Patent application number | Description | Published |
20080229097 | Privacy-protecting integrity attestation of a computing platform - Systems, apparatus and methods for privacy-protecting integrity attestation of a computing platform. An example method for privacy-protecting integrity attestation of a computing platform (P) has a trusted platform module (TPM), and comprises the following steps. First, the computing platform (P) receives configuration values (PCR | 09-18-2008 |
20080256595 | METHOD AND DEVICE FOR VERIFYING THE SECURITY OF A COMPUTING PLATFORM - Method and device for verifying the security of a computing platform. In the method for verifying the security of a computing platform a verification machine is first transmitting a verification request via an integrity verification component to the platform. Then the platform is generating by means of a trusted platform module a verification result depending on binaries loaded on the platform, and is transmitting it to the integrity verification component. Afterwards, the integrity verification component is determining with the received verification result the security properties of the platform and transmits them to the verification machine. Finally, the verification machine is determining whether the determined security properties comply with desired security properties. | 10-16-2008 |
20080294480 | Creating a privacy policy from a process model and verifying the compliance - The present invention provides methods and apparatus for creating a privacy policy from a process model, and methods and apparatus for checking the compliance of a privacy policy. An example of a method for creating a privacy policy from a process model according to the invention comprises the following steps. First, a task from the process model is chosen. Then one or more of the elements role, data, purpose, action, obligation, and condition are gathered from the task and a rule is build up by means of these elements. Finally the rule is added to the privacy policy. | 11-27-2008 |
20080313736 | DATA NETWORK AND METHOD FOR CHECKING NODES OF A DATA NETWORK - The invention provides a data network, systems and methods for checking nodes of a data network that are used for detecting whether a privacy policy concerning an information is maintained. The information comprises a mark corresponding to the privacy policy. The mark defines the storage place or the accessing paths or the transferring paths of the information. The mark is automatically searchable. The mark is searched, analyzed and checked as to whether the privacy policy is maintained. The advantage of the system is that vulnerabilities of systems for protecting confidential information may be detected a long time before an attack on the confidential information occurs. | 12-18-2008 |
20100242108 | METHOD AND SYSTEM FOR MEMORY PROTECTION AND SECURITY USING CREDENTIALS - A computer-implemented system and method for protecting a memory are provided. The system includes a memory section with privileged and non-privileged sections, a host gateway (HG) to generate a capability credential, a device controller (DC) to append the credential to data transmitted to the memory, and at least one IO device enabled to do direct memory access (DMA) transactions with the memory. | 09-23-2010 |
20110302273 | EFFICIENT BROWSER-BASED IDENTITY MANAGEMENT PROVIDING PERSONAL CONTROL AND ANONYMITY - A system allows a reliable and efficient identity management that can, with full interoperability, accommodate to various requirements of participants. For that a system is presented for providing an identity-related information about a user to a requesting entity. The method includes a location-request step initiated by the requesting entity for requesting from a client application a location information that corresponds to a location entity possessing the identity-related information, a redirecting step for connecting the client application to the location entity in order to instruct the location entity to transfer the identity-related information to the requesting entity, and an acquiring step for obtaining the identity-related information. The acquiring step includes a contact step wherein the location entity contacts the requesting entity, a request step wherein the requesting entity requests the identity-related information, and a response step wherein the requesting entity receives the identity-related information from the location entity. | 12-08-2011 |
20120159610 | MEMORY PROTECTION AND SECURITY USING CREDENTIALS - A computer-implemented system and method for protecting a memory are provided. The system includes a memory section with privileged and non-privileged sections, a host gateway (HG) to generate a capability credential, a device controller (DC) to append the credential to data transmitted to the memory, and at least one IO device enabled to do direct memory access (DMA) transactions with the memory. | 06-21-2012 |
Patent application number | Description | Published |
20080235805 | Digital Rights Management - Software licence management systems are provided in which a licence to use a software product is represented by a data token. The systems have a software controller for controlling use of the software product at a user device, and a licence management server for communicating with the software controller via a data communications network. The software controller allows use of the software product at the user device substantially only during a use period associated with a current data token supplied to the software controller by the licence management server. An exchange token can be supplied to another, similar software controller when necessary to transfer the licence, e.g. in the event of a breakdown. The software controller is adapted to supply either the current data token, or the exchange token, to the licence management server to be exchanged for a new data token. | 09-25-2008 |
20110047602 | End-of-Session Authentication - Techniques for facilitating an online transaction session with an end-of-session authentication are provided. The techniques include performing a start-of-session authentication to enable an online transaction session, and performing an end-of-session authentication to end the online transaction session, wherein the end-of-session authentication comprises a scope comprising each pre-defined critical transaction from the transaction session. | 02-24-2011 |
20110161332 | Method and System for Policy Driven Data Distribution - A method, system and computer-usable medium are disclosed for controlling the distribution of data. Data stored in a datastore is filtered according to a data release policy to generate filtered data. A data release policy agreement, corresponding to the data release policy, is generated. The filtered data and the data release policy agreement are then provided to an information consumer. The data release policy agreement is then used to enforce the data release policy. | 06-30-2011 |
20120191731 | Method and System for Policy Driven Data Distribution - A method, system and computer-usable medium are disclosed for controlling the distribution of data. Data stored in a datastore is filtered according to a data release policy to generate filtered data. A data release policy agreement, corresponding to the data release policy, is generated. The filtered data and the data release policy agreement are then provided to an information consumer. The data release policy agreement is then used to enforce the data release policy. | 07-26-2012 |
20120210441 | Software Protection Using an Installation Product Having an Entitlement File - Techniques for establishing entitlement to a computer program product are provided, and include providing a client identity in a registration process to produce an entitlement file, obtaining an encoded version of a computer program product, and transforming the computer program product into an installation product in a computer storage medium, wherein the installation product comprises the entitlement file to establish entitled use of the computer program product. Also, techniques for facilitating security compliance of a computer program product include providing an encoded version of a computer program product, and providing an installation product builder for the computer program product, wherein the installation product builder creates an installation product in a computer storage medium using a client identity and the encoded version of the computer program product during a registration process, and wherein the created installation product comprises an entitlement file to facilitate security compliance of the computer program product. | 08-16-2012 |
20120216294 | Software Protection Using an Installation Product Having an Entitlement File - Techniques for establishing entitlement to a computer program product are provided, and include providing a client identity in a registration process to produce an entitlement file, obtaining an encoded version of a computer program product, and transforming the computer program product into an installation product in a computer storage medium, wherein the installation product comprises the entitlement file to establish entitled use of the computer program product. Also, techniques for facilitating security compliance of a computer program product include providing an encoded version of a computer program product, and providing an installation product builder for the computer program product, wherein the installation product builder creates an installation product in a computer storage medium using a client identity and the encoded version of the computer program product during a registration process, and wherein the created installation product comprises an entitlement file to facilitate security compliance of the computer program product. | 08-23-2012 |