Beijing Zhongtian Antai Technology Co., Ltd. Patent applications |
Patent application number | Title | Published |
20150012732 | METHOD AND DEVICE FOR RECOMBINING RUNTIME INSTRUCTION - A method for recombining runtime instruction comprising: an instruction running environment is buffered; the machine instruction segment to be scheduled is obtained; the second jump instruction which directs an entry address of an instruction recombining platform is inserted before the last instruction of the obtained machine instruction segment to generate the recombined instruction segment comprising the address A″; the value A of the address register of the buffered instruction running environment is modified to the address A″; the instruction running environment is recovered. A device for recombining the runtime instruction comprising: an instruction running environment buffering and recovering unit suitable for buffering and recovering the instruction running environment; an instruction obtaining unit suitable for obtaining the machine instruction segment to be scheduled; an instruction recombining unit suitable for generating the recombined instruction segment comprised the address A″; and an instruction replacing unit suitable for modifying the value of the address register of the buffered instruction running environment to the address of the recombined instruction segment. The monitoring and control of the runtime instruction of the computing device is completed. | 01-08-2015 |
20140053276 | SAFE DATA STORAGE METHOD AND DEVICE - A safe data storage method is disclosed, the method comprises the following steps: hardware instructions are received; the hardware instructions are analyzed; and if the hardware instructions are storage instructions, a target address in the storage instructions is modified to be the corresponding storage address in a storage apparatus; the modified storage instructions are sent to a hardware layer. A safe data storage device is also disclosed, the device comprises the following units: a receiving unit adapted for receiving hardware instructions; an instruction analyzing unit adapted for analyzing the hardware instructions and judging whether the hardware instructions are storage instructions; an instruction modifying unit adapted for modifying a target address in the storage instructions to be the corresponding storage address in a safe storage apparatus; a sending unit adapted for sending the modified storage instructions to a hardware layer. The technical scheme is able to implement the information persistence operation on the hardware layer i.e., instruction level data dump, trojans or malicious tools can not save the obtained information even if they obtain the secret related information so that the data is always within a controllable safety range. | 02-20-2014 |
20140047553 | METHOD AND APPARATUS FOR DATA SECURITY READING - A method for data security reading includes steps of: receiving a hardware instruction; analyzing said hardware instruction; if said hardware instruction is a reading instruction, obtaining the source address in the reading instruction; searching a mapping bitmap and modifying the reading address in the reading instruction according to the data of the mapping bitmap, wherein the mapping bitmap is used to indicate whether the data stored in a local storage address is dumped to said security storage device; transmitting the modified reading instruction to a hardware layer. An apparatus for data security reading includes a receiving unit, an instruction analyzing unit, an instruction modifying unit and a transmitting unit. The Trojan horse or malicious tools cannot store or transmit the acquired information even if the secret information has been obtained, so that the data always exists in controllable security range. | 02-13-2014 |
20140047222 | METHOD AND DEVICE FOR RECOMBINING RUNTIME INSTRUCTION - A method for recombining runtime instruction comprising: an instruction running environment is buffered; the machine instruction segment to be scheduled is obtained; the second jump instruction which directs an entry address of an instruction recombining platform is inserted before the last instruction of the obtained machine instruction segment to generate the recombined instruction segment comprising the address A″; the value A of the address register of the buffered instruction running environment is modified to the address A″; the instruction running environment is recovered. A device for recombining the runtime instruction comprising: an instruction running environment buffering and recovering unit suitable for buffering and recovering the instruction running environment; an instruction obtaining unit suitable for obtaining the machine instruction segment to be scheduled; an instruction recombining unit suitable for generating the recombined instruction segment comprised the address A″; and an instruction replacing unit suitable for modifying the value of the address register of the buffered instruction running environment to the address of the recombined instruction segment. The monitoring and control of the runtime instruction of the computing device is completed. | 02-13-2014 |
20130219464 | METHOD FOR STANDARDIZING COMPUTER SYSTEM ACTION - A method for standardizing computer system action, including: intercepting invoking command; obtaining data structure of the intercepted invoking command after intercepting the invoking command; determining the sponsor of the intercepted invoking command based on the data structure of the obtained and intercepted invoking command, and determining operation method and operation object of the intercepted invoking command; matching the sponsor, the operation method and the operation object of the intercepted invoking command with rules of standardizing computer system action, judging whether to allow executing the intercepted invoking command. The present disclosure determines the sponsor of the intercepted invoking command according to the data structure of the invoicing command, and can monitor comprehensively computer system. If only the sponsor is spiteful, the disclosure does not all allow executing the intercepted invoking command, thus detecting lawless operation comprehensively and effectively. | 08-22-2013 |
20130174162 | METHOD FOR CONSTRUCTING DATA STRUCTURES AND METHOD FOR DESCRIBING RUNNING STATES OF COMPUTER AND STATE TRANSITIONS THEREOF - A method for constructing data structures and a method for describing running states of a computer and state transitions thereof are provided. The method for constructing the data structure, which describes the execution processes of computer codes, includes: when the computer is running, constructs the data structure using the code segment wherein lies a calling instruction as a node and using the calling relationship between the code segment initiating the calling instruction and the called code segment, which are both constructed by the calling instruction, as a calling path. The data structure includes every node and the calling path between every calling and called nodes. When a certain calling instruction is executed, it is possible to describe the running state of the computer when the calling instruction is executed with the data structure consisting of all nodes and calling paths before the calling instruction by constructing the above data structure. | 07-04-2013 |