101 results about "High assurance" patented technology

There are provided methods and apparatuses for processing requests from requestors, methods and apparatuses for transmitting indicia representative of information from a first domain to a second domain, methods comprising, and apparatuses for, determining whether a requestor is authorized to perform a desired operation on a target comprising at least one element which comprises an information set of indicia and arrangements of stored data, as well as computer-readable media having computer-executable commands for performing the same. In some aspects of the present invention, there are provided high-assurance data security apparatuses and methods, in particular, user data protection via enforcement of policy-based access control.

Systems and methods provide multiple partitions hosted on an isolation technology such as a hypervisor where at least one of the partitions, a local secure service partition (LSSP), provides security services to other partitions. The service partitions (LSSPs) host those high assurance services that require strict security isolation, where the service can be shared across partitions and accessed even when the user is not connected to a network. The LSSP also can certify the results of any computation using a key signed by a TPM attestation identity key (AIK), or other key held securely by the hypervisor or a service partition. The LSSPs may be configured to provide trusted audit logs, trusted security scans, trusted cryptographic services, trusted compilation and testing, trusted logon services, and the like.

System and techniques for protecting wireless communication systems from blended electronic attacks that may combine wireless and computer attacks. One embodiment is an integrated hardware and software firewall/protection system that provides a protection scheme that may include an additional functional processing layer between the hardware firewall and a mobile terminal. This additional functional processing layer performs an extra layer of communications and security processing, including such features as management of Internet Connection Firewall (ICF) functions, key generation for firewall and virtual private network (VPN) functions, and packet inspection and filtering.

A trusted enclave for a software system of a computer node provides relatively high assurance protection of a section of the software system. The trusted enclave attempts to stop malware from compromising parts of the software system within the trusted enclave. If a software system process outside the trusted enclave becomes compromised, the compromised process may be prevented from compromising software system resources within the trusted enclave. Compromise of a process or resource of the software system refers to, for example, malware access, alteration or control of the process or resource.

A trusted computer system that offers Linux® compatibility and supports contemporary hardware speeds. It is designed to require no porting of common applications which run on Linux, to be easy to develop for, and to allow the use of a wide variety of modern development tools. The system is further designed to meet or exceed the Common Criteria EAL-5 or higher rating through incorporation of required security features, as well as a very high level of assurance for handling data at a wide range of sensitivity (e.g., classification) levels in a wide range of operational environments. This is achieved through the implementation of a well-layered operating system which has been designed from the ground up to enforce security, but which also supports Linux operating system functions and methods.

Food products, such as precooked meats, sausages, and the like are microbially decontaminated in their cooking packages to remove surface microorganism contamination from the packages. The cooking packages are removed and the food products optionally subjected to further processing, such as slicing, and then packaged in aseptic packaging. The microbial decontamination step, further processing and packaging are carried out in a clean room which is maintained to a high level of sterilization or disinfection to minimize or eliminate contamination of the food products with pathogenic microorganisms such as Listeria Monocytogenes. The food products thus leave the packaging plant with a much higher assurance of food safety than is found in a conventional packaging plant.

A high assurance processing system includes a plurality of data processors coupled in parallel, a bridge coupled to the input/output processor, and an input/output processor coupled to the bridge for coupling to a sensor and an effector. Sensor data passes to the bridge through the input/output processor for processing by the parallel data processors, which generate redundant effector data for comparison by the bridge to detect errors. If data matches are found, data is transmitted to the effector.

A key value storage (KVS) system comprising: a client-side agent configured to encrypt data; three nodes hosted respectively in three cloud service providers, wherein each node comprises: a management node configured to receive encrypted data from the client-side agent, a homomorphic encryption (HE) key manager configured to fetch a public key of a given object in the KVS system, a homomorphic encryption and processing engine configured to execute commands over the encrypted data without decrypting it, a homomorphic memory store, a hypervisor configured to monitor performance of the management node in order to assess the quality of service of the management node; and wherein each node serves on a rotating basis in a master node role, a secondary node role, or a back-up node role, wherein the nodes rotate their roles when the master node's hypervisor detects a reduced quality of service of the master node's management node.

A server for transferring data between networks. The server is programmed to perform the following steps: (a) creating a receiving process, a filtering process and a forwarding process, the filtering process being dictated by a file that specifies filtering rules, wherein: (b) the receiving process receives data transmitted from a source host; (c) the filtering process filters the transmitted data based on the filtering rules; and (d) the forwarding process forwards only filtered data to a destination host.

Techniques are disclosed to provide security for graphical user interface elements being displayed in a system in which a first, host operating system is used along with a second, high assurance operating system, where the first system provides at least some of the infrastructure for the second system. Graphical user interface elements associated with the high-assurance operating system are prevented from being obscured and from any partial transparency. Additionally, a piece of secret information is stored which can be displayed upon command by graphical user interface elements associated with the high-assurance operating system. Coordinating certain elements of the display of all graphical user interface elements associated with the high assurance operating system also helps to identify legitimate elements associated with the high assurance operating system, as opposed to impostor elements which are not. Where a windowing system is used, public title information is furnished to a host operating system windowing system to identify a window owned by a process running on a high-assurance operating system. Private title information associated with the same window is used only in the high assurance operating system.

Remote identity proofing is the process of uniquely verifying an individual who is a party to an online transaction. This presents an enormous challenge to the secure delivery of government services as well as online commerce. The degree of difficulty is compounded when attempting to remotely authenticate for the first time a previously unknown individual. The High Assurance Remote Identity Proofing method introduces a holistic approach to solving this problem. A rich collection of identity data, when evaluated by multiple verification methods, can be aggregated to an identity assurance score, which is a measure of the uniqueness and authenticity of a claimed identity and ultimately provides a high assurance that someone attempting to remotely verify his or her identity is who he or she claims to be.

A gateway having an architecture authorizing bidirectional communication between applications located in different domains and presenting a high assurance level of protection. The gateway interconnects a first and second domain. The gateway comprises an internal protocol, first and second protocol adapters hosted within the first and second domains and configured to make a conversion between application data formatted according to an applicative protocol relative to the two domains and gateway data formatted according to the gateway internal protocol, and a security module hosted on a separate platform to communicate with the first and second protocol adapters via first and second data links according to the gateway internal protocol. The first and second protocol adapters and security module are each physically segregated and the security module comprises functional blocs configured to authorize secure bidirectional flow of gateway data along two different and separate unidirectional paths between the two protocol adapters.

The present invention is a methodology for developing high-assurance microcode. The method may comprise one or more of the following steps: (a) receiving a plurality of requirements detailing intended behavior of microcode (b) creating a model of microcode behavior; (c) generating microcode based on the model; (d) generating test cases based on the model; (e) simulating the behavior of the microcode; (f) translating the model into a verification tool-specific format; and (g) formally verifying the model using a verification tool.

A Tamper-Resistant Communication layer (TRC) adapted to mitigate ad hoc network attacks launched by malicious nodes is presented. One embodiment of the invention utilizes TRC, which is a lean communication layer placed between a network layer and the link layer of a network protocol stack. All aspects of the network protocol stack, with the exception of the routing protocol and data packet forwarding mechanism in the network layer, are unchanged. TRC takes charge of certain key functions of a routing protocol in order to minimize network attacks. Additionally, TRC implements highly accurate self-monitoring and reporting functionality that can be used by nodes in the network to detect compromised nodes. TRC of a node controls its ability to communicate with other nodes by providing non-repudiation of communications. The tamper-resistant nature of TRC provides high assurance that it cannot be bypassed or compromised.

The invention discloses a mobile terminal operation system based on a high-assurance kernel module and a realization method of the mobile terminal operation system. The mobile terminal operation system comprises a mobile terminal operation sub-system module, a high-assurance kernel module, and a resource management frame module, wherein the mobile terminal operation sub-system module comprises at least two mobile terminal operation sub-systems, each mobile terminal operation sub-system is corresponding to a relevant user interface; the high-assurance kernel module is used for accessing all hardware resources of the mobile terminal and providing a basic safety mechanism for the running of the mobile terminal operation sub-system module; the resource management frame module is used for accessing partial hardware resource of the mobile terminal and providing the basic resource management service for the mobile terminal operation sub-system module. The high-assurance kernel module is divisionally designed, and the access to the hardware source is managed, so that the security of the mobile terminal operation system can be well improved.