Patents by Inventor Ahmed M. Azab

Ahmed M. Azab has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 11985132
    Abstract: A method of providing continuous user authentication for resource access control includes launching a continuous authentication service at a boot time of a first device, wherein the first device includes a processor, a memory, and one or more sensors configured to collect authentication information. Additionally, the method includes receiving authentication information comprising one or more of explicit authentication information or implicit authentication information, and receiving a request for access to a resource of the first device. Further, the method includes the operations of determining, by the continuous authentication service, a current value of a security state, the current value of the security state based in part on a time interval between a receipt time of the authentication information and a current time and controlling access to the resource based on the current value of the security state.
    Type: Grant
    Filed: April 30, 2019
    Date of Patent: May 14, 2024
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Haining Chen, Xun Chen, Khaled ElWazeer, Ahmed M. Azab, David Thomson, Ruowen Wang, Wei Yang, Peng Ning
  • Patent number: 11656924
    Abstract: An electronic device includes a memory and at least one processor coupled to the memory. The at least one processor is configured to identify a device change event in a host operating system, wherein the host operating system includes a host namespace, switch from the host namespace to a container namespace of a container, and update the container with information based on the device change event.
    Type: Grant
    Filed: July 29, 2019
    Date of Patent: May 23, 2023
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Guruprasad Ganesh, Ahmed M. Azab, Rohan Bhutkar, Haining Chen, Ruowen Wang, Xun Chen, Donguk Seo, Kyoung-Joong Shin
  • Patent number: 11042398
    Abstract: A method for operating an electronic device, the method including spawning a name space tool (NST) as part of a boot process of a host OS, wherein the NST is a process with a plurality of root privileges of the host OS. The method further includes spawning, by the NST, a container for a guest OS, wherein the container for the guest OS is mapped to a dedicated domain in the host OS, and dropping, by the NST, a root privilege of the host OS in response to spawning the container for the guest OS.
    Type: Grant
    Filed: July 5, 2019
    Date of Patent: June 22, 2021
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Guruprasad Ganesh, Sudhi Herle, Ahmed M. Azab, Rohan Bhutkar, Ivan Getta, Xun Chen, Wenbo Shen, Ruowen Wang, Haining Chen, Khaled Elwazeer, Mengmeng Li, Peng Ning, Hyungseok Yu, Myungsu Cha, Kyungsun Lee, Se Young Choi, Yurak Choe, Yong Shin, Kyoung-Joong Shin, Donguk Seo, Junyong Choi
  • Patent number: 11032342
    Abstract: This disclosure relates to an electronic device including a memory and at least one processor coupled to the memory. The at least one processor is configured to execute a daemon process in one of a container or a host operating system, wherein the daemon process is configured to manage data transfer between the container and the host operating system, create, via the daemon process, an inter-process communication (IPC) channel between the container and the host operating system, receive incoming audio data, and buffer the incoming audio data to the IPC channel.
    Type: Grant
    Filed: July 3, 2019
    Date of Patent: June 8, 2021
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Khaled ElWazeer, Ivan Getta, Myungsu Cha, Ahmed M. Azab, Rohan Bhutkar, Guruprasad Ganesh, Wenbo Shen, Ruowen Wang, Junyong Choi
  • Patent number: 10733096
    Abstract: A method for implementing a shared memory buffer includes at an apparatus comprising a processor and a physical memory, running a host environment with a host virtual memory. The method further includes running a guest environment with a guest virtual memory, performing, by the host environment, an allocation of a frame buffer in the physical memory, and mapping the allocated frame buffer into the host virtual memory. Additionally, the method includes passing a handle of the allocated frame buffer to the guest environment and performing a mapping of the allocated frame buffer into the guest virtual memory, the mapping based on the handle of the allocated frame buffer.
    Type: Grant
    Filed: August 21, 2018
    Date of Patent: August 4, 2020
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Ivan Getta, Sudhi Herle, Ahmed M. Azab, Rohan Bhutkar, Guruprasad Ganesh, Wenbo Shen
  • Patent number: 10686776
    Abstract: A connected device includes an application processor, a secure element, and a control module. The application processor is configured to receive a control command from an electronic device. The secure element is connected between the application processor and a control module and is configured to authenticate the control command. The control module is configured to receive the control command when the control command is authenticated by the secure element, execute the control command to activate at least one function of the connected device, and transmit a response to the electronic device.
    Type: Grant
    Filed: May 2, 2017
    Date of Patent: June 16, 2020
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Peng Ning, Yueh-Hsun Lin, Stephen E. McLaughlin, Michael C. Grace, Ahmed M. Azab, Rohan Bhutkar, Yong Choi
  • Publication number: 20200042366
    Abstract: This disclosure relates to an electronic device including a memory and at least one processor coupled to the memory. The at least one processor is configured to identify a device change event in a host operating system, wherein the host operating system includes a host namespace, switch from the host namespace to a container namespace of a container, and update the container with information based on the device change event.
    Type: Application
    Filed: July 29, 2019
    Publication date: February 6, 2020
    Inventors: Guruprasad Ganesh, Ahmed M. Azab, Rohan Bhutkar, Haining Chen, Ruowen Wang, Xun Chen, Donguk Seo, Kyoung-Joong Shin
  • Publication number: 20200012511
    Abstract: A method for operating an electronic device, the method including spawning a name space tool (NST) as part of a boot process of a host OS, wherein the NST is a process with a plurality of root privileges of the host OS. The method further includes spawning, by the NST, a container for a guest OS, wherein the container for the guest OS is mapped to a dedicated domain in the host OS, and dropping, by the NST, a root privilege of the host OS in response to spawning the container for the guest OS.
    Type: Application
    Filed: July 5, 2019
    Publication date: January 9, 2020
    Inventors: Guruprasad Ganesh, Sudhi Herle, Ahmed M. Azab, Rohan Bhutkar, Ivan Getta, Xun Chen, Wenbo Shen, Ruowen Wang, Haining Chen, Khaled Elwazeer, Mengmeng Li, Peng Ning, Hyungseok Yu, Myungsu Cha, Kyungsun Lee, Se Young Choi, Yurak Choe, Yong Shin, Kyoung-Joong Shin, Donguk Seo, Junyong Choi
  • Publication number: 20200014741
    Abstract: This disclosure relates to an electronic device including a memory and at least one processor coupled to the memory. The at least one processor is configured to execute a daemon process in one of a container or a host operating system, wherein the daemon process is configured to manage data transfer between the container and the host operating system, create, via the daemon process, an inter-process communication (IPC) channel between the container and the host operating system, receive incoming audio data, and buffer the incoming audio data to the IPC channel.
    Type: Application
    Filed: July 3, 2019
    Publication date: January 9, 2020
    Inventors: Khaled ElWazeer, Ivan Getta, Myungsu Cha, Ahmed M. Azab, Rohan Bhutkar, Guruprasad Ganesh, Wenbo Shen, Ruowen Wang, Junyong Choi
  • Publication number: 20190342298
    Abstract: A method of providing continuous user authentication for resource access control includes launching a continuous authentication service at a boot time of a first device, wherein the first device includes a processor, a memory, and one or more sensors configured to collect authentication information. Additionally, the method includes receiving authentication information comprising one or more of explicit authentication information or implicit authentication information, and receiving a request for access to a resource of the first device. Further, the method includes the operations of determining, by the continuous authentication service, a current value of a security state, the current value of the security state based in part on a time interval between a receipt time of the authentication information and a current time and controlling access to the resource based on the current value of the security state.
    Type: Application
    Filed: April 30, 2019
    Publication date: November 7, 2019
    Inventors: Haining Chen, Xun Chen, Khaled ElWazeer, Ahmed M. Azab, David Thomson, Ruowen Wang, Wei Yang, Peng Ning
  • Patent number: 10417030
    Abstract: An apparatus and method for reducing boot time of an electronic device are provided. The electronic device includes electronic device is provided. The electronic device includes a processor including at least one system register; and an Operating System (OS) including an OS component having at least one reserved area, each reserved area including a static memory structure. The OS component is configured to, during a booting process, copy addresses of the at least one static memory structure into at least one of the plurality of system registers, and initialize the static memory structures located at the copied addresses.
    Type: Grant
    Filed: February 25, 2016
    Date of Patent: September 17, 2019
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Kirk R Swidowski, Ahmed M Azab
  • Patent number: 10402561
    Abstract: An apparatus and method of a hardware isolated secure element protecting a plurality of mission critical subsystems are provided. The method includes performing an actuation operation received across an unsecure path that modifies the state of a mission critical subsystem, performing a diagnostic operation received across the unsecure path that requests state information of the mission critical subsystem, storing information used to determine which of the diagnostic operation and the actuation operation received across the unsecure path are performed, and flashing an execution image of an electronic control unit when the execution image of the electronic control unit is received across the unsecure path.
    Type: Grant
    Filed: February 19, 2016
    Date of Patent: September 3, 2019
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Peng Ning, Stephen E. McLaughlin, Michael C Grace, Ahmed M Azab, Rohan Bhutkar, Wenbo Shen, Xun Chen, Yong Choi, Ken Chen
  • Patent number: 10320745
    Abstract: An apparatus and method of an attachment device for interfacing with an on-board diagnostic system of a vehicle is provided. The device includes an application processor configured to receive input from a terminal, control processing of the input by the on-board diagnostic system, transmit a result of the processing of the input by the on-board diagnostic system to the terminal, and a secure element interposed in the communication path between the application processor and the on-board diagnostic system, the secure element configured to filter the input of an on-board diagnostic operation that is untrusted.
    Type: Grant
    Filed: February 19, 2016
    Date of Patent: June 11, 2019
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Peng Ning, Stephen E McLaughlin, Michael C Grace, Ahmed M Azab, Rohan Bhutkar, Wenbo Shen, Xun Chen, Yong Choi, Ken Chen
  • Publication number: 20190155727
    Abstract: A method for implementing a shared memory buffer includes at an apparatus comprising a processor and a physical memory, running a host environment with a host virtual memory. The method further includes running a guest environment with a guest virtual memory, performing, by the host environment, an allocation of a frame buffer in the physical memory, and mapping the allocated frame buffer into the host virtual memory. Additionally, the method includes passing a handle of the allocated frame buffer to the guest environment and performing a mapping of the allocated frame buffer into the guest virtual memory, the mapping based on the handle of the allocated frame buffer.
    Type: Application
    Filed: August 21, 2018
    Publication date: May 23, 2019
    Inventors: Ivan Getta, Sudhi Herle, Ahmed M. Azab, Rohan Bhutkar, Guruprasad Ganesh, Wenbo Shen
  • Patent number: 10019583
    Abstract: A Protected Walk-based Shadow Paging (PWSP) method includes storing a multiple level first stage (S1) page tables structure in second stage (S2) page tables. The method includes: when an S1 page table in an S2 page table entry is marked with a writable attribute: (i) permitting an operating system (OS) to write to the S1 page table, (ii) blocking a memory management unit (MMU) from reading the S1 page table for translation, and (iii) in response, verifying the S1 page table for translation and changing the marking of the S1 page table in the S2 page table entry to a read-only attribute, enabling the MMU to subsequently read the S1 page table.
    Type: Grant
    Filed: April 1, 2016
    Date of Patent: July 10, 2018
    Assignee: SAMSUNG ELECTRONICS CO., LTD.
    Inventors: Kirk R. Swidowski, Ahmed M. Azab
  • Publication number: 20180026963
    Abstract: A connected device includes an application processor, a secure element, and a control module. The application processor is configured to receive a control command from an electronic device. The secure element is connected between the application processor and a control module and is configured to authenticate the control command. The control module is configured to receive the control command when the control command is authenticated by the secure element, execute the control command to activate at least one function of the connected device, and transmit a response to the electronic device.
    Type: Application
    Filed: May 2, 2017
    Publication date: January 25, 2018
    Inventors: Peng Ning, Yueh-Hsun Lin, Stephen E. McLaughlin, Michael C. Grace, Ahmed M. Azab, Rohan Bhutkar, Yong Choi
  • Publication number: 20170286694
    Abstract: PWSP method includes storing a multiple level page tables structure in second stage page tables (S2). The method includes: when an S2 entry is marked with a writable attribute: (i) permitting an operating system (OS) to write to S1, (ii) blocking an MMU from reading the S1 for translation, and (iii) in response, verifying the S1 for translation and changing the marking of the S2 entry to read-only attribute, enabling the MMU to subsequently read the S1. The method includes: when the S2 entry is marked with the read-only attribute: (i) permitting the OS to read the S1 for translating from a virtual address to an intermediate physical address, (ii) blocking the OS from writing to the S1, and (iii) in response to blocking the OS, updating the S1 and changing the marking of the S2 entry to the device memory attribute, enabling the OS to write to the S1.
    Type: Application
    Filed: April 1, 2016
    Publication date: October 5, 2017
    Inventors: Kirk R. Swidowski, Ahmed M. Azab
  • Publication number: 20170098070
    Abstract: An apparatus and method of a hardware isolated secure element protecting a plurality of mission critical subsystems are provided. The method includes performing an actuation operation received across an unsecure path that modifies the state of a mission critical subsystem, performing a diagnostic operation received across the unsecure path that requests state information of the mission critical subsystem, storing information used to determine which of the diagnostic operation and the actuation operation received across the unsecure path are performed, and flashing an execution image of an electronic control unit when the execution image of the electronic control unit is received across the unsecure path.
    Type: Application
    Filed: February 19, 2016
    Publication date: April 6, 2017
    Inventors: Peng NING, Stephen E. MCLAUGHLIN, Michael C. GRACE, Ahmed M. AZAB, Rohan BHUTKAR, Wenbo SHEN, Xun CHEN, Yong CHOI, Ken CHEN
  • Publication number: 20170041290
    Abstract: An apparatus and method of an attachment device for interfacing with an on-board diagnostic system of a vehicle is provided. The device includes an application processor configured to receive input from a terminal, control processing of the input by the on-board diagnostic system, transmit a result of the processing of the input by the on-board diagnostic system to the terminal, and a secure element interposed in the communication path between the application processor and the on-board diagnostic system, the secure element configured to filter the input of an on-board diagnostic operation that is untrusted.
    Type: Application
    Filed: February 19, 2016
    Publication date: February 9, 2017
    Inventors: Peng NING, Stephen E. MCLAUGHLIN, Michael C. GRACE, Ahmed M. AZAB, Rohan BHUTKAR, Wenbo SHEN, Xun CHEN, Yong CHOI, Ken CHEN
  • Publication number: 20160253183
    Abstract: An apparatus and method for reducing boot time of an electronic device are provided. The electronic device includes electronic device is provided. The electronic device includes a processor including at least one system register; and an Operating System (OS) including an OS component having at least one reserved area, each reserved area including a static memory structure. The OS component is configured to, during a booting process, copy addresses of the at least one static memory structure into at least one of the plurality of system registers, and initialize the static memory structures located at the copied addresses.
    Type: Application
    Filed: February 25, 2016
    Publication date: September 1, 2016
    Inventors: Kirk R. SWIDOWSKI, Ahmed M. AZAB