239 results about "System integrity" patented technology

The present invention proposes a computer system and a method capable of performing integrity detection, comprising: a running mode unit which comprises an integrity detection boot variable to determine whether or not to initiate an integrity detection boot mode by judging said running mode unit; an EFI integrity detection unit (5), which is used for performing an integrity detection on EFI image codes in the integrity detection boot mode, and comprises an integrity metric value for being compared with an EFI integrity calculated value generated after the EFI integrity detection unit performs the integrity detection on the EFI image codes, to determine the integrity of the EFI image codes; an operating system integrity detection unit (6); and an integrity management unit. The present invention is based on the EFI BIOS to perform the integrity detection on the operating system during the pre-boot stage, having better reliability and security.

The present application is directed to a host-based IDS on an HP-UX intrusion detection system that enhances local host-level security within the network. It should be understood that the present invention is also usable on, for example, Eglinux, solaris, aix windows 2000 operating systems. It does this by automatically monitoring each configured host system within the network for possible signs of unwanted and potentially damaging intrusions. If successful, such intrusions could lead to the loss of availability of key systems or could compromise system integrity.

A method and apparatus to provide pre-boot security and legacy hardware and environment support for a computing system having an extensible firmware architecture is described. A virtual machine monitor is employed to provide the virtualization of system state for the purposes of running legacy compatibility code or protecting key data and code regions for safety and security. An application may be given access to a subset of the system resources, and access to portions of the memory map not designated for updates would trap (program interrupt) to the VMM. A VMM pre-boot policy agent may then protect state and unload any problematic software.

Disclosed is a medical infusion device including a dedicated processing unit for detecting abnormal operation of the operation of the device. Specifically, a watchdog controller is employed as an independent monitor of the functioning of microprocessors used in the medical infusion device for controlling things such as RF communication, insulin infusion, and system integrity. Through the use of an independently-powered watchdog control system, the accuracy and reliability of the device is enhanced, resulting in greater assurance to the patient receiving periodic or continuous infusion of a drug.

A host system integrity monitor for monitoring memory, operating systems, applications, domain manager, and other host system's structures of interest is isolated and independent of the CPU and operating system of commodity systems. The system requires no modifications to the protected (monitored) host's software, and operates correctly even when the host system is compromised. Either arranged as a stand-alone computer on the add-in card which communicates with the monitored host system through the PCI bus, or as the co-processor based monitor located on the motherboard of the host system, or residing on one of the virtual CPU while the monitored system resides on another virtual CPU, or residing within the domain manager of the host system, the monitor of the present invention monitors the integrity of the examined structure by calculating hash values of the structure, comparing them with expected hash values, and sending error reports once the discrepancy between these values is detected.

A stand alone Redundancy Management System (RMS) provides a cost-effective solution for managing redundant computer-based systems in order to achieve ultra-high system reliability, safety, fault tolerance, and mission success rate. The RMS includes a Cross Channel Data Link (CCDL) module and a Fault Tolerant Executive (FE) module. The CCDL module provides data communication for all channels, while the FTE module performs system functions such as synchronization, data voting, fault and error detection, isolation and recovery. System fault tolerance is achieved by detecting and masking erroneous data through data voting, and system integrity is ensured by a dynamically reconfigurable architecture that is capable of excluding faulty nodes from the system and re-admitting healthy nodes back into the system.

Monitoring integrity of a running computer system is based on creating a Test Model which includes predicates descriptive of invariant properties of security relevant objects and their attributes in the monitored structure known-to-be “healthy”, acquiring memory image of a portion of the running monitored structure, decomposing the acquired memory image to retrieve representation of the security relevant objects of interest, by implementing the attributes of the Test Model, and verifying, by implementing the predicates, whether the invariant properties defined in the Test Model remain unchanged for the running host system. If a discrepancy is detected, a signal indicative of a detected discrepancy is transmitted to a management entity for analysis and formulating a course of action.

This invention relates to an apparatus and a method for a wireless sensor to monitor barrier system integrity, such as used or employed during sequestration of greenhouse gases. This invention includes an apparatus for integrity monitoring of a borehole suitable for sequestration of greenhouse gases. The apparatus includes one or more sensors for placement outside of a casing to monitor a borehole, and a tool for movement within the casing to power and interrogate the one or more sensors. This invention also includes a method for monitoring integrity of a borehole suitable for sequestration of greenhouse gases or other types of well. The method includes the step of disposing one or more sensors outside a casing and the step of powering the one or more sensors with a tool inside the casing. The method also includes the step of interrogating the one or more sensors with the tool to monitor an engineered borehole and/or a natural caprock seal.

A method for realizing network access authentication, wherein a network access authentication device pre-storing a system integrity value of a device waiting to access and a correspondence between each device waiting to access and its system integrity value. When the device waiting to access needs to access the network, it acquires its current system integrity value, and sends the current system integrity value to the network access authentication device; the network access authentication device judges whether the received current system integrity value of the device waiting to access and its stored integrity value of the device waiting to access are identical or not, and in a case where the received current system integrity value of the device waiting to access and its stored integrity value of the device waiting to access are identical, it determines that the network access is authenticated. As such, the network access device could determine the real status of the device waiting to access, and ensure the device accessing to the network is really secure, thereby ensuring the security of the network.

A web-based information management system allows a group of users to collect, validate, and share data of unknown types and volume in real time over the Internet. The project work environment for a group can be created, modified, and reset instantly during any project life and between project life cycles by a plurality of methods without effecting system integrity and core functions such as data validation, searches and sorting, data preservation, data display feature, and productive data entry methods.

A system integrity manager, system, computer program product and method for providing security may include transforming an operational behavior of an instance of a computing system from a general purpose computing system to a special purpose computing system. The operational behavior may be transformed by using at least one of a system integrity sensor and a system integrity effector and a set of system integrity policies and system integrity data.

The present invention determines a situational awareness for alerting, mitigating error, distortion or failures, and managing the Internet (or equally component intranets), connected networks and cloud infrastructure. Specifically, this invention focuses on determining who originates messages, from what system, and the path taken, thereby analyzing the reputation of all the nodes and links through which data passes.

It can provide a mechanism determine the ongoing veracity of the “purported” device, and maintain a reputation database of devices, data, applications and networks for analysis of how the Internet is being used or potentially subverted—effectively creating a score indicating component and total system integrity. It can calculate a correlation of risk analysis of all adjacent data describing the universe of the Internet. This invention will be particularly useful for helping detect and mitigate compromises to data, networks, systems and other assets within the Internet and Cloud.

A robust alarm system has an alarm controller adapted to input an alarm trigger and to generate at least one alarm drive signal in response. Alarm subsystems input the alarm drive signal and activate one or more of multiple alarms accordingly. A subsystem function signal provides feedback to the alarm controller as to alarm subsystem integrity. A malfunction indicator is output from the alarm controller in response to a failure within the alarm subsystems.

A system and method for testing the integrity of a vehicle testing/diagnostic system is provided. Examples of vehicle testing/diagnostic systems may include any equipment (portable or stationary) found in an automotive maintenance and/or testing environment (or other environment) that is capable of communicating with vehicle on-board diagnostic (OBD) systems. Prior to conducting an OBD test on one or more vehicles, an integrity testing system interfaces with a vehicle testing/diagnostic system to determine whether the vehicle testing/diagnostic system is capable of communicating via one or more predetermined communications protocols.

The present invention provides a computer-implemented method system and program product for remotely verifying (e.g., analytic) integrity of a system. Specifically, at startup of the system an access control policy that sets forth information flows within the system is read and a set of trusted subjects that interact with a target application in the system is determined. Based on the access information flows and the set of trusted subjects, an information flow graph of the system is constructed. At runtime of the target application, runtime information and program code loaded into the set of trusted subjects are measured. Measuring the program code that is loaded allows the remote party to verify that the program code is “expected” program code for the set of trusted subjects.

A scene imaging system (SIS) integrity monitor for monitoring the required operation of an imaging sensor of an SIS. The SIS is of a type including: i) an imaging sensor, ii) an imaging system processor, and iii) an imaging system display. The SIS integrity monitor includes a signal emitter assembly for receiving emitter drive signals from an imaging system processor and directing a monitoring image into the active field of view of an imaging sensor for sensed image generation. The generated image is provided to the imaging system processor for analysis. The imaging system processor evaluates the location and modulation state of the generated image to determine if faults exist in the image generation or image display paths.

A long period chiral fiber grating (“LPCFG”) that has a number of advantageous properties that can be readily utilized in a number of different applications is provided. The inventive LPCFG is a fiber grating having a pitch that exceeds the wavelength of light propagating therethrough. The LPCFG includes a number of dips in its transmission spectrum, but does not reflect any portion of the signal passing therethrough. The LPCFG is sensitive to changes in the refractive index of its external environment (or in the refractive index of a coating covering the LPCFG cladding). In response to changes in the external refractive index, the transmission dips shift proportionally to changes in the index, thus enabling the use of LPCFG as a fiber sensor element. In addition, the LPCFG is polarization sensitive—one circular polarized wave of one handedness is coupled to the cladding mode stronger than the wave of the other polarization handedness. This enables the LPCFG to be readily utilized in polarizers and for shaping the polarization spectra of signals passing therethrough (in one embodiment configured as multiple LPCFG elements having different pitches). The polarization sensitivity of the inventive LPCFG can also be used for verifying system integrity in chiral fiber sensor systems. In other embodiments of the present invention, the novel LPCFG can be used for modulating amplitude of the light signal propagating therethrough, or as a resonant active structure for add/drop filters.

The integrity of a computer may be checked by issuing a command to read data from a hardware component of the computer and retrieving the data from a data transfer buffer. The command may be sent to a secure driver that places the central processing unit (CPU) of the computer in system management mode to trigger execution of a system management interrupt (SMI) handler. The SMI handler may read the data from the hardware component, encrypt the data, and place the encrypted data in the data transfer buffer. A system integrity check application program may read the encrypted data to determine presence of malicious code based on the data. For example, the application program may infer presence of malicious code when the encrypted data does not conform to a particular encryption algorithm or when the data does not appear in the data transfer buffer.

A method for detecting leakage in a pressurised medical appliance prior to normal operation, the system including an air compressor and an inflatable bag or bladder coupled to the air compressor through the intermediary of a fill valve allowing air to pass to the bladder and a vent valve for venting the system, the fill valve and the vent valve being selectively operable during said normal operation to deliver cyclical pulses of air to inflate and deflate the bladder, the detection method comprising a) opening the fill valve to vent the system to atmospheric pressure, b) closing the vent valve, c) pressurising the system by means of the air compressor to a pre-determined threshold value, d) monitoring the pressure gradient or rise over a period of time to said threshold value and e) comparing the pressure gradient over said period of time or at intervals of time within said period of time with a pre-specified pressure gradient indicative of system integrity whereby to determine the presence or otherwise of air leakage in the system.

The invention discloses a BMC U-boot trusted starting control method; the method comprises the following steps: using SM3 and SM4 cipher algorithms (SM3 refers to a cipher hash algorithm, SM4 refers to a symmetry cipher algorithm) to determine measure and trusted states of a Linux core mirror image, a file system mirror image and an equipment tree mirror image in a U-boot starting guide system process, i.e., comparing a measure value with a reference value; starting an operating system if the measure value-reference value contrast passes, thus allowing the BMC to enter a trusted environment; stop guiding the operating system if the measure value-reference value is not consistent, allowing a BMC administrator to process, thus finally building up a BMC system platform trusted execution environment. Compared with the prior art, the BMC U-boot trusted starting control method can ensure the system integrity and no malicious code is implanted, thus ensuring the trusted BMC system platform execution environment, and helping domestic BMC chip core competitiveness; the BMC U-boot trusted starting control method is strong in practical value, wide in application scope, and easy to promote.

Provided are an electronic system, an integrity verification device, and a method of performing an integrity verification operation. The electronic system includes: a memory device; a processor configured to provide a plurality of configuration records corresponding to a plurality of verification data stored in the memory device, each of the configuration records including a start address, a data length, and a reference hash value for a corresponding verification data; and an integrity verification device configured to: store the configuration records, select a configuration record, directly access the memory device to read verification data, corresponding to the selected configuration record, based on the start address and the data length included in the selected configuration record, perform a hash operation on the verification data to obtain a verification hash value, and output an interrupt signal based on the verification hash value and the reference hash value comprised in the selected configuration record.

A first system startup code, a second startup code, a verification key and a transaction key are saved in a safety processor, wherein the verification key is used for verifying the integrity of the second startup code which is an inherent part of a common processor, and the transaction key is used for verifying the integrity of transaction information. The verification key verifying the system integrity of the second startup code of the common processor after a read-in and an execution of the first startup code in a RAM (Random Access Memory) inside the common processor and a read-in and an execution of the second startup code in the RAM inside the common processor; a startup program is stopped if the verification cannot pass; a system code and an application program code are loaded if the verification passes and the integrity of the system code and an application program are verified through the verification code; and the startup program is stopped if the verification result is negative and the startup program is started if the verification result is positive.