Patents by Inventor Andreas Lessiak
Andreas Lessiak has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20230325096Abstract: It is described an electronic device, comprising a secure element domain that further comprises: i) a physical memory region configured to store a plurality of data sets; and ii) a control device, coupled to the physical memory region, and configured to transfer at least one data set away from the physical memory region, wherein transferring the data set comprises at least one of: a) transferring the data set as a first data blob to a virtual memory region of the secure element domain; b) off-loading the data set as a second data blob to an external domain.Type: ApplicationFiled: March 16, 2023Publication date: October 12, 2023Inventors: Giten Kulkarni, Andreas Lessiak
-
Patent number: 11321076Abstract: In accordance with a first aspect of the present disclosure, a system is provided for applying patches to executable codes, comprising: a plurality of execution environments configured to execute said codes in different execution contexts; a control unit configured to apply the patches to said codes; wherein the control unit is configured to apply a specific patch to a specific code upon or after an execution environment configured to execute said specific code switches to an execution context corresponding to said specific code. In accordance with other aspects of the present disclosure, a corresponding method is conceived for applying patches to executable codes, and a corresponding computer program is provided.Type: GrantFiled: April 6, 2020Date of Patent: May 3, 2022Assignee: NXP B.V.Inventors: Andreas Lessiak, Mark Leonard Buer
-
Patent number: 11269788Abstract: There is described a method of managing memory in an electronic device, the method comprising creating a set of equally sized logical regions in a logical address space, each logical region comprising a plurality of consecutive logical addresses, and mapping a subset of consecutive logical addresses within each logical region to a set of physical addresses within a corresponding physical memory region, the subset of consecutive logical addresses comprising the first logical address within the logical region, said first logical address being mapped to a base address within the corresponding physical memory region. Furthermore, there is described a controller for managing memory in an electronic device and a method of determining a physical memory address in a physical memory region using such a controller.Type: GrantFiled: August 18, 2020Date of Patent: March 8, 2022Assignee: NXP B.V.Inventors: Alexandre Frey, Ralf Malzahn, Frank Ernst Johannes Siedel, Shameer Puthalan, Andreas Lessiak, Daniel Kershaw
-
Patent number: 11050726Abstract: A current operating system that is stored in a persistent storage circuit of a secure element is replaced by receiving a set of migration rules that specify changes to a set of data object types. Based upon the set of migration rules, a migration engine identifies data objects stored in a persistent storage circuit and corresponding to the set of data object types. For each of the identified data objects: a subset of the migration rules are selected that correspond to a data object type that corresponds to a particular data object, and based upon the selected subset, the particular data object is transformed. A new operating system can then be enabled.Type: GrantFiled: April 4, 2016Date of Patent: June 29, 2021Assignee: NXP B.V.Inventors: Andreas Lessiak, Josef Fruehwirth, Jozsef Jelenka, Harald Schlatte-Schatte, Alexandre Frey
-
Publication number: 20210081335Abstract: There is described a method of managing memory in an electronic device, the method comprising creating a set of equally sized logical regions in a logical address space, each logical region comprising a plurality of consecutive logical addresses, and mapping a subset of consecutive logical addresses within each logical region to a set of physical addresses within a corresponding physical memory region, the subset of consecutive logical addresses comprising the first logical address within the logical region, said first logical address being mapped to a base address within the corresponding physical memory region. Furthermore, there is described a controller for managing memory in an electronic device and a method of determining a physical memory address in a physical memory region using such a controller.Type: ApplicationFiled: August 18, 2020Publication date: March 18, 2021Inventors: Alexandre Frey, Ralf Malzahn, Frank Ernst Johannes Siedel, Shameer Puthalan, Andreas Lessiak, Daniel Kershaw
-
Publication number: 20200326929Abstract: In accordance with a first aspect of the present disclosure, a system is provided for applying patches to executable codes, comprising: a plurality of execution environments configured to execute said codes in different execution contexts; a control unit configured to apply the patches to said codes; wherein the control unit is configured to apply a specific patch to a specific code upon or after an execution environment configured to execute said specific code switches to an execution context corresponding to said specific code. In accordance with other aspects of the present disclosure, a corresponding method is conceived for applying patches to executable codes, and a corresponding computer program is provided.Type: ApplicationFiled: April 6, 2020Publication date: October 15, 2020Inventors: Andreas LESSIAK, Mark Leonard BUER
-
Patent number: 10789075Abstract: Various embodiments relate to a method and apparatus for embedding an operating system in a smart card product, which is certified and which derives multiple variants from the operating system, the method including the steps of certifying, a target of evaluation, the target of evaluation including an OS core mask and a plurality of components which includes OS components and plugin placeholders, building, by an image builder tool, romized content and runtime content including at least one of the plurality of components and customizing which of the plurality of components to include on the smart card product.Type: GrantFiled: September 29, 2017Date of Patent: September 29, 2020Assignee: NXP B.V.Inventors: Alexandre Frey, Josef Fruehwirth, Andreas Lessiak
-
Publication number: 20190102205Abstract: Various embodiments relate to a method and apparatus for embedding an operating system in a smart card product, which is certified and which derives multiple variants from the operating system, the method including the steps of certifying, a target of evaluation, the target of evaluation including an OS core mask and a plurality of components which includes OS components and plugin placeholders, building, by an image builder tool, romized content and runtime content including at least one of the plurality of components and customizing which of the plurality of components to include on the smart card product.Type: ApplicationFiled: September 29, 2017Publication date: April 4, 2019Inventors: Alexandre FREY, Josef FRUEHWIRTH, Andreas LESSIAK
-
Patent number: 9979703Abstract: There is disclosed a method of providing a software update to a secure element comprised in a host device, comprising converting the software update into a sequence of ciphertext blocks using a chained encryption scheme, and transmitting said sequence of ciphertext blocks to the host device. Furthermore, there is disclosed a method of installing a software update on a secure element comprised in a host device, comprising receiving, by the host device, a sequence of ciphertext blocks generated by a method of providing a software update of the kind set forth, converting said sequence of ciphertext blocks into the software update, and installing the software update on the secure element. Furthermore, corresponding computer program products and a corresponding host device are disclosed.Type: GrantFiled: December 12, 2014Date of Patent: May 22, 2018Assignee: NXP B.V.Inventors: Dimitri Warnez, Thierry Gouraud, Rafael Jan Josef Meeusen, Andreas Lessiak, Frank Siedel, Ernst Haselsteiner, Bruce Murray
-
Publication number: 20170289115Abstract: A current operating system that is stored in a persistent storage circuit of a secure element is replaced by receiving a set of migration rules that specify changes to a set of data object types. Based upon the set of migration rules, a migration engine identifies data objects stored in a persistent storage circuit and corresponding to the set of data object types. For each of the identified data objects: a subset of the migration rules are selected that correspond to a data object type that corresponds to a particular data object, and based upon the selected subset, the particular data object is transformed. A new operating system can then be enabled.Type: ApplicationFiled: April 4, 2016Publication date: October 5, 2017Inventors: Andreas Lessiak, Josef Fruehwirth, Jozsef Jelenka, Harald Schlatte - Schatte, Alexandre Frey
-
Patent number: 9503897Abstract: Aspects of various embodiments are directed to the communication of wireless data. In a particular embodiment, an apparatus includes a master/wireless communication circuit and a slave circuit that carries out a secure function. The master generates session initiation commands, and the slave is responsive to these commands by generating and storing a session ID. In response to the receipt and validation of user-input data, the slave accesses and locally stores the session ID. Upon the initiation of and/or during a wireless communication process, the slave again accesses the session ID and compares the accessed session ID with the locally stored session ID, and facilitates communication based on the comparison (e.g., communication is not permitted if the comparison does not indicate a match).Type: GrantFiled: April 7, 2015Date of Patent: November 22, 2016Assignee: NXP B.V.Inventors: Andreas Lessiak, Mario Ivkovic
-
Patent number: 9473932Abstract: A method for managing a secure element which is embedded into a host unit. The described method comprises (a) transmitting a request for a management script from the host unit to a program element of the secure element, (b) at the program element, generating a management script in accordance with the request and encrypting the generated management script, (c) transmitting the encrypted management script from the program element to the host unit, (d) transmitting the encrypted management script from the host unit to a secure domain of the secure element, and (e) at the secure domain, decrypting and executing the management script.Type: GrantFiled: August 8, 2013Date of Patent: October 18, 2016Assignee: NXP B.V.Inventors: Andreas Lessiak, Dimitri Warnez
-
Publication number: 20150215783Abstract: Aspects of various embodiments are directed to the communication of wireless data. In a particular embodiment, an apparatus includes a master/wireless communication circuit and a slave circuit that carries out a secure function. The master generates session initiation commands, and the slave is responsive to these commands by generating and storing a session ID. In response to the receipt and validation of user-input data, the slave accesses and locally stores the session ID. Upon the initiation of and/or during a wireless communication process, the slave again accesses the session ID and compares the accessed session ID with the locally stored session ID, and facilitates communication based on the comparison (e.g., communication is not permitted if the comparison does not indicate a match).Type: ApplicationFiled: April 7, 2015Publication date: July 30, 2015Inventors: Andreas Lessiak, Mario Ivkovic
-
Publication number: 20150172255Abstract: There is disclosed a method of providing a software update to a secure element comprised in a host device, comprising converting the software update into a sequence of ciphertext blocks using a chained encryption scheme, and transmitting said sequence of ciphertext blocks to the host device. Furthermore, there is disclosed a method of installing a software update on a secure element comprised in a host device, comprising receiving, by the host device, a sequence of ciphertext blocks generated by a method of providing a software update of the kind set forth, converting said sequence of ciphertext blocks into the software update, and installing the software update on the secure element. Furthermore, corresponding computer program products and a corresponding host device are disclosed.Type: ApplicationFiled: December 12, 2014Publication date: June 18, 2015Inventors: Dimitri Warnez, Thierry Gouraud, Rafael Jan Josef Meeusen, Andreas Lessiak, Frank Siedel, Ernst Haselsteiner, Bruce Murray
-
Patent number: 9003496Abstract: Aspects of various embodiments are directed to the communication of wireless data. In a particular embodiment, an apparatus includes a master/wireless communication circuit and a slave circuit that carries out a secure function. The master generates session initiation commands, and the slave is responsive to these commands by generating and storing a session ID. In response to the receipt and validation of user-input data, the slave accesses and locally stores the session ID. Upon the initiation of and/or during a wireless communication process, the slave again accesses the session ID and compares the accessed session ID with the locally stored session ID, and facilitates communication based on the comparison (e.g., communication is not permitted if the comparison does not indicate a match).Type: GrantFiled: September 7, 2012Date of Patent: April 7, 2015Assignee: NXP B.V.Inventors: Andreas Lessiak, Mario Ivkovic
-
Publication number: 20140075511Abstract: Aspects of various embodiments are directed to the communication of wireless data. In a particular embodiment, an apparatus includes a master/wireless communication circuit and a slave circuit that carries out a secure function. The master generates session initiation commands, and the slave is responsive to these commands by generating and storing a session ID. In response to the receipt and validation of user-input data, the slave accesses and locally stores the session ID. Upon the initiation of and/or during a wireless communication process, the slave again accesses the session ID and compares the accessed session ID with the locally stored session ID, and facilitates communication based on the comparison (e.g., communication is not permitted if the comparison does not indicate a match).Type: ApplicationFiled: September 7, 2012Publication date: March 13, 2014Applicant: NXP B.V.Inventors: Andreas Lessiak, Mario Ivkovic
-
Publication number: 20140047235Abstract: A method for managing a secure element which is embedded into a host unit. The described method comprises (a) transmitting a request for a management script from the host unit to a program element of the secure element, (b) at the program element, generating a management script in accordance with the request and encrypting the generated management script, (c) transmitting the encrypted management script from the program element to the host unit, (d) transmitting the encrypted management script from the host unit to a secure domain of the secure element, and (e) at the secure domain, decrypting and executing the management script.Type: ApplicationFiled: August 8, 2013Publication date: February 13, 2014Applicant: NXP B. V.Inventors: Andreas Lessiak, Dimitri Warnez