Abstract: A security architecture in which a security module is integrated in a client machine, wherein the client machine includes a local host that is untrusted. The security module performs encryption and decryption algorithms, authentication, and public key processing. The security module also includes separate key caches for key encryption keys and application keys. A security module can also interface a cryptographic accelerator through an application key cache. The security module can authorize a public key and an associated key server. That public key can subsequently be used to authorize additional key servers. Any of the authorized key servers can use their public keys to authorize the public keys of additional key servers. Secure authenticated communications can then transpire between the client and any of these key servers. Such a connection is created by a secure handshake process that takes place between the client and the key server.

Abstract: Techniques are provided to authenticate components in a system. Users may enter credentials into an input device and the credentials may be authenticated and/or securely transmitted to the components. The components may then provide the credentials to a server in the system. Strong authentication may thus be provided to the effect that credentials associated with specific users have been received from specific components in the system. The server may then enable the components to access selected services.

Abstract: Embodiments of the present disclosure generally relate to a system, apparatus, and method for providing anti-replay protection of data stored in a non-volatile memory device. Some embodiments describe an anti-replay protection (ARP) device that may protect an external non-volatile memory device from replay attacks.

Abstract: Wireless mobile communication (WMC) devices located in near proximity of each other may be enabled to form a mesh (ad hoc wireless) network. WMC devices may form and/or tear down intra-mesh connection with other WMC devices in the same mesh network. WMC devices may utilize information related to other WMC devices in the mesh network in determining formation and tearing down of intra-mesh connections. This information may comprise relative speeds, locations, and directions of movement of the WMC devices forming/tearing intra-mesh connections. Other information including data bandwidth and/or power consumption may be utilized in such determination. This information may also comprise available services advertised by WMC devices in the mesh network.

Abstract: A system and method for allocating and/or utilizing spare computing system (e.g., personal computing system) resources. Various aspects of the present invention may, for example and without limitation, provide a system and/or method that communicates incentive information with computing systems, and/or representatives thereof, regarding the allocation of computing resources for utilization by other computing systems and/or incentives that may be associated with such utilization. Various aspects of the present invention may, for example, allocate one or more resources of a computing system for utilization by another computing system based, at least in part, on such communicated incentive information.

Abstract: A Wireless mobile communication (WMC) device may be utilized to generate and/or maintain multimedia data files. Context data tags may be utilized to tag the generated multimedia data files to enable convenient identification of multimedia data files. Context data tags may comprise time/date stamps, subject, and/or location attribute. User preference information that is unique to the WMC device and/or a specific device user may be utilized to create context data tags for multimedia data files. The user preference information may be modified and/or updated. Modifications and/or updates of user preference information may be based on post-processing operations, biometric information, and/or self-learning techniques that may comprise operations performed on the multimedia data files. Post-processing operations may be performed on multimedia data files in the WMC device and/or a remote device.

Abstract: Systems and methods are provided that allow a secure processing system (SPS) to be implemented as a hard macro, thereby isolating the SPS from a peripheral processing system (PPS). The SPS and the PPS, combination, may form a secure element that can be used in conjunction with a host device and a connectivity device to allow the host device to engage in secure transactions, such as mobile payment over a near field communications (NFC) connection. As a result of the SPS being implemented as a hard macro isolated from the PPS, the SPS may be certified once, and re-used in other host devices without necessitating re-certification.

Abstract: The present disclosure outlines various systems and methods for detecting an optical fault injection within an electronic device and/or preventing the optical fault injection from introducing an exploitable abnormality within the electronic device. These various systems and methods can include systems and methods that can detect or prevent laser injection attacks, which can include one or more small footprint complementary metal oxide silicon (CMOS) light detection circuits, or structures that can shield one or more transistors from a bottom side laser injection attack.

Abstract: Systems and methods for binding a smartcard and a smartcard reader are provided. A smartcard is provision to store a first set of credentials for use in traditional transactions such as at a brick and mortar retail store and a second set of credentials for use when performing a transaction using a smartcard reader associated with a user such as an on-line transaction. The user smartcard reader registers with a smartcard issuer server by cryptographically authenticating a secure processor associated with the smartcard reader. As a result of the registration, the secure processor obtains a set of private keys associated with the second set of credentials. When a request for a authorizing a transaction via the user's smartcard reader is received, the smartcard reader cryptographically authenticates itself to the smartcard using a private key associated with a credential to be used to authorize the transaction.

Abstract: Methods and systems are provided that use smartcards, such as subscriber identity module (SIM) cards to provide secure functions for a mobile client. One embodiment of the invention provides a mobile communication network system that includes a mobile network, a mobile terminal, a server coupled to the mobile terminal via the mobile network, and a subscriber identity module (SIM) card coupled to the mobile terminal. The SIM card includes a first key and a second key. The first key is used to authenticate an intended user of the mobile terminal to the mobile network. Upon successful authentication of the intended user to the mobile network, the mobile terminal downloads a function offered from the server through the mobile network. The second key is then used by the mobile terminal to authenticate the intended user to the downloaded function so that the intended user can utilize the function.

Abstract: A handheld wireless communication device (HWCD) establishes an ad hoc network comprising interconnected networks for a user. The HWCD gains access to content on a first device and controls communication of the content from the first device via the HWCD to a second device. The HWCD enables the second device to consume the content. The content may be streamed from the first device via the HWCD to the second device. The first device is a service provider network device or other network device. The access may be authenticated and/or secure. Secure access to the content is extended from the first device to the second device. The ad hoc network is configured and/or reconfigured until communication is complete. The HWCD comprises multiple wireless interfaces. The ad hoc network comprises a PAN, WLAN, WAN and/or cellular network. The HWCD may hand-off among base stations during communication of the content.

Abstract: A device may include countermeasure circuitry that provides a countermeasure check that protects device logic. The device may also include enforcement circuitry that non-deterministically enforces the countermeasure check on the device logic so that the device logic is not always protected by a countermeasure action within the countermeasure check. The device may non-deterministically enforce the countermeasure check according to an enforcement rate, and the device may adjust the enforcement rate depending on a priority of the device logic or device logic portion protected by a particular countermeasure check.

Abstract: A Wireless mobile communication (WMC) device may maintain user preference information, which is unique to the WMC device capabilities and the device user. WMC devices located in near proximity of each other may be enabled to form an ad hoc wireless network wherein each WMC device within the network may function as a router for other devices. Utilizing such routing capability within an ad hoc wireless network may allow WMC devices that are out of their wireless coverage area to use other WMC devices within such ad hoc wireless network to route any impending communication through such other WMC devices wherein these devices may have wireless connectivity to their coverage networks. WMC devices that are may have external connectivity may be enable to be selective in routing information and/or data from other WMC devices in the ad hoc network.

Abstract: A first personal electronic (PE) device may enable generation, updating, and/or storage of user configuration information. The user configuration information may comprise information pertaining to device configuration and/or operational preferences specific to the device user and/or various use settings, connectivity, and/or use of available resources. The generation, updating, and/or storage of the user configuration information may be performed manually and/or automatically, and may be performed directly within the first PE device and/or via networked devices, which may communicatively coupled to the first PE device. A second PE device may be enabled to be communicatively coupled to the first PE device and/or the networked devices. The second PE device may then be enabled to download existing user configuration information from the first PE device and/or the networked device, and the downloaded user configuration may be utilized to configure the second PE device.

Abstract: Dynamically splitting a job in wireless system between a processor other remote devices may involve evaluating a job that a wireless mobile communication (WMC) device may be requested to perform. The job may be made of one or more tasks. The WMC device may evaluate by determining the availability of at least one local hardware resource of the wireless mobile communication device in processing the requested job. The WMC device may apportion one or more tasks making up the requested job between the wireless mobile communication device and a remote device. The apportioning may be based on the availability of the at least one local hardware resource.

Abstract: An apparatus may comprise a secure portion of a chip and an external memory device. The secure portion of the chip may be configured to receive an encryption key, and the memory device may be configured to receive an encrypted processing code. The secure portion of the chip may be configured to verify the encrypted processing code by decrypting the encrypted processing code using the encryption key. A non-secure portion of the chip may be configured to write the encrypted processing code on the memory device while the memory device is coupled to the chip. The encryption key may be associated with an identifier of the chip.

Abstract: A mesh grid protection system is provided. The system includes assertion logic configured to transmit a first set of signals on a first set of grid lines and a second set of grid lines. The system also includes transformation logic to transform the first set of signals to generate a second set of signals, to transmit the second set of signals on a third set of grid lines that are coupled to the first set of grid lines, and to transmit the second set of signals on a fourth set of grid lines that are coupled to the second set of grid lines. In addition, the system includes verification logic to compare the second set of signals on the third and fourth set of grid lines to an expected set of signals.

Abstract: A method and system for secure and scalable key management for cryptographic processing of data is described herein. A method of secure key handling and cryptographic processing of data, comprising receiving a request from an entity to cryptographically process a block of data, the request including a key handle, wherein the key handle includes an authentication tag and an index; authenticating the requesting entity using the authentication tag; and referencing a plaintext key from a plurality of plaintext keys using the index if the requesting entity is authenticated successfully.

Abstract: A handheld wireless communication device (HWCD) establishes an ad hoc network comprising interconnected networks for a user. The HWCD gains access to content on a first device and controls communication of the content from the first device via the HWCD to a second device. The HWCD enables the second device to consume the content. The content may be streamed from the first device via the HWCD to the second device. The first device is a service provider network device or other network device. The access may be authenticated and/or secure. Secure access to the content is extended from the first device to the second device. The ad hoc network is configured and/or reconfigured until communication is complete. The HWCD comprises multiple wireless interfaces. The ad hoc network comprises a PAN, WLAN, WAN and/or cellular network. The HWCD may hand-off among base stations during communication of the content.

Abstract: Methods and systems for a handheld portable communication device for configuring connection to and use of local and remote resources are disclosed and may include discovering available networks and resources, establishing a route between the handheld wireless communication device and a selected one or more of the available resources via a selected one or more of the available networks based on user preference criteria stored in the handheld wireless communication device, and communicating multimedia data between the handheld wireless communication device and the selected one or more of the available resources via the established route. The established route may be dynamically adjusted, based on network availability and bandwidth. The handheld wireless communication device may communicate utilizing a plurality of wireless protocols. The preference criteria stored in the handheld wireless communication device may be dynamically adjusted.