-security-zone, alerts the user when the non-trusted application inside the anti-trusted-security-zone desires access to any restricted resource of the electronic device outside the anti-trusted-security-zone, asks the user for permission to access the desired resource outside the anti-trusted-security-zone, grants access for the non-trusted application to requested resources outside the anti-trusted-security-zone upon the permission by the user, moves the applications from the anti-trusted-security-zone to the normal zone that are determined not to be malicious, keeps the applications within the anti-trusted-security-zone that do not need to execute outside the anti-trusted-security-zone, and deletes the applications that are determined to be malicious.
摘要翻译: 电子设备。 该设备包括可信安全区域中的反信任安全区域,当受信任的安全区域管理器安装和管理时,该非可信安全区域将不可信任的应用程序置于反信任安全区域中以供执行, 不信任的应用程序到反信赖安全区域之外的电子设备的至少一些资源,当反信赖安全区域内的不可信应用程序希望访问电子的任何受限资源时,提醒用户 在反信赖安全区域之外的设备请求用户访问反信任安全区域之外的期望资源的许可,将不可信应用的访问权授予反信任安全区外的所请求的资源, 区域,在用户许可的情况下,将应用程序从反信任安全区域移动到正确的区域,确定不恶意,将应用程序保留在不可信任安全区域内 t需要在反信任安全区之外执行,并删除确定为恶意的应用程序。
-
公开(公告)号:US08954041B1
公开(公告)日:2015-02-10
申请号:US14019053
申请日:2013-09-05
发明人: Jason R. Delker , Robin D. Katzer , Sei Y. Ng , Carl J. Persson
CPC分类号: H04W8/22 , H04M3/42178 , H04W4/06
摘要: A system is provided. The system comprises a processor, a memory coupled to the processor, and an application stored in the memory. When executed by the processor, the application receives a plurality of first messages from a first plurality of handsets, each of the first messages indicating that one of the first plurality of handsets has installed a first ID, wherein the first ID is associated with a first ID provider, receives a second message from the first ID provider, the second message indicating that new content associated with the first ID is available, and in response to the second message, transmits a plurality of third messages, each of the third messages directed to one of the first plurality of handsets, indicating that new content associated with the first ID is available.
摘要翻译: 提供了一个系统。 该系统包括处理器,耦合到处理器的存储器和存储在存储器中的应用。 当由处理器执行时,应用程序从第一多个手机接收多个第一消息,每个第一消息指示第一多个手机中的一个手机已经安装了第一ID,其中第一ID与第一个ID相关联 ID提供商从第一ID提供商接收第二消息,第二消息指示与第一ID相关联的新内容可用,并且响应于第二消息,发送多个第三消息,每个第三消息指向 第一个多个手机中的一个,指示与第一ID相关联的新内容可用。
-
公开(公告)号:US10650159B1
公开(公告)日:2020-05-12
申请号:US15962917
申请日:2018-04-25
IPC分类号: H04L29/06 , G06F21/00 , G06F21/62 , G06F9/4401 , G06F9/24
摘要: An electronic device. The electronic device comprises a memory comprising a confidential information region and a non-confidential information region, a processor, and an application stored in the memory. When executed by the processor, the application determines if a reboot has occurred after a most recent power-off boot, where a reboot takes place without removing power from the processor and memory and, in response to determining that the reboot occurred after the most recent power-off boot, prevents access of applications to the confidential information region in the memory.
-
公开(公告)号:US10542115B1
公开(公告)日:2020-01-21
申请号:US14872936
申请日:2015-10-01
摘要: A method of electronic communication via a virtual network function (NFV) implementation of a core network. The method comprises receiving a hypertext transfer protocol (HTTP) content request from a user equipment (UE), wherein the HTTP content request comprises an identification of a content source and determining by an orchestrator service that insufficient NFV processing capacity is available to perform the HTTP content request, where the orchestrator service is an application that executes on a first physical host. The method further comprises dynamically increasing the NFV processing capacity by the orchestrator service, performing the HTTP content request using the increased NFV processing capacity, and returning a HTTP content response to the UE, wherein the HTTP content response does not comprise identification of the content source.
-
公开(公告)号:US09268959B2
公开(公告)日:2016-02-23
申请号:US14148714
申请日:2014-01-06
IPC分类号: G06F21/00 , G06F21/70 , G06F21/71 , G06F21/78 , G06F21/82 , G06F21/62 , G06F21/74 , G06F21/85
摘要: A method of trusted data communication. The method comprises executing a data communication application in a trusted security zone of a processor, wherein the processor is a component of a computer, commanding a controller of a peripheral device to execute a control application in a trusted security zone of the controller, wherein the controller is a component of the computer, commanding at least one of another peripheral device or a user interface device to not access a data bus of the computer, verifying that the controller is executing the control application in the trusted security zone of the controller, sending data from the processor to the controller over the data bus of the computer, and the controller one of transmitting the data sent by the processor on an external communication link, reading a memory storage disk, or writing to a memory storage disk.
摘要翻译: 可信数据通信的方法。 该方法包括在处理器的可信安全区域中执行数据通信应用,其中处理器是计算机的组件,命令外围设备的控制器执行控制器的可信安全区域中的控制应用,其中, 控制器是计算机的组件,命令至少另一个外围设备或用户接口设备之一,以不访问计算机的数据总线,验证控制器正在执行控制器的可信安全区域中的控制应用程序,发送 通过计算机的数据总线从处理器到控制器的数据,以及控制器,用于在外部通信链路上发送由处理器发送的数据,读取存储器存储盘或写入到存储器存储盘。
-
公开(公告)号:US09183606B1
公开(公告)日:2015-11-10
申请号:US13939175
申请日:2013-07-10
CPC分类号: G06F21/57 , G06F21/84 , G06F2221/2111 , G06F2221/2113 , G06F2221/2141 , G06F2221/2149 , G06T1/20
摘要: A method of extending trust from a trusted processor to a graphics processing unit to expand trusted processing in an electronic device comprises inserting a trusted kernel into the graphics processing unit, monitoring the activity level of the graphics processing unit, suspending graphics processing on at least a portion of the graphics processing unit, repurposing a portion of the graphics processing unit to perform trusted processing, and releasing the portion of the graphics processing unit from trusted processing.
摘要翻译: 将信任从可信处理器扩展到图形处理单元以扩展电子设备中的可信处理的方法包括将可信内核插入到图形处理单元中,监视图形处理单元的活动级别,至少暂停图形处理 图形处理单元的一部分,重新利用图形处理单元的一部分以执行可信处理,以及将图形处理单元的一部分从可信处理释放。
-
公开(公告)号:US10055578B1
公开(公告)日:2018-08-21
申请号:US15157031
申请日:2016-05-17
CPC分类号: G06F21/53 , G06F21/44 , G06F21/602 , H04L63/123 , H04L63/14 , H04L63/1441
摘要: A computer system that comprises a processor, a non-transitory memory, and a system application stored in the non-transitory memory. When executed by the processor, the application receives a request to create a software container, creates the container, generates a signature of the container, creates a container security token that comprises the signature and embeds the container security token in the container, and returns the container with the embedded container security token. The application receives a request to launch an application in the container, determines a confirmation signature of the container provided by the application launch request, compares the confirmation signature to the signature of the container security token in the container, determines that the confirmation signature and the signature of the container security token in the software container match, and responsive to determining the signatures match launches the application in the software container provided by the application launch request.
-
公开(公告)号:US09977914B1
公开(公告)日:2018-05-22
申请号:US15054130
申请日:2016-02-25
CPC分类号: G06F21/6218 , G06F9/4401 , G06F21/575
摘要: An electronic device. The electronic device comprises a memory comprising a confidential information region and a non-confidential information region, a processor, and an application stored in the memory. When executed by the processor, the application determines if a reboot has occurred after a most recent power-off boot, where a reboot takes place without removing power from the processor and memory and, in response to determining that the reboot occurred after the most recent power-off boot, prevents access of applications to the confidential information region in the memory.
-
-
-
-
-
-
-
-
-
搜索结果
26 条记录 (耗时 0.022 秒)
