公开(公告)号：WO2005052841A9

公开(公告)日：2006-07-20

申请号：PCT/EP2004052884

申请日：2004-11-09

Applicant: IBM ,  IBM UK ,  JIN HONXIA ,  LEAKE DONALD JR ,  LOTSPIECH JEFFREY ,  NIN SIGFREDO ,  PLOUFFE WILFRED

Inventor： JIN HONXIA ,  LEAKE DONALD JR ,  LOTSPIECH JEFFREY ,  NIN SIGFREDO ,  PLOUFFE WILFRED

IPC: G06F21/00

CPC classification number: G06F21/6218 ,  G06F21/14 ,  G06F21/51

Abstract: A trusted Java virtual machine provides a method for supporting tamper-resistant applications, ensuring the integrity of an application and its secrets such as keys. The trusted Java virtual machine verifies the integrity of the Java application, prevents debugging of the Java application, and allows the Java application to securely store and retrieve secrets. The trusted Java virtual machine environment comprises a TrustedDictionary, a TrustedBundle, an optional encryption method for encrypting and decrypting byte codes, and an underlying trusted Java virtual machine. The encrypted TrustedDictionary protects data while the TrustedBundle protects programming code, allowing applications to store secret data and secure counters. The application designer can restrict TrustedBundle access to only those interfaces that the application designer explicitly exports. The open source code may optionally be encrypted. Secrets required by the open source programming code of the application are encrypted in TrustedDictionary.

Abstract translation: 受信任的Java虚拟机提供了一种支持防篡改应用程序的方法，确保应用程序的完整性及其密钥（如密钥）。 受信任的Java虚拟机验证Java应用程序的完整性，阻止Java应用程序的调试，并允许Java应用程序安全地存储和检索秘密。 受信任的Java虚拟机环境包括TrustedDictionary，TrustedBundle，用于加密和解密字节代码的可选加密方法以及底层可信Java虚拟机。 加密的TrustedDictionary保护数据，而TrustedBundle保护编程代码，允许应用程序存储秘密数据和安全计数器。 应用程序设计人员可以将TrustedBundle访问限制为应用程序设计程序明确导出的那些接口。 可以可选地加密开源代码。 应用程序的开源编程代码所需的秘密在TrustedDictionary中加密。

公开(公告)号：WO2005052841A2

公开(公告)日：2005-06-09

申请号：PCT/EP2004052884

申请日：2004-11-09

Applicant: IBM ,  IBM UK ,  JIN HONXIA ,  LEAKE DONALD JR ,  LOTSPIECH JEFFREY ,  NIN SIGFREDO ,  PLOUFFE WILFRED

Inventor： JIN HONXIA ,  LEAKE DONALD JR ,  LOTSPIECH JEFFREY ,  NIN SIGFREDO ,  PLOUFFE WILFRED

IPC: G06F21/00

CPC classification number: G06F21/6218 ,  G06F21/14 ,  G06F21/51

Abstract: A trusted Java virtual machine provides a method for supporting tamper-resistant applications, ensuring the integrity of an application and its secrets such as keys. The trusted Java virtual machine verifies the integrity of the Java application, prevents debugging of the Java application, and allows the Java application to securely store and retrieve secrets. The trusted Java virtual machine environment comprises a TrustedDictionary, a TrustedBundle, an optional encryption method for encrypting and decrypting byte codes, and an underlying trusted Java virtual machine. The encrypted TrustedDictionary protects data while the TrustedBundle protects programming code, allowing applications to store secret data and secure counters. The application designer can restrict TrustedBundle access to only those interfaces that the application designer explicitly exports. The open source code may optionally be encrypted. Secrets required by the open source programming code of the application are encrypted in TrustedDictionary.

Abstract translation: 受信任的Java虚拟机提供了一种支持防篡改应用程序的方法，确保应用程序的完整性及其密钥（如密钥）。 受信任的Java虚拟机验证Java应用程序的完整性，防止Java应用程序的调试，并允许Java应用程序安全地存储和检索秘密。 受信任的Java虚拟机环境包括TrustedDictionary，TrustedBundle，用于加密和解密字节代码的可选加密方法，以及底层可信Java虚拟机。 加密的TrustedDictionary保护数据，而TrustedBundle保护编程代码，允许应用程序存储秘密数据和安全计数器。 应用程序设计人员可以将TrustedBundle访问限制为应用程序设计程序明确导出的那些接口。 可以可选地加密开源代码。 应用程序的开源编程代码所需的秘密在TrustedDictionary中加密。

公开(公告)号：CA2543572A1

公开(公告)日：2005-06-09

申请号：CA2543572

申请日：2004-11-09

Applicant: IBM

Inventor： LOTSPIECH JEFFREY ,  PLOUFFE WILFRED ,  NIN SIGFREDO ,  JIN HONXIA ,  LEAKE DONALD JR

IPC: G06F1/00 ,  G06F21/00

Abstract: A trusted Java virtual machine provides a method for supporting tamper-resistant applications, ensuring the integrity of an application and its secrets such as keys. The trusted Java virtual machine verifies the integrity of the Java application, prevents debugging of the Java application, and allows the Java application to securely store and retrieve secrets. The trusted Java virtual machine environment comprises a TrustedDictionary, a TrustedBundle, an optional encryption method for encrypting and decrypting byte codes, and an underlying trusted Java virtual machine. The encrypted TrustedDictionary protects data while the TrustedBundle protects programming code, allowing applications to store secret data and secure counters. The application designer can restrict TrustedBundle access to only those interfaces that the application designer explicitly exports. The open source code may optionally be encrypted. Secrets required by the open source programming code of the application are encrypted in TrustedDictionary.

公开(公告)号：CA2543572C

公开(公告)日：2012-01-17

申请号：CA2543572

申请日：2004-11-09

Applicant: IBM

Inventor： JIN HONXIA ,  LEAKE DONALD JR ,  LOTSPIECH JEFFREY ,  NIN SIGFREDO ,  PLOUFFE WILFRED

IPC: G06F1/00 ,  G06F21/00

Abstract: A trusted Java virtual machine provides a method for supporting tamper-resistant applications, ensuring the integrity of an application and its secrets such as keys. The trusted Java virtual machine verifies the integrity of the Java application, prevents debugging of the Java application, and allows the Java application to securely store and retrieve secrets. The trusted Java virtual machine environment comprises a TrustedDictionary, a TrustedBundle, an optional encryption method for encrypting and decrypting byte codes, and an underlying trusted Java virtual machine. The encrypted TrustedDictionary protects data while the TrustedBundle protects programming code, allowing applications to store secret data and secure counters. The application designer can restrict TrustedBundle access to only those interfaces that the application designer explicitly exports. The open source code may optionally be encrypted. Secrets required by the open source programming code of the application are encrypted in TrustedDictionary.

公开(公告)号：AT432560T

公开(公告)日：2009-06-15

申请号：AT06793423

申请日：2006-09-11

Applicant: IBM

Inventor： LOTSPIECH JEFFREY ,  NIN SIGFREDO ,  JIN HONGXIA

IPC: H04L9/08

Abstract: A system, method, and computer program product to renewably prevent traitors in a broadcast encryption system from re-using compromised keys. A license agency assigns individual receivers a set of Sequence Keys preferably at manufacture, and assigns Sequence Key Blocks (SKBs) to protected content files to be distributed. The files may be distributed on prerecorded media and typically include several file modifications. The particular modifications in a pirated version of a file can help identify which traitors contributed to its theft. SKBs assigned to new files distributed after traitors have been identified cannot be usefully processed using the compromised keys employed in previous content piracy. Innocent receivers that happen to have compromised key(s) in common with traitors can use a replacement uncompromised Sequence Key from the set to usefully decrypt content. Traitors will however step through all their Sequence Keys without reaching one that will work.