ASSURED INFORMATION SECURITY, INC. Patent applications |
Patent application number | Title | Published |
20150347724 | SECURE EXECUTION OF ENCRYPTED PROGRAM INSTRUCTIONS - Provided are facilities for secure execution of an encrypted executable comprising an encrypted instruction. The secure execution includes obtaining the encrypted instruction, decrypting the encrypted instruction using a decryption key being maintained in a secure location within a processor, and storing the decrypted instruction to a secure storage for execution, where the decryption key remains in the secure location during the decrypting and the storing to facilitate maintaining security of the decryption key. | 12-03-2015 |
20150121135 | VIRTUAL MACHINE INTROSPECTION FACILITIES - Run-time, event-driven virtual machine introspection of the target guest virtual machine is facilitated as described herein. A component can specify events that are of interest to the component for introspection of a target guest virtual machine of a hypervisor. The hypervisor detects an introspection event generated by a target guest virtual machine and determines whether the introspection event is of interest for handling by a component coupled to the hypervisor. If so, the hypervisor alerts the component about the introspection event and provides information associated with the introspection event to the component. The component thereby receives notification of occurrence of the introspection event from the hypervisor and may obtain information associated with the introspection event. | 04-30-2015 |
20140282050 | FACILTIATING USER INTERACTION WITH MULTIPLE DOMAINS WHILE PREVENTING CROSS-DOMAIN TRANSFER OF DATA - User interaction with multiple domains is facilitated while preventing cross-domain transfer of data from those domains. A compositioning domain facilitates this interaction in a secure manner in which cross-domain transfer of data is prevented. This includes obtaining pixel information from the domains via one or more read-only communication paths, providing a user interface to the user, which includes providing a display buffer including at least some of the pixel information obtained from each domain of the domains for display to the user, and maintaining an in-focus domain state. The in-focus domain state indicates which domain of the domains is currently in-focus. User input from the user based on the user interface is provided by a user input handler directly to the currently in-focus domain indicated by the in-focus domain state absent transfer of the user input to the compositioning domain. | 09-18-2014 |
20140068612 | FACILITATING EXECUTION OF A SELF-MODIFYING EXECUTABLE - Trusted execution of a self-modifying executable is facilitated. An attempt to access a data portion of a self-modifying executable during execution of the self-modifying executable is detected. The self-modifying executable includes the data portion, for storing data to be accessed during execution of the self-modifying executable, and an instruction portion including instructions for execution of the self-modifying executable. The attempt to access the data portion is retargeted to a separate portion of memory space that is separate from another portion of memory space in which the self-modifying executable is loaded for execution. Meaningful measurability of the integrity of the self-modifying executable is thereby provided. | 03-06-2014 |
20120260345 | TRUST VERIFICATION OF A COMPUTING PLATFORM USING A PERIPHERAL DEVICE - Verification of trustworthiness of a computing platform is provided. The trustworthiness of the computing platform is dynamically assessed to determine whether a root of trust exists on the computing platform. Responsive to determining existence of the root of trust, data is unsealed from a sealed storage facility. The sealed storage facility is unsealed responsive to a root of trust being determined to exist on the computing platform. The data can be used to attest to the trustworthiness of the computing platform to other device on a network. | 10-11-2012 |
20110320797 | METHOD AND SYSTEM FOR REDUCING AN IMPACT OF MALWARE DURING A BOOTING SEQUENCE - Methods for reducing the impact of malware during a booting sequence for an interrupt driven computing device are disclosed. One or more parameters associated with an interrupt vector table (IVT) are manipulated to force the computing device into a clean state following a system level portion of the booting sequence. In another embodiment, occurring prior to the loading of an operating system or a call to a non-returnable main( ) function, one or more unused interrupt vectors in an IVT are replaced. A function filter is implemented for one or more interrupt vectors in the IVT to disallow unnecessary interrupt functions from being executed. One or more required interrupt vector functions are replaced with one or more corresponding custom vector functions. One or more memory locations are wiped if the one or more memory locations do not hold at least a portion of the IVT and/or the interrupt vector functions. | 12-29-2011 |
20110197256 | METHODS FOR SECURING A PROCESSING SYSTEM AND DEVICES THEREOF - A method, computer readable medium, and apparatus for securing a processing system includes implementing a virtual machine manager (VMM) using a hardware assisted handler in secure processing apparatus. One or more critical events are monitored with the VMM in the secure processing apparatus. One or more behaviors in response to the one or more monitored critical events are controlled with VMM. | 08-11-2011 |
20110154493 | METHODS FOR INSPECTING DATA AND DEVICES THEREOF - A method, computer readable medium, and apparatus that inspects data includes isolating retrieved target data within a protected construct with the data inspection processing apparatus. The security software is isolated such that the security software is able to access the target data within the protected construct with the data inspection processing apparatus. The data inspection processing apparatus scans the isolated target data with the isolated security software. The data inspection processing apparatus reports whether one or more security threats have been identified from the scan of the isolated retrieved target data. | 06-23-2011 |