Abstract: A method of invoking power processor element (PPE) serviced C library functions on a synergistic processing element (SPE) running in isolated mode. When the SPE initiates a PPE-serviced function, an SPE stub routine allocates a parameter buffer in an open area of a local store (LS) memory within the SPE. The LS memory includes an open area accessible to the PPE, and an isolated area inaccessible to the PPE. The SPE stub routine copies function parameters corresponding to the PPE-serviced function to a buffer within the open area of the LS memory, and writes a message word, which contains an identification variable of the PPE-serviced function and a location variable of the function parameters, to the open area. When execution is temporarily suspended on the SPE, the PPE reads the message word from the open area of the LS memory and executes the PPE-serviced function.

Abstract: A method, computer program product, and data processing system for executing larger-than-physical-memory applications while protecting sensitive program code (and also data) from unauthorized access in a memory space not subject to protection fault or page fault detection are disclosed. Large applications are accommodated by providing a mechanism for secure program overlays, in which a single large application is broken into two or more smaller applications (overlays) that can be executed from the same memory space by overwriting one of the smaller applications with another of the smaller applications when the latter needs to be executed. So that the data may be shared among these smaller applications, each of the applications contains embedded cryptographic keys, which may be used to encrypt or decrypt information to be stored persistently while control is transferred from one application to the other.

Abstract: A system including a server apparatus executes an application program and a client apparatus enabling a user to utilize the application program by communicating with the server apparatus based on an instruction of the user. The server apparatus includes: an output detection section for detecting output-processing which is processing of outputting data from the application program into a shared area; and an output control section for storing instruction information in the shares area, instead of storing the output data outputted from the application program therein, in response to the detection of the output-processing, the instruction information specifying an acquisition method by which an authorized client apparatus acquires the output data.

Abstract: A method, system, and computer-usable medium are disclosed for controlling unauthorized access to encrypted application program code. Predetermined program code is encrypted with a first key. The hash value of an application verification certificate associated with a second key is calculated by performing a one-way hash function. Binding operations are then performed with the first key and the calculated hash value to generate a third key, which is a binding key. The binding key is encrypted with a fourth key to generate an encrypted binding key, which is then embedded in the application. The application is digitally signed with a fifth key to generate an encrypted and signed program code image. To decrypt the encrypted program code, the application verification key certificate is verified and in turn is used to verify the authenticity of the encrypted and signed program code image. The encrypted binding key is then decrypted with a sixth key to extract the binding key.

Abstract: An information processing apparatus that concurrently executes a plurality of application programs including first and second application programs on an operating system. The information processing apparatus monitors a function call from the first application program to the operating system or a message being sent and received between the first application program and the operating system. Then, based on the monitoring result, the information processing apparatus modifies or inhibits a function call from the second application program to the operating system or a process for sending and receiving a message between the second application program and the operating system. In this way, embodiments of the present invention control operations of the application program without modifying the existing operating system.

Abstract: A method, computer program product, and data processing system are disclosed for ensuring that applications executed in the data processing system originate only from trusted sources are disclosed. In a preferred embodiment, a secure operating kernel maintains a “key ring” containing keys corresponding to trusted software vendors. The secure kernel uses vendor keys to verify that a given application was signed by an approved vendor. To make it possible for independent developers to develop software for the herein-described platform, a “global key pair” is provided in which both the public and private keys of the pair are publicly known, so that anyone may sign an application with the global key. Such an application may be allowed to execute by including the global key pair's public key in the key ring as a “vendor key” or, conversely, it may be disallowed by excluding the global public key from the key ring.

Abstract: A method, computer program product, and data processing system are disclosed for ensuring that applications executed in the data processing system originate only from trusted sources are disclosed. In a preferred embodiment, a secure operating kernel maintains a “key ring” containing keys corresponding to trusted software vendors. The secure kernel uses vendor keys to verify that a given application was signed by an approved vendor. To make it possible for users to execute software from independent software developers, an administrative user may disable the above-described vendor key-checking as an option.

Abstract: Whenever a drawing command is executed, a computer system having a graphic user interface such as a multi-window system determines, from the logical operation pattern of the drawing command, what kind of information is inherited by a drawing result from the drawing command, preferably without performing a complicated step such as an image process. At the same time, the computer system controls information flow of an image outputted to a screen by managing labeled area maps which correspond one to one to images on the screen and in a memory.

Abstract: A method, computer program product, and data processing system for executing larger-than-physical-memory applications while protecting sensitive program code (and also data) from unauthorized access in a memory space not subject to protection fault or page fault detection are disclosed. Large applications are accommodated by providing a mechanism for secure program overlays, in which a single large application is broken into two or more smaller applications (overlays) that can be executed from the same memory space by overwriting one of the smaller applications with another of the smaller applications when the latter needs to be executed. So that the data may be shared among these smaller applications, each of the applications contains embedded cryptographic keys, which may be used to encrypt or decrypt information to be stored persistently while control is transferred from one application to the other.

Abstract: A method, computer program product, and data processing system for protecting sensitive program code and data (including persistently stored data) from unauthorized access are disclosed. Dedicated hardware decrypts an encrypted kernel into memory for execution. When an application is to be executed, the kernel computes one or more secrets by cryptographically combining information contained in the application with secret information contained in the kernel itself. The kernel then deletes its secret information and passes the computed secrets to the application. To store data persistently in memory, the application uses one of the computed secrets to encrypt the data prior to storage. If the kernel starts another instance of the same application, the kernel (which will have been re-decrypted to restore the kernel's secrets) will compute the same one or more secrets, thus allowing the second application instance to access the data encrypted by the first application instance.

Abstract: A method of invoking power processor element (PPE) serviced C library functions on a synergistic processing element (SPE) running in isolated mode. When the SPE initiates a PPE-serviced function, an SPE stub routine allocates a parameter buffer in an open area of a local store (LS) memory within the SPE. The LS memory includes an open area accessible to the PPE, and an isolated area inaccessible to the PPE. The SPE stub routine copies function parameters corresponding to the PPE-serviced function to a buffer within the open area of the LS memory, and writes a message word, which contains an identification variable of the PPE-serviced function and a location variable of the function parameters, to the open area. When execution is temporarily suspended on the SPE, the PPE reads the message word from the open area of the LS memory and executes the PPE-serviced function.

Abstract: Methods and apparatus, including computer program products, implementing and using techniques controlling communication performed by a communication device in an information processing apparatus having an input device. An operation received by the input device is detected. A communication request directed to the communication device from a task executed by a central processing unit is detected. A relation is determined between the detected operation and the detected communication request. The communication performed by the communication device according to the communication request is prevented when there is no relation between the detected operation and the detected communication request.

Abstract: An information processing apparatus that concurrently executes a plurality of application programs including first and second application programs on an operating system. The information processing apparatus monitors a function call from the first application program to the operating system or a message being sent and received between the first application program and the operating system. Then, based on the monitoring result, the information processing apparatus modifies or inhibits a function call from the second application program to the operating system or a process for sending and receiving a message between the second application program and the operating system. In this way, embodiments of the present invention control operations of the application program without modifying the existing operating system.

Abstract: A method for is disclosed. A boot block that contains a first public key is activated and a system Basic Input/Output System (BIOS) that contains a second public key and a first digital signature is verified, the verifying being performed by confirming that the first and second public keys match. In response to a determination that the first and second public keys match, the BIOS is activated and a system image is loaded to a real device. The system image is verified by confirming that the first digital signature that is stored in the system BIOS matches a second digital signature that is stored in a mass storage device. In response to the first and second digital signatures matching, a virtual mass storage device is created. Control of the virtual mass storage device is transferred to a boot strap code in an operating system image and the operating system image is booted from the virtual mass storage device.

Abstract: An information processing apparatus includes a storage device having an access-restricted area accessible if the password is properly authenticated and an access-unrestricted area accessible regardless of whether or not the password is authenticated. The information processing apparatus allows a password to be registered in a registration server beforehand, prompts a user to enter the password when accessing the access-restricted area and, if the password is not entered, reads from the access-unrestricted area a password retrieval program for retrieving the password from the registration server, activates and executes the password retrieval program to retrieve the password from the registration server, and causes the storage device to authenticate the retrieved password to place the access-restricted area in an accessible state.