Patents Assigned to Secturion Systems, Inc.
-
Publication number: 20240176760Abstract: Systems and methods for protocol processing using a systolic array (e.g., programmed in an FPGA). For example, protocol processing is performed for incoming data (e.g., received for storage) prior to encryption and/or sending to a remote storage device (e.g., cloud storage or server).Type: ApplicationFiled: September 25, 2023Publication date: May 30, 2024Applicant: Secturion Systems, Inc.Inventors: JORDAN ANDERSON, TIMOTHY PAUL ABEL, DEREK OWENS, SEAN LITTLE
-
Patent number: 11968187Abstract: Systems, methods, and apparatus for a MILS HPC, data storage system (DSS) system architecture that incorporates a multi-crypto module (MCM) to provide end-to-end multi-independent level security (MILS) protection. Configuration of each MCM enables a high performance computing (HPC) resource to compute different security domains with the associated security level keys from a key/node manager. The HPC resource can be dynamically re-allocated to different security level domain(s) by the key/node manager. In one embodiment, the DSS stores encrypted data regardless of the domains.Type: GrantFiled: October 21, 2021Date of Patent: April 23, 2024Assignee: SECTURION SYSTEMS, INC.Inventors: Richard J. Takahashi, Timothy Paul Abel, Benjamin Kirk Nielson
-
Publication number: 20240104250Abstract: A system includes a security device, configured for cryptographic processing, coupled to receive incoming data from a plurality of data sources (e.g., data from different customers), wherein the incoming data includes first data from a first data source; a controller (e.g., an external key manager) configured to select a first set of keys from a plurality of key sets, each of the key sets corresponding to one of the plurality of data sources, wherein the first set of keys is used by the security device to encrypt the first data; and a common encrypted data storage, coupled to receive the encrypted first data from the security device.Type: ApplicationFiled: September 1, 2023Publication date: March 28, 2024Applicant: SECTURION SYSTEMS, INC.Inventor: RICHARD J. TAKAHASHI
-
Publication number: 20240098071Abstract: Systems and methods to securely send or write data to a cloud storage or server. In one embodiment, a method includes: establishing a connection to a client using a client-side transport protocol; receiving, over the connection, data from the first client; decrypting, using a client session key, the received data to provide first decrypted data; encrypting the first decrypted data using a stored payload key (that is associated with the client) to provide first encrypted data; encrypting, using a cloud session key, the first encrypted data using a remote-side transport protocol to provide second encrypted data; and sending the second encrypted data to the cloud storage or server.Type: ApplicationFiled: September 7, 2023Publication date: March 21, 2024Applicant: SECTURION SYSTEMS, INC.Inventors: JORDAN ANDERSON, RICHARD J. TAKAHASHI, SEAN LITTLE, LEE NOEHRING
-
Patent number: 11921906Abstract: A system includes programmable systolic cryptographic modules for security processing of packets from a data source. A first programmable input/output interface routes each incoming packet to one of the systolic cryptographic modules for encryption processing. A second programmable input/output interface routes the encrypted packets from the one systolic cryptographic module to a common data storage. In one embodiment, the first programmable input/output interface is coupled to an interchangeable physical interface that receives the incoming packets from the data source. In another embodiment, each cryptographic module includes a programmable systolic packet input engine, a programmable cryptographic engine, and a programmable systolic packet output engine, each configured as a systolic array (e.g., using FPGAs) for data processing.Type: GrantFiled: March 10, 2022Date of Patent: March 5, 2024Assignee: SECTURION SYSTEMS, INC.Inventor: Richard J. Takahashi
-
Publication number: 20240064128Abstract: In one embodiment, a method includes: receiving, by a first computing device on a first port of a plurality of ports, a data packet, wherein each of the ports corresponds to one of a plurality of security classes, and the first computing device comprises a plurality of cryptographic modules, each module configured to encrypt data for a respective one of the security classes; tagging the data packet, wherein tagging data identifies one of the security classes and the first port; routing, based on at least one header, the data packet to a first cryptographic module of the plurality of cryptographic modules; encrypting the data packet using the first cryptographic module; and storing the encrypted data packet in a first data storage device.Type: ApplicationFiled: July 25, 2023Publication date: February 22, 2024Applicant: SECTURION SYSTEMS, INC.Inventor: RICHARD J. TAKAHASHI
-
Publication number: 20240061790Abstract: Systems and methods to securely store data in a remote storage (e.g., cloud storage or server). In one approach, a method includes: receiving, from a local device, data blocks to be stored; generating a hash from a hash of each data block; storing each respective hash (e.g., in a local or remote memory for later use); and writing the data blocks to remote storage. Data integrity is verified when each data block is read from the remote storage by generating a hash of the respective read data block, and comparing the generated hash to the respective stored hash.Type: ApplicationFiled: July 24, 2023Publication date: February 22, 2024Applicant: SECTURION SYSTEMS, INC.Inventor: JORDAN ANDERSON
-
Patent number: 11803507Abstract: Systems and methods for protocol processing using a systolic array (e.g., programmed in an FPGA). For example, protocol processing is performed for incoming data (e.g., received for storage) prior to encryption and/or sending to a remote storage device (e.g., cloud storage or server).Type: GrantFiled: October 16, 2019Date of Patent: October 31, 2023Assignee: SECTURION SYSTEMS, INC.Inventors: Jordan Anderson, Timothy Paul Abel, Derek Owens, Sean Little
-
Patent number: 11792169Abstract: Systems and methods to securely send or write data to a cloud storage or server. In one embodiment, a method includes: establishing a connection to a client using a client-side transport protocol; receiving, over the connection, data from the first client; decrypting, using a client session key, the received data to provide first decrypted data; encrypting the first decrypted data using a stored payload key (that is associated with the client) to provide first encrypted data; encrypting, using a cloud session key, the first encrypted data using a remote-side transport protocol to provide second encrypted data; and sending the second encrypted data to the cloud storage or server.Type: GrantFiled: February 15, 2022Date of Patent: October 17, 2023Assignee: SECTURION SYSTEMS, INC.Inventors: Jordan Anderson, Richard J. Takahashi, Sean Little, Lee Noehring
-
Patent number: 11783089Abstract: A system includes a security device, configured for cryptographic processing, coupled to receive incoming data from a plurality of data sources (e.g., data from different customers), wherein the incoming data includes first data from a first data source; a controller (e.g., an external key manager) configured to select a first set of keys from a plurality of key sets, each of the key sets corresponding to one of the plurality of data sources, wherein the first set of keys is used by the security device to encrypt the first data; and a common encrypted data storage, coupled to receive the encrypted first data from the security device.Type: GrantFiled: December 16, 2020Date of Patent: October 10, 2023Assignee: SECTURION SYSTEMS, INC.Inventor: Richard J. Takahashi
-
Publication number: 20230305811Abstract: Systems and methods for a random number generator including a systolic array to provide a random number output. In one approach, the systolic array can be arranged in two or greater dimensions, and each cell of the array comprises a ring oscillator. Data is read from a random access memory to provide the inputs to the systolic array. A linear feedback shift register receives the random number output as a feedback signal used to address the memory to read data to provide as the inputs to the systolic array.Type: ApplicationFiled: February 13, 2023Publication date: September 28, 2023Applicant: Secturion Systems, Inc.Inventor: RICHARD J. TAKAHASHI
-
Publication number: 20230308509Abstract: Systems, methods, and apparatus related to transferring encrypted data over a wireless network. In one approach, an encryptor includes a host interface configured to transmit data and commands with a local computing device, a wireless communication interface configured to transmit data and commands over a radio access network, a storage interface configured to interface a local storage medium to store data, and at least one processing device configured to perform operations comprising: encrypting first data from the local computing device to be written into the local storage medium upon receiving a first command from the local computing device; decrypting the encrypted first data from the local storage medium to be read by the local computing device upon receiving a second command from the local computing device; and transmitting the encrypted first data through the wireless communication interface to the radio access network upon receiving a third command.Type: ApplicationFiled: March 24, 2023Publication date: September 28, 2023Applicant: SECTURION SYSTEMS, INC.Inventor: RICHARD J. TAKAHASHI
-
Patent number: 11755499Abstract: Systems and methods to securely store data in a remote storage (e.g., cloud storage or server). In one approach, a method includes: receiving, from a local device, data blocks to be stored; generating a hash from a hash of each data block; storing each respective hash (e.g., in a local or remote memory for later use); and writing the data blocks to remote storage. Data integrity is verified when each data block is read from the remote storage by generating a hash of the respective read data block, and comparing the generated hash to the respective stored hash.Type: GrantFiled: May 21, 2019Date of Patent: September 12, 2023Assignee: SECTURION SYSTEMS, INC.Inventor: Jordan Anderson
-
Patent number: 11750571Abstract: In one embodiment, a method includes: receiving, by a first computing device on a first port of a plurality of ports, a data packet, wherein each of the ports corresponds to one of a plurality of security classes, and the first computing device comprises a plurality of cryptographic modules, each module configured to encrypt data for a respective one of the security classes; tagging the data packet, wherein tagging data identifies one of the security classes and the first port; routing, based on at least one header, the data packet to a first cryptographic module of the plurality of cryptographic modules; encrypting the data packet using the first cryptographic module; and storing the encrypted data packet in a first data storage device.Type: GrantFiled: June 1, 2020Date of Patent: September 5, 2023Assignee: SECTURION SYSTEMS, INC.Inventor: Richard J. Takahashi
-
Publication number: 20230214188Abstract: A computing device (e.g., an FPGA or integrated circuit) processes an incoming packet comprising data to compute a Galois hash. The computing device includes a plurality of circuits, each circuit providing a respective result used to determine the Galois hash, and each circuit including: a first multiplier configured to receive a portion of the data; a first exclusive-OR gate configured to receive an output of the first multiplier as a first input, and to provide the respective result; and a second multiplier configured to receive an output of the first exclusive-OR gate, wherein the first exclusive-OR gate is further configured to receive an output of the second multiplier as a second input. In one embodiment, the computing device further comprises a second exclusive-OR gate configured to output the Galois hash, wherein each respective result is provided as an input to the second exclusive-OR gate.Type: ApplicationFiled: September 7, 2022Publication date: July 6, 2023Applicant: Secturion Systems, Inc.Inventors: SEAN LITTLE, JORDAN ANDERSON
-
Patent number: 11641398Abstract: Systems, methods, and apparatus related to transferring encrypted data over a wireless network. In one approach, an encryptor includes a host interface configured to transmit data and commands with a local computing device, a wireless communication interface configured to transmit data and commands over a radio access network, a storage interface configured to interface a local storage medium to store data, and at least one processing device configured to perform operations comprising: encrypting first data from the local computing device to be written into the local storage medium upon receiving a first command from the local computing device; decrypting the encrypted first data from the local storage medium to be read by the local computing device upon receiving a second command from the local computing device; and transmitting the encrypted first data through the wireless communication interface to the radio access network upon receiving a third command.Type: GrantFiled: June 29, 2022Date of Patent: May 2, 2023Assignee: SECTURION SYSTEMS, INC.Inventor: Richard J. Takahashi
-
Patent number: 11609743Abstract: Systems and methods for a random number generator including a systolic array to provide a random number output. In one approach, the systolic array can be arranged in two or greater dimensions, and each cell of the array comprises a ring oscillator. Data is read from a random access memory to provide the inputs to the systolic array. A linear feedback shift register receives the random number output as a feedback signal used to address the memory to read data to provide as the inputs to the systolic array.Type: GrantFiled: July 1, 2019Date of Patent: March 21, 2023Assignee: SECTURION SYSTEMS, INC.Inventor: Richard J. Takahashi
-
Publication number: 20230049021Abstract: A system includes a plurality of data input ports, each port corresponding to one of a plurality of different levels of security classification; a security device, configured for cryptographic processing, coupled to receive incoming data from each of the plurality of input ports, wherein the incoming data includes first data having a first classification level; a key manager configured to select and tag-identified first set of keys from a plurality of key sets, each of the key sets corresponding to one of the different levels of security classification, wherein the first set of keys is used by the security device to encrypt the first data; and a common encrypted data storage, coupled to receive the encrypted first data from the security device for storage.Type: ApplicationFiled: July 13, 2022Publication date: February 16, 2023Applicant: SECTURION SYSTEMS, INC.Inventor: RICHARD J. TAKAHASHI
-
Publication number: 20230028917Abstract: Systems, methods, and apparatus related to transferring encrypted data over a wireless network. In one approach, an encryptor includes a host interface configured to transmit data and commands with a local computing device, a wireless communication interface configured to transmit data and commands over a radio access network, a storage interface configured to interface a local storage medium to store data, and at least one processing device configured to perform operations comprising: encrypting first data from the local computing device to be written into the local storage medium upon receiving a first command from the local computing device; decrypting the encrypted first data from the local storage medium to be read by the local computing device upon receiving a second command from the local computing device; and transmitting the encrypted first data through the wireless communication interface to the radio access network upon receiving a third command.Type: ApplicationFiled: June 29, 2022Publication date: January 26, 2023Applicant: Secturion Systems, Inc.Inventor: RICHARD J. TAKAHASHI
-
Patent number: 11474792Abstract: A computing device (e.g., an FPGA or integrated circuit) processes an incoming packet comprising data to compute a Galois hash. The computing device includes a plurality of circuits, each circuit providing a respective result used to determine the Galois hash, and each circuit including: a first multiplier configured to receive a portion of the data; a first exclusive-OR gate configured to receive an output of the first multiplier as a first input, and to provide the respective result; and a second multiplier configured to receive an output of the first exclusive-OR gate, wherein the first exclusive-OR gate is further configured to receive an output of the second multiplier as a second input. In one embodiment, the computing device further comprises a second exclusive-OR gate configured to output the Galois hash, wherein each respective result is provided as an input to the second exclusive-OR gate.Type: GrantFiled: October 16, 2018Date of Patent: October 18, 2022Assignee: SECTURION SYSTEMS, INC.Inventors: Sean Little, Jordan Anderson