УСТРОЙСТВО ЗАЩИТЫ ОТ ВОРОВСТВА

Изобретение относится к компьютерной технике. Использование: для защиты от воровства компьютеров и (или) компьютерных компонент, и другой электронной аппаратуры, применяющей процессоры, такой как компоненты запоминающих устройств, жесткие диски, сменные платы и процессоры, позволяет получить технический результат в виде значительного затруднения несанкционированного использования украденных компьютеров или их частей. Этот результат достигается благодаря тому, что устройство содержит блокирующую схему, которая интегрируется с защищаемым компонентом, содержащую запоминающее устройство для запоминания идентифицирующего кода (ИК) для каждой блокирующей схемы, и тем, что каждая блокирующая схема содержит оконечную аппаратуру связи для ввода ключевого кода в блокирующую схему и компаратор для сравнения этого вводимого ключевого кода с ИК блокирующей схемы, при этом блокирующая схема выполнена с возможностью блокирования компонента для дальнейшего использования в случае неправильного ключевого ...

Способ блокировки сетевых соединений

Изобретение относится к вычислительной технике. Технический результат заключается в обеспечении блокировки сетевых соединений на основании сравнения цифровых сертификатов в результате осуществления способа блокировки сетевых соединений в режиме реального времени. Способ блокировки сетевых соединений в режиме реального времени, в котором перехватывают сертификат в момент установки защищенного соединения; определяют похожесть перехваченного сертификата на запрещенные сертификаты, где похожим признается сертификат, который может быть отображен на множество запрещенных сертификатов, при этом отображение проверяется посредством применения правила, сформированного из общих признаков запрещенных сертификатов, полученных в результате кластеризации множества запрещенных сертификатов; блокируют устанавливаемое соединение, если перехваченный сертификат в результате определения похожести признается похожим на запрещенные сертификаты. 2 н. и 4 з.п. ф-лы, 7 ил.

СПОСОБ ОБНАРУЖЕНИЯ САМОВОЛЬНОГО НАРУШЕНИЯ НАСТРОЙКИ

Изобретение относится к области компьютерной техники, предназначенной для контроля программного обеспечения. Технический результат заключается в обеспечении обнаружения использования несанкционированно установленного программного обеспечения в устройстве электронного управления. Технический результат достигается за счет вычисления проверочного числа контрольной суммы (CVN) на основе байтов данных в интересующей области программного обеспечения при каждом запуске двигателя или максимум один раз в день, сравнения последнего вычисленного CVN с последним сохраненным CVN из списка, содержащего множество положений хранения CVN, сохранения последнего вычисленного CVN, если он отличается от последнего сохраненного CVN, вместе с датой внесения в список CVN и(или) с текущим показанием одометра, удаления записей из списка CVN согласно принципу ФИФО, когда список CVN заполнен. 3 з.п. ф-лы, 3 ил.

СПОСОБ И СИСТЕМА РАСПРЕДЕЛЕННОЙ РАЗРАБОТКИ ПРОГРАММЫ ДЛЯ ПРОГРАММИРУЕМОГО ПОРТАТИВНОГО НОСИТЕЛЯ ИНФОРМАЦИИ

Изобретение относится к защищенной от несанкционированного доступа разработке исполняемого программного кода для портативных программируемых носителей информации. Техническим результатом является повышение защищенности данных. Способ заключается в следующем: исходный текст программы составляют на компьютере пользователя, передают на компьютер эмитента носителя информации, где осуществляют компиляцию и компоновку исходного текста программы с получением исполняемого программного кода, который зашифровывают и преобразовывают в транспортный код, который загружают в носитель информации через компьютер пользователя, при этом на стадии предварительного комплектования носитель информации снабжают инструментальными программными средствами, позволяющими восстанавливать из представленного в переходном формате транспортного кода исполняемый программный код. Также раскрыта система для распределенной разработки исполняемой программы для портативного носителя информации и носитель информации. 5 н. и 15 ...

СПОСОБ ФУНКЦИОНИРОВАНИЯ ТАХОГРАФА И ТАХОГРАФ

Изобретения относятся к способу функционирования тахографа. Технический результат - защита тахографа от манипуляций, повышение надежности. Тахограф содержит контроллер (2) приложений и контроллер (3) безопасности. С контроллером (2) приложений ассоциирована память (5), и с контроллером (3) безопасности ассоциирована другая память (6). Зашифрованный программный код (DPC) с по меньшей мере одной ассоциированной цифровой подписью предоставляется в распоряжение контроллеру (3) безопасности. Посредством контроллера (3) безопасности зашифрованный программный код (DPC) дешифруется и верифицируется посредством по меньшей мере одной цифровой подписи. Определяется, является ли дешифрованный программный код предназначенным для контроллера (2) приложений или контроллера (3) безопасности. В зависимости от определения, программа в памяти (5) и/или другая программа в другой памяти (6) посредством дешифрованного программного кода (ЕРС) по меньшей мере частично заменяется, и в зависимости от результата ...

Способ автоматизированного тестирования программно-аппаратных систем и комплексов

Изобретение относится к области вычислительной техники. Технический результат заключается в обеспечении обнаружения уязвимых программных и аппаратных средств в процессе автоматизированного тестирования системы программных и аппаратных средств. Технический результат достигается за счет способа тестирования системы программных и аппаратных средств системой автоматизированного проектирования, в котором модули системы автоматизированного проектирования: получают формализованное описание архитектуры тестируемой системы и строят модель использования включающую: вид использования системы, элемент системы, способ реализации данного вида использования; получают из базы угроз формализованное описание известных угроз для систем, сходных с тестируемой и строят модель угроз того же вида, что и модель использования включающая: вид угрозы, элемент системы, способ реализации угрозы, вектор воздействия на систему; сравнивают модель угроз с моделью использования; обнаруживают средства тестируемой системы ...

НАВИГАЦИОННАЯ СИСТЕМА

Изобретение относится к навигационным системам. Технический результат заключается в повышении защиты обновляемых картографических данных. Система содержит навигационный блок, работающий с использованием картографических данных, и носитель записи, подсоединяемый к и отсоединяемый от навигационного блока, в которой носитель записи имеет перезаписываемую область данных, в которой записываются картографические данные, и неперезаписываемую область управления, в которой записывается идентификационная информация носителя. Информация права обновления включает в себя информацию, относящуюся к праву обновления картографических данных, записанных на носителе записи, и необходимую для обновления картографических данных, записывается в области данных. Информация права обновления считывается из области данных и удаляется из этой области данных при первом доступе к данным упомянутого носителя записи посредством навигационного блока, и должный срок обновления карты, созданный на основе считанной информации ...

ОБНОВЛЕНИЕ РАБОЧЕЙ СИСТЕМЫ ДЛЯ ЗАЩИЩЕННОГО ЭЛЕМЕНТА

Изобретение относится к области встроенных защищенных элементов, таких как смарт-карты. Технический результат заключается в обеспечении обновления рабочей системы надежным и безопасным способом. Раскрыт защищенный элемент (30), содержащий, по меньшей мере, микропроцессор (31), энергонезависимое запоминающее устройство (34) и интерфейс (36) связи, при этом защищенный элемент (30) выполнен с возможностью осуществления связи с устройством (10) обновления для обновления рабочей системы защищенного элемента через интерфейс (36) связи, энергонезависимое запоминающее устройство (34) хранит, по меньшей мере, программу (38) инициирования, а микропроцессор (31) выполнен с возможностью исполнения программы (38) инициирования при запуске защищенного элемента (30), при этом программа (38) инициирования содержит команды для осуществления: этапа запуска (Е1, Е12) для определения, содержит ли энергонезависимое запоминающее устройство (34) активную рабочую программу (35), и при положительном результате ...

Компьютерная система с удаленным управлением сервером и устройством создания доверенной среды и способ реализации удаленного управления

Изобретение относится к защищенной компьютерной системе с удаленным управлением и администрированием автоматизированных рабочих мест, серверов. Технический результат заключается в повышении эффективности защиты компьютеров от несанкционированных действий и обеспечении защиты от несанкционированного доступа к информации, обрабатываемой и хранимой в компьютерных информационно-вычислительных системах, а также упрощение работы IT-персонала за счет централизации управления при обеспечении возможности удаленного управления и удаленного доступа к ресурсам сети с распределенной структурой. Система содержит установленное на сервер устройство создания доверенной среды с модулем удаленного управления и модулем удаленной многофакторной взаимной аутентификации, установленное на рабочее место администратора устройство создания доверенной среды с модулем удаленной многофакторной взаимной аутентификации и модулем удаленного администрирования, причем сервер и рабочее место администратора снабжены модулями ...

УСТРОЙСТВО ВЫЯВЛЕНИЯ УЯЗВИМОСТЕЙ

Полезная модель относится к компьютерной технике, а более конкретно к области информационной безопасности, и предназначена для выявления уязвимостей в исходных текстах компьютерных программ.Техническим результатом, на достижение которого направлено заявляемое устройство, является снижение вероятности ложных срабатываний при обнаружении уязвимостей в компьютерных системах, что в свою очередь приводит к повышению точности выявления уязвимостей в компьютерных системах.Устройство выявления уязвимостей, содержащее модуль построения абстрактного синтаксического дерева, соединенный с модулем построения графа вызовов, который соединен с модулем проведения локального анализа функций, соединенным с модулем проверки на наличие дефекта и блок памяти, соединенный с модулями построения абстрактного синтаксического дерева, построения графа вызовов, проведения локального анализа функций и модулем проверки на наличие уязвимости, модуль проверки на наличие уязвимости, осуществляет сравнение признаков данных функций и операций с признаками, указанными в правилах для проверки на уязвимости, которые хранятся в блоке памяти, при этом совпадение этих признаков свидетельствует о наличии уязвимости. 1 ил. РОССИЙСКАЯ ФЕДЕРАЦИЯ (19) RU (11) (13) 168 346 U1 (51) МПК G06F 21/57 (2013.01) ФЕДЕРАЛЬНАЯ СЛУЖБА ПО ИНТЕЛЛЕКТУАЛЬНОЙ СОБСТВЕННОСТИ (12) ФОРМУЛА ПОЛЕЗНОЙ МОДЕЛИ К ПАТЕНТУ РОССИЙСКОЙ ФЕДЕРАЦИИ (21)(22) Заявка: 2016125045, 23.06.2016 (24) Дата начала отсчета срока действия патента: 23.06.2016 30.01.2017 (73) Патентообладатель(и): Закрытое Акционерное Общество "Научно-Производственное Объединение "Эшелон" (RU) Приоритет(ы): (22) Дата подачи заявки: 23.06.2016 Адрес для переписки: 107023, Москва, ул. Электрозаводская, 24, стр. 1, ЗАО "НПО "Эшелон", Цирлову Валентину Леонидовичу 1 6 8 3 4 6 R U (57) Формула полезной модели Устройство выявления уязвимостей, содержащее модуль построения абстрактного синтаксического дерева, соединенный с модулем построения графа вызовов, который соединен с ...

Интегрированный модуль доверенной загрузки периферийного устройства

Полезная модель относится к вычислительной технике. Технический результат заключается в повышении степени защиты вычислительной системы. Интегрированный модуль доверенной загрузки периферийного устройства, в котором вычислительное ядро дополнительно соединено с блоком ввода-вывода GPIO, снабжённым третьим интерфейсом, блоком генерации случайного числа, блоком ускорителей симметричных алгоритмов шифрования, блоком ускорителей асимметричных алгоритмов шифрования, блоком однократно программируемого постоянного запоминающего устройства, блоком установки и контроля временных интервалов, блоком контроля параметров напряжения и температуры и блоком безопасного обмена данными для взаимодействия вычислительного ядра с основным вычислительным ядром микросхемы периферийного устройства через четвёртый интерфейс. 2 ил.

Система и способ определения уровня доверия файла

Изобретение относится к области компьютерной безопасности. Технический результат заключается в улучшении качества классификации доверенного программного обеспечения. Согласно варианту реализации используется способ определения уровня доверия файлов, в котором: выбирают имена файлов, расположенных по заданным путям у заданной доли устройств пользователей; формируют группу файлов из двух файлов со стабильными именами и являющимися компонентами одного приложения; для каждой группы определяют разработчика, с использованием закрытого ключа которого подписан файл упомянутой группы; для каждой группы определяют уровень доверия для всех файлов группы на основании вердиктов сторонних сервисов, присвоенных файлам упомянутой группы, а также на основании вердиктов сторонних сервисов, присвоенных файлу на устройствах пользователей, не принадлежащему упомянутой группе и подписанному закрытым ключом доминирующего разработчика, или на основании вердиктов сторонних сервисов, присвоенных файлам другой группы ...

Устройство защиты UEFI BIOS от несанкционированных изменений.

Изобретение относится к области вычислительной техники и предназначено для защиты кода UEFI BIOS, расположенного на микросхеме SPI Flash, от несанкционированных изменений. Техническим результатом является повышение защиты UEFI BIOS от несанкционированных изменений. Устройство защиты UEFI BIOS от несанкционированных изменений содержит микроконтроллер, расположенный на материнской плате вычислительного устройства, между центральным процессором и микросхемой SPI FLASH системы ЭВМ, причем устройство защиты подключается к блоку питания системы ЭВМ, микроконтроллер работает независимо от центрального процессора и содержит собственную оперативную память, долговременную память с загруженными базой данных прав доступа пользователей, а также программными модулями управления с реализацией всех команд работы протокола SPI FLASH и содержимым микросхемы SPI FLASH для целей ее эмуляции, а также для обработки и анализа входящих данных и команд до поступления их в микросхему SPI Flash и систему ЭВМ для ...

СПОСОБ ОПРЕДЕЛЕНИЯ ПОТЕНЦИАЛЬНЫХ УГРОЗ БЕЗОПАСНОСТИ ИНФОРМАЦИИ НА ОСНОВЕ СВЕДЕНИЙ ОБ УЯЗВИМОСТЯХ ПРОГРАММНОГО ОБЕСПЕЧЕНИЯ

Изобретение относится к вычислительной технике. Технический результат заключается в снижении сложности и трудоемкости процесса формирования перечня потенциальных угроз. Способ определения потенциальных угроз безопасности информации на основе сведений об уязвимостях программного обеспечения содержит этапы, на которых получают перечень известных уязвимостей и угроз; создают искусственные нейронные сети (ИНС) для определения возможности реализации угроз; получают набор обучающих выборок уязвимостей для каждой ИНС; производят обучение созданных ИНС с использованием полученных выборок; получают перечень выявленных в ИС уязвимостей; подают признаки каждой выявленной в ИС уязвимости на вход каждой созданной ИНС и получают ранжированный по вероятности реализации перечень потенциальных угроз. 2 ил.

Программно-аппаратный комплекс "Тонкий клиент"

Изобретение относится к области вычислительной техники. Техническим результатом является обеспечение обмена данными между сервером и удаленными оконечными устройствами, в которых отсутствуют накопители информации, предназначенные для постоянного хранения информации, с очисткой всех видов памяти и временной информации на удаленных оконечных устройствах при завершении сеанса работы. Раскрыт программно-аппаратный комплекс для передачи данных, состоящий из сервера, удаленных оконечных устройств, коммутатора L2 уровня, характеризующийся тем, что после осуществления запуска с использованием программной среды сервер обеспечивает доставку и загрузку операционной системы (ОС) Astra Linux Special Edition и прикладного программного обеспечения (ПО) на удаленные оконечные устройства по локальной вычислительной сети (ЛВС), в процессе загрузки удаленного оконечного устройства на нем производится формирование программной среды по ЛВС, в составе удаленных оконечных устройств отсутствуют накопители информации ...

СЕТЕВОЕ УПРАВЛЕНИЕ НАБОРАМИ ЗАЩИЩЕННЫХ ДАННЫХ

... 1. Система, содержащая:приемный модуль, выполненный с возможностью принимать команды доверенной среды исполнения, выданные множеством субъектов через сеть, где каждая команда доверенной среды исполнения является командой выполнять операции в отношении контекста обеспечения безопасности, который соответствует субъекту, выдавшему эту команду;процессор обеспечения безопасности, сконфигурированный для выполнения множества криптографических процессов и процессов обеспечения безопасности в отношении ключей и наборов защищенных данных в качестве реакции на команды доверенной среды исполнения, принятые приемным модулем; имодуль управления учетными записями, сконфигурированный для поддержания множества защищенных учетных записей, где конкретная защищенная учетная запись из множества учетных записей содержит набор защищенных данных, который соответствует конкретному субъекту, назначенному этой конкретной учетной записи, и который включает в себя множество ключей, соответствующих данному конкретному ...

Система и способ открытия файлов, созданных уязвимыми приложениями

... 1. Способ открытия файлов, созданных уязвимыми приложениями, в котором:а) определяют создание файла приложением-источником;б) определяют по меньшей мере одну уязвимость в приложении-источнике;в) определяют параметры созданного файла;г) определяют политику доступа к файлу в зависимости от информации, определенной на этапах б), в);д) перехватывают открытие созданного файла приложением-потребителем, при этом упомянутое приложение-потребитель предназначено для открытия файла;е) определяют политику запуска приложения-потребителя;ж) определяют по меньшей мере одну политику открытия файла приложением-потребителем в зависимости от: политики доступа к файлу; политики запуска приложения-потребителя;з) выполняют открытие созданного файла приложением-потребителем в соответствии с политикой открытия.2. Способ по п. 1, в котором создание файла приложением определяют по меньшей мере одним из способов:с помощью драйвер-фильтра файловой системы;с помощью перехвата вызовов системного API;с использованием ...

Система и способ обнаружения вредоносного скрипта

Изобретение относится к области информационной безопасности, а именно к обнаружению вредоносного скрипта. Технический результат – расширение арсенала технических средств для обнаружения вредоносного скрипта. Способ обнаружения вредоносного скрипта, выполняемый при помощи компьютерной системы, в котором обнаруживают запуск процесса из доверенного исполняемого файла скриптового интерпретатора, обнаруживают обращение, осуществляемое при исполнении процесса, к подозрительному адресу памяти, осуществляют анализ области памяти в адресном пространстве процесса в окрестности подозрительного адреса памяти, при этом во время анализа обнаруживают в адресном пространстве процесса образ исполняемого файла, загруженного из другого файла, обнаруживают вредоносный код в адресном пространстве процесса путем анализа обнаруженного образа исполняемого файла, загруженного из другого файла, признают вредоносным скрипт, инструкции которого выполнялись скриптовым интерпретатором до момента обнаружения вредоносного ...

Система и способ обеспечения безопасного изменения конфигурации систем

Изобретение относится к вычислительной технике. Технический результат заключается в обеспечении заданного уровня безопасности системы в случае изменения конфигурации. Способ модификации параметров компьютерной системы содержит получение через агента взаимодействия запроса на изменение параметров компьютерной системы от инициатора; формирование транзакции с изменениями, которые необходимо внести в параметры согласно запросу от инициатора, и актуальной копии состояния всех параметров, содержащихся в хранилище параметров, которые предают средству реконфигурирования; произведение с помощью средства реконфигурирования оценки влияния внесенных изменений на уровень безопасности компьютерной системы путем проверки корректности внесенных изменений в транзакцию и согласованности изменяемых параметров с остальными параметрами, содержащимися в хранилище параметров, применяя политику безопасности к полученной актуальной копии состояния всех параметров и к информации об изменениях, содержащихся в транзакции ...

Способ автоматического управления рисками в интернете вещей

ПРОВЕРКА ИЗМЕНЕНИЯ КОНФИГУРАЦИИ (IED)

... 1. Способ проверки изменения конфигурации интеллектуального электронного устройства (10) (IED) в системах управления технологическим процессом (РСТ) или автоматизации подстанции (SA), содержащий:- прием IED запроса на изменение конфигурации от аутентифицированного клиента (20), и- принятие или отклонение IED запроса на изменение конфигурации на основе подтверждения от подтверждающей стороны (21), независимой от клиента, и данный способ отличается тем, что содержит- аутентификацию, выполняемую IED перед приемом запроса, подтверждающей стороны и сохранение в памяти (11) IED проверки достоверности изменения конфигурации, заданной подтверждающей стороной, и- принятие или отклонение запроса на изменение конфигурации на основе результата проверки достоверности, используемой для конкретных случаев, относящихся к запросу на изменение конфигурации.2. Способ по п.1, отличающийся тем, что проверка достоверности включает в себя план обслуживания IED, набор правил или экспертную систему, которая оценивает ...

СОХРАНЕНИЕ ЗАЩИЩЕННЫХ СЕКРЕТОВ ПО БЕЗОПАСНОМУ ОБНОВЛЕНИЮ ПЕРЕЗАГРУЗКИ

Manipulationssicherheit eines Endgeräts

Bei einem auf einem portablen Datenträger (20) auszuführenden Verfahren zum Prüfen der Manipulationssicherheit eines Endgeräts (10), mit dem der Datenträger (20) als eine Transaktionseinheit (23) verbunden ist, welche dem Endgerät (10) eine sichere Datenkommunikationsverbindung (26) zur Übertragung von Transaktionsdaten (R2) an einen Transaktionsserver (17) bereitstellen kann, meldet sich der Datenträger (20) gegenüber dem Endgerät (10) gleichzeitig als Eingabeeinheit (22) an und prüft, ob als Transaktionseinheit (23) von dem Endgerät (10) entgegengenommene Pseudotransaktionsdaten (P2) gegenüber dem Endgerät (10) als Eingabeeinheit (22) übergebenen Pseudotransaktionsdaten (P1) unmanipuliert sind.

RECHENVORRICHTUNG UND -VERFAHREN MIT GESICHERTER AUTHENTIKATIONSEINRICHTUNG

Verfahren und Vorrichtung zur Überprüfung der Integrität von in einem vorbestimmten Speicherbereich eines Speichers gespeicherten Daten

Um einen sicheren Boot-Vorgang von IT-Systemen realisieren zu können, erfolgt eine Überprüfung der Integrität von in einem vorbestimmten ersten Speicherbereich (12) eines Speichers (11) gespeicherten Daten (D) einer ersten Einrichtung (10). In Abhängigkeit der Daten und einer vorbestimmten Integritätsfunktion wird ein Integritätswert (IW) berechnet. Die Überprüfung der Integrität der Daten erfolgt in Abhängigkeit des berechneten Integritätswerts (IW) durch eine zweite Einrichtung (20). Der Integritätswert (IW) wird vor oder während des Bootens der ersten Einrichtung (10) durch eine CRTM-Komponente in einem zweiten Speicherbereich (13) der ersten Einrichtung (10) berechnet. Eine die Integrität repräsentierende Integritätsinformation wird über eine Schnittstelle (15), auf die nur durch die CRTM-Komponente (CK) zugegriffen werden kann, an die zweite Einrichtung (20) übertragen. Im Ergebnis wird ein unabhängiger Low-Level-Kommunikationskanal zur Integritätsüberwachung direkt in der CRTM-Komponente ...

Verfahren und System zum Bereitstellen von temporären, sicheren Zugang ermöglichenden virtuellen Betriebsmitteln

Es werden temporären, sicheren Zugang erlaubende virtuelle Betriebsmittel bereitgestellt, welche ein Kommunikationstor für temporären, sicheren Zugang umfassen. Nach Empfang von Authentifizierungsdaten für temporären Zugang von einem Ursprung außerhalb des temporären, sicheren Zugang erlaubenden virtuellen Betriebsmittels erlaubt das Kommunikationstor für temporären, sicheren Zugang, dass funktionsfähiger Instruktionscode von einem Ursprung außerhalb des temporären, sicheren Zugang erlaubenden virtuellen Betriebsmittels in das temporären, sicheren Zugang erlaubende virtuelle Betriebsmittel übertragen wird.

Data object backing up method, involves encrypting data objects by key, determining another key dependent on parameters representative of application and data processing device, and encrypting former key by latter key

The method involves encrypting data objects (101) by a key, and providing another key. The latter key is assigned to an application (103) in a data processing device, and is determined dependent on parameters representative of the application and the data processing device. The former key is encrypted by the latter key. One of the parameters is modified, and a third key is determined by the modified parameter based on a trusted computing group. The former key is encrypted by the third key, and the encrypted data objects are stored in a preset memory area of an operating system. An independent claim is also included for a system for backing up of data objects.

Protocol software component and test apparatus

Secure mobile wireless device

Systems and methods for implementing modular computer system security solutions

In some embodiments, an apparatus includes a control chain generation module is configured to receive, from a control database, a security guideline control to be implemented with respect to a hardware asset. The control chain generation module is configured to select, based on requirements to satisfy the security guideline and attributes of the hardware asset, a security implementation control. The control chain generation module is configured to select a control assessor to monitor the compliance of the hardware asset with the security guideline and is configured to define a control chain including the security guideline control, the security implementation control, and the control assessor. The control chain generation module is configured to send an instruction to apply the control chain to the hardware asset such that the control assessor monitors the hardware asset for compliance with the security guideline.

Control mechanisms for data processing devices

Processing a guest event in a hypervisor-controlled system

COMPUTER SECURITY

Security system for a hard disk

A security system for a computer hard disk comprises a software or firmware write protect of the logical block address (LBAo) and the logical block address to which the first entry in the partition table directs BIOS during the boot cycle. The purpose of this invention is to prevent a purchaser from configuring or overwriting the operating system provided on a hard disk.

Platform and method for remote attestation of a platform

Dynamic trust management in computing platforms

A Dynamic Trusted Entity (DTE) 75 utilises a static register 78 and a dynamic register 79 for holding integrity measurements. An integrity measurement stored to the static register is combined with the existing value held in the register, i.e. it is extended, whereas an integrity measurement stored to the dynamic register replaces the previous value held in that register. When a change occurs in a software component 71, e.g. through a software update, the effected part is measured. For a critical change, which is a change to the component that has a potential impact on the ability of the component to implement its intended functionality, the resultant measurement is used to extend the value of the static register, effectively creating a permanent indication that a critical change has taken place; for a non-critical change, the new integrity measurement simply replaces the value held in the dynamic register. The arrangement enables a software component that has only been subject to non-critical ...

Dynamic trust management

Personal computer having security function,security method therefor,security device installation and detachment methods

Encrypting data on a computer's hard disk with a key derived from the contents of a memory

Computer hard disk security comprises encrypting data on a computer's hard disk with a cryptographic key depending partly on computer memory contents, RAM and/or BIOS memory. Memory contents changing with time are excluded. The SHA-1 algorithm cryptographically hashes the memory contents giving a hash for XORing with a user password. XORing provides a result which is used as a password for an encryption unit implementing a conventional full disk encryption technique, such as XORing the password with a hard disk block number. The key is generated with the BIOS memory configured so that the computer boots only from the hard disk. Hostile alteration of the BIOS memory contents results in failure to decrypt because the key now cannot be used to decrypt the hard disk. This defeats an attacker who alters BIOS settings in an attack with rogue computer boot media such as a floppy disk or a CD ROM.

Managing basic input/output system (BIOS) access

Example embodiments disclosed herein relate to managing basic input/output system (BIOS) access. Example embodiments include communicating with a remote directory server in response to an attempt to access a setting of a BIOS module.

Validating software code using a trusted third party

Validating software code provided to a user entity (39) by a software provider (38). User entity (39) encrypts first data, provides it to the software provider (38), and receives back an indication that the code is valid only if the software provider (38) has been able to correctly decrypt the encrypted first data, such decryption only being possible using an appropriate decryption key provided by a party (35) with rights in the software code. More particularly, the user entity (39) encrypts the first data using, as encryption parameters, both an encryption key string (EKS) comprising said software code or a representation thereof, and public data of the aforesaid party. A decryption key appropriate for correctly decrypting the encrypted first data is provided to the software provider (38) by the party (35) with rights in the software code, only if the software code provided to the user entity (39) is valid. Generation of this key by the party (35) is effected using both private data related ...

Policy enforcement in trusted platforms using external policy engines

A trusted entity 90 in a trusted computing platform comprises an input for receiving a trusted operation request from a requesting application 96 (e.g. a request to release a secret key), a trusted process for generating a challenge for at least one external policy engine 98 that is identified for authorising the request, the challenge including an authorisation value (e.g. a random number), and an output for delivering the challenge to the identified policy engine. The policy engine and the requesting application interact to enforce the policy, e.g. by authenticating the requesting application and any user controlling the requesting application, and the policy engine then passes the authorisation value to the requesting application which in turn communicates it to the trusted entity. The trusted entity compares the received authorization value with its copy and performs the requested operation if there is a match. The invention enables a trusted entity to delegate responsibility for enforcing ...

Cyber security

Input data is received S1 that is associated with an entity associated with a computer system (10, fig. 1), e.g. a user or device. Preferably the data includes data relating to the entitys activity on the computer system. Metrics, representative of the datas characteristics, are derived S2 from the data and may reflect usage of the computer system by the entity over time, e.g. metrics relating to network traffic. The metrics are analysed S3 using one or more models, perhaps arranged to detect different types of threat. A cyber-threat risk parameter is determined S4, S5 in accordance with the analysed metrics and a model of normal behaviour of the entity, e.g. by comparing the metrics with the model. The parameter is indicative of a likelihood of a cyber-threat, preferably the probability of such likelihood, and is preferably determined using recursive Bayesian estimation. The parameter may be compared with a threshold, possibly a moving threshold, to determine whether or not there is a ...

Methods and apparatus for distributing and installing trusted applications

USB autorun devices

Virtual high privilege mode for a system management request

Method and system for performing firmware update through DFU success rate prediction model

A method and system for performing firmware upgrade through DFU success rate prediction model, the method comprises steps of: SI, a user inputting information of a target device to an external device or the external device automatically collecting the information of the target device, and triggering an operating system of the external device to perform the firmware upgrade; S2, the external device issuing a firmware upgrade request to a server terminal, the server terminal inputting parameters provided by the external device to the DFU success rate prediction model to predict a success rate of the external device performing the firmware upgrade after receiving the query; S3, the server terminal returning to the external device a response whether to initiate a firmware upgrade. The present invention performs the success rate evaluation according to the model information before upgrading the firmware, initiates the firmware upgrade or notifies the user about the risk of the bad result, and ...

Device attestation techniques

A method for providing an attestation for enabling a device to attest to an assertion concerning the device where an assertion may be that certain event has occurred in the manufacturing of the device such as certain quality assurance steps or certain software being provisioned on the device. Generating an attestation identifier and a base-secret code corresponding to the attestation identifier and providing the attestation identifier and a validation-secret code to a validation apparatus for storage in conjunction with the assertion. Where the validation-secret code is based on the base-secret code, where the base-secret code may be hashed to produce the validation-secret code. Providing the attestation identifier and a device-secret code to a manufacturer or adapter for provision to a device, wherein the device-secret code is based on the base-secret code. The device-secret code may be the same as the base-secret code.

Trusted computing environment

A method of and apparatus for controlling access to data

Method and system for determining trust for data sources

Speculative side-channel hint instruction

In an apparatus 2 supporting speculative processing of read operations to read data from memory 20-22, a control circuit identifies a speculative side-channel hint instruction in a sequence of instructions to be processed. The hint instruction indicates a risk of information leakage if one subsequent read operation is processed speculatively. The control circuit determines speculative side‑channel mitigation measures based on the hint instruction. This improves upon mitigation measures applied to all operations which unnecessarily sacrifice performance. The control circuit can be decoder 12, execution stage 14, circuitry of data cache 20. Hint instructions, e.g. interpreted as NOP instructions, are inserted at compile or link time, just-in-time (JIT) compilation or dynamic recompilation, by hardware profiling. Hint instructions indicate that subsequent read operations are safe or unsafe to be processed speculatively. Control circuit annotates cached instruction or micro‑operations in 6, ...

System security process method and properties of human authorization mechanism

System and method of defining the security vulnerabilities of a computer system

Protected software identifiers for improving security in a computing device

Testing applications with a defined input format

Detecting vulnerable applications

A method and system of determining a vulnerability of software. Libraries are downloaded and stored in a database. For each library, a set of features are extracted and stored in a library index table of the database. For each library, it is determined whether it poses a security concern and flagged accordingly in the library index table. Applications are downloaded and stored in the database. For each application a set of features are extracted and stored in an application index table of the database. For each application, the set of features of the application are compared to the set of features of each of the libraries in the library index table to identify which libraries in the library index table are associated with the application. For each application, a name of the application and names of the associated libraries are stored in a vulnerability reference table in the database.

Address layout varying process

Post-manufacture generation of device certificate and private key for public key infrastructure

Certificate generating apparatus 40 obtains a first key associated to electronic device 2, e.g. an embedded seed key 42. From the first key a second key 22 is derived. A device certificate 20 is generated where the second key is a public key 22 for the device for public key infrastructure (PKI). The first key, e.g. an uncertified symmetrical key identical to a corresponding one held by the device, can be obtained from a manufacturer receipt. The device certificate is generated without transmitting public 22 or private 24 key between device 2 and certificate generating apparatus 40. The device certificate (e.g. X.509) is served stored, where file path to its location is device identifier dependent 50. The file path is obfuscated with an obfuscation key and the first key discarded after storing. Device manufacturing costs are reduced whilst still enabling use of PKI. Uses include Internet‑OF‑Things (IoT) devices. Also claimed is a method for generating a private key derived from a first key ...

Firmware management for IoT devices

The management system can include a data store for storing various data related to the devices and the various processes of the management system. The management system can include a controller for executing processes such as interrogation processes, firmware change processes, credential change processes, and other processes. The controller can determine versions of firmware and other configuration properties of a device and generate various profiles for updating the firmware and other configuration properties. The controller can determine upgrade paths for updating the firmware and other configuration properties from a first version to a second version, the upgrade paths including one or more intermediary versions for facilitating the upgrade path. The management system can update devices individually, on a device family basis, or on a system-wide basis. Interrogation of an IoT device in a family allows profiles to be determined for first and second devices in different families.

Firmware management for IoT devices

A process for management of Internet-of-Things (IoT) devices includes a management system for identifying, interrogating, and updating devices connected to one or more networks. The management system can include a data store for storing various data related to the devices and the various processes of the management system. The management system can include a controller for executing processes such as interrogation processes, firmware change processes, credential change processes, and other processes. The controller can determine versions of firmware and other configuration properties of a device and generate various profiles for updating the firmware and other configuration properties. The controller can determine upgrade paths for updating the firmware and other configuration properties from a first version to a second version, the upgrade paths including one or more intermediary versions for facilitating the upgrade path. The management system can update devices individually, on a device ...

Chip verification

Configuration driven application persona on hand held terminals

Chip verification

Configuration driven application persona on hand held terminals

Configuration driven application persona on hand held terminals

Chip verification

PROCEDURE AND MECHANISM FOR THE CONTROLLING OF AN ACCESS TO PERIPHERAL DEVICES

ANTI-THEFT PROTECTION

CONTROL UNIT

PROCEDURE AND CIRCUIT FOR IDENTIFYING AND/OR VERIFYING HARDWARE AND/OR SOFTWARE OF EQUIPMENT AND A WITH THE EQUIPMENT OF WORKING DATA MEDIUM

PROCEDURE FOR THE PROTECTION OF A MICROCOMPUTER SYSTEM AGAINST MANIPULATION OF ITS PROGRAM

EXAMINATION OF THE AUTHORIZATION OF THE INSTALLATION OF A SOFTWARE-VERSION

SAFE MOBILE SLACK EQUIPMENT

PROTECTION OF SECRET INFORMATION IN PROGRAMMED ELECTRONIC EQUIPMENT

SAFE STORE MANAGEMENT SYSTEM AND PROCEDURE

PROCEDURE AND SYSTEM FOR THE DISTRIBUTED PRODUCTION OF A PROGRAM FOR A PROGRAMMABLE ONE, PORTABLE DATA MEDIUM

CHIPKARTE MIT ÜBERWACHUNG DER INTEGRITÄT AUF SOFTWAREBASIS

Überwachung des Startvorgangs einer integrierten Schaltung

The invention relates to a method for monitoring the starting operation of an integrated circuit (IC), wherein the starting operation is performed by using a starting memory (SF), which is located outside the integrated circuit and is connected to the integrated circuit by means of a starting interface (SFI) arranged in the integrated circuit. In order to reduce the risk of manipulation of the starting memory, it is provided that an unalterable time period for the starting operation is prescribed by the hardware of the integrated circuit (IC) and, if the prescribed time period is exceeded, the starting interface (SFI) is disabled.

LOADING OF DATA INTO MOBILES EQUIPMENT

PROCEDURE FOR THE PROTECTION OF ELECTRONIC EQUIPMENT, A SAFETY SYSTEM AND ELECTRONIC EQUIPMENT

Systems and methods for full history dynamic network analysis

Provided herein are methods and systems for determining a historical state of a dynamic network. The methods may comprise continuously obtaining data associated with a system from a plurality of different data sources; constructing a full history dynamic network (FHDN) of the system using the data; and providing a state of the system for a historical time instance in response to a query of the FHDN for the historical time instance.

Systems and methods for security monitoring processing

A computer-implemented method may be used for security event monitoring. The method may include receiving data from a first operating system and defining an audit classes data filter for collection by a security event monitoring application. Additionally, the method may include comparing the data with the audit classes data filter and comparing the data with a set of blacklisted values. Additionally, the method may include outputting a common structure format data based on the comparison of the processing data with the audit classes data filter and the blacklisted values.

Systems and methods for identifying and monitoring solution stacks

Systems and methods for identifying and managing solution stacks integrated within a computer environment include one or more computing devices receiving information identifying one or more first assets as belonging to a solution stack integrated within a computer environment. The computing devices can iteratively identify additional assets of the computer environment related to, but not part of, the assets already identified as belonging to the solution stack, and determine, based on a comparison of attributes of the additional assets to attributes of the assets already identified as belonging to the solution stack, whether any of the additional assets belongs to the solution stack. The one or more computing devices can repeat these steps until no additional is identified as belonging to the solution stack. The computing devices can generate a current state of the solution stack defining at least a complete set of assets forming the solution stack.

Risk analysis to identify and retrospect cyber security threats

This disclosure provides an apparatus and method for identifying and retrospecting cyber security threats, including but not limited to in industrial control systems (100) and other systems. A method includes receiving (304), by a risk manager system (154), a selection of an asset for analysis. The method includes receiving (314), by the risk manager system (154), current and historical cyber-risk data corresponding to the asset. The method includes receiving (320) a user selection of one or more data options (404, 406, 408, 410) for analysis of the asset. The method includes identifying (322) relevant portions of the current and historical cyber-risk data according to the selected data options. The method includes producing an output (324) corresponding to the selected asset, the selected data options, and the identified relevant portions of the current and historical cyber-risk data. The method includes displaying (326) the output as a report in a graphical user interface (400).

Dual processor trusted computing environment

Apparatus and method for preventing disclosure of protected information

System and methods for automated detection of input and output validation and resource management vulnerability

In an example embodiment, a system analyzes a set of computer routines. The system may perform an analysis including a determination of a likelihood of vulnerability to unexpected behavior for one or more computer routines of the set. Based upon the analysis, the system may identify one or more computer routines of the set having the likelihood of vulnerability. The system may asynchronously and dynamically manipulate at least one of the one or more computer routines through a testing technique. The system may determine unexpected behavior of at least one of the one or more computer routines.

Systems and methods for detecting and preventing spoofing

Techniques for detecting application program spoofing. The techniques include: receiving a communication from an application program executing on a client device different from the at least one computer; identifying from the communication an asserted identity of the application program; and verifying the asserted identity of the application program at least in part by: interacting with the client device to obtain additional information about the application program, and determining whether the additional information about the application program is consistent with the asserted identity of the application program.

Automated electronic computing and communication system event analysis and management

Automatic automated electronic computing and communication system event analysis and management includes identifying an event, generating a computer readable representation of the electronic computing and communication system using automated topology enumeration, identifying an element of the electronic computing and communication system based on the representation, identifying a metric for the element, automatically investigating to determine a value for the metric, generating a remediation priority for the element based on a metric weight associated with the metric and a network layer value associated with a network layer associated with a network layer role associated with the element, and generating a graphical representation of the electronic computing and communication system indicating the remediation priority.

Computer security

Behaviorally-based computer security system

System and method for safeguarding electronic files and digital information in anetwork environment

METHOD FOR SECURELY UPDATING A PROGRAM BLOCK LOADED IN A SECURITY MODULE

SYSTEM AND METHOD FOR PROVIDING APPLICATION PENETRATION TESTING

A system and method provide application penetration testing. The system contains logic configured to find at least one vulnerability in the application so as to gain access to data associated with the application, logic configured to confirm the vulnerability and determine if the application can be compromised, and logic configured to compromise and analyze the application by extracting or manipulating data from a database associated with the application. In addition, the method provides for penetration testing of a target by: receiving at least one confirmed vulnerability of the target; receiving a method for compromising the confirmed vulnerability of the target; installing a network agent on the target in accordance with the method, wherein the network agent allows a penetration tester to execute arbitrary operating system commands on the target; and executing the arbitrary operating system commands on the target to analyze risk to which the target may be exposed.

SYSTEM FOR THE AUTOMATED PROCESSING OF MULTI-USE DATA

L'invention a notamment pour objet un composant logiciel pour le traitement automatisé de données multi-usages, mettant en oeuvre des fonctions ayant besoin de différents niveaux de sûreté ou limites de responsabilité. Le composant logiciel selon l'invention comprend une pluralité de machines virtuelles (215), chaque machine virtuelle étant adaptée à exécuter au moins une fonction ayant besoin d'un niveau de sûreté ou d'une limite de responsabilité prédéterminé et un hyperviseur (210) adapté à contrôler l'exécution de ladite pluralité de machines virtuelles.

INDEPENDENT COMPUTER MODULE SYSTEM

A portable secure computer architecture, apparatus, and method for protecting information and at least one program for controlling that information is disclos ed comprising: a computer protected inside of a single sealed cartridge, the comput er having a CPU, Memory, and a communications means for communicating with a host computer outside of the cartridge. All internal information and external communications a re exclusively controlled by the internal program. Provision is also made for runni ng a second program inside the architecture, while protecting secure information from that s econd program. Secure information is placed in a bank switched subdivision of memory. The subdivision is switched off by the information controlling program before the se cond program is permitted to run. Reactivating the protected subdivision causes a sim ultaneous non-maskable interrupt halting the second program and transferring control back to the first program.

TRANSPARENT DIGITAL RIGHTS MANAGEMENT FOR EXTENDIBLE CONTENT VIEWERS

A digital rights management system for controlling the distribution of digital content to player applications. The system comprises a verification system, a trusted content handler, and a user interface control. The verification system is provided to validate the integrity of the player applications; and the trusted content handler is used to decrypt content and to transmit the decrypted content to the player applications, and to enforce usage rights associated with the content. The user interface control module is provided to ensure that users of the player applications are not exposed to actions that violate the usage rights. The preferred embodiment of the present invention provides a system that enables existing content viewers, such as Web browsers, document viewers, and Java Virtual Machines running content-viewing applications, with digital rights management capabilities, in a manner that is transparent to the viewer. Extending content viewers with such capabilities enables and facilitates ...

HARDWARE-TRUSTED WIRELESS DATA COMMUNICATIONS OVER A WIRELESS RELAY

A wireless relay (110, 310, 400, 510, 600) serves User Equipment (UE) (101) with hardware- trusted wireless data communications over Institute of Electrical and Electronics Engineers (IEEE) 802.11 links (121, 321, 323) and Long Term Evolution (LTE) links (121, 322, 324). The wireless relay maintains hardware-trusted wireless backhaul links (122, 325, 326) to a data network (120). The wireless relay (110, 310, 400, 510, 600) broadcasts an IEEE 802.11 Service Set Identifier (SSID) (131, 321, 323) and a Long Term Evolution (LTE) Network Identifier (NID) (131, 322, 324). The UE wirelessly transfers a hardware-trusted attachment request (132, 321, 322) using the 802.11 SSID or the LTE NID. The wireless relay (110, 310, 400, 510, 600) validates hardware-trust of the UE (101), and in response, establishes a hardware-trusted attachment of the UE (101). The wireless relay (110, 310, 400, 510, 600) exchanges user data with the UE (101) using hardware-trusted circuitry (401-402, 601-602). The wireless ...

CONTEXTUAL RISK MONITORING

Systems, methods, and related technologies for device monitoring and device risk monitoring are described. In certain aspects, an indicator associated with a security risk is set based on communication between a first device having an associated elevated security risk and a second device. The indicator can be stored and may be used as a basis for performing a security action.

Доверенный компьютер

Доверенный компьютер содержит встроенное аппаратное средство защиты информации - резидентный компонент безопасности (РКБ), имеющий, по меньшей мере, одну дополнительную - по отношению к шине компьютера - связь с, по меньшей мере, одним его функциональным блоком. Задача полезной модели - повышение уровня защищенности компьютера от утечек критичных данных в доверенном режиме - решена тем, что, по меньшей мере, одна дополнительная связь проложена между выходом РКБ и цепью питания функционального блока, ответственного за передачу данных во внешний мир, и по ней пропущен управляющий сигнал, отключающий питание указанного блока в доверенном режиме работы компьютера. 1 з.п. ф-лы. РОССИЙСКАЯ ФЕДЕРАЦИЯ (19) RU (11) (13) 182 701 U1 (51) МПК G06F 21/57 (2013.01) ФЕДЕРАЛЬНАЯ СЛУЖБА ПО ИНТЕЛЛЕКТУАЛЬНОЙ СОБСТВЕННОСТИ (12) ОПИСАНИЕ ПОЛЕЗНОЙ МОДЕЛИ К ПАТЕНТУ (52) СПК G06F 21/57 (2006.01); G06F 21/62 (2006.01); G06F 21/86 (2006.01) (21)(22) Заявка: 2017144204, 18.12.2017 (24) Дата начала отсчета срока действия патента: (73) Патентообладатель(и): Конявский Валерий Аркадьевич (RU) Дата регистрации: 28.08.2018 (56) Список документов, цитированных в отчете о поиске: RU 2321055 C2, 27.03.2008. CN 105681300 A, 15.06.2016. RU 2538329 C1, 10.01.2015. US 6952777 B1, 04.10.2005. RU 2569577 C1, 27.11.2015. (45) Опубликовано: 28.08.2018 Бюл. № 25 R U (54) ДОВЕРЕННЫЙ КОМПЬЮТЕР (57) Реферат: Доверенный компьютер содержит встроенное аппаратное средство защиты информации резидентный компонент безопасности (РКБ), имеющий, по меньшей мере, одну дополнительную - по отношению к шине компьютера - связь с, по меньшей мере, одним его функциональным блоком. Задача полезной модели - повышение уровня защищенности компьютера от утечек критичных данных в Стр.: 1 доверенном режиме - решена тем, что, по меньшей мере, одна дополнительная связь проложена между выходом РКБ и цепью питания функционального блока, ответственного за передачу данных во внешний мир, и по ней пропущен управляющий сигнал, отключающий ...

Система адаптивного мониторинга автоматизированных систем управления военного назначения

Система адаптивного мониторинга автоматизированных систем управления военного назначения (АСУ ВН) предназначена для выполнения комплексной оценки защищенности АСУ ВН в условиях ограниченности ресурсов и формирования комплексного образа АСУ ВН. Техническим результатом полезной модели является оптимизация процедур мониторинга для осуществления оценки защищенности АСУ ВН с учетом текущей цели его функционирования и в условиях ограниченных ресурсов за счет последовательной многоуровневой адаптации, включающей: адаптацию набора и объема номенклатуры параметров, подлежащих мониторингу, адаптацию процедур наблюдения и адаптацию процедур оценивания, что обеспечивает повышение оперативности принятия решений о степени защищенности АСУ ВН за счет минимизации набора параметров, подлежащих контролю, таким образом повышается информативность полученных в процессе мониторинга данных. Указанный технический результат достигается тем, что оператор посредством модуля взаимодействия с пользователем устанавливает параметры работы системы. Модулем оценки на основе результатов, полученных в процесс функционирования модуля сбора информации, с учетом текущей цели объекта мониторинга и наличия ресурса для выполнения процедур мониторинга, определяется последовательность и параметры работы всех модулей системы и производится запуск работы модуля тестирования АСУ ВН. Данные результатов тестирования АСУ ВН посредством модуля преобразования данных приводятся к общему виду, передаются в модуль параметрического синтеза. Далее выполняется адаптация процедур наблюдения, запускается мониторинг параметров АСУ ВН и ее сетевой активности. Собранные модулем мониторинга данные приводятся к общему виду, передаются в модуль параметрического синтеза. Модулем параметрического синтеза производится синтез результатов тестирования и мониторинга, в результате чего формируется комплексный образ АСУ ВН, который выводится оператору и передается в модуль оценки, где выполняется адаптация процедур оценивания и ...

Secure configuration of a wireless sensor network

A method for secure configuration of a sensor system involves identifying a new sensor not activated within the sensor system, the new sensor including a new sensor identifier, establishing a first transmission link between the new sensor and a sensor controller, transmitting the new sensor identifier between the sensor and the sensor controller, generating a key pair for the sensor controller, the key pair including a controller public key and a controller private key, generating a key pair for the new sensor, the key pair including a sensor public key and a sensor private key, transmitting the controller public key to the new sensor and the sensor public key to the sensor controller, and generating a pairwise key within the sensor controller and the new sensor.

Information processing apparatus, method of starting information processing apparatus and startup program

When a match of a pair of a first configuration register value obtained by a configuration register value obtainment unit and a first configuration register value related to the first configuration register value stored in a storage unit with being related to the first startup control unit, or a match of a pair of a second configuration register value obtained by the configuration register value obtainment unit and a second configuration register value related to the second configuration register value stored in the storage unit with being related to the second startup control unit, is detected, startup processing of an information processing apparatus is continued. Thereby, the startup processing can be completed even when a part of processing units is swapped with a spare processing unit having the same configuration, and the functions of the startup control units can be effectively exploited.

Systems and methods for processing data flows

A flow processing facility, which uses a set of artificial neurons for pattern recognition, such as a self-organizing map, in order to provide security and protection to a computer or computer system supports unified threat management based at least in part on patterns relevant to a variety of types of threats that relate to computer systems, including computer networks. Flow processing for switching, security, and other network applications, including a facility that processes a data flow to address patterns relevant to a variety of conditions are directed at internal network security, virtualization, and web connection security. A flow processing facility for inspecting payloads of network traffic packets detects security threats and intrusions across accessible layers of the IP-stack by applying content matching and behavioral anomaly detection techniques based on regular expression matching and self-organizing maps. Exposing threats and intrusions within packet payload at or near real-time rates enhances network security from both external and internal sources while ensuring security policy is rigorously applied to data and system resources. Intrusion Detection and Protection (IDP) is provided by a flow processing facility that processes a data flow to address patterns relevant to a variety of types of network and data integrity threats that relate to computer systems, including computer networks.

APPARATUS AND METHOD FOR DETECTING, PRIORITIZING AND FIXING SECURITY DEFECTS AND COMPLIANCE VIOLATIONS IN SAP® ABAPtm CODE

A static code analysis (SCA) tool, apparatus and method detects, prioritizes and fixes security defects and compliance violations in SAP® ABAP™ code. The code, meta information and computer system configuration settings are transformed into an interchangeable format, and parsed into an execution model. A rules engine is applied to the execution model to identify security and compliance violations. The rules engine may include information about critical database tables and critical SAP standard functions, and the step of applying the rules engine to the execution model may include the calculation of specific business risks or whether a technical defect has a business-relevant impact. In particular, an asset flow analysis may be used to determine whether critical business data is no longer protected by the computer system. Such critical business data may include credit or debit card numbers, financial data or personal data.

Verification of Information-Flow Downgraders

A method includes determining grammar for output of an information-flow downgrader in a software program. The software program directs the output of the information-flow downgrader to a sink. The method includes determining whether the grammar of the output conforms to one or more predetermined specifications of the sink. The method includes, in response to a determination the grammar of the output conforms to the one or more predetermined specifications of the sink, determining the information-flow downgrader is verified for the sink, wherein determining grammar, determining whether the grammar, and determining the information-flow downgrader are performed via static analysis of the software program. Apparatus and computer program products are also disclosed. An apparatus includes a user interface providing a result of whether or not output of an information-flow downgrader in the software program conforms to one or more predetermined specifications of a sink in the software program.

Protection against malware on web resources

A method and system for identification of malware threats on web resources. The system employs a scheduled antivirus (AV) scanning of web resources. The scheduled scanning of web resources allows to create malware check lists and to configure access to web resources. Frequency and depth of inspection (i.e., scan) are determined for each web resource. The user identifiers are used for scheduled AV scanning of web resources. The system allows for scanning a web resource based on selected configurations without using additional client applications.

Pre-boot protected memory channel

Machine readable media, methods, and computing devices are disclosed which establish a protected memory channel between an operating system loader of a user partition and services of a management partition. One computing device includes protected storage, read only memory, firmware, a storage device and a processor. The storage device is to store the virtual machine monitor and an operating system having an operating system loader. The virtual machine monitor is to establish a protected memory channel between the one or more integrity services of a management partition and the operating system loader of a user partition in response to measuring and verifying the operating system loader based upon the manifest. The processor is to execute the code of the read only memory, the firmware, the virtual machine monitor, the operating system, the operating system loader, the management partition, and the user partition.

Method and apparatus for booting host

Provided are a method and a device for booting a host embodying a downloadable conditional access system (DCAS), wherein one of a plurality of pre-determined booting modes is decided as a booting mode of the host based on first information indicating whether a host can communicate with a broadcasting service provider and second information indicating whether a software-based security client providing information required for decrypting broadcasting data is installed to a hardware-based security module connected to the host, and the host is booted in the decided booting mode.

Functional patching/hooking detection and prevention

A method for preventing malicious attacks on software, using the patching method, includes providing a database of malicious known patches (malware). The database contains characteristic signatures of the malware. The method also includes detecting whether a patch is malicious by comparing it with a signature in the database and performing one or more activities needed to prevent the malicious patch from performing undesired activities.

Method and System for Device Integrity Authentication

Device integrity authentication is performed by receiving, at a second device, a measured integrity value from a first device. The measured integrity value of the first device is compared at the second device to an embedded integrity value associated with the second device. A level of trust for the first device is determined by the second device based on the comparison. Application of a policy to the first device is facilitated by the second device based on the comparison.

Method and System for Device Integrity Authentication

Device integrity authentication is performed by receiving, at a second device, data from a first device. A determination is made at the second device as to whether at least a portion of the data is associated with a protected datatype. A measured integrity value of the first device is determined in response to the portion of the data being associated with the protected datatype. The measured integrity value of the first device is compared to an embedded integrity value associated with the second device. Application of at least one of a plurality of policies associated with processing the data is facilitated at the second device based on the comparison and the protected datatype.

Application selection using current detection intelligence

Selecting one or more applications from the plurality of similar or near redundant applications to activate. A method includes retrieving information about current characteristics of one or more applications. The method further includes retrieving information about a current computing operational landscape. Based on the information about current characteristics of one or more applications and the information about a current computing operational landscape, the method further includes creating a ranking of applications. The rankings are made available to a system with a plurality of applications with similar or near redundant functionality. At the system, one or more of the applications in the plurality of applications are selected to activate based on the ranking of applications.

Performing security assessments in an online services system

A system and method for performing security assessments in an online services system. In one embodiment, a method includes receiving an accepted security assessment agreement from a user, where the security assessment agreement is associated with a software application utilized in an online services system. The method also includes receiving configuration data associated with the software application; receiving scanning data associated with the software application; and sending the configuration data and scanning data to one or more security assessment systems.

System recovery method and computing apparatus having system recovery function

A system recovery method and a computing apparatus having a system recovery function. The computing apparatus includes a first memory unit to store a general operating system (OS) in a system partition where a primary anti-virus program operates, and to store a recovery OS in a recovery partition where a secondary anti-virus program operates; a second memory unit to store firmware determining a booting partition of the computing apparatus; and a processor to control execution of the firmware to, when the system partition is infected by a virus and thus the computing apparatus does not boot to the general OS, boot the computing apparatus to the recovery OS, and to control recovery of the system partition.

Attesting a Component of a System During a Boot Process

A method, apparatus and program product for attesting a component of a system during a boot process. The method comprises the steps of: verifying that the system is in a trusted state; in response to verifying that the system is in a trusted state, requesting an enrollment of the system wherein the requesting step further comprises the step of: retrieving enrollment data associated with the system; retrieving current input data associated with the component of the system; comparing the current input data against the enrollment data in order to determine whether the system can retain its trusted state; wherein in response to the comparing step, if the current input data matches the enrollment data, the system retains its trusted state; and accepting the trusted state until receipt of a notification, from the system having a retained trusted state, of an update to the system.

Demand based usb proxy for data stores in service processor complex

A method, apparatus, system, and computer program product for secure server system management. A payload containing system software and/or firmware updates is distributed in an on-demand, secure I/O operation. The I/O operation is performed via a secured communication channel inaccessible by the server operating system to an emulated USB drive. The secure communication channel can be established for the I/O operation only after authenticating the recipient of the payload, and the payload can be protected from access by a potentially-infected server operating system. Furthermore, the payload can be delivered on demand rather than relying on a BIOS update schedule, and the payload can be delivered at speeds of a write operation to a USB drive.

Secure deployment of provable identity for dynamic application environments

An invention is described for securely deploying a provable identity for virtual machines (VMs) in a dynamic environment. In an embodiment, a fabric controller instructs a VM host to create a VM and sends that VM a secret. The fabric controller sends that same secret (or a second secret, such as the private key of a public/private key pair) to the security token service along with an instruction to make an account for the VM. The VM presents proof that it possesses the secret to the security token service and in return receives a full token. When a client connects to the deployment, it receives the public key from the security token service, which it trusts, and the full token from the VM. It validates the full token with the public key to determine that the VM has the identity that it purports to have.

Method and apparatus for registering agents onto a virtual machine monitor

A method for managing an agent includes verifying an integrity of the agent in response to a registration request. Memory protection is provided for the agent dining integrity verification. An indication is generated when registration of the agent has been completed. According to one aspect of the present invention, providing memory protection includes having a virtual machine monitor limit access to the agent. Other embodiments are described and claimed.

Globally valid measured operating system launch with hibernation support

An event log can comprise, not only entries associated with components instantiated since a most recent power on of a computing device, but also entries of components instantiated prior to that power on, such as components that were instantiated, and represent, a state of the computing device prior to hibernation that has now been resumed. Upon hibernation, the current values of the Platform Configuration Registers (PCRs) of a Trusted Platform Module (trusted execution environment), as well as a quote of those current values, and a current value of a monotonic counter of the trusted execution environment can be logged. The monotonic counter can be incremented at each power on to track successive generations of the computing device and to guard against an intervening, not-logged generation. A subsequent parsing of the event log can verify the prior generational entries with reference to the PCR values in the log that are associated with those generations.

Data protection device and method thereof

A data protection device includes a basic input output system chip and a main control chip. The basic input output system chip stores basic input output system program and includes a write protection pin and a plurality of status registers. The main control chip includes a plurality of general purpose input output pins. One general purpose input output pin is electrically connected to the write protection pin of the basic input output system chip, the voltage level of the general purpose input output pin is controlled by performing different command programs of the basic input output system program, and the status registers and the basic input output system chip are selectable to be in a write protection mode or a writable mode under the control of the voltage level of the write protection pin of the basic input output system chip.

Firmware update method and system for micro-controller unit in power supply unit

Disclosed is a firmware update system for a micro-controller unit in a power supply unit. The micro-controller unit includes a central processing unit and a flash memory connected to the central processing unit. The flash memory includes a boot program sector, a main program sector, and a temporary data sector, where the boot program sector contains a boot program and the main program sector contains a main program to be executed by the central processing unit under a normal operating mode, and the temporary data sector is set to contain a downloaded firmware code to be copied to the main program sector to replace the main program, thereby updating the flash memory. The downloaded firmware code contains a sector checksum value and a firmware signature for allowing the boot program to validate if the downloaded firmware code is valid and authentic, and the boot program sector and the main program sector are accessed by a virtual address.

Security system for computing resources pre-releases

Technology is provided for provisioning a user computer system with membership in a privilege set in order to execute a pre-release resource. Some examples of pre-release resources are alpha and beta versions of firmware or software which can be downloaded to user computer systems. The pre-release resources are associated with different privilege sets based on their security risk levels. In one example, a security risk level may represent a number of user computer systems at risk of an integrity failure of the pre-release resource. In other examples, the security risk may represent an operational layer of the user computer system affected by the resource or a level of security testing certification success for the pre-release resource. A privilege set identifier indicates membership in one or more privilege sets.

Image vulnerability repair in a networked computing environment

Embodiments of the present invention provide an approach to repair vulnerabilities (e.g., security vulnerabilities) in images (e.g., application images) in a networked computing environment (e.g., a cloud computing environment). Specifically, an image is checked for vulnerabilities using a database of known images and/or vulnerabilities. If a vulnerability is found, a flexible/elastic firewall is established around the image so as to isolate the vulnerability. Once the firewall has been put in place, the vulnerability can be repaired by a variety of means such as upgrading the image, quarantining the image, discarding the image, and/or generating a new image. Once the image has been repaired, the firewall can be removed.

System and method for providing secure virtual machines

The present invention provides improved security in a virtual machine. By extending the capabilities of modern secure processors, privacy of computation is provided from both the owner of the equipment and other users executing on the processor, which is an advantageous feature for rentable, secure computers. In addition to the hardware extensions required to secure a virtualizable computer, an infrastructure for the deployment of such processors is also provided. Furthermore, a signaling flow to establish the various relationships between the owner, user and manufacturer of the equipment is disclosed.

Method and apparatus for securing a computing device

A method and apparatus for securing a computing device are provided. A state of the computing device is determined, the state associated with a protection state. The computing device is automatically switching between a plurality of security levels at based on the state.

Apparatus and method to harden computer system

In some embodiments, a processor-based system may include a processor, the processor having a processor identification, one or more electronic components coupled to the processor, at least one of the electronic components having a component identification, and a hardware security component coupled to the processor and the electronic component. The hardware security component may include a secure non-volatile memory and a controller. The controller may be configured to receive the processor identification from the processor, receive the at least one component identification from the one or more electronic components, and determine if a boot of the processor-based system is a provisioning boot of the processor-based system. If the boot is determined to be the provisioning boot, the controller may be configured to store a security code in the secure non-volatile memory, wherein the security code is based on the processor identification and the at least one component identification. Other embodiments are disclosed and claimed.

Defense-in-depth security for bytecode executables

Defense-in Depth security defines a set of graduated security tasks, each of which performs a task that must complete before another task can complete. Only when these tasks complete successfully and in the order prescribed by Defense-in-Depth security criteria is a final process allowed to execute. Through such Defense-in-Depth security measures, vulnerable software, such as bytecode, can be verified as unaltered and executed in a secure environment that prohibits unsecured access to the underlying code.

Self regulation of the subject of attestation

Attestation by a self-regulating attestation client. The attestation client requests a credential of health from an attestation service, which includes an ordered attestation log and proof of integrity and freshness of the log. The attestation client receives the requested credential of health, which certifies the attestation client was healthy when it requested the credential of health and that the attestation service trusts the attestation client to be healthy each time the attestation client authenticates using the credential of health. The attestation client receives a request to authenticate that it is healthy using the credential of health, verifies that it is currently healthy, and performs the requested authentication.

Security countermeasure management platform

A management platform that allows security and compliance users to view risks and vulnerabilities in their environment with the added context of what other mitigating security countermeasures are associated with that vulnerability and that are applicable and/or available within the overall security architecture. Additionally, the platform allows users to take one or more actions from controlling the operation of a security countermeasure for mitigation purposes to documenting the awareness of a security countermeasure that is in place.

Mechanism for Generating Vulnerability Reports Based on Application Binary Interface/Application Programming Interface Usage

A method for generating vulnerability reports based on application binary interface/application programming interface usage may include extracting a binary file and a security report relating to a software program, the security report having a vulnerability list of pending vulnerabilities relating to the software program, and detecting, from the binary file, interface usage details associated with interfaces and shared libraries used by the software program. The interfaces include application binary interfaces (ABIs). The method may further include matching the interface usage details with the pending vulnerability of the vulnerability list, and generating a vulnerability report based on matching.

Methods for detecting sensitive information in mainframe systems, computer readable storage media and system utilizing same

Examples of methods, systems, and computer-readable media for detection of sensitive information are described using multiple techniques. The techniques may include applying pre-defined field structure layouts to records, applying simple template structure to records as a single field, and inferring data structure by building a map of potential packed decimal locations. The resulting information may then be analyzed for detection of sensitive information.

Method and apparatus for validating integrity of a mobile communication device

A method for validating integrity of a mobile communication device includes installing an integrity verification application on the mobile communication device. The method also includes establishing a first pass indicator and a second pass indicator including receiving a first instance of the first pass indicator. The method also includes receiving a second instance of the first pass indicator as a challenge for verification. In response to receiving the second instance of the first pass indicator, the second pass indicator may be displayed as an indication of the integrity.

System and method for server-coupled application re-analysis to obtain trust, distribution and ratings assessment

A system and method for preventing malware, spyware and other undesirable applications from affecting mobile communication devices uses a server to assist in identifying and removing undesirable applications. When scanning an application, a device transmits information about the application to a server for analysis. The server receives the information, produces a characterization assessment and can also provide a characterization re-assessment for the application, or data object, and transmits the assessment to the device. By performing analysis on a server, the invention allows a device to reduce the battery and performance cost of protecting against undesirable applications. The servers transmit notifications to devices that have installed applications that are discovered to be undesirable. The server can accumulate this data and then perform a characterization re-assessment of a data object it has previously assessed to provide an assessment based upon one of trust, distribution and ratings information.

Techniques for securing a checked-out virtual machine in a virtual desktop infrastructure

Techniques for securing checked-out virtual machines in a virtual desktop infrastructure (VDI) are disclosed. In one particular exemplary embodiment, the techniques may be realized as a method for securing a checked-out guest virtual machine including receiving a request for checking-out a guest virtual machine hosted by a server network element, wherein checking-out the guest virtual machine comprises transferring hosting of the guest virtual machine from the server network element to a client network element. The method for securing a checked-out guest virtual machines may also include configuring a security module for the guest virtual machine in order to secure the guest virtual machine and providing the security module to the guest virtual machine when the guest virtual machine is checked-out.

Method and apparatus for determining software trustworthiness

Aspects of the invention relate to a method, apparatus, and computer readable medium for determining software trustworthiness. In some examples, a software package identified as including at least one file of unknown trustworthiness is installed on a clean machine. A report package including a catalog of files that have been installed or modified on the clean machine by the software package is generated. Identification attributes for each of the files in the catalog is determined. Each of the files in the catalog is processed to assign a level of trustworthiness thereto. The report package is provided as output.

Methods, Systems, and Apparatuses for Managing a Hard Drive Security System

Methods, systems, and apparatuses for a self-encrypting drive (SED) management system configured to be loaded in a pre-boot region of an SED-based computer, the SED of the SED-based computer having a nominal space, which may be encrypted when the SED-based computer is shut down, and the pre-boot region. The SED management system comprises a pre-boot operating system (OS); at least one pre-boot library configured to support the pre-boot OS; and an unlocking software program configured to work with the pre-boot OS to transfer control directly to an operating system of the nominal space upon a successful authentication. Other embodiments are described and claimed.

Method and system for protecting a computer system during boot operation

A method for protecting a computer system from malicious network traffic is provided using a driver which inspects network packets. A security profile comprising packet inspection rules is compiled and stored on the computer system. During the startup or boot operation of an operating system, the driver loads the compiled security profile and inspects network packets using the inspection rules.

Gaming Security System

Verification of software to be run in a secure environment is performed by comparing a critical portion of the executable boot program code in an EPROM with code stored in a logic circuit. The comparison may be performed before the code to be verified is run or while it is running. in the event that the validation fails certain critical functions of the platform are inhibited to prevent fraudulent operation of the platform. The system is particularly applicable to gaming machines to avoid cheating.

System and Method for Reducing Security Risk in Computer Network

Disclosed are systems, methods and computer program products for reducing security risk in a computer network. The system includes an administration server that collect information about one or more computers in the network, including the following information: computer user's external drive usage history, software installation history, and Web browsing history. The server calculates based on the collected information a security rating of the computer user. The server then adjust a security rating of the computer user based on the security rating of at least one other user of another computer connected to the same computer network. The server then selects security policy of the security software based on the adjusted security rating of the computer user. Different security policies provide different network security settings and prohibitions on launching of executable files from external drives.

Method and system for protecting against the execution of unauthorized software

In accordance with an embodiment of the present invention, a client device is protected against the execution of unauthorized software. The client includes a code authentication process that verifies the integrity of executable code, by generating and comparing a first hash value of the executable code with a known hash value of the original code. Furthermore, during boot-up, the client initializes a CPU exception vector table with one or more vector table entries. One or more, or all, of the vector table entries direct the CPU to execute the code authentication process prior to executing an event handler when an exception event occurs. Consequently, the code authentication process is virtually guaranteed to execute, thereby protecting against the execution of unauthorized code.

System and method for dynamic generation of anti-virus databases

A method for reducing the size of the AV database on a user computer by dynamically generating an AV database according to user parameters is provided. Critical user parameters that affect the content of the AV database required for this user are determined. The AV database for the single user is generated based on the user parameters. When the parameters of the user computer change or when new malware threats are detected, the user AV database is dynamically updated according to the new parameters and the new malware threats. The update procedure becomes more efficient since a need of updating large volumes of data is eliminated. The AV system, working with a small AV database, finds malware objects more efficiently and uses less of computer system resources.

Disabling communication ports

Example embodiments disclosed herein relate to enabling or disabling a port by writing to a reset write-once register. A boot process for a device is initiated. The reset write-once register is set, during the boot process, to disable or enable the port.

Compliance-based adaptations in managed virtual systems

Techniques are disclosed for controlling and managing virtual machines and other such virtual systems. VM execution approval is based on compliance with policies controlling various aspects of VM. The techniques can be employed to benefit all virtual environments, such as virtual machines, virtual appliances, and virtual applications. For ease of discussion herein, assume that a virtual machine (VM) represents each of these environments. In one particular embodiment, a systems management partition (SMP) is created inside the VM to provide a persistent and resilient storage for management information (e.g., logical and physical VM metadata). The SMP can also be used as a staging area for installing additional content or agentry on the VM when the VM is executed. Remote storage of management information can also be used. The VM management information can then be made available for pre-execution processing, including policy-based compliance testing.

System and method for server-coupled application re-analysis

To prevent malware, spyware and other undesirable applications from affecting mobile communication devices (e.g., smartphones, netbooks, and tablets), a device uses a server to assist in identifying and removing undesirable applications. When scanning an application, a device transmits information about the application to a server for analysis. The server receives the information, produces a categorization assessment and can provide a categorization re-assessment, and transmits the assessment to the device. By performing analysis on a server, a device can reduce its battery and performance cost of protecting against undesirable applications. The server transmits notifications to devices that have installed applications that are discovered to be undesirable. The server receives data about applications from many devices, using the combined data to minimize false positives and provide comprehensive protection against known and unknown threats. The server can accumulate this data and perform a categorization re-assessment of a data object previously assessed.

Data management

In one implementation, encrypted data and a virtual machine are stored together as a virtual machine-data image, wherein the virtual machine is configured to EXERT management control over the data based on policies set by an owner of the data. In another implementation, metadata defining or tagging policies for usage of data is associated with the data. Control capabilities of service providers are mapped to the policies, wherein those service provider environments that best satisfy the controls mapped to the policies are identified.

Method and apparatus for lifecycle integrity verification of virtual machines

A method and system for verifying the integrity of virtual machines and for verifying the integrity of discrete elements of the virtual machines throughout the lifecycle of the virtual machines. A virtual machine manager capable of managing one or more virtual machine images is installed on a physical hardware platform. An integrity verification component can be communicatively coupled to the virtual machine manager and an integrity reference component so that the integrity verification component can compare digests of the virtual machine image or discrete virtual machine image elements to virtual machine integrity records accessible from the integrity reference component.

Hardware Assisted Operating System Switch

An interoperable firmware memory containing a Basic Input Output System (BIOS) and a trusted platform module (TPSM). The BIOS includes CPU System Management Mode (SMM) firmware configured as read-only at boot. The SMM firmware configured to control switching subsequent to boot between at least: a first memory and second isolated memory; and a first and second isolated non-volatile storage device. The first memory including a first operating system and the second memory including a second operating system. The first non-volatile storage device configured to be used by the first operating system and the second non-volatile storage device configured to be used by the second operating system. The trusted platform module (TPSM) configured to check the integrity of the CPU system Management Mode (SMM) during the boot process.

Approach for securely processing an electronic document

A method and apparatus for processing an electronic document in a secure manner is provided. A scanner may verify that the configuration state of a file server has not changed since a prior configuration state by issuing a request to a security server. The security server may process the request to determine whether the configuration state of the file server has changed since the file server was registered with the security server. The security server may also verify that the scanner issued a request to store an electronic document using a file server or that the file server received the request. A storage medium of a file server may be protected against unauthorized removal of the storage medium by storing, separate from the storage medium, a password required to access the storage medium, and when the file server is powered on, the password is provided to the storage medium.

Centralized kernal module loading

Methods and systems for centralized kernel module loading are described. In one embodiment, a computing system detects a kernel module load event to load a kernel module into a kernel of a client. Upon detection of the kernel module load event, the computing system computes a cryptographic hash of the kernel module, and sends the cryptographic hash to an access control server to verify whether the cryptographic hash is a permitted hash. The computing system receives a response from the access control server to permit or deny the kernel module load event, and permits or denies the kernel module load event based on the response.

Testing web applications for file upload vulnerabilities

A system for detecting file upload vulnerabilities in web applications is provided. The system may include a black-box tester configured to upload, via a file upload interface exposed by a web application, a file together with a signature associated with the file. An execution monitor may be configured to receive information provided by instrumentation instructions within the web application during the execution of the web application. The execution monitor may be configured to recognize the signature of the uploaded file as indicating that the uploaded file was uploaded by the black-box tester. The execution monitor may also be configured to use any of the information to make at least one predefined determination assessing the vulnerability of the web application to a file upload exploit.

Systems and Methods For Digital Forensic Triage

In one embodiment, a method for forensic triage may include coupling, communicatively, a computer and a mobile device. The computer can be booted with machine readable instructions stored on the one or more mobile memory modules of the mobile device. A search data set can be received with one or more mobile processors of the mobile device. One or more processors of the computer, the one or more mobile processors, or both, can execute, automatically, the machine readable instructions stored on the one or more mobile memory modules of the mobile device to search one or memory modules of the computer in a read only mode for triage data that corresponds to the search data set. The triage data can be transmitted via one or more communication modules of the mobile device.

Malware automated removal system and method

The present invention automates the operation of multiple malware removal software products using a computerized system that systematically operates the multiple selected software products. These products are operated them in a customized “Safe Mode” using a shell that is different than the computer's other shell environments. Unlike the ordinary Safe Modes shells, the Custom Safe Mode prevents malware from functioning that ties itself to the normal shell, such as the Windows Explorer shell. In addition, the Custom Safe Mode allows the automation of tasks beyond that which is available under the standard command line shell.

Bios flash attack protection and notification

A system and method for BIOS flash attack protection and notification. A processor initialization module, including initialization firmware verification module may be configured to execute first in response to a power on and/or reset and to verify initialization firmware stored in non-volatile memory in a processor package. The initialization firmware is configured to verify the BIOS. If the verification of the initialization firmware and/or the BIOS fails, the system is configured to select at least one of a plurality of responses including, but not limited to, preventing the BIOS from executing, initiating recovery, reporting the verification failure, halting, shutting down and/or allowing the BIOS to execute and an operating system (OS) to boot in a limited functionality mode.

Secure Credential Unlock Using Trusted Execution Environments

Computing devices utilizing trusted execution environments as virtual smart cards are designed to support expected credential recovery operations when a user credential, e.g., personal identification number (PIN), password, etc. has been forgotten or is unknown. A computing device generates a cryptographic key that is protected with a PIN unlock key (PUK) provided by an administrative entity. If the user PIN cannot be input to the computing device the PUK can be input to unlock the locked cryptographic key and thereby provide access to protected data. A computing device can also, or alternatively, generate a group of challenges and formulate responses thereto. The formulated responses are each used to secure a computing device cryptographic key. If the user PIN cannot be input to the computing device an entity may request a challenge. The computing device issues a challenge from the set of generated challenges. Upon receiving a valid response back, the computing device can unlock the secured computing device cryptographic key associated with the issued challenge and subsequently provide access to protected data.

Method and system for controlling access to embedded nonvolatile memories

A system to control access to a nonvolatile memory. The system includes an embedded controller, and a nonvolatile memory including a password. The embedded controller and the nonvolatile memory may be in communication with one another. The system further includes a lock register receiving and storing the password from the nonvolatile memory, and a key register receiving a key from the embedded controller and holding the key for one machine cycle. Further, the system includes a comparator connected between the lock register and the key register. The comparator compares the password received from the lock register and the key received from the key register. Output from the comparator is provided to an access filter connected between the embedded controller and the nonvolatile memory. Based on the comparator output, the access filter may grant or block access to the nonvolatile memory.

Auditing a device

The auditing of a device that includes a physical memory is disclosed. One or more hardware parameters that correspond to a hardware configuration is received. Initialization information is also received. The physical memory is selectively written in accordance with a function. The physical memory is selectively read and at least one result is determined. The result is provided to a verifier.

Evaluating Detectability of Information in Authorization Policies

Techniques for evaluating detectablity of confidential information stored in authorization policies are described. In an example, an authorization policy has a confidential property. The confidential property is defined by whether application of a test probe to the authorization policy results in the grant of access to a resource. A processor automatically determines whether at least one witness policy can be generated that is observationally equivalent to the authorization policy from the perspective of a potential attacker, but the application of the test probe to the witness policy generates an access denial result. In the case that such a witness policy can be generated, an indication that the confidential property cannot be detected using the test probe is output. In the case that such a witness policy cannot be generated, an indication that the confidential property can be detected using the test probe is output.

Sandboxing technology for webruntime system

In a first embodiment of the present invention, a method of providing security enforcements of widgets in a computer system having a processor and a memory is provided, comprising: extracting access control information from a widget process requesting a service, generating access control rules customized for the widget process, and providing the access control rules to a trusted portion of the computer system outside of the user code space of a Web Runtime (WRT) system; and for any static access control rule, delegating security checking of the widget process from the WRT system to the trusted portion of the computer system.

Attestation Protocol for Securely Booting a Guest Operating System

In a cloud computing environment, a production server virtualization stack is minimized to present fewer security vulnerabilities to malicious software running within a guest virtual machine. The minimal virtualization stack includes support for those virtual devices necessary for the operation of a guest operating system, with the code base of those virtual devices further reduced. Further, a dedicated, isolated boot server provides functionality to securely boot a guest operating system. The boot server is isolated through use of an attestation protocol, by which the boot server presents a secret to a network switch to attest that the boot server is operating in a clean mode. The attestation protocol may further employ a secure co-processor to seal the secret, so that it is only accessible when the boot server is operating in the clean mode.

Method and system for tracking machines on a network using fuzzy guid technology

A method for querying a knowledgebase of malicious hosts numbered from 1 through N. The method includes providing a network of computers, which has a plurality of unknown malicious host machines. In a specific embodiment, the malicious host machines are disposed throughout the network of computers, which includes a world wide network of computers, e.g., Internet. The method includes querying a knowledge base including a plurality of known malicious hosts, which are numbered from 1 through N, where N is an integer greater than 1. In a preferred embodiment, the knowledge base is coupled to the network of computers. The method includes receiving first information associated with an unknown host from the network; identifying an unknown host and querying the knowledge base to determine if the unknown host is one of the known malicious hosts in the knowledge base. The method also includes outputting second information associated with the unknown host based upon the querying process.

System and method for real-time customized threat protection

A method is provided in one example embodiment that includes receiving event information associated with reports from sensors distributed throughout a network environment and correlating the event information to identify a threat. A customized security policy based on the threat may be sent to the sensors.

Attesting a Component of a System During a Boot Process

A method for attesting a component of a system during a boot process. The method comprises the steps of: verifying that the system is in a trusted state; in response to verifying that the system is in a trusted state, requesting an enrollment of the system wherein the requesting step further comprises the step of: retrieving enrollment data associated with the system; retrieving current input data associated with the component of the system; comparing the current input data against the enrollment data in order to determine whether the system can retain its trusted state; wherein in response to the comparing step, if the current input data matches the enrollment data, the system retains its trusted state; and accepting the trusted state until receipt of a notification, from the system having a retained trusted state, of an update to the system.

Login initiated scanning of computing devices

Embodiments of the invention relate to systems, methods, and computer program products for login initiated remote scanning of computer devices. The present invention detects login to the network via access management systems. The login data provides information that identifies the device so that the device can be checked against a scan database to determine if and when a previous scan occurred. Based on the findings in the scan database determinations are made as to whether to perform a scan. Additionally, the level of scanning can be determined based on previous scan dates and previous scan results, which may dictate customized scanning. In addition, the priority of the impending scan may be dictated by previous scan dates and results. Further embodiments provide for assessing risk, such as risk scoring or the like, concurrently or in near-real-time with the completion of the scan so that alerts may be communicated.

Secure option rom control

A mechanism for controlling the execution of Option ROM code on a Unified Extensible Firmware Interface (UEFI)-compliant computing device is discussed. A security policy enforced by the firmware may be configured by the computing platform designer/IT administrator to take different actions for different types of detected expansion cards or other devices due to the security characteristics of Option ROM drivers associated with the expansion card or device. The security policy may specify whether authorized signed UEFI Option ROM drivers, unauthorized but signed UEFI Option ROM drivers, unsigned UEFI Option ROM drivers and legacy Option ROM drivers are allowed to execute on the UEFI-compliant computing device.

Hardware access and monitoring control

Various embodiments described and illustrated here include one or more of systems, methods, software, and data structures that may be used to implement policies for hardware access and monitoring control in concert with a premises security system that controls ingress and egress of a facility. One embodiment includes identifying when certain devices are removed or decoupled from a computer and preventing one or more users of that computer from leaving a facility within which the computer is located.

Accessing secure volumes

A system and method for reading data from or writing data to a secure volume of a secure peripheral device. The secure peripheral device is communicatively coupled with a first host computer. The secure peripheral device includes an unsecure first volume, a secure second volume, and a secure third volume. Data is read from or written to the secure third volume either via an operating system stored on the first host computer or via an operating system stored on the secure peripheral device.

Setting default security features for use with web applications and extensions

According to one general aspect, a computer-implemented method for implementing default security features for web applications and browser extensions includes receiving a request to include a web application or a web browser extension in a digital marketplace. A determination is made if the web application or the web browser extension conforms to default security features, wherein the default security features include a prohibition against running in-line script on web pages. The web application or the browser extension is included in the digital marketplace if the web application or the browser extension conforms to the default security features.

Apparatus and method for enhancing security in heterogeneous computing environment

An apparatus and method for enhancing security and stability in a heterogeneous computing environment that supports an open standard parallel program are provided. A method of enhancing security in a heterogeneous computing environment may include loading a source code kernel corresponding to an application program to be installed in a host system, determining whether the source code kernel is targeted for integrity check, based on a security policy of the host system, prior to cross-compiling the source code kernel, requesting a security engine of a computing device to check an integrity of the source code kernel, when the source code kernel is determined to be targeted for the integrity check, and controlling an operation of a runtime compiler based on a check result received from the security engine.

Supervision of the security in a computer system

For supervising the security of a computer system (SY) comprising several elementary computer items (BI), such as machines and applications, and several gathering items (BIg), such as networks, services or sites, gathering elementary items, a supervision device (DS) collects base measurements (MB) representative of states of the elementary items. A unit (UDI) determines several security indicators (I) of different types for each elementary item according to respective functions of the base measurements and several security indicators of different types for each gathering item. Each security indicator of a given type of a gathering item is determined according to a respective function of the security indicators of the given type of the elementary items gathered in the gathering item. The indicators of one item relate to the availability, the intrusion, the vulnerability and the compliance to a security policy.

Information processing program and information processing method

An information processing device stores, in a storage device, command execution user data associating an attribute of a command with a name of a user entitled to execute the command. When execution of the command is requested, a service of the information processing device extracts, from the command execution user data, a name of a user entitled to execute the requested command and executes the command with the extracted user name.

SYSTEM AND METHOD FOR SERVER-COUPLED APPLICATION RE-ANALYSIS TO OBTAIN CHARACTERIZATION ASSESSMENT

This disclosure is directed to a system and method for preventing malware, spyware and other undesirable applications from affecting mobile communication devices (e.g., smartphones, netbooks, and tablets). A mobile communication device uses a server to assist in identifying and removing undesirable applications. When scanning an application, a device transmits information about the application to a server for analysis. The server receives the information, produces a characterization assessment and can also provide a characterization re-assessment for the application, or data object, and transmits the assessment to the device. By performing analysis on a server, the invention allows a device to reduce the battery and performance cost of protecting against undesirable applications. The servers transmits notifications to devices that have installed applications that are discovered to be undesirable. The server receives data about applications from many devices, using the combined data to minimize false positives and provide comprehensive protection against known and unknown threats. The server can accumulate this data and then perform a characterization re-assessment of a data object it has previously assessed. 1. A method for re-assessing a data object by a server computer comprising:a) at the server computer, receiving data about a data object accessible to a mobile communication device, and storing the data in a data store accessible to the server computer;b) at the server computer, analyzing the data about the data object to produce a characterization assessment, and storing the characterization assessment in the data store accessible to the server computer;c) at the server computer, based upon a trigger selected from the group consisting of receipt of more data about the data object, receipt of more data about mobile communication devices, and an update to the server computer analyzing capability, re-analyzing the data about the data object;d) at the server, based ...

SECURE BOOT ADMINISTRATION IN A UNIFIED EXTENSIBLE FIRMWARE INTERFACE (UEFI)-COMPLIANT COMPUTING DEVICE

Firmware in a UEFI-compliant computing device is used to administer and alter a Secure Boot process for the computing device while continuing to provide protection from unauthorized third-party code. 1. A method for administering a secure boot in a Unified Extensible Firmware Interface (UEFI)-compliant computing device , comprising:receiving an interrupt command during a boot process for the UEFI-compliant computing device from a user, the boot process interrupted in response to the command;displaying to the user, following the interruption of the boot process, a listing of at least one task related to administering the boot process;receiving a selection of a listed task;invoking System Management Mode (SMM) in response to the selection of the listed task;performing the selected task in SMM using a firmware module executable only within SMM;resetting the computing device after the performance of the selected task; andre-starting the boot process for the computing device after the resetting.2. The method of wherein the performing of the selected task further comprises:enrolling a hash of an unsigned application in a system security database.3. The method of wherein the performing of the selected task further comprises:turning off a requirement to enforce the secure boot so as to allow all code to run during the boot process.4. The method of wherein the performing of the selected task further comprises:clearing a system security database of all certificates and disabling the secure boot.5. The method of wherein the performing of the selected task further comprises:restoring a system security database from a backup location or resetting the system security database to a factory setting.6. The method of wherein the interrupt command may only be received from a physically present user who is physically accessing the UEFI-compliant computing device.7. The method of wherein the interrupt command may be received from a user who is accessing the UEFI-compliant computing ...

EXTERNAL BOOT DEVICE, PROGRAM PRODUCT, EXTERNAL BOOT METHOD, AND NETWORK COMMUNICATION SYSTEM

A USB memory () includes an MBR memory (), and a distribution processing processor (). The MBR memory () stores an MBR. The MBR is set to start up with higher priority by BIOS of an information processing apparatus and reads a loader to map the loader to a startup memory region of the information processing apparatus. The MBR is a program that position-aligns a stack region in a predetermined stack relationship with an interrupt vector table set in the startup memory region of the information processing apparatus. Prior to a startup of the MBR, the distribution processing processor () segments the loader into loader segments of a predetermined number, and generates mapping information in accordance with which the loader segments are loaded to the startup memory region. In this way, the external booting controls activities of malware. 1. An external boot device mounted on an information processing apparatus including a CPU to boot up the information processing apparatus , comprising:storage means that stores MBR, the MBR being set to start up with higher priority by BIOS of the information processing apparatus, reading a loader, and mapping the loader to a startup memory region of the information processing apparatus, the MBR having a program that position-aligns a stack region in a predetermined stack relationship with an interrupt vector table set in the startup memory region of the information processing apparatus, anddistribution processing means that, prior to a startup of the MBR, segments the loader into loader segments of a predetermined number, and generates mapping information in accordance with which the loader segments are loaded to the startup memory region.22. The external boot device according to claim 1 , wherein the predetermined stack relationship aligns a base stack position of the stack region with a position of an upper bit of INT of the vector table.3. The external boot device according to claim 1 , wherein the MBR position-aligns the stack ...

INSIDER THREAT CORRELATION TOOL

Systems and methods for calculating threat scores for individuals within an organization or domain are provided. Aspects of the invention relate to computer-implemented methods that form a predictive threat rating for user accounts. In one implementation, a first threat score representing a first time period may be calculated. The first threat score may be compared with aspects of the same user accounts for a second time period. Weighting schemes may be applied to certain activities, controls, and/or user accounts. Further aspects relate to apparatuses configured to execute methods for ranking individual user accounts. Certain embodiments may not block transmissions that violate predefine rules, however, indications of such improper transmission may be considered when constructing a threat rating. Blocked transmissions enforced upon a user account may also be received. Certain activity, such as accessing the internet, may be monitored for the presence of a security threat and/or an ethics threat. 2. The method of claim 1 , wherein spikeis assigned a first integer if the first threshold level of spikeis about 40% great than the average of the same user account during the second time period.3. The method of claim 1 , wherein the aboveavgis assigned a first integer if the first threshold level of aboveavgis above about 30% greater than the activity of the plurality of user accounts for the same time period.4. The method of claim 1 , wherein the offhoursis assigned a first integer if the activity level is detected about 6 hours before or after the average start or end time for that user account.5. The method of claim 1 , wherein an activity is selected from the group consisting of: a security threat claim 1 , an ethics threat claim 1 , blocked transmission through the targeted communication application claim 1 , transmission through the targeted communication application meeting the predefined criterion claim 1 , attempted access of the centralized store claim 1 , an ...

System and method for evaluating marketer re-identification risk

Disclosures of databases for secondary purposes is increasing rapidly and any identification of personal data may from a dataset of database can be detrimental. A re-identification risk metric is determined for the scenario where an intruder wishes to re-identify as many records as possible in a disclosed database, known as a marketer risk. The dataset can be analyzed to determine equivalence classes for variables in the dataset and one or more equivalence class sizes. The re-identification risk metric associated with the dataset can be determined using a modified log-linear model by measuring a goodness of fit measure generalized for each of the one or more equivalence class sizes.

FIXING SECURITY VULNERABILITY IN A SOURCE CODE

A computer implemented method for automatically fixing a security vulnerability in a source code is disclosed. The method includes obtaining identification of code that sends tainted data to corresponding sink code in the source code; and automatically fixing the vulnerability by automatically performing code modification which is selected from the group of code modifications consisting of: code motion and code duplication. Also disclosed are computer program product and data processing system. 1. A computer implemented method for automatically fixing a security vulnerability in a source code , the method comprising:obtaining identification of code that sends tainted data to corresponding sink code in the source code; andautomatically fixing the vulnerability by automatically performing code modification which is selected from the group of code modifications consisting of: code motion and code duplication.2. A computer implemented method as claimed in claim 1 , further comprising performing additional code modification which is selected from the group of code modifications consisting of: code addition and code deletion.3. A computer implemented method as claimed in claim 1 , wherein the obtaining of identification of the code that sends tainted data to corresponding sink code includes performing data flow analysis.4. A computer implemented method as claimed in claim 1 , comprising translating the code that sends tainted data to corresponding sink code into a plan representation claim 1 , and performing the step of automatically fixing the vulnerability on the plan representation.5. A computer implemented method as claimed in claim 1 , comprising translating the entire source code into a plan representation claim 1 , and performing the step of automatically fixing the vulnerability on the plan representation.6. A computer implemented method as claimed in claim 1 , wherein the identification of the code that sends tainted data to corresponding sink code is provided a- ...

SYSTEM AND METHOD FOR TEMPORARY SECURE BOOT OF AN ELECTRONIC DEVICE

The invention discloses system and method of temporary secure boot process of an electronic device. The method comprises: generating a first token according to an identification data of the electronic device; sending a request along with the first token to a service provider, the request corresponding to a boot package; receiving a second token and a boot package from the service provider; verifying the second token and the boot package; and executing the boot package according to verification result. 1. A method of temporary secure boot process of an electronic device , comprising:generating a first token according to an identification data of the electronic device;sending a request along with the first token to a service provider, the request corresponding to a boot package;receiving a second token and a boot package from the service provider;verifying the second token and the boot package; andexecuting the boot package according to verification result.2. The method of claim 1 , further comprising:restarting the electronic device upon completion of the execution.3. The method of claim 1 , wherein the generating of the first token comprises:generating random data; andencrypting the identification data and the random data according to a first key.4. The method of claim 1 , wherein the verifying of the second token and the boot package comprises:decrypting the second token by the first key;confirming content of the second token with the identification data; andin response to the second token being confirmed, verifying the boot package by a second key.5. The method of claim 4 , further comprises clearing the random data from the electronic device.6. The method of claim 1 , wherein the identification data is one of the following: device serial number claim 1 , IMEI number claim 1 , MAC address and IMSI number.7. The method of claim 1 , wherein the executing of boot package is executed in a secure domain of the electronic device.8. A system for temporary boot up process ...

Device using secure processing zone to establish trust for digital rights management

A DRM client on a device establishes trust with a DRM server for playback of digital content. The client executes in a secure execution environment, and the process includes (1) securely loading loader code from secure programmable memory and verifying it using a digital signature scheme and first key securely stored in the device; (2) by the verified loader code, loading DRM client code from the memory and verifying it using a digital signature scheme and second key included in the loader code; (3) by the verified DRM client code (a) obtaining a domain key from the memory; (b) encrypting the domain key with a device identifier using a DRM system key included in the DRM client code; and (c) sending the encrypted domain key and device identifier to the DRM server, whereby the device becomes registered to receive content licenses via secure communications encrypted using the domain key.

Interactive analysis of a security specification

Analyzing a security specification. An embodiment can include identifying a downgrader in a computer program under test. Via a processor, testing on the downgrader can be performed in a first level of analysis. Responsive to the downgrader not passing the testing performed in the first level of analysis, a counter example for the downgrader can be automatically synthesized. Further, a test unit can be created for the downgrader using the counter example as an input parameter to the downgrader. The test unit can be executed to perform testing on the downgrader in a second level of analysis. Responsive to the downgrader passing the testing performed in the second level of analysis, a user can be prompted to simplify a model of the downgrader.

System and method of enforcing a computer policy

A method and system of enforcing a computer policy uses a central server to manage user profiles, policies and encryption keys. The server securely supplies the keys to client devices only after checking that the policy has been complied with. The checks include both the identity of the user and the machine identity of the client device. The keys are held in a secure environment of the client device, for example in a Trusted Platform Module (TPM), and remain inaccessible at all times to the end user. Theft or loss of a portable client device does not result in any encrypted data being compromised since the keys needed to decrypt that data are not extractable from the secure environment.

Electronic apparatus with a safe conditional access system (cas) and control method thereof

An electronic apparatus is provided, which includes a central processing unit (CPU), a first memory unit which performs communication with the CPU, and a second memory unit which stores therein conditional access system (CAS) software and platform software. According to the method of controlling the apparatus, upon booting, the CPU copies the CAS software to an internal memory area which may be within the CPU, copies the platform software to the first memory unit and executes the CAS and platform software, and executes CAS operations through communication between the CAS software and the platform software.

DEVICE REPUTATION MANAGEMENT

A device reputation server recognizes malicious devices used in prior attacks and prevents further attacks by the malicious devices. Server computers require a digital fingerprint of any client devices prior to providing any service to such client devices. Logging of network activity include the digital fingerprint of the device perpetrating the attack. When an attack is detected or discovered, the attacked server reports the attack and the digital fingerprint of the perpetrating device to a device reputation server. The device reputation server uses the report to improve future assessments of the reputation of the device associated with the reported digital fingerprint. 1. A method for determining the trustworthiness of a remotely located , subject device , the method comprising:receiving data representing one or more attacks by one or more perpetrating devices;receiving a request for a reputation of the subject device through a computer network;determining whether the subject device is one of the perpetrating devices;retrieving data representing one or more of the attacks that are associated with the subject device;quantifying a measure of trustworthiness of the subject device from the data representing one or more of the attacks that are associated with the subject device; andsending data representing the measure of trustworthiness of the subject device in response to the request.2. The method of wherein the subject device and the perpetrating devices are each identified by respective digital fingerprints.3. The method of wherein the data representing one or more attacks by one or more perpetrating devices includes digital fingerprints of the perpetrating devices.4. The method of wherein the data representing one or more attacks by one or more perpetrating devices includes excerpts of logs of network activity.5. The method of wherein the data representing one or more attacks by one or more perpetrating devices includes time stamps indicating the time of each of ...

METHOD AND APPARATUS FOR DETECTING EVENTS PERTAINING TO POTENTIAL CHANGE IN VULNERABILITY STATUS

Method and apparatus for Vulnerability Assessment techniques is disclosed. A method comprises detecting an event on a target in real time or at periodic intervals, by at least one of an OS service, an OS command, a hook, and an API. The event comprises a change in status of at least one of a network interface, a server network service, a client network service, and a port. An apparatus comprises a target having at least one of a deployed server network service, and a deployed client network service; and an agent deployed on the target, to detect an event on the target in real time or at periodic intervals. At least one of the agent and the VA server detect the event comprising a change in the status of at least one of a network interface, the server network service, the client network service, and a port. 1. A method comprising:detecting an event on a target, in real time or at periodic intervals, by at least one of an OS service, an OS command, a hook, and an API,the event comprising a change in status of at least one of a network interface, a server network service, a client network service, and a port.2. The method of claim 1 , wherein the status of the network interface comprises the states active and inactive claim 1 , the status of the network service comprises the states running and not running claim 1 , and the status of the port comprises the states open and closed.3. The method of further comprising conducting a test from at least one of a vulnerability assessment (VA) scanner claim 1 , and a port scanner on the target based on the detecting.4. The method of claim 3 , wherein the test from the VA scanner comprises at least one ofa test run from the VA scanner to identify the service running on a particular port on the target,a test run from the VA scanner to find a vulnerability in the service running on a particular port on the target,a test run from the VA scanner to identify a particular non-port based service running on the target,a test run from the ...

Locating security vulnerabilities in source code

A tool () automatically analyzes application source code () for application level vulnerabilities. The tool integrates seamlessly into the software development process, so vulnerabilities are found early in the software development life cycle, when removing the defects is far cheaper than in the post-production phase. Operation of the tool is based on static analysis, but makes use of a variety of techniques, for example methods of dealing with obfuscated code. 166-. (canceled)67. A computer-implemented method for evaluating a computer program , the method comprising:receiving, into a memory of a computer, source code of the computer program to be analyzed, the source code including invocations of specified methods;constructing, using a source code analyzer running on the computer, a control flow graph representing a flow of the computer program, while replacing the invocations with stubs in the control flow graph when the source code of the specified methods is unavailable;analyzing the control flow graph, while the graph contains at least some of the stubs, in order to identify a security vulnerability in the source code; andreporting the identified security vulnerability.68. The method according to claim 67 , and comprising claim 67 , when the source code is available for a given method claim 67 , replacing a corresponding stub with a single-method control flow graph.69. The method according to claim 67 , wherein the invocations refer to parameters used by the specified methods claim 67 , and wherein replacing the invocations with the stubs comprises inserting in the control flow graph at least one stub that uses but does not update the parameters of a corresponding method.70. The method according to claim 69 , wherein the at least one stub belongs to a first stub type claim 69 , replacing a first method invocation claim 69 , and wherein replacing the invocations with the stubs comprises identifying a second method invocation for which the parameters influence a ...

Method for Secure Self-Booting of an Electronic Device

The present invention relates to a method for a self-boot of an electronic device, wherein an external component is accessible through an interface of the electronic device (), the method comprising, determining a boot mode for booting the electronic device, wherein the determined boot mode is defined as a secure boot mode; disabling the interface, thereby prohibiting access to the component through the interface, thereby defining a secure state of the electronic device; loading a first code comprising a sequence of executable instructions to be executed for booting the electronic device; loading a second code, the second code being encrypted; and decrypting the second code and executing the second code, thereby enabling the interface, and switching the electronic device from the secure state to a debugging state.

Host Device and Method for Partitioning Attributes in a Storage Device

A host device and method for partitioning attributes in a storage device are provided. In one embodiment, a host device is provided that is in communication with a storage device storing a table associating logical address ranges with an encryption key and read/write permissions. The host device sends a request to the storage device to add a column to the table and then sends a request to the storage device to add an attribute to a cell of the added column to the table associated with a particular logical address range. The table and commands can be those compatible with the Trusted Computing Group's (TCG's) Opal standard.

AUTOMATED SECURITY ASSESSMENT OF BUSINESS-CRITICAL SYSTEMS AND APPLICATIONS

Systems and methods which provide a new application security assessment framework that allows auditing and testing systems to automatically perform security and compliance audits, detect technical security vulnerabilities, and illustrate the associated security risks affecting business-critical applications. 1. A method for assessing a security configuration of a target computer system , the method comprising:a) scanning previously provided IP addresses and ports;b) fingerprinting detected open ports to identify underlying services for said open ports;c) detecting if said target system is active said at least one module is executed based on a configuration of said module;', 'said target computer system is for executing business-critical applications., 'd) accessing a database of modules and executing at least one of said modules, said modules being for determining security vulnerabilities accessible through said IP addresses and ports wherein'}3. A method according to wherein at least one of said modules is executed based on a method comprising:aa-1) determining a scope of said at least one module, said scope for each module being predetermined and coded into each module;aa-2) in the event said scope is for a system, executing a function of said module once per target system;aa-3) in the event said scope is for a component, executing a function of said module for one specific connector associated with a specific target component;aa-4) in the event said scope is for a connector, executing a function of said module for a specific connector.4. A method according to wherein at least one of said modules executes a method comprising:bb-1) receiving at least one program identifier from a user; bb-2-1) connecting to a gateway for said target system;', 'bb-2-2) attempting to initiate a specific server associated with said program identifier on a host for a program identified by said program identifier;, 'bb-2) for each of said at least one program identifier,'}bb-3) ...

Automated Detection of Flaws and Incompatibility Problems in Information Flow Downgraders

Mechanisms for evaluating downgrader code in application code with regard to a target deployment environment. Downgrader code in the application code is identified. Based on an input string, an output string that the downgrader code outputs in response to receiving the input string is identified. One or more sets of illegal string patterns are retrieved. Each of the one or more sets of illegal string patterns is associated with a corresponding deployment environment. The illegal string patterns are string patterns that a downgrader identifies in the information flow for security purposes. A determination is made as to whether the downgrader code is compatible with the target deployment environment based on the one or more sets of illegal string patterns and the output string. An output indicative of the results of the determining is generated. 1. A method , in a data processing system , for evaluating downgrader code in application code with regard to a target deployment environment , comprising:identifying, by an application analysis mechanism of the data processing system, the downgrader code in the application code, wherein the downgrader code is a portion of code in the application code that operates on an information flow of the application code to ensure confidentiality of information input to the downgrader code, in the output of the downgrader code;generating, by the application analysis mechanism, based on an input string, an output string that the downgrader code outputs in response to receiving the input string;retrieving, from a storage system associated with the data processing system, one or more sets of illegal string patterns, wherein each of the one or more sets of illegal string patterns is associated with a corresponding deployment environment, and wherein the illegal string patterns are string patterns that a downgrader identifies in the information flow for security purposes;determining, by the application analysis mechanism, whether the ...

DETECTING SECURITY VULNERABILITIES IN WEB APPLICATIONS

Method to detect security vulnerabilities includes: interacting with a web application during its execution to identify a web page exposed by the web application; statically analyzing the web page to identify a parameter within the web page that is constrained by a client-side validation measure and that is to be sent to the web application; determining a server-side validation measure to be applied to the parameter in view of the constraint placed upon the parameter by the client-side validation measure; statically analyzing the web application to identify a location within the web application where the parameter is input into the web application; determining whether the parameter is constrained by the server-side validation measure prior to the parameter being used in a security-sensitive operation; and identifying the parameter as a security vulnerability. 1. A method comprising:interacting with a web application during its execution to identify a web page exposed by the web application;statically analyzing the web page to identify a parameter within the web page that is constrained by a client-side validation measure and that is to be sent to the web application;determining a server-side validation measure to be applied to the parameter in view of the constraint placed upon the parameter by the client-side validation measure;statically analyzing the web application to identify a location within the web application where the parameter is input into the web application;determining whether the parameter is constrained by the server-side validation measure prior to the parameter being used in a security-sensitive operation; andidentifying the parameter as a security vulnerability where the parameter is not constrained by the server-side validation measure prior to the parameter being used in the security-sensitive operation.2. The method of further comprising identifying the parameter within the web page claim 1 , wherein the parameter is a hidden parameter.3. The ...

Method and system for nand flash support in an autonomously loaded secure reprogrammable system

A system and method that enables secure system boot up with a restricted central processing unit (CPU). The system includes a memory, a segmenting device, and a security sub-system. The memory is a NAND flash memory with a block structure that comprises a guaranteed block and non-guaranteed blocks. The guaranteed block is guaranteed to be useable. A boot code is segmented into boot code segments and the boot code segments are stored separately in the guaranteed and non-guaranteed blocks. The security sub-system is configured to locate the boot code segments stored in the non-guaranteed blocks and validate them independently based on data in the guaranteed block. The security sub-system is further configured to assemble the boot code segments into the boot code and execute the boot code.

DISTRIBUTED PROCESSING SYSTEM, DISTRIBUTED PROCESSING METHOD AND COMPUTER-READABLE RECORDING MEDIUM

A distributed processing system is used in which a plurality of machines including a virtual machine constructed by cloud computing perform distributed execution of a task. Machines to each include: a communication unit that acquires environment information relating to the environment of another machine other than the own machine; an information acquisition unit that acquires environment information relating to the environment of the own machine; a risk calculation unit that calculates a risk for the case where the own machine executes the task based on the acquired environment information; a risk determination unit that determines whether or not the calculated risk is equal to or higher than a predetermined threshold; and an execution control unit that stops execution of the task on the own machine when the risk determination unit determines that the risk is equal to or higher than the predetermined threshold. 1. A distributed processing system including a plurality of machines that perform distributed execution of a task , each machine comprising:a communication unit that acquires environment information relating to an environment of another machine other than the own machine;an information acquisition unit that acquires environment information relating to an environment of the own machine;a risk calculation unit that calculates a risk for a case where the own machine executes the task based on the acquired environment information of said another machine and the acquired environment information of the own machine;a risk determination unit that determines whether or not the calculated risk is equal to or higher than a predetermined threshold; andan execution control unit that stops execution of the task on the own machine when the risk determination unit determines that the risk is equal to or higher than the predetermined threshold.2. The distributed processing system according to claim 1 , whereinany of the plurality of machines is a virtual machine constructed ...

Trusted installation of a software application

The trust reputation of the combination of an installation package and installer, as a pair, and the combination of a file and an installer, as a pair, is used to store the identity of a file in a persistent cache. An entry in the persistent cache indicates the trust worthiness of a file that does not contain malware thereby avoiding a scan of the file for malware. The trust worthiness of a file may be determined from known trust reputations of the installation package, installer, and file from a network of computing resources. By relying on the known trust reputation of the combination of the installation package and installer and the combination of the file and installer, the identity of the file may be stored in persistent cache quickly.

TECHNIQUES FOR PRESENTING AND COLLECTING END USER LICENSE AGREEMENT ACCEPTANCE

Techniques are disclosed for presenting and collecting end user license agreement acceptance for software applications or firmware components executed on a computing appliance. A sentry component allows only certain commands to be executed before the relevant end user license agreements are accepted, e.g., commands to configure a network interface and web server on the appliance executed on a shell over a serial interface. Once configured the web server is used to provide a rich interface for presenting end user license agreements and obtaining acceptance thereof. Once the user accepts the terms of the relevant license agreements, then the appliance is made active and all configuration commands become operational, including commands needed to configure the device and start services which would otherwise be prohibited by the sentry component prior to license acceptance. 1. A computer-implemented method for configuring a computing appliance , the method comprising:establishing an initial configuration interface to access the computing appliance;receiving one or more configuration commands via the initial configuration interface;determining whether each of the one or more configuration commands have been authorized for execution prior to the acceptance of an end user license agreement (EULA); andexecuting only configuration commands determined to be authorized for execution prior to acceptance of the EULA.2. The method of claim 1 , wherein selectively executing the configuration commands based on the determination comprises executing commands to configure a network interface on the computing appliance.3. The method of claim 2 , wherein selectively executing the configuration commands based on the determination further comprises executing commands to enable a web service on the computing appliance.4. The method of claim 2 , wherein the web service provides a second interface for configuring the computing appliance claim 2 , and wherein the web service is configured to ...

DYNAMIC FEATURE ENHANCEMENT IN CLIENT SERVER APPLICATIONS AND HIGH VOLUME SERVER DEPLOYMENT WITH DYNAMIC APP STORE INTEGRATION

Generally, this disclosure provides methods and systems for dynamic feature enhancement in client server applications and for high volume server deployment with dynamic app store integration and further enable the delivery of a secure server in a pre-configured turnkey state through an automated process with increased efficiency tailored to mass production. The system may include a server application module configured to receive request packets from, and send response packets to, a web based client application, the packets comprising input data, output data and control commands associated with a feature; and a script engine module coupled to the server application module, the script engine module configured to identify a plug-in application on a remote server, download the plug-in application and execute the plug-in application under control of the server application module, wherein the plug-in application implements the feature. 1. A system , comprising:a server application module configured to receive request packets from, and send response packets to, a web based client application, wherein said packets comprise input data, output data and control commands associated with a feature; anda script engine module coupled to said server application module, said script engine module configured to identify a plug-in application on a remote server, download said plug-in application and execute said plug-in application under control of said server application module, wherein said plug-in application implements said feature.2. The system of claim 1 , wherein implementing said feature comprises processing said input data and generating said output data in accordance with said control commands.3. The system of claim 1 , wherein said script engine module exposes an interface of said plug-in application to said web based client application.4. The system of claim 1 , wherein said server application module is a hypertext transport protocol (HTTP) server application.5. The system ...

SECURITY STATUS AND INFORMATION DISPLAY SYSTEM

Systems and methods disclosed herein provide a local security component on a mobile device that may acquire data concerning a current configuration of the mobile device. The local security component may receive raw or partially processed data about events on the mobile device. The received data may be processed against a database containing identification data for security threats and against the current mobile device configuration data to assess a security state of the mobile device. The processing may include assigning a severity level for each event. The local security component may output to the mobile device the security state assessment results, including a first assessed security state of the mobile device. The raw or partially processed data about events on the mobile device may be transmitted to a server for processing. A second assessed security state of the mobile device may be received at the mobile device from the server. 1. A method comprising the steps of:providing a local security component on a mobile device;acquiring by the local security component data concerning a current configuration of the mobile device;receiving at the local security component from one or more other applications running on the mobile device raw or partially processed data about events on the mobile device;processing the received data by the local security component against a database containing identification data for security threats and against the current mobile device configuration data to assess a security state of the mobile device, the processing including assigning by the local security component a severity level for each event;outputting by the local security component to the mobile device the security state assessment results, including a first assessed security state of the mobile device by the local security component for display of the current security state assessment on a mobile device display home screen;transmitting the raw or partially processed data about ...

Display apparatus, control method thereof, upgrade apparatus, and display system

A display apparatus including: a display device; an image processor processing an image signal received from an image source according to a preset image processing process to display an image on the display device; a connector to which an upgrade apparatus upgrades the image processing process is connected and to which a server is connected to communicate with; and a controller comparing a first pairing key with a second pairing key stored in the server and selectively allowing or blocking a booting operation according to a comparison result, the first pairing key being generated based on a pre-stored first identification of the display apparatus and a second identification of the upgrade apparatus obtained from the upgrade apparatus when the display apparatus starts booting up.

REMEDIATION OF COMPUTER SECURITY VULNERABILITIES

A computer security vulnerability remediation system (CSVRS) is disclosed, including a CSVRS client communicatively coupled to a remediation server through a network. The CSVRS client includes software having a security vulnerability, which vulnerability may be known to malicious actors who develop an exploit. In some cases, the exploit is a “zero-day exploit,” meaning the vulnerability may not be known to the CSVRS client until the exploit is deployed. A RSP receives information about the exploit and vulnerability from a team of remediation experts. The RSP may prepare a remedial exploit, which carries a self-healing pay load. The remedial exploit may be delivered either through the vulnerability itself, or through credentials granted by the CSVRS client to the RSP. The self-healing pay-load takes appropriate action, such as closing ports or disabling scripts, to prevent the vulnerability from being further exploited. 1. A tangible data storage medium having stored thereon executable software instructions that are configured , when executed , to instruct a processor to:communicate with a client computing device;evaluate the client computing device to determine whether the client computing device is subject to a known security vulnerability; the remedial exploit is configured to exploit the security vulnerability to gain privileged access to the client computing device and deliver thereto a self-healing payload; and', "the self-healing payload configured to take a remedial action to reduce the client machine's exposure to the security vulnerability."], 'upon determining that the client computing device is subject to the vulnerability, deliver a remedial exploit to the client computing device, wherein2. The tangible storage medium of wherein the remedial action is selected from group consisting of disabling selected forms of scripting claim 1 , modifying firewall rules claim 1 , disabling services claim 1 , modifying registry settings claim 1 , downloading programs ...