WO2005001639A3 - Trusted computer system - Google Patents

Trusted computer system Download PDF

Info

Publication number
WO2005001639A3
WO2005001639A3 PCT/US2004/019434 US2004019434W WO2005001639A3 WO 2005001639 A3 WO2005001639 A3 WO 2005001639A3 US 2004019434 W US2004019434 W US 2004019434W WO 2005001639 A3 WO2005001639 A3 WO 2005001639A3
Authority
WO
WIPO (PCT)
Prior art keywords
linux
designed
supports
computer system
well
Prior art date
Application number
PCT/US2004/019434
Other languages
French (fr)
Other versions
WO2005001639A2 (en
Inventor
Michel W Focke
James E Knoke
Paul A Barbieri
Robert D Wherley
John G Ata
Dwight B Engen
Original Assignee
Digitalnet Government Solution
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Digitalnet Government Solution filed Critical Digitalnet Government Solution
Priority to JP2006517366A priority Critical patent/JP2007524148A/en
Priority to EP04755554A priority patent/EP1645069A4/en
Publication of WO2005001639A2 publication Critical patent/WO2005001639A2/en
Publication of WO2005001639A3 publication Critical patent/WO2005001639A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/577Assessing vulnerabilities and evaluating computer system security
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45537Provision of facilities of other operating environments, e.g. WINE
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2113Multi-level security, e.g. mandatory access control
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2149Restricted operating environment

Abstract

A trusted computer system that offers Linux® compatibility and supports contemporary hardware speeds. It is designed to require no porting of common applications which run on Linux, to be easy to develop for, and to allow the use of a wide variety of modern development tools. The system is further designed to meet or exceed the Common Criteria EAL-5 or higher rating through incorporation of required security features, as well as a very high level of assurance for handling data at a wide range of sensitivity (e.g., classification) levels in a wide range of operational environments. This is achieved through the implementation of a well-layered operating system which has been designed from the ground up to enforce security, but which also supports Linux operating system functions and methods.
PCT/US2004/019434 2003-06-17 2004-06-15 Trusted computer system WO2005001639A2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
JP2006517366A JP2007524148A (en) 2003-06-17 2004-06-15 Trusted computer system
EP04755554A EP1645069A4 (en) 2003-06-17 2004-06-15 Trusted computer system

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US10/462,771 2003-06-17
US10/462,771 US7103914B2 (en) 2002-06-17 2003-06-17 Trusted computer system

Publications (2)

Publication Number Publication Date
WO2005001639A2 WO2005001639A2 (en) 2005-01-06
WO2005001639A3 true WO2005001639A3 (en) 2005-08-11

Family

ID=33551373

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2004/019434 WO2005001639A2 (en) 2003-06-17 2004-06-15 Trusted computer system

Country Status (4)

Country Link
US (7) US7103914B2 (en)
EP (1) EP1645069A4 (en)
JP (1) JP2007524148A (en)
WO (1) WO2005001639A2 (en)

Families Citing this family (141)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7640582B2 (en) 2003-04-16 2009-12-29 Silicon Graphics International Clustered filesystem for mix of trusted and untrusted nodes
US8010558B2 (en) 2001-06-05 2011-08-30 Silicon Graphics International Relocation of metadata server with outstanding DMAPI requests
US7617292B2 (en) 2001-06-05 2009-11-10 Silicon Graphics International Multi-class heterogeneous clients in a clustered filesystem
US20040139125A1 (en) 2001-06-05 2004-07-15 Roger Strassburg Snapshot copy of data volume during data access
US20040143749A1 (en) * 2003-01-16 2004-07-22 Platformlogic, Inc. Behavior-based host-based intrusion prevention system
US7530103B2 (en) * 2003-08-07 2009-05-05 Microsoft Corporation Projection of trustworthiness from a trusted environment to an untrusted environment
US7313679B2 (en) * 2003-10-17 2007-12-25 Intel Corporation Extended trusted computing base
US20050198099A1 (en) * 2004-02-24 2005-09-08 Covelight Systems, Inc. Methods, systems and computer program products for monitoring protocol responses for a server application
JP4728610B2 (en) * 2004-08-04 2011-07-20 株式会社リコー Access control list attachment system, original content creator terminal, policy server, original content data management server, program, and recording medium
US8181219B2 (en) * 2004-10-01 2012-05-15 Microsoft Corporation Access authorization having embedded policies
US7818781B2 (en) * 2004-10-01 2010-10-19 Microsoft Corporation Behavior blocking access control
US8307453B1 (en) * 2004-11-29 2012-11-06 Symantec Corporation Zone breakout detection
US8020141B2 (en) * 2004-12-06 2011-09-13 Microsoft Corporation Operating-system process construction
US7882317B2 (en) * 2004-12-06 2011-02-01 Microsoft Corporation Process isolation using protection domains
US8504849B2 (en) 2004-12-21 2013-08-06 Sandisk Technologies Inc. Method for versatile content control
US20070168292A1 (en) * 2004-12-21 2007-07-19 Fabrice Jogand-Coulomb Memory system with versatile content control
US8601283B2 (en) * 2004-12-21 2013-12-03 Sandisk Technologies Inc. Method for versatile content control with partitioning
US7620974B2 (en) * 2005-01-12 2009-11-17 Symantec Distributed traffic scanning through data stream security tagging
US8335760B1 (en) * 2005-02-07 2012-12-18 Hewlett-Packard Development, L. P. Grid computing system to manage utility service content
US7474618B2 (en) * 2005-03-02 2009-01-06 Objective Interface Systems, Inc. Partitioning communication system
US7900152B2 (en) * 2005-03-03 2011-03-01 Microsoft Corporation Adaptable user interface for business software
US20060200489A1 (en) * 2005-03-03 2006-09-07 Microsoft Corporation Company modeling
US8849968B2 (en) 2005-06-20 2014-09-30 Microsoft Corporation Secure and stable hosting of third-party extensions to web services
US7657834B2 (en) * 2005-06-29 2010-02-02 Trusted Computer Solutions Sensitivity label translation
US20070044151A1 (en) * 2005-08-22 2007-02-22 International Business Machines Corporation System integrity manager
US7610285B1 (en) * 2005-09-21 2009-10-27 Stored IQ System and method for classifying objects
US7725737B2 (en) * 2005-10-14 2010-05-25 Check Point Software Technologies, Inc. System and methodology providing secure workspace environment
US8074231B2 (en) * 2005-10-26 2011-12-06 Microsoft Corporation Configuration of isolated extensions and device drivers
US20070094495A1 (en) * 2005-10-26 2007-04-26 Microsoft Corporation Statically Verifiable Inter-Process-Communicative Isolated Processes
US8146138B2 (en) * 2005-12-15 2012-03-27 Microsoft Corporation Access unit switching through physical mediation
US7606254B1 (en) * 2006-03-02 2009-10-20 Rockwell Collins, Inc. Evaluatable high-assurance guard for security applications
US8161529B1 (en) * 2006-03-02 2012-04-17 Rockwell Collins, Inc. High-assurance architecture for routing of information between networks of differing security level
US7930727B1 (en) * 2006-03-30 2011-04-19 Emc Corporation System and method for measuring and enforcing security policy compliance for software during the development process of the software
US8161281B1 (en) * 2006-04-13 2012-04-17 Rockwell Collins, Inc. High assurance data tagger for I/O feeds
DE102006020093A1 (en) * 2006-04-26 2007-10-31 IHP GmbH - Innovations for High Performance Microelectronics/Institut für innovative Mikroelektronik Protecting a data processing application of a service provider for a user by a trusted execution environment
US8561189B2 (en) * 2006-06-23 2013-10-15 Battelle Memorial Institute Method and apparatus for distributed intrusion protection system for ultra high bandwidth networks
US8032898B2 (en) * 2006-06-30 2011-10-04 Microsoft Corporation Kernel interface with categorized kernel objects
US8613103B2 (en) * 2006-07-07 2013-12-17 Sandisk Technologies Inc. Content control method using versatile control structure
US8266711B2 (en) * 2006-07-07 2012-09-11 Sandisk Technologies Inc. Method for controlling information supplied from memory device
US8639939B2 (en) * 2006-07-07 2014-01-28 Sandisk Technologies Inc. Control method using identity objects
GB2442497B (en) * 2006-10-02 2010-03-31 Transitive Ltd Method and apparatus for administering a process filesystem with respect to program code conversion
US7840795B2 (en) * 2006-10-17 2010-11-23 Zachary Nathaniel Joseph Peterson Method and apparatus for limiting access to sensitive data
US8087065B2 (en) * 2006-11-17 2011-12-27 Mcafee, Inc. Method and system for implementing mandatory file access control in native discretionary access control environments
US8887296B2 (en) * 2006-12-12 2014-11-11 The Boeing Company Method and system for object-based multi-level security in a service oriented architecture
US8127133B2 (en) * 2007-01-25 2012-02-28 Microsoft Corporation Labeling of data objects to apply and enforce policies
GB0701518D0 (en) * 2007-01-26 2007-03-07 Hewlett Packard Development Co Methods, devices and data structures for protection of data
US20080209535A1 (en) * 2007-02-28 2008-08-28 Tresys Technology, Llc Configuration of mandatory access control security policies
US8789063B2 (en) * 2007-03-30 2014-07-22 Microsoft Corporation Master and subordinate operating system kernels for heterogeneous multiprocessor systems
US8443191B2 (en) 2007-04-09 2013-05-14 Objective Interface Systems, Inc. System and method for accessing information resources using cryptographic authorization permits
US7949998B2 (en) * 2007-04-20 2011-05-24 Microsoft Corporation Programming framework for closed systems
US20090007256A1 (en) * 2007-06-28 2009-01-01 Microsoft Corporation Using a trusted entity to drive security decisions
US8359467B2 (en) * 2007-07-07 2013-01-22 Hewlett-Packard Development Company, L.P. Access control system and method
JP4949147B2 (en) * 2007-07-13 2012-06-06 株式会社日立ソリューションズ Method and program for optimizing security policy for secure OS
US8769268B2 (en) * 2007-07-20 2014-07-01 Check Point Software Technologies, Inc. System and methods providing secure workspace sessions
US20090034734A1 (en) * 2007-07-31 2009-02-05 Viasat, Inc. Multi-Level Key Manager
US8463815B1 (en) 2007-11-13 2013-06-11 Storediq, Inc. System and method for access controls
US8256007B2 (en) 2008-03-25 2012-08-28 Northrop Grumman Systems Corporation Data security management system and methods
US9418219B2 (en) * 2008-04-11 2016-08-16 Microsoft Technology Licensing, Llc Inter-process message security
US10802990B2 (en) 2008-10-06 2020-10-13 International Business Machines Corporation Hardware based mandatory access control
US9166797B2 (en) * 2008-10-24 2015-10-20 Microsoft Technology Licensing, Llc Secured compartment for transactions
US9213566B2 (en) * 2008-11-26 2015-12-15 Red Hat, Inc. Implementing security in process-based virtualization
US9594900B2 (en) * 2008-12-09 2017-03-14 Microsoft Technology Licensing, Llc Isolating applications hosted by plug-in code
US9104618B2 (en) 2008-12-18 2015-08-11 Sandisk Technologies Inc. Managing access to an address range in a storage device
JP5274266B2 (en) * 2009-01-07 2013-08-28 キヤノン株式会社 Document management apparatus, document management system, document management method, and computer program
US20100199357A1 (en) * 2009-02-02 2010-08-05 Microsoft Corporation Secure hosting for untrusted code
US8886672B2 (en) * 2009-03-12 2014-11-11 International Business Machines Corporation Providing access in a distributed filesystem
US8572675B2 (en) * 2009-04-03 2013-10-29 The Boeing Company System and method for facilitating the provision of web services across different internet security domains
US8468607B2 (en) * 2009-10-07 2013-06-18 International Business Machines Corporation Associating multiple security domains to application servers
US9003517B2 (en) 2009-10-28 2015-04-07 Microsoft Technology Licensing, Llc Isolation and presentation of untrusted data
US8499351B1 (en) * 2009-12-17 2013-07-30 Mcafee, Inc. Isolated security monitoring system
CN101938459A (en) * 2010-06-22 2011-01-05 北京豪讯美通科技有限公司 CRNET (China Railcom Net) sSafe cooperative defense system for whole course communication network
US8938706B2 (en) * 2010-11-23 2015-01-20 Red Hat, Inc. Providing customized visualization of application binary interface/application programming interface-related information
US8863108B2 (en) 2010-11-23 2014-10-14 Red Hat, Inc. Finding out if software will run on an operating system without installing that software
US8776036B2 (en) 2010-11-23 2014-07-08 Red Hat, Inc. Determining support criteria for shared libraries based on their priority levels
US8887122B2 (en) 2010-11-23 2014-11-11 Red Hat, Inc. Find and track information of interface usage of software libraries by other software
US10511630B1 (en) 2010-12-10 2019-12-17 CellSec, Inc. Dividing a data processing device into separate security domains
KR20120070771A (en) * 2010-12-22 2012-07-02 한국전자통신연구원 Apparatus and method for quantitatively evaluating security policy
WO2012110795A1 (en) * 2011-02-18 2012-08-23 Bae Systems Plc A network management assembly for managing a flow of network management traffic
US9635048B2 (en) * 2011-03-09 2017-04-25 Irdeto B.V. Method and system for dynamic platform security in a device operating system
JP5382059B2 (en) * 2011-05-11 2014-01-08 コニカミノルタ株式会社 Image processing system, image processing apparatus, and program
US8099596B1 (en) * 2011-06-30 2012-01-17 Kaspersky Lab Zao System and method for malware protection using virtualization
US8583767B2 (en) * 2011-08-24 2013-11-12 CSC Holdings, LLC Virtual service delivery platform
US9489541B2 (en) * 2011-09-09 2016-11-08 Nvidia Corporation Content protection via online servers and code execution in a secure operating system
US20130091197A1 (en) * 2011-10-11 2013-04-11 Microsoft Corporation Mobile device as a local server
US9026815B2 (en) * 2011-10-27 2015-05-05 Intel Corporation Controlling operating frequency of a core domain via a non-core domain of a multi-domain processor
CN102436566B (en) * 2012-01-12 2014-07-09 冶金自动化研究设计院 Dynamic trusted measurement method and safe embedded system
US9594921B2 (en) * 2012-03-02 2017-03-14 International Business Machines Corporation System and method to provide server control for access to mobile client data
US9294508B2 (en) 2012-08-02 2016-03-22 Cellsec Inc. Automated multi-level federation and enforcement of information management policies in a device network
US10305937B2 (en) 2012-08-02 2019-05-28 CellSec, Inc. Dividing a data processing device into separate security domains
EP2880837B1 (en) * 2012-08-02 2019-10-30 Cellsec Limited Automated multi-level federation and enforcement of information management policies in a device network
US9547656B2 (en) * 2012-08-09 2017-01-17 Oracle International Corporation Method and system for implementing a multilevel file system in a virtualized environment
US9183385B2 (en) 2012-08-22 2015-11-10 International Business Machines Corporation Automated feedback for proposed security rules
US8938796B2 (en) 2012-09-20 2015-01-20 Paul Case, SR. Case secure computer architecture
US9043632B2 (en) 2012-09-25 2015-05-26 Apple Inc. Security enclave processor power control
US8775757B2 (en) 2012-09-25 2014-07-08 Apple Inc. Trust zone support in system on a chip having security enclave processor
US8873747B2 (en) 2012-09-25 2014-10-28 Apple Inc. Key management using security enclave processor
US8832465B2 (en) * 2012-09-25 2014-09-09 Apple Inc. Security enclave processor for a system on a chip
US9047471B2 (en) 2012-09-25 2015-06-02 Apple Inc. Security enclave processor boot control
US9338522B2 (en) 2012-10-18 2016-05-10 Broadcom Corporation Integration of untrusted framework components with a secure operating system environment
US9405562B2 (en) 2012-10-18 2016-08-02 Broadcom Corporation Set top box application in a concurrent dual environment
US9344762B2 (en) * 2012-10-18 2016-05-17 Broadcom Corporation Integration of untrusted applications and frameworks with a secure operating system environment
US20140115624A1 (en) * 2012-10-18 2014-04-24 Broadcom Corporation Security and Certification in a Set Top Box Device Having a Mixed Operating System or Framework Environment
US9600351B2 (en) 2012-12-14 2017-03-21 Microsoft Technology Licensing, Llc Inversion-of-control component service models for virtual environments
US9250922B2 (en) 2013-02-28 2016-02-02 Qualcomm Incorporated Method and apparatus for prefetching peripheral device drivers for smart phones and other connected devices prior to HLOS boot
CN103246849A (en) * 2013-05-30 2013-08-14 浪潮集团有限公司 Safe running method based on ROST under Windows
US9424425B2 (en) * 2013-05-31 2016-08-23 Microsoft Technology Licensing, Llc Protecting anti-malware processes
US10171483B1 (en) 2013-08-23 2019-01-01 Symantec Corporation Utilizing endpoint asset awareness for network intrusion detection
US8739287B1 (en) * 2013-10-10 2014-05-27 Kaspersky Lab Zao Determining a security status of potentially malicious files
US8863284B1 (en) 2013-10-10 2014-10-14 Kaspersky Lab Zao System and method for determining a security status of potentially malicious files
KR102125923B1 (en) * 2013-10-24 2020-06-24 삼성전자 주식회사 Method and apparatus for upgrading operating system of a electronic device
IN2013CH05777A (en) 2013-12-13 2015-06-19 Indian Inst Technology Madras
CA2981789A1 (en) 2014-04-04 2015-10-08 David Goldschlag Method for authentication and assuring compliance of devices accessing external services
CN103971067B (en) * 2014-05-30 2015-06-03 中国人民解放军国防科学技术大学 Operating system nucleus universal access control method supporting entities inside and outside nucleus
US9501667B2 (en) * 2014-06-20 2016-11-22 Arm Limited Security domain prediction
WO2016010665A1 (en) * 2014-07-15 2016-01-21 Sikka Neil Apparatus for and method of preventing unsecured data access
US9547778B1 (en) 2014-09-26 2017-01-17 Apple Inc. Secure public key acceleration
CN104331329B (en) * 2014-09-30 2017-12-01 上海斐讯数据通信技术有限公司 The mobile office security system and method for support region management
CN104504340B (en) * 2014-12-25 2017-07-14 国家电网公司 A kind of forced access control method based on power system security label
US9531757B2 (en) 2015-01-20 2016-12-27 Cisco Technology, Inc. Management of security policies across multiple security products
US9401933B1 (en) * 2015-01-20 2016-07-26 Cisco Technology, Inc. Classification of security policies across multiple security products
US9571524B2 (en) 2015-01-20 2017-02-14 Cisco Technology, Inc. Creation of security policy templates and security policies based on the templates
US9521167B2 (en) 2015-01-20 2016-12-13 Cisco Technology, Inc. Generalized security policy user interface
US9680875B2 (en) 2015-01-20 2017-06-13 Cisco Technology, Inc. Security policy unification across different security products
US9971910B2 (en) * 2015-01-22 2018-05-15 Raytheon Company Multi-level security domain separation using soft-core processor embedded in an FPGA
US9787722B2 (en) 2015-05-19 2017-10-10 Cisco Technology, Inc. Integrated development environment (IDE) for network security configuration files
US9641540B2 (en) 2015-05-19 2017-05-02 Cisco Technology, Inc. User interface driven translation, comparison, unification, and deployment of device neutral network security policies
US9600682B2 (en) * 2015-06-08 2017-03-21 Accenture Global Services Limited Mapping process changes
US10726127B1 (en) 2015-06-30 2020-07-28 Fireeye, Inc. System and method for protecting a software component running in a virtual machine through virtual interrupts by the virtualization layer
US10395029B1 (en) * 2015-06-30 2019-08-27 Fireeye, Inc. Virtual system and method with threat protection
US10642753B1 (en) 2015-06-30 2020-05-05 Fireeye, Inc. System and method for protecting a software component running in virtual machine using a virtualization layer
US11113086B1 (en) 2015-06-30 2021-09-07 Fireeye, Inc. Virtual system and method for securing external network connectivity
US9785783B2 (en) * 2015-07-23 2017-10-10 Ca, Inc. Executing privileged code in a process
US9779230B2 (en) * 2015-09-11 2017-10-03 Dell Products, Lp System and method for off-host abstraction of multifactor authentication
US9992232B2 (en) 2016-01-14 2018-06-05 Cisco Technology, Inc. Policy block creation with context-sensitive policy line classification
US10572687B2 (en) * 2016-04-18 2020-02-25 America as represented by the Secretary of the Army Computer security framework and hardware level computer security in an operating system friendly microprocessor architecture
US10192067B2 (en) 2016-05-26 2019-01-29 Microsoft Technology Licensing, Llc Self-described security model for resource access
US10776316B2 (en) * 2018-01-05 2020-09-15 Goodrich Corporation Automated multi-domain operational services
US11102002B2 (en) * 2018-12-28 2021-08-24 Dell Products, L.P. Trust domain isolation management in secured execution environments
US11003394B2 (en) 2019-06-28 2021-05-11 Seagate Technology Llc Multi-domain data storage system with illegal loop prevention
KR102405886B1 (en) 2022-03-17 2022-06-08 주식회사 넷아스 Apparatus and method of providing solution of source transformation for architectural changes
CN117436079B (en) * 2023-12-20 2024-04-05 麒麟软件有限公司 Integrity protection method and system for Linux system

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5263147A (en) * 1991-03-01 1993-11-16 Hughes Training, Inc. System for providing high security for personal computers and workstations
US6182218B1 (en) * 1994-12-13 2001-01-30 Mitsubishi Corporation Digital content management system using electronic watermark

Family Cites Families (31)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5339449A (en) * 1989-06-30 1994-08-16 Digital Equipment Corporation System and method for reducing storage channels in disk systems
US5220661A (en) * 1989-09-15 1993-06-15 Digital Equipment Corporation System and method for reducing timing channels in digital data processing systems
US5230069A (en) * 1990-10-02 1993-07-20 International Business Machines Corporation Apparatus and method for providing private and shared access to host address and data spaces by guest programs in a virtual machine computer system
US5504814A (en) * 1991-07-10 1996-04-02 Hughes Aircraft Company Efficient security kernel for the 80960 extended architecture
US5339261A (en) * 1992-10-22 1994-08-16 Base 10 Systems, Inc. System for operating application software in a safety critical environment
US5628017A (en) * 1993-03-15 1997-05-06 Microsoft Corporation Method and system for providing event-response capabilities to pseudocode
US5603014A (en) * 1993-12-03 1997-02-11 Intel Corporation Protected mode simulation of a real mode interupt based programming interface in a computer system
US5590266A (en) * 1994-10-11 1996-12-31 International Business Machines Corporation Integrity mechanism for data transfer in a windowing system
US5687376A (en) * 1994-12-15 1997-11-11 International Business Machines Corporation System for monitoring performance of advanced graphics driver including filter modules for passing supported commands associated with function calls and recording task execution time for graphic operation
US5692124A (en) * 1996-08-30 1997-11-25 Itt Industries, Inc. Support of limited write downs through trustworthy predictions in multilevel security of computer network communications
US6029246A (en) * 1997-03-31 2000-02-22 Symantec Corporation Network distributed system for updating locally secured objects in client machines
EP0926605A1 (en) * 1997-11-19 1999-06-30 Hewlett-Packard Company Browser system
US6496847B1 (en) * 1998-05-15 2002-12-17 Vmware, Inc. System and method for virtualizing computer systems
EP1127314A4 (en) 1998-09-10 2003-03-12 Sanctum Ltd Method and system for maintaining restricted operating environments for application programs or operating systems
EP1056010A1 (en) 1999-05-28 2000-11-29 Hewlett-Packard Company Data integrity monitoring in trusted computing entity
US6351817B1 (en) * 1999-10-27 2002-02-26 Terence T. Flyntz Multi-level secure computer with token-based access control
US6430561B1 (en) * 1999-10-29 2002-08-06 International Business Machines Corporation Security policy for protection of files on a storage device
US6757824B1 (en) 1999-12-10 2004-06-29 Microsoft Corporation Client-side boot domains and boot rules
US6990579B1 (en) * 2000-03-31 2006-01-24 Intel Corporation Platform and method for remote attestation of a platform
US6957332B1 (en) * 2000-03-31 2005-10-18 Intel Corporation Managing a secure platform using a hierarchical executive architecture in isolated execution mode
JP3630087B2 (en) * 2000-05-10 2005-03-16 日本電気株式会社 Automatic data processor
DE60113539T2 (en) * 2000-07-05 2006-06-22 Ernst & Young Llp METHOD AND DEVICE FOR PROVIDING COMPUTER SERVICES
GB0020441D0 (en) * 2000-08-18 2000-10-04 Hewlett Packard Co Performance of a service on a computing platform
GB2376764B (en) * 2001-06-19 2004-12-29 Hewlett Packard Co Multiple trusted computing environments
GB2378272A (en) * 2001-07-31 2003-02-05 Hewlett Packard Co Method and apparatus for locking an application within a trusted environment
US7260741B2 (en) * 2001-09-18 2007-08-21 Cedar Point Communications, Inc. Method and system to detect software faults
US20040064723A1 (en) * 2001-10-31 2004-04-01 Barnes Brian C. Method and apparatus for physical address-based security to determine target security
GB2382419B (en) * 2001-11-22 2005-12-14 Hewlett Packard Co Apparatus and method for creating a trusted environment
US7493498B1 (en) * 2002-03-27 2009-02-17 Advanced Micro Devices, Inc. Input/output permission bitmaps for compartmentalized security
US20030196108A1 (en) * 2002-04-12 2003-10-16 Kung Kenneth C. System and techniques to bind information objects to security labels
US6782424B2 (en) * 2002-08-23 2004-08-24 Finite State Machine Labs, Inc. System, method and computer program product for monitoring and controlling network connections from a supervisory operating system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5263147A (en) * 1991-03-01 1993-11-16 Hughes Training, Inc. System for providing high security for personal computers and workstations
US6182218B1 (en) * 1994-12-13 2001-01-30 Mitsubishi Corporation Digital content management system using electronic watermark

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP1645069A4 *

Also Published As

Publication number Publication date
US7103914B2 (en) 2006-09-05
US7631342B2 (en) 2009-12-08
US20070118900A1 (en) 2007-05-24
US20070056036A1 (en) 2007-03-08
US20070118901A1 (en) 2007-05-24
US7937757B2 (en) 2011-05-03
EP1645069A4 (en) 2010-09-08
US20040025016A1 (en) 2004-02-05
EP1645069A2 (en) 2006-04-12
US20070130458A1 (en) 2007-06-07
US7765595B2 (en) 2010-07-27
WO2005001639A2 (en) 2005-01-06
US7549165B2 (en) 2009-06-16
US7591003B2 (en) 2009-09-15
US20070056037A1 (en) 2007-03-08
JP2007524148A (en) 2007-08-23
US20070118902A1 (en) 2007-05-24

Similar Documents

Publication Publication Date Title
WO2005001639A3 (en) Trusted computer system
MXPA05007150A (en) Policy engine and methods and systems for protecting data.
WO2005104416A3 (en) Rights management inter-entity message policies and enforcement
TW200708952A (en) Providing extended memory protection
WO2007052021A3 (en) Secure computer use system
WO2003005627A3 (en) Mobile application access control list security system
WO2006077443A3 (en) Computer protection against malware affection
WO2004095207A3 (en) Modeling of order data
EP1579284A3 (en) Electronic mail file access system
AU2003245327A1 (en) Metamorphic computer virus detection
TW200620930A (en) Stsyem and method for managing access to protected content by untrusted applications
WO2003021477A3 (en) A sampling approach for data mining of association rules
WO2007008914A3 (en) Transcryption of digital content between content protection systems
WO2004081707A3 (en) Data processing system with peripheral access protection and method therefor
WO2003034188A3 (en) Method and system for detecting unauthorised executable programs _______________________________________________________________
WO2007130320A3 (en) Concealment of information in electronic design automation
WO2004066586A3 (en) Categorization of host security levels based on functionality implemented inside secure hardware
NO20043189L (en) Automated computer vulnerability determination system
WO2005047862A3 (en) Apparatus method and medium for identifying files using n-gram distribution of data
WO2004097602A3 (en) A method of, and system for, heuristically determining that an unknown file is harmless by using traffic heuristics
WO2008061089A3 (en) Method and system for trusted/untrusted digital signal processor debugging operations
WO2006000369A3 (en) Non-intrusive trusted user interface
WO2006121748A3 (en) Systems and methods for interfacing an application of a first type with multiple applications of a second type
WO2005121965A3 (en) Distributed storage network
WO2005010706A3 (en) System and method for optimizing sourcing opportunity utilization policies

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SY TJ TM TN TR TT TZ UA UG UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
WWE Wipo information: entry into national phase

Ref document number: 2006517366

Country of ref document: JP

WWE Wipo information: entry into national phase

Ref document number: 2004755554

Country of ref document: EP

WWP Wipo information: published in national office

Ref document number: 2004755554

Country of ref document: EP

DPEN Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed from 20040101)