Patents Assigned to Cupp Computing AS
-
Publication number: 20200045084Abstract: A computer performs dynamic address isolation. The computer comprises an application associated with an application address, a network interface coupled to receive incoming data packets from and transmit outgoing data packets to an external network, a network address translation engine configured to translate between the application address and a public address, and a driver for automatically forwarding the outgoing data packets to the network address translation engine to translate the application address to the public address, and for automatically forwarding the incoming data packets to the network address translation engine to translate the public address to the application address. The computer may communicate with a firewall configured to handle both network-level security and application-level security.Type: ApplicationFiled: October 14, 2019Publication date: February 6, 2020Applicant: CUPP Computing ASInventor: Shlomo Touboul
-
Publication number: 20200045061Abstract: Systems and methods for providing security services during a power management mode are disclosed. In some embodiments, a method comprises detecting with a mobile security system a wake event on a mobile device, providing from the mobile security system a wake signal, the providing being in response to the wake event to wake a mobile device from a power management mode, and managing with the mobile security system security services of the mobile device. Managing security services may comprise scanning a hard drive of the mobile devices for viruses and/or other malware. Managing security services may also comprise updating security applications or scanning the mobile device for unauthorized data.Type: ApplicationFiled: October 14, 2019Publication date: February 6, 2020Applicant: CUPP Computing ASInventors: Ami Oz, Shlomo Touboul
-
Publication number: 20200045060Abstract: Systems and methods for providing security services during a power management mode are disclosed. In some embodiments, a method comprises detecting with a mobile security system a wake event on a mobile device, providing from the mobile security system a wake signal, the providing being in response to the wake event to wake a mobile device from a power management mode, and managing with the mobile security system security services of the mobile device. Managing security services may comprise scanning a hard drive of the mobile devices for viruses and/or other malware. Managing security services may also comprise updating security applications or scanning the mobile device for unauthorized data.Type: ApplicationFiled: October 14, 2019Publication date: February 6, 2020Applicant: CUPP Computing ASInventors: Ami Oz, Shlomo Touboul
-
Publication number: 20200028860Abstract: A secure data exchange system comprising a security device including a first external device plug, and a security engine operative to enforce a security policy on data transfer requests received from the host; an external device including a second external device plug; and a host including a first external device port operative to communicatively couple with the first external device plug, a second external device port operative to communicatively couple with the second external device plug, and a driver, e.g., a redirect driver, operative to transfer a data transfer request to the security device before executing the data transfer request.Type: ApplicationFiled: September 17, 2019Publication date: January 23, 2020Applicant: CUPP Computing ASInventor: Shlomo Touboul
-
Publication number: 20200026853Abstract: A small piece of hardware connects to a mobile device and filters out attacks and malicious code. Using the piece of hardware, a mobile device can be protected by greater security and possibly by the same level of security offered by its associated corporation/enterprise. In one embodiment, a mobile security system includes a connection mechanism for connecting to a data port of a mobile device and for communicating with the mobile device; a network connection module for acting as a gateway to a network; a security policy for determining whether to forward content intended for the mobile device to the mobile device; and a security engine for executing the security policy.Type: ApplicationFiled: September 17, 2019Publication date: January 23, 2020Applicant: CUPP Computing ASInventor: Shlomo Touboul
-
Patent number: 10541969Abstract: Systems and methods for implementing content, streaming, and network security inside a chip or inside a computing device are disclosed. In exemplary embodiments, a system comprises a communication chip and a second processor. The communication chip comprises a router and security instructions. The router is configured to intercept untrusted data between a network, and a first router. The second processor is configured to receive the untrusted data from the router, process the untrusted data with the security instructions to produce trusted data, and provide the trusted data to the router.Type: GrantFiled: October 21, 2014Date of Patent: January 21, 2020Assignee: CUPP Computing ASInventor: Shlomo Touboul
-
Publication number: 20200012769Abstract: In various embodiments, a method comprises detecting a removable media device coupled to a digital device, authenticating a password to access the removable media device, injecting redirection code into the digital device, intercepting, with the redirection code, a request for data, determining to allow the request for data based on a security policy, and providing the data based on the determination. The method may further comprise selecting the security policy from a plurality of security policies based, at least in part, on the password and/or filtering the content of the requested data. Filtering the content may comprise scanning the data for malware. Filtering the content may also comprise scanning the data for confidential information.Type: ApplicationFiled: September 17, 2019Publication date: January 9, 2020Applicant: CUPP Computing ASInventors: Shlomo Touboul, Sela Ferdman, Yonathan Yusim
-
Publication number: 20190379667Abstract: Outbound traffic of a host application may be received from a host device having a host processor. The secure resource may be configured to provide a secure transaction based on the outbound network traffic. Using a second processor different than the host processor, it may be determined whether the host application is authorized to provide the outbound network traffic to the secure resource. The outbound network traffic may be allowed to be forwarded to the secure resource if the host application is authorized. The outbound network traffic may be disallowed to be forwarded to the secure resource if the host application is not authorized.Type: ApplicationFiled: August 26, 2019Publication date: December 12, 2019Applicant: CUPP Computing ASInventor: Shlomo Touboul
-
Patent number: 10505896Abstract: Systems and methods for implementing content, streaming, and network security inside a chip or inside a computing device are disclosed. In exemplary embodiments, a system comprises a communication chip and a second processor. The communication chip comprises a router and security instructions. The router is configured to intercept untrusted data between a network, and a first router. The second processor is configured to receive the untrusted data from the router, process the untrusted data with the security instructions to produce trusted data, and provide the trusted data to the router.Type: GrantFiled: October 21, 2014Date of Patent: December 10, 2019Assignee: CUPP Computing ASInventor: Shlomo Touboul
-
Patent number: 10496834Abstract: A computer system with multiple security levels, the system comprising a high-power processing device (130), a low-power processing device (110), and an interface unit (120) comprising functions for moving classified information between the high-power device (130) and the low-power device (110) according to formal rules for confidentiality and/or integrity. Additional security aspects, e.g. availability, may readily be accommodated. A method for implementing multiple levels of security along a number of independent security axes on the system is also disclosed.Type: GrantFiled: December 21, 2018Date of Patent: December 3, 2019Assignee: CUPP Computing ASInventor: Omar Nathaniel Ely
-
Patent number: 10417400Abstract: In various embodiments, a method comprises detecting a removable media device coupled to a digital device, authenticating a password to access the removable media device, injecting redirection code into the digital device, intercepting, with the redirection code, a request for data, determining to allow the request for data based on a security policy, and providing the data based on the determination. The method may further comprise selecting the security policy from a plurality of security policies based, at least in part, on the password and/or filtering the content of the requested data. Filtering the content may comprise scanning the data for malware. Filtering the content may also comprise scanning the data for confidential information.Type: GrantFiled: July 21, 2014Date of Patent: September 17, 2019Assignee: CUPP Computing ASInventors: Shlomo Touboul, Sela Ferdman, Yonathan Yusim
-
Patent number: 10417421Abstract: A small piece of hardware connects to a mobile device and filters out attacks and malicious code. Using the piece of hardware, a mobile device can be protected by greater security and possibly by the same level of security offered by its associated corporation/enterprise. In one embodiment, a mobile security system includes a connection mechanism for connecting to a data port of a mobile device and for communicating with the mobile device; a network connection module for acting as a gateway to a network; a security policy for determining whether to forward content intended for the mobile device to the mobile device; and a security engine for executing the security policy.Type: GrantFiled: September 27, 2018Date of Patent: September 17, 2019Assignee: CUPP Computing ASInventor: Shlomo Touboul
-
Patent number: 10419459Abstract: A secure data exchange system comprising a security device including a first external device plug, and a security engine operative to enforce a security policy on data transfer requests received from the host; an external device including a second external device plug; and a host including a first external device port operative to communicatively couple with the first external device plug, a second external device port operative to communicatively couple with the second external device plug, and a driver, e.g., a redirect driver, operative to transfer a data transfer request to the security device before executing the data transfer request.Type: GrantFiled: June 28, 2017Date of Patent: September 17, 2019Assignee: CUPP Computing ASInventor: Shlomo Touboul
-
Publication number: 20190278925Abstract: A computer system with multiple security levels, the system comprising a high-power processing device (130), a low-power processing device (110), and an interface unit (120) comprising functions for moving classified information between the high-power device (130) and the low-power device (110) according to formal rules for confidentiality and/or integrity. Additional security aspects, e.g. availability, may readily be accommodated. A method for implementing multiple levels of security along a number of independent security axes on the system is also disclosed.Type: ApplicationFiled: December 21, 2018Publication date: September 12, 2019Applicant: CUPP Computing ASInventor: Omar Nathaniel Ely
-
Patent number: 10404722Abstract: Systems and methods for providing security services during a power management mode are disclosed. In some embodiments, a method comprises detecting with a mobile security system a wake event on a mobile device, providing from the mobile security system a wake signal, the providing being in response to the wake event to wake a mobile device from a power management mode, and managing with the mobile security system security services of the mobile device. Managing security services may comprise scanning a hard drive of the mobile devices for viruses and/or other malware. Managing security services may also comprise updating security applications or scanning the mobile device for unauthorized data.Type: GrantFiled: June 28, 2018Date of Patent: September 3, 2019Assignee: CUPP Computing ASInventors: Ami Oz, Shlomo Touboul
-
Patent number: 10404660Abstract: Systems and methods for implementing content, streaming, and network security inside a chip or inside a computing device are disclosed. In exemplary embodiments, a system comprises a communication chip and a second processor. The communication chip comprises a router and security instructions. The router is configured to intercept untrusted data between a network, and a first router. The second processor is configured to receive the untrusted data from the router, process the untrusted data with the security instructions to produce trusted data, and provide the trusted data to the router.Type: GrantFiled: October 21, 2014Date of Patent: September 3, 2019Assignee: CUPP Computing ASInventor: Shlomo Touboul
-
Patent number: 10397227Abstract: Outbound traffic of a host application may be received from a host device having a host processor. The secure resource may be configured to provide a secure transaction based on the outbound network traffic. Using a second processor different than the host processor, it may be determined whether the host application is authorized to provide the outbound network traffic to the secure resource. The outbound network traffic may be allowed to be forwarded to the secure resource if the host application is authorized. The outbound network traffic may be disallowed to be forwarded to the secure resource if the host application is not authorized.Type: GrantFiled: March 16, 2018Date of Patent: August 27, 2019Assignee: CUPP Computing ASInventor: Shlomo Touboul
-
Publication number: 20190260806Abstract: A computer performs dynamic address isolation. The computer comprises an application associated with an application address, a network interface coupled to receive incoming data packets from and transmit outgoing data packets to an external network, a network address translation engine configured to translate between the application address and a public address, and a driver for automatically forwarding the outgoing data packets to the network address translation engine to translate the application address to the public address, and for automatically forwarding the incoming data packets to the network address translation engine to translate the public address to the application address. The computer may communicate with a firewall configured to handle both network-level security and application-level security.Type: ApplicationFiled: May 6, 2019Publication date: August 22, 2019Applicant: CUPP Computing ASInventor: Shlomo Touboul
-
Publication number: 20190260767Abstract: Systems and methods for providing security services during a power management mode are disclosed. In some embodiments, a method comprises detecting with a mobile security system a wake event on a mobile device, providing from the mobile security system a wake signal, the providing being in response to the wake event to wake a mobile device from a power management mode, and managing with the mobile security system security services of the mobile device. Managing security services may comprise scanning a hard drive of the mobile devices for viruses and/or other malware. Managing security services may also comprise updating security applications or scanning the mobile device for unauthorized data.Type: ApplicationFiled: May 6, 2019Publication date: August 22, 2019Applicant: CUPP Computing ASInventors: Ami Oz, Shlomo Touboul
-
Publication number: 20190245829Abstract: Systems and methods for implementing content, streaming, and network security inside a chip or inside a computing device are disclosed. In exemplary embodiments, a system comprises a communication chip and a second processor. The communication chip comprises a router and security instructions. The router is configured to intercept untrusted data between a network, and a first router. The second processor is configured to receive the untrusted data from the router, process the untrusted data with the security instructions to produce trusted data, and provide the trusted data to the router.Type: ApplicationFiled: April 19, 2019Publication date: August 8, 2019Applicant: CUPP Computing ASInventor: Shlomo Touboul