74 results about "Verified computing" patented technology

A method and apparatus for verifying the integrity of devices on a target network. The apparatus has security subsystems and a master security system hierarchically connected to the security subsystems via a secure link. The target network includes various intrusion detection devices, which may be part of the security subsystem. Each intrusion detection device generates a plurality of event messages when an attack on the network is detected. The security subsystem collects these event messages, correlates, and analyzes them, and performs network scanning processes. If certain events warrant additional scrutiny, they are uploaded to the master security system for review.

A method and system for approval by a verification computer of an online transaction between a user computer and a merchant computer over the Internet. The user computer transmits a transaction request to the merchant computer, which may include a product to be purchased and the payment amount. The merchant computer transmits to the verification computer a verification request including a first data string associated with the payment card (such as a debit card account number or a portion thereof) and the payment amount. The verification request is stored at the verification computer with a transaction identifier and a verification data string, which are also transmitted to the merchant computer. The merchant computer stores the verification data string as an expected verification data string and the transaction identifier, transmits the transaction identifier to the user computer, and the user computer transmits the transaction identifier to the verification computer. This may be accomplished by the merchant computer redirecting the web browser of the user computer to the verification computer. The user computer also transmits a second data string associated with the payment card (such as the PIN for the debit card) after being requested by the verification computer. The verification computer uses the transaction identifier received via the user computer to retrieve the verification request previously stored with that received transaction identifier, and then it performs a verification step by using the first data string associated with the payment card retrieved from storage and the second data string associated with the payment card received from the user computer to verify if the transaction should be approved, e.g. by determining if an account associated with the payment card is sufficient to cover the payment amount in the verification request. The verification computer will, upon successful verification that the transaction should be approved, transmit a verification approval message to the user computer, which includes the transaction identifier and the verification data string associated therewith as a confirmation verification data string, and the user computer transmits the verification approval message to the merchant computer. This may also be accomplished by the verification computer redirecting the web browser of the user computer to the merchant computer with the appropriate data. The merchant computer uses the transaction identifier in the verification approval message to retrieve an expected verification data string it had previously stored. The merchant computer then compares the expected verification data string with the confirmation verification data string from the verification approval message and indicates that the transaction has been approved if the comparison is positive.

The present invention facilitates automation of system on a chip (SoC) design, manufacture and verification in a convenient and efficient manner. In one embodiment, a SoC netlist builder and verification computer system of the present invention includes a user interface module, a parameter application module, an expert system module and a chip level netlist generation module. The user interface module provides user friendly and convenient interfaces that facilitate easy entry and modification of user selections and parameters. The parameter application module interprets information supplied by the user module and the expert system module and creates directions (e.g., command lines) passed to other modules for execution. The expert system module analyzes information and automatically provides SoC building and verification data including automated addition of default architectural features, automated insertion of default parameters, and automated input of information to the verification module. The chip level netlist generation module automatically generates a chip level netlist, including the instantiation of internal IC devices and connections between the circuit blocks for internal signals. The verification module automatically generates a test bench and a logical verification environment including simulation models (e.g., a chip model and a system level model).

A method for authenticating computers is disclosed. The method comprises issuing a credential from a first computer to a second computer. When the second computer authenticates to the first computer, the second computer transmits the credential and a first challenge to the first computer. The first computer determines whether the credential is valid, computes a first response to the first challenge, and generates a second challenge. The first computer transmits the first response and the second challenge to the second computer. The second computer determines whether the first response is valid and computes a second response to the second challenge. The second computer transmits the second response to the first computer in order to verify and authenticate the computers.

The present invention provides for validating an association between computing devices using a succession of human-perceptible stimuli such as sounds, lights colors or shapes. Commands are sent from the initiating device to the responding device in encrypted messages. Human-perceptible stimuli are formed at the responding device in response to at least some of the commands. The responder searches for messages that the responder is unable to decrypt and that are received in a time interval before messages that the responder is able to decrypt. The succession of human-perceptible stimuli may be harmonized, in which case, an association between the initiating device and the responding device is validated when the human-perceptible stimuli formed by the initiating device and the human-perceptible stimuli formed by the responding device are harmonized together.

The present invention discloses a method for quickly and easily authenticating large computer program. The system operates by first sealing the computer program with digital signature in an incremental manner. Specifically, the computer program is divided into a set of pages and a hash value is calculated for each page. The set of hash values is formed into a hash value array and then the hash value array is then sealed with a digital signature. The computer program is then distributed along with the hash value array and the digital signature. To authenticate the computer program, a recipient first verifies the authenticity of the hash value array with the digital signature and a public key. Once the hash value array has been authenticated, the recipient can then verify the authenticity of each page of the computer program by calculating a hash of a page to be loaded and then comparing with an associated hash value in the authenticated hash value array. If the hash values do not match, then execution may be halted.

A computerized method, program product, system, and service to verify installation of computer software onto an endpoint machine. The software to be installed is evaluated to determine what operating parameters of the endpoint machine may be affected by the software deployment, installation, and execution. Acceptable ranges of these operating parameters are included with the list of potentially affected parameters, distributed with the software module or sent as a separate script. Metrics are collected during the software installation, e.g., before deployment, after deployment but before installation, after installation, during execution, etc. How and when these operating parameters are monitored can be programmable. If and when the operating parameters extend beyond the acceptable ranges, a message that the software was not successfully installed is generated. The endpoint machine can be rolled back to a prior configuration.

A process for detecting errors in computer code in C / C++ language in a computer, which comprises the operations of:—making available in said computer a source computer program (P) containing computer codes in C / C++ language; compiling (Z) said source computer program (P) to obtain an executable program (E); and—executing (240) said executable program (E) to generate (245) an error report (R). According to the invention, said method comprises, prior to the operation of compilation (Z): executing an operation of syntactic analysis (AS) to identify variables (x) having a structure of vector or pointer; modifying said source computer program (P) via the application to said identified variables (x) of a test function (f ( . . . ); io_sper; io_sper2; io_sper3; io_sper4) that is able to veriCy, during the operation of execution, whether an index (y) supplied for said variable x is valid.

Provided are a signature apparatus, a verifying apparatus, a proving apparatus, an encrypting apparatus, and a decrypting apparatus capable of efficiently reducing a signature text counterfeit problem to a discrete logarithm problem. The commitment is a hash value of a set of a value to be committed. Data including a pair of elements of a cyclic group associated with a discrete logarithm problem is used as a public key, and a discrete logarithm of an order of the pair is used as a secret key. Accordingly, it is possible to summarize secret information of an attacker from the commitment without rewinding the attacker and to ensure a higher safety than that of a Schnorr signature scheme. In addition, one-time power residue calculation is performed in each of the signature and verification calculations, so that it is possible to lower an amount of calculation in the signature and verification calculations.

The invention provides a method for verifying the identity of an entity to a computerised system. The entity is in possession of a personal identification device (PID) having a PID ID and storing a Codec that can be used to encode and decode data. The computerised system holds data associated with the entity including the PID ID of the entity's PID, the Codec and a password associated with and known to the entity. The method involves transmitting an encoded Challenge from the computerised system to the PID, calculating a Reply using the Challenge and the password entered by the user, and transmitting the Reply from the PID to the computerised system. The transmitted Reply is compared with a reply calculated by the computerised system and the identity of the entity is verified if the comparison determines that Replies are the same.

A verification tool receives a finite precision definition for an approximation of an infinite precision numerical function implemented in a processor in the form of a polynomial of bounded functions. The verification tool receives a domain for verifying outputs of segments associated with the infinite precision numerical function. The verification tool splits the domain into at least two segments, wherein each segment is non-overlapping with any other segment and converts, for each segment, a polynomial of bounded functions for the segment to a simplified formula comprising a polynomial, an inequality, and a constant for a selected segment. The verification tool calculates upper bounds of the polynomial for the at least two segments, beginning with the selected segment and reports the segments that violate a bounding condition.

An apparatus for processing information includes a memory device and a controller. The controller is configured to: access to a memory area in the memory device in which information related to a location of data including a computer program is stored; store contents of the memory area as a first inspection code into a first memory area of the memory device; at predetermined timing, access to a memory area in the memory device in which latest information is stored; store contents of the memory area as a second inspection code into a second memory area; compare the first and the second inspection codes; if the second inspection code does not agree with the first inspection code, output an error signal indicating inconsistency between the first and the second inspection codes; and if the second inspection code agrees with the first inspection code, perform verification of the computer program.