Настройки

Укажите год
-

Небесная энциклопедия

Космические корабли и станции, автоматические КА и методы их проектирования, бортовые комплексы управления, системы и средства жизнеобеспечения, особенности технологии производства ракетно-космических систем

Подробнее
-

Мониторинг СМИ

Мониторинг СМИ и социальных сетей. Сканирование интернета, новостных сайтов, специализированных контентных площадок на базе мессенджеров. Гибкие настройки фильтров и первоначальных источников.

Подробнее

Форма поиска

Поддерживает ввод нескольких поисковых фраз (по одной на строку). При поиске обеспечивает поддержку морфологии русского и английского языка
Ведите корректный номера.
Ведите корректный номера.
Ведите корректный номера.
Ведите корректный номера.
Укажите год
Укажите год
Применить Всего найдено 36528. Отображено 100.
05-01-2012 дата публикации

Managing protected and unprotected data simultaneously

Номер: US20120005669A1
Автор: James A. Lynn, Kevin Lindgren
Принадлежит: LSI Corp

A first virtual device is created including every logically addressable unit of a data storage server that utilizes data protection. A second virtual device is created including no logically addressable unit of the data storage server that utilizes data protection. Data transfers are disabled within all command phases of the first virtual device.

Подробнее
Номер записи: 1
12-01-2012 дата публикации

Ink ejection nozzle with thermal actuator coil

Номер: US20120007924A1
Автор: Kia Silverbrook
Принадлежит: SILVERBROOK RESEARCH PTY LTD

A printhead for an inkjet printer is disclosed. The printhead has ink nozzles formed on a print face of the printhead. Each ink nozzle has an ink chamber with an ink ejection port and an ink inlet port. A paddle device is arranged inside each chamber. Each ink nozzle further has a bi-layer thermal actuator coil with a fee end connected to the paddle device. Heating of the thermal actuator coil displaces the paddle device, causing ejection of an ink droplet through the ink ejection port.

Подробнее
Номер записи: 2
02-02-2012 дата публикации

Method And Apparatus For Remotely Provisioning Software-Based Security Coprocessors

Номер: US20120027213A1
Автор: Vincent R. Scarlata
Принадлежит: Individual

A virtual security coprocessor is created in a first processing system. The virtual security coprocessor is then transferred to a second processing system, for use by the second processing system. For instance, the second processing system may use the virtual security coprocessor to provide attestation for the second processing system. In an alternative embodiment, a virtual security coprocessor from a first processing system is received at a second processing system. After receiving the virtual security coprocessor from the first processing system, the second processing system uses the virtual security coprocessor. Other embodiments are described and claimed.

Подробнее
Номер записи: 3
02-02-2012 дата публикации

Storage apparatus, host apparatus, and storage system

Номер: US20120030479A1
Автор: Hiroshi Kuno, Kenjiro Ueda, Munetake Ebihara, Takamichi Hayashi
Принадлежит: Sony Corp

Disclosed herein is a storage apparatus including: a first storage block configured to record and hold encrypted content data and output the encrypted content data on an on-demand basis; a second storage block configured to record and hold a confidential title key; a title stream key generation block configured to generate a title stream key corresponding to a subject of encryption of the content data by use of the held confidential title key; and a communication block configured to transmit the generated title stream key with confidentiality thereof held.

Подробнее
Номер записи: 4
16-02-2012 дата публикации

Anti-counterfeiting electronic device and method thereof

Номер: US20120042169A1
Автор: Bo-Ching Lin, Hsien-Chung Shih, Sha-Sha Hu, Xiang Li
Принадлежит: Hon Hai Precision Industry Co Ltd, Hongfujin Precision Industry Shenzhen Co Ltd

An anti-counterfeiting electronic device includes a function component assigned with an identification code ID and a processor. The processor generates a random code K 1 and transmits the random code K 1 to the function component; the function component encrypts the random code K 1 and the identification code ID to generate a key ID 1 . The processor further obtains the key ID 1 from the function component and decrypts the key ID 1 to generate an identification code ID 2 , and determines whether the identification code ID 2 is the same as the ID and executes the system login command if the identification code ID 2 is the same as the identification code ID. An anti-counterfeiting method is also provided.

Подробнее
Номер записи: 5
23-02-2012 дата публикации

Mobile Device Having Increased Security That Is Less Obtrusive

Номер: US20120046012A1
Автор: Babak Forutanpour, Brian Momeyer
Принадлежит: Qualcomm Inc

Disclosed is an apparatus and method for a mobile device to provide increased security that is less obtrusive. A mobile device includes a display device, a user interface, and a processor. The processor may be configured to execute instructions to: implement a monitoring function to monitor the operation of the mobile device and to implement a plurality of monitor functions; and implement an authentication process to compare the plurality of monitor functions to a time period to determine an authentication value, wherein if the authentication value exceeds a threshold, a lock screen is implemented on the display device, and a user is required to enter a valid passcode through the user interface for authentication. Each monitor function may be associated with a pre-determined weight such that different monitor functions are given different priorities.

Подробнее
Номер записи: 6
23-02-2012 дата публикации

Secure field-programmable gate array (fpga) architecture

Номер: US20120047371A1
Автор: Thomas R. Woodall
Принадлежит: Raytheon Co

A method and system for configuring a field-programmable gate array (FPGA) includes receiving an encrypted FPGA load-decryption key at an FPGA from a remote key-storage device. The remote key-storage device may be external to and operatively connected with the FPGA. The encrypted FPGA load-decryption key is decrypted using a session key, which may be stored at both the FPGA and the remote key-storage device. Encrypted FPGA-configuration data is received at the FPGA, and decrypted and authenticated using the decrypted FPGA load-decryption key. The decryption of the FPGA-configuration data may indicate a cryptographic state associated with the FPGA-configuration data, which may be used in recurring authentication of the FPGA-configuration data. For recurring authentication, a challenge message may be received at the FPGA from an authentication device, which may be encrypted using the cryptographic state and the session key to generate a response message. The response message may then be sent to the authentication device to determine authenticity of the FPGA-configuration data.

Подробнее
Номер записи: 7
23-02-2012 дата публикации

Memory subsystem and method therefor

Номер: US20120047373A1
Автор: F. Michael Schuette, G.R. Mohan Rao
Принадлежит: Individual

A memory subsystem and method for loading and storing data at memory addresses of the subsystem. The memory subsystem is functionally connected to a processor and has a first mode of address encryption to convert logical memory addresses generated by the processor into physical memory addresses at which the data are stored in the memory subsystem. The memory subsystem is adapted to pull low a write enable signal to store data in the memory subsystem and to pull high the write enable signal to load data in the memory subsystem, wherein if pulled high the write enable signal alters the address encryption from the first mode to a second mode. The memory subsystem is adapted to be coupled to a local hardware device which supplies a key that acts upon the address encryption of the memory subsystem.

Подробнее
Номер записи: 8
08-03-2012 дата публикации

Organic keyed encryption

Номер: US20120057698A1
Автор: Howard J. Schantz, Rick C. Stevens
Принадлежит: Lockheed Martin Corp

An encryption technique that creates a unique encryption key or fingerprint based on unique physical and electrical characteristics of a target electronic assembly to be protected. The encryption key can be constructed by exploiting the manufacturing variances present in all electronic elements including active elements and passive elements. Active elements include, for example: oscillators/clocks, internal I/O controllers, external I/O controllers, memory, processors, and digital power converters. Passive elements include, for example: internal I/O interconnects, external I/O interconnects, memory buses, and power buses. The encryption key can also include one or more environmental condition thresholds.

Подробнее
Номер записи: 9
08-03-2012 дата публикации

Flash memory distribution of digital content

Номер: US20120060040A1
Автор: Michael W. Anderson, Rhyan Neble
Принадлежит: TGBW Inc

Methods, apparatuses, and computer-readable media for distributing digital content. One embodiment comprises an apparatus comprising: a device ( 100 ) communications bus; coupled to the device communications bus ( 150 ), a bi-directional communications controller ( 110 ) capable of communicatively interfacing with a computer ( 710 ); coupled to the device communications bus ( 150 ), an integrated processor ( 130 ) capable of executing ( 270 ) computer-executable instructions; and coupled to the integrated processor ( 130 ), a storage module ( 140 ) capable of storing computer-executable instructions.

Подробнее
Номер записи: 10
15-03-2012 дата публикации

Communication terminal device and security method

Номер: US20120064861A1
Автор: Koichiro Shiraishi
Принадлежит: Panasonic Corp

Provided is a communication terminal device which can prevent the situation that the communication terminal device cannot be used for a while within a security area, can release a security lock without making a user aware of the release, and can increase usability. In the device, a GPS unit ( 105 ) acquires current position information. By a security setting unit ( 110 ), security is released when the position information is within the security area, and security is set when the position information is outside the security area. An information storage unit ( 104 ) previously stores a BSI of a base station associated with the security area. A radio unit ( 102 ) acquires BSIs of a plurality of base stations. A GPS control unit ( 108 ) controls a timing to start acquisition of the position information by the GPS unit ( 105 ), on the basis of the BSI stored in the information storage unit ( 104 ) and the BSI acquired by the radio unit ( 102 ).

Подробнее
Номер записи: 11
15-03-2012 дата публикации

Real-time secure self-aquiring root authority

Номер: US20120066512A1
Автор: Eric Kass, Joachim Kern
Принадлежит: International Business Machines Corp, SAP SE

When software is delivered to a customer, there are often programs or routines of programs that a software distributor intended to run under the credentials of a specific user other than the user who started the program. A secure method is proposed for software running in a process to acquire rights to issue restricted operations. A trusting entity trusts a process based on verifying ownership of code residing in the process. The trusted process is granted rights by the trusting entity to perform any or specific operations under the credentials of a specific user, not necessarily the current process user.

Подробнее
Номер записи: 12
15-03-2012 дата публикации

System and method for improving security using intelligent base storage

Номер: US20120066765A1
Автор: John O'brien
Принадлежит: Individual

The present invention presents a system and method for providing improved security within a computer system by using an intelligent based storage system operating with the host unit whereby, the intelligent based storage system independently provides monitoring of files that should not be accessed, monitoring of files that should be accesses with strict regularity, and analysis of access patterns.

Подробнее
Номер записи: 13
22-03-2012 дата публикации

System and method of protecting data on a communication device

Номер: US20120072722A1
Автор: Herbert A. Little, Neil P. Adams
Принадлежит: Research in Motion Ltd

A system and method of protecting data on a communication device are provided. Data received when the communication device is in a first operational state is encrypted using a first cryptographic key and algorithm. When the communication device is in a second operational state, received data is encrypted using a second cryptographic key and algorithm. Received data is stored on the communication device in encrypted form.

Подробнее
Номер записи: 14
29-03-2012 дата публикации

Data processing apparatus

Номер: US20120079286A1
Автор: Atsuo Yamaguchi, Hirokazu Tsuruta, Shigenori Miyauchi
Принадлежит: Renesas Electronics Corp

A data processing apparatus is provided, which detects falsification of software to data and rewriting of the data. The data processing apparatus according to an embodiment of the present invention comprises a security unit which has an encryption circuit for decrypting an encrypted signal including secrecy data. The security unit includes a compression circuit which compresses an access signal used in accessing the security unit and outputs the compression result, and a comparison circuit which compares the compression result outputted from the compression circuit with a previously-calculated expectation value of the compression result of the access signal.

Подробнее
Номер записи: 15
12-04-2012 дата публикации

System and Method for Automatic Authentication of an Item

Номер: US20120089835A1
Автор: Douglas Peckover
Принадлежит: DT Labs LLC

A system, apparatus and method automatically authenticating an item. The media device includes a housing, a processor disposed within the housing, the item disposed within or attached to the housing, and a memory disposed within the housing. The memory stores computer readable instructions that when executed by the processor causes the processor to perform the steps: (a) obtaining the one or more identifiers from the item wherein the one or more identifiers includes a serial number or code; (b) transmitting the obtained identifier(s) to a server device for authentication; (c) receiving an authentication message from the server device; (d) continuing operation of the media device whenever the authentication message from the server device indicates that the item is authentic; and (e) performing one or more actions based on the authentication message whenever the authentication message from the server device indicates that the item is not authentic or cannot be verified.

Подробнее
Номер записи: 16
19-04-2012 дата публикации

Processing system with register arbitration and methods for use therewith

Номер: US20120093237A1
Автор: Norman Vernon Douglas Stewart
Принадлежит: ViXS Systems Inc

A processing system includes a memory module that includes a register space for storing a plurality of register data in a plurality of registers and secure access data corresponding to the register space. A register arbitration module operates to receive a request to access one of the registers from a client module; retrieve secure access data corresponding to the client to determine if the client is trusted; and to grant the request to access the register if the client is trusted. If the client is not trusted, the register arbitration module retrieves secure access data to determine if the register is non-secured for the client. The register arbitration module grants the request to access the register when the register is non-secured for the client.

Подробнее
Номер записи: 17
19-04-2012 дата публикации

Wireless intrusion prevention system and method

Номер: US20120096539A1
Автор: Deepak Venugopal, Guoning Hu, Shantaru Bhardwaj
Принадлежит: Juniper Networks Inc

A wireless intrusion prevention system and method to prevent, detect, and stop malware attacks is presented. The wireless intrusion prevention system monitors network communications for events characteristic of a malware attack, correlates a plurality of events to detect a malware attack, and performs mitigating actions to stop the malware attack.

Подробнее
Номер записи: 18
26-04-2012 дата публикации

Method, System And Device For Securing A Digital Storage Device

Номер: US20120102331A1
Автор: Leonard Russo
Принадлежит: Hewlett Packard Co

Method of securing a digital storage device, wherein a host is connected to the storage device, the host digitally locks the storage device so that unauthorized data access to the storage device is denied, the host sets the encryption conditions of the storage device in one of a condition wherein encryption of data on the storage device is enabled, and a condition wherein encryption of data on the storage device is disabled.

Подробнее
Номер записи: 19
03-05-2012 дата публикации

Method for coding and decoding digital data, particularly data processed in a microprocessor unit

Номер: US20120110413A1
Автор: Lars Hoffmann
Принадлежит: Giesecke and Devrient GmbH

The invention relates to a method for encoding digital data, in particular of data processed in a microprocessor unit. In the method according to the invention for a respective data word (A, B, C) of a series of data words to be encoded subsequently a parity code (P(A), P(B), P(C)) is computed on the basis of the data of the respective data word (A, B, C). Further the respective data word (A, B, C) is altered with the aid of the data word (A, B, C) preceding it in the series, wherein the altered data word (Aa, Ba, Ca) and the parity code (P(A), P(B), P(C)) represent the encoded data word (Ac, Bc, Cc) and the encoded data word (Ac, Bc, Cc) can be decoded with the aid of the data word (A, B, C) preceding it in the series.

Подробнее
Номер записи: 20
10-05-2012 дата публикации

Printhead integrated circuit with a solenoid piston

Номер: US20120113191A1
Автор: Kia Silverbrook
Принадлежит: SILVERBROOK RESEARCH PTY LTD

A printhead integrated circuit comprising a wafer substrate defining a nozzle outlet port; an electromagnetic piston mounted to the wafer substrate via torsion springs, said piston operatively forced towards the outlet port when activated; and a solenoid coil positioned on the wafer substrate about the piston to activate the piston when a current is passed through the coil. The piston is magnetised during a final high temperature step in a fabrication process of the nozzle apparatus to ensure that the Curie temperature is not exceeded after magnetisation

Подробнее
Номер записи: 21
17-05-2012 дата публикации

System and Methods for Silencing Hardware Backdoors

Номер: US20120124393A1
Автор: Adam Waksman, Lakshminarasimhan Sethumadhavan
Принадлежит: Columbia University of New York

Methods for preventing activation of hardware backdoors installed in a digital circuit, the digital circuit comprising one or more hardware units to be protected. A timer is repeatedly initiated for a period less than a validation epoch, and the hardware units are reset upon expiration of the timer to prevent activation of a time-based backdoor. Data being sent to the hardware unit is encrypted in an encryption element to render it unrecognizable to a single-shot cheat code hardware backdoor present in the hardware unit. The instructions being sent to the hardware unit are reordered randomly or pseudo-randomly, with determined sequential restraints, using an reordering element, to render an activation instruction sequence embedded in the instructions unrecognizable to a sequence cheat code hardware backdoor present in the hardware unit.

Подробнее
Номер записи: 22
24-05-2012 дата публикации

Peripheral authentication

Номер: US20120131353A1
Автор: Francis P. Bourque, Irfan Nasir, Robert M. Johnson, Sanjay Gupta
Принадлежит: MOTOROLA MOBILITY LLC

This document describes techniques ( 300, 400 ) and apparatuses ( 100, 500, 600, 700 ) for peripheral authentication. These techniques ( 300, 400 ) and apparatuses ( 100, 500, 600, 700 ) may configure data lines for authentication between host device ( 102 ) and peripheral ( 106 ), use these configured data lines to authenticate the peripheral ( 106 ), and then reconfigure the data lines for use.

Подробнее
Номер записи: 23
14-06-2012 дата публикации

Switch to perform non-destructive and secure disablement of ic functionality utilizing mems and method thereof

Номер: US20120146684A1
Автор: Jonathan Ebbers, Kenneth J. Goodnow, Peter A. Twombly, Stephen G. Shuma
Принадлежит: International Business Machines Corp

Structures and methods are provided for performing non-destructive and secure disablement of integrated circuit (IC) functionality. A structure for enabling non-destructive and secure disablement and re-enablement of the IC includes a micro-electrical mechanical structure (MEMS) initially set to a chip enable state. The structure also includes an activation circuit operable to set the MEMS device to an error state based on a detected predetermined condition of the IC. The IC is disabled when the MEMS device is in the error state.

Подробнее
Номер записи: 24
14-06-2012 дата публикации

Random-id function for smartcards

Номер: US20120146773A1
Автор: Francesco Gallo, Hauke Meyn
Принадлежит: NXP BV

A method for low-level security based on the UID. In particular it enhances an RFID system by adding the ability to dynamically modify the UID of the smartcard or to randomly generate a new UID for the smartcard.

Подробнее
Номер записи: 25
21-06-2012 дата публикации

Modular exponentiation resistant against skipping attacks

Номер: US20120159189A1
Автор: Marc Joye
Принадлежит: Individual

An exponentiation method resistant against skipping attacks. A main idea of the present invention is to evaluate, in parallel with the exponentiation such as y=g d , a value based on the exponent, e.g. f=d·1. These evaluations are performed using the same exponentiation algorithm by “gluing” together the group operations underlying the computation of y and f so that a perturbation to one operation also perturbs the other. This makes it possible to verify that f indeed equals d before returning the result. Also provided are an apparatus and a computer program product.

Подробнее
Номер записи: 26
21-06-2012 дата публикации

Apparatus and method to harden computer system

Номер: US20120159652A1
Автор: Arvind Kumar, Matthew J. Parker, Naga Gurumoorthy
Принадлежит: Individual

In some embodiments, a processor-based system may include a processor, the processor having a processor identification, one or more electronic components coupled to the processor, at least one of the electronic components having a component identification, and a hardware security component coupled to the processor and the electronic component. The hardware security component may include a secure non-volatile memory and a controller. The controller may be configured to receive the processor identification from the processor, receive the at least one component identification from the one or more electronic components, and determine if a boot of the processor-based system is a provisioning boot of the processor-based system. If the boot is determined to be the provisioning boot, the controller may be configured to store a security code in the secure non-volatile memory, wherein the security code is based on the processor identification and the at least one component identification. Other embodiments are disclosed and claimed.

Подробнее
Номер записи: 27
28-06-2012 дата публикации

Elliptic curve cryptograhy with fragmented key processing and methods for use therewith

Номер: US20120163581A1
Автор: Thomas Jefferson Saremi, Zeev Lieber
Принадлежит: Morega Systems Inc

A cryptography module includes a key store having a plurality of storage locations for storing a private key as k key fragments. One or more crypto-processing segments each operate based on corresponding ones of the k key fragments to process a message in accordance with elliptic curve digital signature algorithm (ECDSA) to produce a signed message.

Подробнее
Номер записи: 28
05-07-2012 дата публикации

Removable devices

Номер: US20120174188A1
Автор: Ahuja Gurmukhsingh Ramesh, Senthil Kumar Chellamuthu
Принадлежит: Micron Technology Inc

Methods and removable devices are provided. Some such removable devices may include a secure partition and a public partition. The secure partition is not accessible by an operating system of a host for some embodiments. The secure partition is configured to store information so that formatting/reformatting does not alter the stored information for other embodiments.

Подробнее
Номер записи: 29
12-07-2012 дата публикации

System and method for enforcing software security through cpu statistics gathered using hardware features

Номер: US20120179898A1
Автор: Augustin J. Farrugia, Ganna Zaks, Gianpaolo Fasoli, Jon McLachlan, Julien Lerouge, Pierre Betouin
Принадлежит: Apple Inc

This disclosure is directed to measuring hardware-based statistics, such as the number of instructions executed in a specific section of a program during execution, for enforcing software security. The counting can be accomplished through a specific set of instructions, which can either be implemented in hardware or included in the instruction set of a virtual machine. For example, the set of instructions can include atomic instructions of reset, start, stop, get instruction count, and get CPU cycle count. To obtain information on a specific section of code, a software developer can insert start and stop instructions around the desired code section. For each instruction in the identified code block, when the instruction is executed, a counter is incremented. The counter can be stored in a dedicated register. The gathered statistics can be used for a variety of purposes, such as detecting unauthorized code modifications or measuring code performance.

Подробнее
Номер записи: 30
26-07-2012 дата публикации

One-Die Flotox-Based Combo Non-Volatile Memory

Номер: US20120191902A1
Автор: Fu-Chang Hsu, Peter Wung Lee
Принадлежит: Aplus Flash Technology Inc

A memory access apparatus that controls access to at least one memory array has an array of programmable comparison cells that retain a programmed pass code and compare it with an access pass code. When there is a match between the access pass code and the programmed pass code, the memory access apparatus generates a match signal for allowing access to the at least one memory array. If there is no match, the data within the at least one memory array may be corrupted or destroyed. Each nonvolatile comparison cell has a pair of series connected charge retaining transistors. The programmed pass code is stored in the charge retaining transistors. Primary and complementary query pass codes are applied to the charge retaining transistors and are logically compared with the stored pass code and based on the programmed threshold voltage levels determine if the query pass code is correct.

Подробнее
Номер записи: 31
02-08-2012 дата публикации

Program execution device

Номер: US20120198243A1
Автор: Hideki Matsushima, Shunji Harada, Teruto Hirota, Yukie Shoda
Принадлежит: Individual

A program execution device capable of protecting a program against unauthorized analysis and alteration is provided. The program execution device includes an execution unit, a first protection unit, and a second protection unit. The execution unit executes a first program and a second program, and is connected with an external device that is capable of controlling the execution. The first protection unit disconnects the execution unit from the external device while the execution unit is executing the first program. The second protection unit protects the first program while the execution unit is executing the second program.

Подробнее
Номер записи: 32
16-08-2012 дата публикации

Data storage medium having security function and output apparatus therefor

Номер: US20120210054A1
Автор: Chang-Jung Kim, Chul-woo Park, Ho-Jung Kim, In-kyeong Yoo
Принадлежит: SAMSUNG ELECTRONICS CO LTD

Provided are a storage medium, which has a security function, for storing media content and an output apparatus for outputting data stored in the storage medium. The storage medium includes a controller for converting at least one of a position of pins of a connector and a storage position of media content in a memory unit in order to control transmission of the media content in the memory unit to the output apparatus.

Подробнее
Номер записи: 33
16-08-2012 дата публикации

Cryptographic logic circuit with resistance to differential power analysis

Номер: US20120210138A1
Автор: James L. Tucker
Принадлежит: Honeywell International Inc

This disclosure describes techniques that may prevent cryptographic devices, including both encryption devices and decryption devices, from producing a power signature that can be used by attackers to deconstruct a cryptographic algorithm and extract a cryptographic key. The techniques may include an external power supply charging an internal, dedicated power storage element; temporarily gating off the encryption device from the external power supply; configuring a cryptographic logic unit to perform a cryptographic algorithm from power stored in the power storage element while the external power source is gated off; and then recharging the power storage element upon the cryptographic logic unit completing an iteration of the cryptographic algorithm.

Подробнее
Номер записи: 34
23-08-2012 дата публикации

Data security management systems and methods

Номер: US20120216291A1
Автор: Hsin-Ti Chueh, Ssu-Po Chin
Принадлежит: HTC Corp

Data security management system and methods are provided. First, a first system having a management authority is provided. The first system displays an input interface on an input device. A switch switches the management authority from the first system to a second system, wherein the second system operates with a secure mechanism. When the management authority is switched to the second system, the first system transmits layout information of the input interface and an input device characteristic of the input device to the second system. The second system receives input data via the input device, and decodes the input data according to the layout information and the input device characteristic.

Подробнее
Номер записи: 35
06-09-2012 дата публикации

System and method for physically detecting counterfeit electronics

Номер: US20120226463A1
Автор: Jason Galyardt, Stephen Dorn Freeman, Walter J. Keller, III
Принадлежит: Nokomis Inc

A system for inspecting or screening electrically powered device includes a signal generator inputting a preselected signal into the electrically powered device. There is also an antenna array positioned at a pre-determined distance above the electrically powered device. Apparatus collects RF energy emitted by the electrically powered device in response to input of said preselected signal. The signature of the collected RF energy is compared with an RF energy signature of a genuine part. The comparison determines one of a genuine or a counterfeit condition of the electrically powered device.

Подробнее
Номер записи: 36
13-09-2012 дата публикации

Data Storage Device and Data Management Method Thereof

Номер: US20120233427A1
Автор: Chi-Lung Wang, Hui-Chuan Hou, Tsang-Yi Chen, Wen-Jeng Fang, Yuan-Tai Sie
Принадлежит: Silicon Motion Inc, Transcend Information Inc

An embodiment of the invention provides a data storage device and data management method thereof. The data storage device is coupled to a host, and includes a storage media having data sectors for storing data and a controller. The controller is coupled to the storage media for sequentially receiving one or more read commands and corresponding one or more logical addresses thereto, reads a plurality of first data sectors from the storage media according to the read commands and the corresponding logical addresses, outputs data of the first data sectors to the host, calculates a valid duration required for the one or more read commands, calculates an average data throughput according to the number of the first data sectors and the valid duration, and determines whether the average data throughput exceeds a predetermined threshold. When the average data throughput exceeds the predetermined threshold, the controller performs a blocking procedure to prevent the storage media from being accessed.

Подробнее
Номер записи: 37
13-09-2012 дата публикации

System and methods for identity attribute validation

Номер: US20120233705A1
Автор: Andre Michel Boysen, Gregory Wolfond, Patrick Hans Engel, Pierre Antoine Roberge, Troy Jacob Ronda
Принадлежит: Individual

A method of identity attribute validation at a computer server involves the computer server receiving an identity attribute validation request from a communication terminal. The computer server further receives a credential, and is configured with an attribute disclosure profile of attributes authorized for disclosure to the communication terminal. The computer server determines the validity of the credential, and provides the communication terminal with a response to the identity attribute validation request based on an outcome of the credential validity determination. The attribute validation response includes attributes data associated with the credential authorized for disclosure by the attribute disclosure profile but excludes attributes data associated with the credential not authorized for disclosure by the attribute disclosure profile.

Подробнее
Номер записи: 38
27-09-2012 дата публикации

Device and method for disconnecting download channel of hand-held terminal

Номер: US20120244906A1
Автор: Chunyu Li
Принадлежит: ZTE Corp

The disclosure provides a device and method for disconnecting a download channel of a hand-held terminal. The device comprises: a connection/disconnection unit ( 308 ), which comprises a fuse module ( 308 - 2 ) and a fusing module ( 308 - 4 ), arranged between a download connection point ( 302 ) and a microprocessor ( 306 ); when no downloading is needed by the hand-held terminal, the fusing module ( 308 - 4 ) is provided with a level signal through the download connection point, and switch characteristics of a triode or an MOSFET in the fusing module ( 308 - 4 ) are utilized, to control the connection/disconnection of the download channel between the download connection point ( 302 ) and the microprocessor ( 306 ), thus avoiding generation of new download channel.

Подробнее
Номер записи: 39
27-09-2012 дата публикации

Storage device and method for updating data in a partition of the storage device

Номер: US20120246442A1
Автор: Boris Dolgunov, Nir EKHAUZ, Nir Paz
Принадлежит: Sandisk IL Ltd

A storage device and method for updating data stored in a partition of the storage device are provided. In one embodiment, a storage device is provided that contains a logical-to-physical address map and a memory with a first partition storing original data and a second partition. The storage device receives from a host device (i) a command to write updated data to a first logical address and (ii) a signature for verifying integrity of the updated data, wherein the first logical address is mapped to a physical address of the first partition. The storage device then stores the updated data in the second partition instead of the first partition and attempts to verify the signature of the updated data. If the attempt to verify the signature is successful, the storage device updates the logical-to-physical address map to map the first logical address to a physical address of the second partition.

Подробнее
Номер записи: 40
27-09-2012 дата публикации

Encryption information transmitting terminal

Номер: US20120246473A1
Автор: Mitsuru Kanda, Takeshi Saito, Yasuyuki Nishibayashi, Yoshihiro Oba
Принадлежит: Toshiba Corp

The communication unit transmits and receives a communication message. The authentication processor performs an authentication process for establishing the network connection by transmitting and receiving an authentication message to and from an authentication server through the communication unit. The encryption information generator generates an encryption key shared with the authentication server when the authentication process is successfully completed. The first message generator generates a first communication message instructing the destination device to acquire the encryption key from the authentication server. The second message generator generates a second communication message including data to be transmitted to the destination device. The communication unit transmits the first communication message to the destination device, encrypts the second communication message with the encryption key, and transmits an encrypted second communication message to the destination device.

Подробнее
Номер записи: 41
27-09-2012 дата публикации

Data storage devices including integrated anti-virus circuits and method of operating the same

Номер: US20120246729A1
Автор: Byung-gook Kim, Chanik Park, Dawoon Jung, Jisoo Kim
Принадлежит: SAMSUNG ELECTRONICS CO LTD

A data storage device includes a storage medium and a controller circuit configured to be coupled to an external host to provide an interface between the external host and the storage medium, the controller circuit configured to detect a virus carried by a data file transferred to and/or stored in the storage medium. The controller circuit may be further configured to cure the detected virus.

Подробнее
Номер записи: 42
04-10-2012 дата публикации

Rf-id tag reading system for using password and method thereof

Номер: US20120249288A1
Автор: Hyung-Min Yoon, Jin-Young Yang, Kyung-ho Park, Woo-Shik Kang
Принадлежит: SAMSUNG ELECTRONICS CO LTD

Provided is a RFID tag with enhanced security. The tag includes a tag memory to store thereto pre-determined password information and tag data, an antenna to receive a tag data transmission request signal from an outer reader, and a tag controller to request the reader to transmit the password if the tag data transmission request signal is received, and then to transmit the tag data if the password received from the reader is identical with the pre-determined password. Accordingly, it can be prevented for a third-party, who does not know the password, to check the tag data.

Подробнее
Номер записи: 43
04-10-2012 дата публикации

Routing, security and storage of sensitive data in random access memory (ram)

Номер: US20120254526A1
Автор: Vydhyanathan Kalyanasundharam
Принадлежит: Advanced Micro Devices Inc

A method and apparatus for securely storing and accessing processor state information in random access memory (RAM) at a time when the processor enters an inactive power state.

Подробнее
Номер записи: 44
04-10-2012 дата публикации

Providing protection against unauthorized network access

Номер: US20120254951A1
Автор: Akira Ohkado, Masami Tada, Seiji Munetoh, Yukihiko Sohda
Принадлежит: International Business Machines Corp

A system includes a detection unit configured to detect unauthorized access to one or more information processing apparatuses that are virtually implemented by virtual machines executed by a computer; an authorized network configured to transfer authorized access to the one or more information processing apparatuses from an external network; a honeypot network configured to transfer unauthorized access to the information processing apparatuses from the external network; and a control unit configured to connect the information processing apparatuses for which no unauthorized access has been detected to the authorized network, and connect the information processing apparatuses for which unauthorized access has been detected to the honeypot network; wherein the control unit shifts, in response to detecting unauthorized access by the detection unit, the corresponding information processing apparatus into a decoy mode in which the detected unauthorized access is disconnected from a normal operation.

Подробнее
Номер записи: 45
11-10-2012 дата публикации

Multiple independent encryption domains

Номер: US20120257743A1
Автор: Peter H. Van Der Veen
Принадлежит: QNX Software Systems Ltd

A stored object may be encrypted with an “object” cryptographic key. The object cryptographic key may be stored in metadata for the object and the metadata for the object may be encrypted using an “internal” cryptographic key associated with a particular encryption domain. The internal cryptographic key may be stored in a filesystem memory block associated with the particular encryption domain. A “domain” cryptographic key may be generated and stored associated with the particular encryption domain. The domain cryptographic key may be used to encrypt the filesystem memory block. Conveniently, below the domain cryptographic key, the filesystem has a unique, totally unknown, internal cryptographic key for actual data encryption.

Подробнее
Номер записи: 46
18-10-2012 дата публикации

Processor system

Номер: US20120265904A1
Автор: Hideki Matsuyama
Принадлежит: Renesas Electronics Corp

Disclosed herein is a processor system including a specific code area setting register holding a first set value corresponding to an address range of a specific code area in which a specific program is stored; a peripheral device having a specific data storage area for storing specific data to be used by the specific program; a processor element outputting an access request to the peripheral device upon executing programs including the specific program, and determining whether the program executed by reference to the first set value is the specific program, and a safety guard controlling access to the specific data storage area depending on whether the access request results from the execution of the specific program.

Подробнее
Номер записи: 47
01-11-2012 дата публикации

Systems and methods for detecting and mitigating programmable logic device tampering

Номер: US20120278906A1
Автор: Bruce B. Pedersen
Принадлежит: Altera Corp

Systems and methods are disclosed for preventing tampering of a programmable integrated circuit device. Generally, programmable devices, such as FPGAs, have two stages of operation; a configuration stage and a user mode stage. To prevent tampering and/or reverse engineering of a programmable device, various anti-tampering techniques may be employed during either stage of operation to disable the device and/or erase sensitive information stored on the device once tampering is suspected. One type of tampering involves bombarding the device with a number of false configuration attempts in order to decipher encrypted data. By utilizing a dirty bit and a sticky error counter, the device can keep track of the number of failed configuration attempts that have occurred and initiate anti-tampering operations when tampering is suspected while the device is still in the configuration stage of operation.

Подробнее
Номер записи: 48
08-11-2012 дата публикации

Electronic devices having adaptive security profiles and methods for selecting the same

Номер: US20120284779A1
Автор: Jeffery T. Lee, Michael I. Ingrassia, Jr.
Принадлежит: Apple Inc

Adaptive security profiles are supported on an electronic device. One or more security profiles may be automatically or selectively applied to the device based on the device's location and one or more geographic zone definitions. The security profiles may be used to determine the level of authentication or number of invalid authentication attempts for a particular feature or application or set of features or applications.

Подробнее
Номер записи: 49
15-11-2012 дата публикации

Protected mode for mobile communication and other devices

Номер: US20120291101A1
Автор: Eric Ahlstrom, Jenna Lee
Принадлежит: Microsoft Corp

An electronic device includes at least one memory unit, a plurality of applications residing on at least one of the memory units and a database residing on at least one of the memory units. The database is configured to store a record specifying a subset of the plurality of applications that are to be inaccessible to a user when in a protected mode of operation. The protected mode is designed for a user (e.g., child or friend borrowing the device) who can potentially use the device with setting that are configured under the primary user's (e.g. parent, device administrator) supervision. The device also includes a user interface through which a primary user and not other users can specify the subset of the plurality of applications to be included in the record. A processor is operatively associated with the memory unit, the database and the user interface. The processor is configured to switch, in response to a request from the primary user and not other users, between a normal mode operation in which all of the applications in the plurality of applications are available for use and the protected mode of operation.

Подробнее
Номер записи: 50
29-11-2012 дата публикации

Method and apparatus for encrypting and processing data in flash translation layer

Номер: US20120303880A1
Автор: Chang-Woo MIN, Jin-Ha Jun
Принадлежит: SAMSUNG ELECTRONICS CO LTD

A method and apparatus for preventing a user from interpreting optional stored data information even when the user extracts the optional stored data, by managing data associated with a flash memory in a flash translation layer, the method comprising searching at least one page of the flash memory when writing data to the flash memory, determining whether authority information corresponding to respective searched pages includes an encryption storage function, generating, corresponding to respective searched pages, a page key according to an encrypting function when the authority information includes the encryption storage function encrypting the data using the generated page key and storing the encrypted data in the respective searched pages, and storing the data in the respective searched pages without encryption when the authority information does not include the encryption storage function.

Подробнее
Номер записи: 51
13-12-2012 дата публикации

Delaying or deterring counterfeiting and/or cloning of a component

Номер: US20120317662A1
Автор: Murray J. Robinson, Paul I. Mikulan, Rube M. ROSS, TeckKhim NEO
Принадлежит: STMICROELECTRONICS ASIA PACIFIC PTE LTD, STMicroelectronics lnc USA

In an embodiment, to deter or delay counterfeiting/cloning of a replacement component of a host device, the replacement component is provided with a code value. The code value is generated from a value of at least one physical parameter of the replacement component and is stored on the replacement component. The host device determines whether the replacement component is authentic if the stored code value matches a reference code value.

Подробнее
Номер записи: 52
20-12-2012 дата публикации

Secure search system, public parameter generation device, encryption device, user secret key generation device, query issuing device, search device, computer program, secure search method, public parameter generation method, encryption method, user secret key generation method, query issuing method, and search method

Номер: US20120324240A1
Автор: Katsuyuki Takashima, Mitsuhiro Hattori, Nori Matsuda, Takashi Ito, Takeshi Yoneda, Takumi Mori
Принадлежит: Mitsubishi Electric Corp

In a secure search system to be used by a plurality of users, the size of a ciphertext is reduced and the need to generate a new ciphertext when a new user is added is eliminated. A public parameter generation device 100 generates a pair of a public parameter and a master secret key. Using the public parameter, an encryption device 400 encrypts a keyword and generates a ciphertext. Using the master secret key, a user secret key generation device 200 generates a user secret key of a query issuing device 300 . Using the user secret key, the query issuing device 300 generates a query for searching for the keyword. Based on the ciphertext and the query, a search device 500 determines whether a hit is obtained for searching.

Подробнее
Номер записи: 53
20-12-2012 дата публикации

Information input display device and control program thereof

Номер: US20120324571A1
Автор: Keiichiro Hyodo, Masayuki Inoue, Tatsuya Eguchi, Tetsuhiro Shibata, Tsutomu Suka
Принадлежит: KONICA MINOLTA BUSINESS TECHNOLOGIES INC

An information input display device, having an input section for inputting information and a display section for displaying the information, which enables an access to protected information after being authenticated by an authentication processing executed after starting up of the information input display device, the information input display device including: an authentication processor which executes the authentication processing based on authentication information inputted by the input section; and an input display controller which, after the starting up of the information input display device and before being authenticated by the authentication processing, accepts inputting of prescribed information different from the authentication information through a screen displayed on the display section, and allows the display section to display the prescribed information on the screen.

Подробнее
Номер записи: 54
27-12-2012 дата публикации

Virtual machine system and virtual machine system control method

Номер: US20120331464A1
Автор: Hiroo Ishikawa, Masahiko Saito, Teruto Hirota
Принадлежит: Panasonic Corp

A virtual machine system is provided with a processor having only two privileged modes, a low privileged mode and a high privileged mode, and achieves both a security function for protecting digital copyrighted works or the like and an operating system switching function that guarantees system reliability. The virtual machine system is provided with a first and a second processor and executes a hypervisor on the first processor in the high privileged mode. An operating system on the second processor is executed by cooperation between the hypervisor running on the first processor and a program running on the second processor in low privileged mode. This eliminates the need for running the hypervisor on the second processor in the high privileged mode, thus allowing for execution on the second processor in the high privileged mode of a program for implementing the security function.

Подробнее
Номер записи: 55
03-01-2013 дата публикации

Mobile terminal and display controlling method therein

Номер: US20130002725A1
Автор: Dongwoo Kim, Hyehyun Kim, Hyekyung Park, Hyunah Cho
Принадлежит: LG ELECTRONICS INC

A mobile terminal including a communication unit configured to communicate with at least one external terminal; a memory configured to store at least first and second operating systems including at least first and second modes, respectively; and a controller configured to activate the first mode using the first operating system, to display, in a first display region of a display unit of the mobile terminal, the activated first mode, and to display in a second display region of the display unit, at least one second indicator that when selected, activates a second corresponding application in the second mode.

Подробнее
Номер записи: 56
03-01-2013 дата публикации

Memory device

Номер: US20130007393A1
Автор: Daisuke Taki
Принадлежит: Individual

According to one embodiment, a memory device includes a semiconductor memory, a memory controller which controls the semiconductor memory according to a request from outside the device, a radio section for wireless communication, and a controller. The controller manages storing data in the device according to a procedure for protecting copyright, obtains the latest version of a parameter for protecting copyright which can be updated from outside the device via the radio section, includes a comparator which compares the parameter stored in the device with the latest version of the parameter, and includes an update manager which updates the stored parameter to the latest version of the parameter when they are different.

Подробнее
Номер записи: 57
03-01-2013 дата публикации

Systems and methods for identifying consumer electronic products based on a product identifier

Номер: US20130007443A1
Автор: Eric William Grab, Evan Wallin, Francis Chan, Kourosh Soroushian, Tung Lin
Принадлежит: Rovi LLC

Systems and methods for identifying consumer electronic products using a playback device with a product identifier in accordance with embodiments of the invention are disclosed. One embodiment includes a processor, and memory configured to store a product identifier, where the product identifier is associated with a specific product and is associated with cryptographic information, and user account data, where the user account data is associated with a user account. In addition, the processor is configured by an application to receive a request for registration from a playback device, receive a product identifier from the playback device, retrieve cryptographic information using the playback device, and send user account data to the playback device encrypted using at least the cryptographic information associated with the product identifier.

Подробнее
Номер записи: 58
10-01-2013 дата публикации

Multi-core processor for hand-held, image capture device

Номер: US20130010127A1
Автор: Kia Silverbrook
Принадлежит: Google LLC, Silverbrook Pty Ltd

A multi-core processor for installation in a hand-held device that has first and second image sensors. The multi-core processor has a first sensor interface for receiving data from the first image sensor, and a second sensor interface for receiving data from the second image sensor. Multiple processing units in the multi-core processor are configured to operate in parallel for processing data from the first and second sensor interfaces. The multiple processing units and the first and second sensor interfaces are all integrated onto a single chip.

Подробнее
Номер записи: 59
10-01-2013 дата публикации

Portable imaging device with multi-core processor

Номер: US20130010148A1
Автор: Kia Silverbrook
Принадлежит: Google LLC

A portable imaging device that has a CMOS image sensor, a color display for displaying an image sensed by the CMOS image sensor and a central processor. The central processor has an image sensor interface for receiving data from the CMOS image sensor, multiple processing units for parallel operation to simultaneously process the data, and an image display interface for sending processed data to the color display. The central processor is integrated onto a single chip.

Подробнее
Номер записи: 60
10-01-2013 дата публикации

Bios flash attack protection and notification

Номер: US20130013905A1
Автор: James P. Held, Scott H. Robinson, Vincent J. Zimmer
Принадлежит: Intel Corp

A system and method for BIOS flash attack protection and notification. A processor initialization module, including initialization firmware verification module may be configured to execute first in response to a power on and/or reset and to verify initialization firmware stored in non-volatile memory in a processor package. The initialization firmware is configured to verify the BIOS. If the verification of the initialization firmware and/or the BIOS fails, the system is configured to select at least one of a plurality of responses including, but not limited to, preventing the BIOS from executing, initiating recovery, reporting the verification failure, halting, shutting down and/or allowing the BIOS to execute and an operating system (OS) to boot in a limited functionality mode.

Подробнее
Номер записи: 61
17-01-2013 дата публикации

Countermeasure method and device for protecting data circulating in an electronic microcircuit

Номер: US20130015900A1
Автор: Fabrice Marinet, Mathieu Lisart
Принадлежит: STMICROELECTRONICS ROUSSET SAS

The disclosure relates to a countermeasure method in an electronic microcircuit, comprising successive process phases executed by a circuit of the microcircuit, and adjusting a power supply voltage between power supply and ground terminals of the circuit, as a function of a random value generated for the process phase, at each process phase executed by the circuit.

Подробнее
Номер записи: 62
17-01-2013 дата публикации

Hand-held quad core processing apparatus

Номер: US20130016227A1
Автор: Kia Silverbrook
Принадлежит: Google LLC

A hand-held apparatus is provided having a digital camera, a display, a miniature keyboard, a network interface, and four interconnected processing units arranged to jointly run programs for the operation of the digital camera, display, miniature keyboard, and network interface.

Подробнее
Номер записи: 63
17-01-2013 дата публикации

Handheld imaging device with image processor provided with multiple parallel processing units

Номер: US20130016232A1
Автор: Kia Silverbrook
Принадлежит: Google LLC

A handheld imaging device includes an image sensor for sensing an image; a micro-controller integrating therein a dedicated image processor for processing the sensed image, a bus interface, and an image sensor interface; and a plurality of processing units connected in parallel by a crossbar switch, the plurality of processing units provided within the micro-controller to form a multi-core processing unit for the processor. The image sensor interface provides communication between the micro-controller and the image sensor. The bus interface provides communication between the micro-controller and devices external to the micro-controller other than the image sensor.

Подробнее
Номер записи: 64
17-01-2013 дата публикации

Handheld imaging device with multi-core image processor integrating image sensor interface

Номер: US20130016236A1
Автор: Kia Silverbrook
Принадлежит: Google LLC

A handheld imaging device includes an image sensor for sensing an image; a processor for processing the sensed image; a multi-core processing unit provided in the processor, the multi-core processing unit having a plurality of processing units connected in parallel by a crossbar switch; and an image sensor interface for converting signals from the image sensor to a format readable by the multi-core processing unit, the image sensor interface sharing a wafer substrate with the processor. A transfer of data from the image sensor interface to the plurality of processing units is conducted entirely on the shared wafer substrate.

Подробнее
Номер записи: 65
17-01-2013 дата публикации

Handheld imaging device with vliw image processor

Номер: US20130016266A1
Автор: Kia Silverbrook
Принадлежит: Google LLC

A handheld imaging device includes an image sensor for sensing an image: a Very Long Instruction Word (VLIW) processor for processing the sensed image; a plurality of processing units provided in the VLIW processor, the plurality of processing units connected in parallel by a crossbar switch to form a multi-core processing unit for the VLIW processor; and an image sensor interface for receiving signals from the image sensor and converting the signals to a format readable by the VLIW processor, the image sensor interface sharing a wafer substrate with the VLIW processor. A transfer of data from the image sensor interface to the VLIW processor is conducted entirely on the shared wafer substrate.

Подробнее
Номер записи: 66
17-01-2013 дата публикации

Secure data recorder

Номер: US20130019111A1
Автор: Thomas Martin
Принадлежит: British Telecommunications plc

A method and apparatus for securely encrypting data is disclosed. Conventional protections against the loss or theft of sensitive data such as full disk encryption are not effective if the device is, or has recently been, running when captured or found because the keys used for full disk encryption will still be in memory and can be used to decrypt the data stored on the disk. Some devices, such as devices which gather sensitive data in use, must run in environments in which they might be captured by a person seeking access to the sensitive data already recorded by the device. An encryption method is proposed in which files on a recorder's persistent memory are initialised with pseudo-random masking data whilst the recorder is in a relatively secure environment. One or more parameters which can be used to re-create the pseudo-random masking data are encrypted with a public key using a public-key encryption algorithm and stored on the recorder. The device's memory is then purged to remove the one or more parameters. Later, when miming in a relatively insecure environment, the sensitive data is encrypted ( 414 ) using a symmetric encryption algorithm, and combined ( 418 ) with the masking data previously stored in the storage file. When the encrypted files are transferred to a reader device with access to the corresponding private key, the masking data can be recreated, the symmetric encryption reversed and the sensitive data recovered. However, an adversary without the private key cannot recreate the masking data, and is thus unable to recover the sensitive data even with the symmetric encryption key which he might successfully extract from the recorder's volatile memory.

Подробнее
Номер записи: 67
17-01-2013 дата публикации

Method and system for controlling access to embedded nonvolatile memories

Номер: US20130019305A1
Автор: Alan Berenbaum, Richard Wahler
Принадлежит: Standard Microsystems LLC

A system to control access to a nonvolatile memory. The system includes an embedded controller, and a nonvolatile memory including a password. The embedded controller and the nonvolatile memory may be in communication with one another. The system further includes a lock register receiving and storing the password from the nonvolatile memory, and a key register receiving a key from the embedded controller and holding the key for one machine cycle. Further, the system includes a comparator connected between the lock register and the key register. The comparator compares the password received from the lock register and the key received from the key register. Output from the comparator is provided to an access filter connected between the embedded controller and the nonvolatile memory. Based on the comparator output, the access filter may grant or block access to the nonvolatile memory.

Подробнее
Номер записи: 68
24-01-2013 дата публикации

Camera system with color display and processor for reed-solomon decoding

Номер: US20130021443A1
Автор: Kia Silverbrook
Принадлежит: Google LLC

A camera system including: a substrate having a coding pattern printed thereon and a handheld digital camera device. The camera device includes: a digital camera unit having a first image sensor for capturing images and a color display for displaying captured images to a user; an integral processor configured for: controlling operation of the first image sensor and color display; decoding an imaged coding pattern printed on a substrate, the printed coding pattern employing Reed-Solomon encoding; and performing an action in the handheld digital camera device based on the decoded coding pattern. The decoding includes the steps of: detecting target structures defining the extent of the data area; determining the data area using the detected target structures; and Reed-Solomon decoding the coding pattern contained in the determined data area.

Подробнее
Номер записи: 69
24-01-2013 дата публикации

Storage device in a locked state

Номер: US20130024638A1
Автор: Christoph J Graham, Leonard E Russo, Valiuddin Y Ali, Walter A Gaspard
Принадлежит: Hewlett Packard Development Co LP

A method for managing a storage device including identifying a lock timing for the storage device when coupling to a device, transitioning the storage device into a locked state in response to detecting the storage device decoupling from the device, and configuring the storage device to remain in the locked state if the storage device is re-coupled to the device after the lock timing has elapsed.

Подробнее
Номер записи: 70
31-01-2013 дата публикации

Method and apparatus for protecting software of mobile terminal

Номер: US20130031375A1
Автор: Hua Lin
Принадлежит: ZTE Corp

A method for protecting software of a mobile terminal is provided in the disclosure, wherein an encryption chip is mounted in the mobile terminal. The method includes: when the mobile terminal is turned on, whether or not the encryption chip is invalid is detected; when it is not invalid, the encryption chip authenticates the software of the mobile terminal through interaction with a main chip; when the authentication is not passed, the encryption chip controls a functional module of the mobile terminal through a hardware protection circuit. An apparatus for protecting software of a mobile terminal is also provided in the present disclosure. The solution of the disclosure can prevent the software of the mobile terminal from being cracked and protect the functions of the mobile terminal from illegal usage, thus the security of the mobile terminal is greatly improved and the interests of operators and manufacturers are protected.

Подробнее
Номер записи: 71
31-01-2013 дата публикации

Collecting Debug Data in a Secure Chip Implementation

Номер: US20130031419A1
Автор: Frank Haverkamp, Heiko Michel, Joerg-Stephan Vogt
Принадлежит: International Business Machines Corp

Mechanisms, in a processor chip, are provided for obtaining debug data from on-chip logic of the processor chip while the processor chip is in a secure mode of operation. The processor chip is placed into a secure mode of operation in which access to internal logic of the processor chip to control the internal logic of the processor chip, by mechanisms external to the processor chip, is disabled on a debug interface of the processor chip. A triggering condition of the processor chip is detected that is a trigger for initiated debug data collection from the on-chip logic. Debug data collection is performed from the on-chip logic to generate debug data. Data is output, by the processor chip to an external mechanism, on the debug interface based on the debug data.

Подробнее
Номер записи: 72
21-02-2013 дата публикации

Authentication processing method and apparatus

Номер: US20130047209A1
Автор: Akashi Satoh, Toshihiro Katashita
Принадлежит: National Institute of Advanced Industrial Science and Technology AIST

A physical unclonable function (PUF) device, and a PUF reader which extracts PUF parameters required to calculate a response output from a challenge input by analyzing an operation of the PUF device. Operation parameters characterizing an operation state are obtained by observing a power waveform, an electromagnetic waveform, or a processing time of the PUF device at that time. Authentication of the PUF device is based on the extracted parameters. The PUF reader executes authenticity determination as to whether or not the PUF device is a valid PUF device by monitoring an operation of the PUF device during response generation based on the operation parameters.

Подробнее
Номер записи: 73
07-03-2013 дата публикации

Method and apparatus for providing a structured and partially regenerable identifier

Номер: US20130061036A1
Автор: Ian Justin Oliver
Принадлежит: Nokia Oyj

An approach is provided for generating a structured and partially regenerable identifier. An identification generation platform receives a request to generate at least one regenerable that includes, at least in part, a plurality of fields. The identification generation platform determines to separately hash and/or encrypt the respective ones of the plurality of fields. A generation of the at least one identifier is caused, based at least in part, on the hashed and/or encrypted respective ones of the plurality of fields.

Подробнее
Номер записи: 74
07-03-2013 дата публикации

Protecting application programs from malicious software or malware

Номер: US20130061058A1
Автор: Dimitrios Pendarakis, Richard Harold Boivie
Принадлежит: International Business Machines Corp

An apparatus includes a memory to store a secure object comprising at least one of code and data that is encrypted when stored in the memory and a central processing unit (CPU) that is capable of executing an EnterSecureMode (esm) instruction that enables the decryption of the secure object's information when the secure object information is retrieved from the memory into the CPU. The CPU further comprises a feature to protect the secure object from code received from other software.

Подробнее
Номер записи: 75
07-03-2013 дата публикации

Systems and Methods for Controlling the Use of Processing Algorithms, and Applications Thereof

Номер: US20130061060A1
Автор: Radhika Thekkath
Принадлежит: MIPS Technologies Inc

Embodiments provide systems and methods for controlling the use of processing algorithms, and applications thereof. In an embodiment, authorization to use an algorithm is validated in a system having a processor capable of executing user defined instructions, by executing a user defined instruction that writes a first value to a first storage of a user defined instruction block, uses the first value to transform a second value located in a second storage of the user defined instruction block, and compares the transformed second value to a third value located in a third storage. Use of the algorithm is permitted only if the comparison of the transformed second value to the third value indicates that use of the algorithm is authorized. In another embodiment, authorization to use an at least partially decrypted algorithm is validated via a key for enablement.

Подробнее
Номер записи: 76
14-03-2013 дата публикации

Communication device, communication system

Номер: US20130065635A1
Автор: Masahiro Ishii, Takeshi Nakayama
Принадлежит: Panasonic Corp

A detection signal transmitting unit 123 of a first component 110 transmits a plurality of detection signals having different frequency spectrums to a second component 210 . Upon receiving the detection signals, a detection signal returning unit 233 of the second component 210 returns, as return signals, respective signal waveforms of the received detection signals to the first component 110 . A detection signal judging unit 126 of the first component 110 judges authenticity of the received return signals based on the transmitted detection signals. When the judging unit judges that the received return signals are not authentic, a tamper-resistance control unit 127 adds a restriction to the communication performed between the first component 110 and the second component 210.

Подробнее
Номер записи: 77
18-04-2013 дата публикации

System and method to enhance memory protection for programs in a virtual machine environment

Номер: US20130097359A1
Автор: Pratap Subrahmanyam, Xiaoxin Chen
Принадлежит: VMware LLC

In a computer system supporting execution of virtualization software and at least one instance of virtual system hardware, an interface is provided into the virtualization software to allow a program to directly define the access characteristics of its program data stored in physical memory. The technique includes providing data identifying memory pages and their access characteristics to the virtualization software which then derives the memory access characteristics from the specified data. Optionally, the program may also specify a pre-defined function to be performed upon the occurrence of a fault associated with access to an identified memory page. In this manner, programs operating both internal and external to the virtualization software can protect his memory pages, without intermediation by the operating system software.

Подробнее
Номер записи: 78
02-05-2013 дата публикации

Portable electronic device, associated apparatus and methods

Номер: US20130111345A1
Автор: Duncan Burns, Jacob ZUKERMAN, John-Rhys Newman, Julian BLEECKER, Marco Paglia, Pascal Wever, Timothy Ong
Принадлежит: Nokia Oyj

A portable electronic device with first and second modes, the first mode, associated with allowing for the availability of one or more of a first level of power consumption and processor activity for the portable electronic device, and allowing general unlocked user interaction with the user interface of the portable electronic device; the second mode, associated with allowing for the availability of one or more of a second level of power consumption or processor activity, and allowing locked user interaction with the user interface; and the locked user interaction allowing for the provision of one or more specific limited user inputs using the user interface, to directly interact with associated second mode output provided using the user interface in the second mode, the one or more specific limited user inputs not being associated with general unlocking of portable electronic device to enter the first mode of operation.

Подробнее
Номер записи: 79
02-05-2013 дата публикации

Information processing apparatus and information processing method

Номер: US20130111605A1
Автор: Hideki Matsushima, Manabu Maeda, Teruto Hirota
Принадлежит: Panasonic Corp

An information processing apparatus that processes data to be protected is provided. The information processing apparatus includes a first storage unit, a second storage unit, and a cache control unit configured to cache data stored in the first storage unit into the second storage unit. The cache control unit is configured to lock a cache region in the second storage unit to thereby prevent cache data of the stored data from being written back into the first storage unit, the cache data being obtainable from the cache region in the second storage unit in which the stored data is cached, and write the data to be protected different from the stored data into the cache region in the second storage unit, after the cache region in the second storage unit is locked.

Подробнее
Номер записи: 80
09-05-2013 дата публикации

SECURITY METHOD, ASSOCIATED CHIP CARD, MODULE AND TERMINAL

Номер: US20130117562A1
Автор: LEHOUX RENAUD
Принадлежит: ERCOM

A security method in a terminal comprising a chip card offering secure functions, a user interface, a module for interfacing with the chip card and suitable for shutting down or introducing the electrical supply to the chip card. After shutdown of the chip card with the terming being kept on, the interface module introduces the electrical supply to the chip card, encrypts a command for resumption of utilization of the secure functions with a negotiated key stored by the interfacing module, and dispatches the encrypted command to the chip card. The interface module utilizes the secure functions of the chip card when the resumption command decrypted by the chip card is recognized as a resumption command by the chip card. 110-. (canceled)11. A security method in a terminal comprising a chip card offering secure functions , a user interface , an interface module for interface with the chip card and operable for at least shutting down or introduction of an electrical supply to the chip card , the method comprising the steps of:receiving a code through the user interface of the terminal;receiving the code by the chip card from the interface module;verifying by the chip card that the code is equal to an access code and utilizing by the interface module the secured functions offered by the chip card on verification of the code;{'sub': encryption1', 'signature1, 'negotiating between the interface module and the chip card of at least one key (K, K);'}storing said at least one negotiated key by the interface module and by the chip card;shutting down and introducing the electrical supply to the chip card by the interface module with the terminal kept switched on;encrypting a command for resuming the utilization of the secure functions by the interface module with said at least one negotiated key stored in the interface module;receiving said encrypted command by the chip card from the interface module;decrypting said encrypted command by the chip card using said at least one ...

Подробнее
Номер записи: 81
16-05-2013 дата публикации

SECURE SYSTEM-ON-CHIP

Номер: US20130124874A1
Автор: KUDELSKI ANDRE
Принадлежит: Nagravision S.A.

A secure system-on-chip for processing data, the system-on-chip comprising at least a central processing unit (CPU), an input and an output channel, an encryption/decryption engine and a memory, wherein, said input channel comprises an input encryption module to encrypt all incoming data, said output channel comprising an output decryption module to decrypt all outgoing data, said CPU receiving the encrypted data from the input encryption module and storing them in the memory, and while processing the stored data, said CPU reading the stored data from the memory, requesting decryption of same in the encryption/decryption engine, processing the data and requesting encryption of the result by the encryption/decryption engine and storing the encrypted result, outputting the result to the output decryption module for decryption purpose and exiting the decrypted result via the output channel. 1. A secure system-on-chip for processing data , the system-on-chip comprising:at least a central processing unit (CPU);an input channel connected to the CPU, the input channel including an input encryption module;an output channel connected to the CPU, the output channel including an output decryption module;a CPU encryption module connected to the CPU;a CPU decryption module connected to the CPU;at least one key register connected to the input encryption module and the output decryption module; anda memory connected to the CPU;wherein said input encryption module is configured to add an internal encryption layer to all incoming data, said output decryption module is configured to remove the internal encryption layer on all outgoing data, and said central processing unit is configured to perform the steps ofreceiving encrypted data from the input encryption module;storing the encrypted data in the memory;when processing the stored data, reading the stored data from the memory, requesting the removal of the internal encryption layer by the CPU decryption module, processing the data ...

Подробнее
Номер записи: 82
16-05-2013 дата публикации

Asics having programmable bypass of design faults

Номер: US20130124933A1
Автор: James T. Koo
Принадлежит: SHEYU GROUP LLC

A relatively small amount of programmable logic may be included in a mostly ASIC device such that the programmable logic can be used as a substitute for a fault-infected ASIC block. This substitution may occur permanently or temporarily. When an ASIC block is temporarily substituted, faulty outputs of the ASIC block are disabled just at the time they would otherwise propagate an error. The operations of the temporarily deactivated ASIC block(s) may be substituted for by appropriately programmed programmable logic. Thus, a fault-infected ASIC block that operates improperly 1% of the time can continue to be gainfully used for the 99% of the time when its operations are fault free. This substitution can be activated in various stages of the ASIC block's life including after: initial design; pilot production; and mass production. This provides for cost saving and faster time-to-market, repair, and maintenance even years after installation and use.

Подробнее
Номер записи: 83
16-05-2013 дата публикации

Mobile Device Peripherals Management System and Multi-Data Stream Technology (MdS)

Номер: US20130125251A1
Автор: Johnson Christopher Bernard
Принадлежит:

A device and system for management of and access to externally connected peripheral devices by mobile devices. User and/or application data on a mobile device is sent to externally connected peripheral devices. External peripheral devices includes, but are not limited to, printers, scanners, displays, audio interfaces, speakers, network adapters, storage drives, hard drives, and the like. An end user mobile device application interface is installed as an application on a mobile device. Data may be sent directly to a peripheral device, or to a peripherals aggregation device, which may be active or passive. 1. A non-transitory computer-readable storage medium with an executable program stored thereon , wherein the program instructs a processor or microprocessor to perform the following steps:receiving a request from a mobile computing device to access a peripheral computing device;authenticating the mobile computing device;upon authenticating the mobile computing device, forwarding the request from the mobile computing device to the peripheral computing device.2. The program of claim 1 , wherein the mobile computing device is a smart phone or tablet computer.3. A mobile computing device with a processor or microprocessor claim 1 , wherein the processor or microprocessor is programmed to:receive a request from an application on the mobile computing device to access a non-networked physical peripheral device;identifying the driver or drivers necessary for operation of the peripheral device; andsending the request to a peripherals aggregation device for subsequent processing and forwarding to the peripherals device.4. The device of claim 3 , wherein the peripherals aggregation device is active.5. The device of claim 3 , wherein the peripherals aggregation device is passive.6. The device of claim 3 , wherein the processor or microprocessor is further programmed to provide authentication data for the mobile computer device. This application claims benefit of and priority ...

Подробнее
Номер записи: 84
23-05-2013 дата публикации

Apparatus and method for hardware-based secure data processing using buffer memory address range rules

Номер: US20130132735A1
Автор: Jayanth Mandayam, Ron Keidar, Sudeep Ravi Kottilingal
Принадлежит: Qualcomm Inc

Disclosed is a processor for processing data from a buffer memory. The processor, implemented in hardware, may allow writing of output data, processed based on input data from at least one secure location associated with a secure address range of the buffer memory, to one or more secure locations associated with the secure address range. Further, the processor may block writing of output data, processed based on input data from at least one secure location associated with the secure address range, to one or more insecure locations associated with an insecure address range of the buffer memory.

Подробнее
Номер записи: 85
30-05-2013 дата публикации

Resource-Type Weighting of Use Rights

Номер: US20130139272A1
Автор: BLANDING William H.
Принадлежит: Hewlett-Packard Development Company, L.P.

Resource-type weighting is used in evaluating the use-rights associated with hardware resources. 1. Computer-readable media comprising:a weightings table for assigning use-right weightings to hardware types so that some hardware types are assigned greater weights than other hardware types.2. Computer-readable media as recited in further comprising means for assigning costs to temporary hardware activations as a function of said weightings.3. Computer-readable media as recited in further comprising a workload manager for reallocating hardware resources to workloads so that a quantity of hardware resources assigned to said workloads changes proportionally more than the quantity of use rights assigned to said workloads.4. Computer-readable media as recited in wherein said workload manager reallocates said hardware resources without changing the quantity of said use rights.5. Computer-readable media as recited in wherein said workload manager changes the quantity of use rights when reallocating said hardware resources.6. Computer-readable media as recited in wherein said workload manager changes the quantity of use rights when reallocating said hardware processors by an amount less than least amount of use rights associated with a single processor.7. Computer-readable media as recited in wherein said workload manager managers hardware resources on separate first and second standalone computer systems.8. Computer-readable media as recited in wherein processors on said first computer system have a different nominal performance than the processors on said second standalone computer system.9. A method comprising assigning use-rights weightings to hardware resources in a computing system.10. A method as recited in further comprising assigning a cost to a temporary activation of hardware at least in part as a function of said weightings.11. A method as recited in further comprising reallocating hardware resources to workloads while transferring user rights from a first ...

Подробнее
Номер записи: 86
06-06-2013 дата публикации

CIRCUIT PERSONALIZATION

Номер: US20130145176A1
Автор: Dellow Andrew
Принадлежит: STMICROELECTRONICS R&D LIMITED

A method distributes personalized circuits to one or more parties. The method distributes a generic circuit to each party, encrypts a unique personalization value using a secret encryption key, and transmits each encrypted personalization value to the corresponding party. Each party then stores the encrypted personalization value in their circuit. The stored encrypted personalization value allows a piece of software to be properly executed by the circuit. A semiconductor integrated circuit is arranged to execute a piece of software that inputs a personalization value as an input parameter. The circuit comprises a personalization memory arranged to store an encrypted personalization value; a key memory for storing a decryption key; a control unit comprising a cryptographic circuit arranged to decrypt the encrypted personalization value using the decryption key; and a processor arranged to receive the decrypted personalization value and execute the software using the decrypted personalization value. 1. A method , comprising:associating a first personalization value with a first plurality of generic circuits;associating a second personalization value with a second plurality of generic circuits;encrypting, using one or more configured processing devices, the first personalization value;encrypting, using the one or more configured processing devices, the second personalization value;initiating storage of the encrypted first personalization value in the first plurality of generic circuits; and retrieve an encrypted personalization value stored in the respective generic circuit;', 'decrypt the retrieved encrypted personalization value; and', 'use the decrypted personalization value to control execution of software., 'initiating storage of the encrypted second personalization value in the second plurality of generic circuits, wherein each of the first plurality of generic circuits and each of the second plurality of generic circuits is configured to2. The method of wherein ...

Подробнее
Номер записи: 87
06-06-2013 дата публикации

Integrated circuits as a service

Номер: US20130145431A1
Автор: Ezekiel Kruglick
Принадлежит: EMPIRE TECHNOLOGY DEVELOPMENT LLC

Technologies are generally described for provisioning and managing access to FPGAs as a service. In some examples, a system for allowing provisioning management for shared FPGA use and access control to enable a user's processes to access their custom programmed FPGA may accept user packages for compilation to an FPGA in communication with datacenter servers. The user packages may be imaged to the FPGA with an added management payload, and a driver and user key may be employed to allow selective access to the FPGA as a service for datacenter virtual machines. Together these elements allow a datacenter to provision rentable integrated circuits as a service (ICaaS). Additional services such as billing tracking, provision management, and access control may be provided to users allowing them to realize lower cost while the datacenter realizes greater return.

Подробнее
Номер записи: 88
06-06-2013 дата публикации

Multi Mode Operation Using User Interface Lock

Номер: US20130145453A1
Автор: Steven C. Lemke
Принадлежит: Hewlett Packard Development Co LP

A system and a method are disclosed for a computer implemented method to unlock a mobile computing device and access applications (including services) on a mobile computing device through a launcher. The configuration includes mapping one or more applications with a guest access code. The configuration receives, through a display screen of a mobile computing device, an access code, and determines whether the received access code corresponds with the guest access code. The configuration identifies the mapped applications corresponding to the guest access code and provides for display, on a screen of the mobile computing device, the identified applications.

Подробнее
Номер записи: 89
06-06-2013 дата публикации

METHOD FOR ACCESSING A SECURE STORAGE, SECURE STORAGE AND SYSTEM COMPRISING THE SECURE STORAGE

Номер: US20130145455A1
Автор: de Jong Hans, Meyn Hauke, Vijayshankar Roshan
Принадлежит: NXP B.V.

It is described a method for accessing a secure storage of a mobile device, the method comprising: providing a generic interface for accessing the secure storage; accessing the secure storage using the generic interface by a first application of the mobile device; accessing the secure storage using the generic interface by a second application of the mobile device. Further, a corresponding secure electronic storage and a system is described. 1. Method for accessing a secure storage of a mobile device , the method comprising:providing a generic interface for accessing the secure storage;accessing the secure storage using the generic interface by a first application of the mobile device;accessing the secure storage using the generic interface by a second application of the mobile device.2. Method according to claim 1 , wherein the generic interface is implemented as a generic software module claim 1 , in particular an applet claim 1 , stored within the secure storage.3. Method according to claim 2 , wherein the generic software module is stored in a read-only portion of the secure storage.4. Method according to claim 1 , wherein the first application is not stored in the secure storage claim 1 , wherein the second application is not stored in the secure storage.5. Method according to claim 2 , wherein the generic interface provides access functions comprising first access functions and second access functions for communicating with the secure storage claim 2 ,wherein the second access functions are invockable, by the first application, only after successfully invoking, by the first application, at least one of the first access functions,wherein the second access functions are invockable, by the second application, only after successfully invoking, by the second application, at least one of the first access functions.6. Method according to claim 5 , wherein the first access functions comprise at least one of:a registration function for generically registering the first ...

Подробнее
Номер записи: 90
13-06-2013 дата публикации

Portable electronic device

Номер: US20130150128A1
Автор: Hiroshi Tsunoda
Принадлежит: Kyocera Corp

A portable electronic device includes a display unit; an input detection unit that detects an input to the display unit, and a lock control unit that sets or releases a locked state for a part or all of functions of the portable electronic device when a predetermined input is detected by the input detection unit, wherein the predetermined input includes inputs, in which a preset screen operation is continuously performed by a predetermined number of times in an area of the display unit.

Подробнее
Номер записи: 91
13-06-2013 дата публикации

Encryption key transmission with power analyis attack resistance

Номер: US20130151842A1
Автор: Shu-Yi Yu
Принадлежит: Apple Inc

Methods and mechanisms for transmitting secure data. An apparatus includes a storage device configured to store data intended to be kept secure. Circuitry is configured to receive bits of the secure data from the storage device and invert the bits prior to transmission. The circuitry may invert the bits prior to conveyance if more than half of the bits are a binary one, set an inversion signal to indicate whether the one or more bits are inverted, and convey both the one or more bits and inversion signal. Embodiments also include a first source configured to transmit Q bits of the secure data on an interface on each of a plurality of clock cycles. The first source is also configured to generate one or more additional bits to be conveyed concurrent with the Q bits such that a number of binary ones transmitted each clock cycle is constant.

Подробнее
Номер записи: 92
13-06-2013 дата публикации

Securing microprocessors against information leakage and physical tampering

Номер: US20130151865A1
Автор: Csaba Andras Moritz, Kristopher Carver, Saurabh Chheda
Принадлежит: BlueRISC Inc

A processor system comprising: performing a compilation process on a computer program; encoding an instruction with a selected encoding; encoding the security mutation information in an instruction set architecture of a processor; and executing a compiled computer program in the processor using an added mutation instruction, wherein executing comprises executing a mutation instruction to enable decoding another instruction. A processor system with a random instruction encoding and randomized execution, providing effective defense against offline and runtime security attacks including software and hardware reverse engineering, invasive microprobing, fault injection, and high-order differential and electromagnetic power analysis.

Подробнее
Номер записи: 93
13-06-2013 дата публикации

Facilitating System Service Request Interactions for Hardware-Protected Applications

Номер: US20130152209A1
Автор: Andrew A. Baumann, Galen C. Hunt, Marcus Peinado
Принадлежит: Microsoft Corp

Described herein are implementations for providing a platform adaptation layer that enables applications to execute inside a user-mode hardware-protected isolation container while utilizing host platform resources that reside outside of the isolation container. The platform adaptation layer facilitates a system service request interaction between the application and the host platform. As part of the facilitating, a secure services component of the platform adaptation layer performs a security-relevant action.

Подробнее
Номер записи: 94
20-06-2013 дата публикации

METHOD AND APPARATUS TO PROVIDE SECURE APPLICATION EXECUTION

Номер: US20130159726A1
Автор: Altman Asher, Brickell Ernie, Cihula Joseph, Dewan Prashant, Durham David, Garney John, Goldsmith Michael A., Graunke Gary, Herbert Howard C., Jeyasingh Stalinselvaraj, Johnson Simon P., Li Jiang Tao, Lint Bernard, MCKEEN FRANCIS X., Neiger Gilbert, Rodgers Dion, Rozas Carlos V., Savagaonkar Uday R., Scarlata Vincent, Tolopka Stephen J., Van Doren Stephen R., Van Dyke Don A.
Принадлежит:

A technique to enable secure application and data integrity within a computer system. In one embodiment, one or more secure enclaves are established in which an application and data may be stored and executed. 1. A processor comprising:execution logic to perform at least a first instruction to move protected data between an enclave page cache (EPC) and a second storage area during execution of a program accessing the protected data, wherein the program is to run in a protected mode.2. The processor of claim 1 , wherein a security map (SMAP) is to help ensure the integrity of the program when the program is stored in a hard disk drive or protected memory.3. A processor comprising:execution logic to perform a first instruction to identify a software thread running in a secure enclave, wherein the first instruction is to inform a user's program of the identity of the software thread.4. A processor comprising:execution logic to perform at least a first instruction to dynamically access at least one information field to determine the integrity of data stored in the secure enclave, wherein the at least one information field includes a secure map (SMAP) field and a security information (SEC_INFO) field.5. A processor comprising:execution logic to perform a first instruction to report the state of a secure enclave stored in memory to either a local or remote agent.6. A processor comprising:a crypto memory aperture (CMA) to protect software program against attacks when the software program is executing; and a secure map (SMAP) to protect the software program when the software program is not executing.7. A processor comprising:execution logic to perform at least one secure enclave access instruction to allocate or de-allocate memory or software threads inside a secure enclave.8. A processor comprising:a hierarchical protection tree, SMAP, to enable multiple memory updates within a secure enclave in a single processor cycle.9. A processor comprising:execution logic to perform ...

Подробнее
Номер записи: 95
20-06-2013 дата публикации

SOFTWARE-BASED TRUSTED PLATFORM MODULE

Номер: US20130159729A1
Автор: Cox Jeremiah, Linsley David, Nystrom Magnus, Raj Himanshu, Robinson David, Saroiu Stefan, Spiger Rob, Thom Stefan, Wolman Alastair
Принадлежит: MICROSOFT CORPORATION

A “Firmware-Based TPM” or “fTPM” ensures that secure code execution is isolated to prevent a wide variety of potential security breaches. Unlike a conventional hardware based Trusted Platform Module (TPM), isolation is achieved without the use of dedicated security processor hardware or silicon. In general, the fTPM is first instantiated in a pre-OS boot environment by reading the fTPM from system firmware or firmware accessible memory or storage and placed into read-only protected memory of the device. Once instantiated, the fTPM enables execution isolation for ensuring secure code execution. More specifically, the fTPM is placed into protected read-only memory to enable the device to use hardware such as the ARM® architecture's TrustZone™ extensions and security primitives (or similar processor architectures), and thus the devices based on such architectures, to provide secure execution isolation within a “firmware-based TPM” without requiring hardware modifications to existing devices. 1. A method , comprising:instantiating, in a pre-boot environment of a computing device without a hardware trusted platform module, a software-based trusted platform module in protected memory of the computing device;passing a command, issued by a caller instantiated within non-protected memory of the computing device, to the software-based trusted platform module to perform an operation; andusing the software-based trusted platform module to interface with a security extension of a processor of the computing device to perform the operation in secure execution isolation.2. The method of wherein passing the command issued by the caller further comprises using a software-based monitor claim 1 , instantiated within the protected memory claim 1 , to intercept the command and pass corresponding instructions to the software-based trusted platform module.3. The method of wherein the software-based trusted platform module is accessible by one or more virtual machines running on the ...

Подробнее
Номер записи: 96
27-06-2013 дата публикации

Secure data in removable storage devices via encryption token(s)

Номер: US20130167228A1
Автор: Duncan S. Wong
Принадлежит: City University of Hong Kong CityU

Systems, methods, and devices that secure data on removable storage devices are presented. A token component can interface with a communication port on a host device. One or more removable storage devices can interface with one or more other communication ports on the host device. The token component includes a security component that, when interfaced with the host device, is employed to automatically and simultaneously enable access, encrypt data being stored in, and decrypt data being retrieved from the removable storage devices. When the token component is not interfaced with the host device, the removable storage devices are secured so that they cannot be accessed and data stored thereon cannot be retrieved and decrypted. A user optionally can utilize a password, which can be entered when the token component is interfaced with the host device, to facilitate controlling access to the removable storage devices and data encryption/decryption.

Подробнее
Номер записи: 97
04-07-2013 дата публикации

Providing Secure Execution of Mobile Device Workflows

Номер: US20130171967A1
Автор: Ayman S. Ashour, Joseph Tassone, Philip Libin
Принадлежит: Individual

Methods and apparatuses, including computer program products, are described for providing secure execution of mobile device workflows. A mobile device receives a request to launch a function on the mobile device. The mobile device displays a keypad associated with the launched function, the keypad having randomly-arranged alphanumeric characters. The mobile device receives entry of a passcode via the keypad and activates a short-range frequency interface on the mobile device upon validation of the entered passcode. The mobile device establishes a communication link with a second device using the short-range frequency interface, and executes a workflow based on data transmitted between the mobile device and the second device via the communication link.

Подробнее
Номер записи: 98
04-07-2013 дата публикации

Method and system for machine identification

Номер: US20130173789A1
Автор: Rammohan Varadarajan, Suril Rajul Desai, Venkata Babji Sama
Принадлежит: Computer Associates Think Inc

A method and system for identifying a machine used for an online session with an online provider includes executing a lightweight fingerprint code from a provider interface during an online session to collect and transmit machine and session information; generating and storing a machine signature or identity including a machine effective speed calibration (MESC) which may be used to identify the machine when the machine is used in a subsequent online session by a method of matching the machine signature and MESC to a database of machine identities, analyzing a history of the machine's online sessions to identify one or more response indicators, such as fraud indicators, and executing one or more responses to the response indicators, such as disabling a password or denying an online transaction, where the response and response indicator may be provider-designated.

Подробнее
Номер записи: 99
04-07-2013 дата публикации

Non-volatile storage device, access control program, and storage control method

Номер: US20130173851A1
Автор: Ryohei Yamaguchi, Toshio Tanaka
Принадлежит: Toshiba Corp

An access control program is executed by a specific electronic device first connected to the non-volatile storage device to associate with the specific electronic device to be given full access to the storage, executed by the specific electronic device to set the specific electronic device associated with the non-volatile storage device to a first mode permitting full access to the storage, executed by an arbitrary electronic device connected to the non-volatile storage device to judge whether the arbitrary electronic device is the specific electronic device associated with the non-volatile storage device by performing certification; and executed by the arbitrary electronic device connected to the non-volatile storage device to perform mode setting.

Подробнее
Номер записи: 100