Patents by Inventor Adrian M. Perrig

Adrian M. Perrig has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 8832778
    Abstract: An apparatus and method for establishing a trusted path between a user interface and a trusted executable, wherein the trusted path includes a hypervisor and a driver shim. The method includes measuring an identity of the hypervisor; comparing the measurement of the identity of the hypervisor with a policy for the hypervisor; measuring an identity of the driver shim; comparing the measurement of the identity of the driver shim with a policy for the driver shim; measuring an identity of the user interface; comparing the measurement of the identity of the user interface with a policy for the user interface; and providing a human-perceptible indication of whether the identity of the hypervisor, the identity of the driver shim, and the identity of the user interface correspond with the policy for the hypervisor, the policy for the driver shim, and the policy for the user interface, respectively.
    Type: Grant
    Filed: June 29, 2010
    Date of Patent: September 9, 2014
    Assignee: Carnegie Mellon University
    Inventors: Jonathan M. McCune, Adrian M. Perrig, Anupam Datta, Virgil D. Gligor, Ning Qu
  • Patent number: 8627414
    Abstract: A computer including a processor and a verification device. The processor in the computer performs the steps of authenticating a secure connection between a hypervisor and the verification device, measuring the identity of at least a portion of a select guest before the select guest executes any instruction, and sending a measurement of the identity of the select guest to the verification device. The verification device compares the policy stored in the verification device with the measurement of the select guest received by the verification device. The steps of authenticating, measuring, sending, and comparing are performed after receiving a signal indicative of a request to execute the select guest and without rebooting the computer.
    Type: Grant
    Filed: March 9, 2010
    Date of Patent: January 7, 2014
    Assignee: Carnegie Mellon University
    Inventors: Jonathan M. McCune, Adrian M. Perrig, Anupam Datta, Virgil Dorin Gligor, Yanlin Li, Bryan Jeffrey Parno, Amit Vasudevan, Ning Qu
  • Publication number: 20120198514
    Abstract: An apparatus and method for establishing a trusted path between a user interface and a trusted executable, wherein the trusted path includes a hypervisor and a driver shim. The method includes measuring an identity of the hypervisor; comparing the measurement of the identity of the hypervisor with a policy for the hypervisor; measuring an identity of the driver shim; comparing the measurement of the identity of the driver shim with a policy for the driver shim; measuring an identity of the user interface; comparing the measurement of the identity of the user interface with a policy for the user interface; and providing a human-perceptible indication of whether the identity of the hypervisor, the identity of the driver shim, and the identity of the user interface correspond with the policy for the hypervisor, the policy for the driver shim, and the policy for the user interface, respectively.
    Type: Application
    Filed: June 29, 2010
    Publication date: August 2, 2012
    Applicant: CARNEGIE MELLON UNIVERSITY
    Inventors: Jonathan M. McCune, Adrian M. Perrig, Anupam Datta, Virgil D. Gligor, Ning Qu