Patents by Inventor Ron Keidar
Ron Keidar has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10470102Abstract: A router management server may be utilized to manage a plurality of home routers. Appropriate access control rules may be determined by the router management server for various client devices including IoT devices based on the type and/or make/model of the client devices. MAC address-bound WLAN passphrases may be assigned to the client devices and bound to the MAC addresses associated the client devices. Further, WLAN passphrases may be associated with expiration periods and/or access control rules. Therefore, a secure home network environment that takes into account the vulnerabilities of IoT devices may be achieved without the involvement of an IT department. Moreover, Flexibility of WLAN passphrase management may be improved.Type: GrantFiled: March 25, 2016Date of Patent: November 5, 2019Assignee: ZITOVAULT, INC.Inventors: Ron Keidar, Timothy McElwee
-
Patent number: 10176139Abstract: System and method for providing adaptive access to a hardware block on a computer system.Type: GrantFiled: May 15, 2017Date of Patent: January 8, 2019Assignee: QUALCOMM IncorporatedInventors: Ron Keidar, Osman Koyuncu, Michael Batenburg
-
Patent number: 10097517Abstract: A system for the maintenance and creation of security tunnels between IoT devices and IoT cloud servers, comprising the steps of receiving one or more packets from one or more IoT devices in a smart router, routing the one or more packets to an agent within the router, the agent performing one or more services on the one or more packets, routing the one or more packets to a WAN port of the router, and sending the one or more packets by a cloud secure tunnel to one or more IoT cloud servers. The system may have secure tunnels that are formed between the IoT devices using a unique password for each IoT device. The additional step of selectively stopping communication between the IoT devices and the router, wherein when the communication of one IoT device to the router is compromised, the remaining tunnels with unique passwords are integral.Type: GrantFiled: September 1, 2016Date of Patent: October 9, 2018Assignee: CyberSight, Inc.Inventors: Timothy McElwee, Gang Ding, Ron Keidar
-
Patent number: 10027640Abstract: A method includes: decrypting, in a device, a first subset of encrypted data using a cryptographic device key associated with the device to produce first plain text, where a set of encrypted data comprises the first subset of encrypted data and a second subset of encrypted data, and where the first subset of encrypted data and the second subset of encrypted data each contain less encrypted data than the set of encrypted data and are different from each other; decrypting, in the device, the second subset of encrypted data using the cryptographic device key to produce second plain text; encrypting, in the device, the first plain text using a first ephemeral key to produce first re-encrypted data; and encrypting, in the device, the second plain text using a second ephemeral key to produce second re-encrypted data, the second ephemeral key being different from the first ephemeral key.Type: GrantFiled: September 22, 2015Date of Patent: July 17, 2018Assignee: QUALCOMM IncorporatedInventors: Roberto Avanzi, Rosario Cammarota, Ron Keidar
-
Patent number: 9973485Abstract: Disclosed is a device that obtains and stores a secret key. The device may comprise a transceiver configured to: transmit a command for a secret key to a server; transmit an identifier to the server; and receive a wrapped secret key from the server. The device may further comprise: a storage device; and a processor. The processor may be coupled to the transceiver and the storage device and the processor may be configured to: receive the wrapped secret key from the transceiver; unwrap the wrapped secret key to obtain the secret key; and store the secret key in the storage device.Type: GrantFiled: April 13, 2017Date of Patent: May 15, 2018Assignee: QUALCOMM IncorporatedInventor: Ron Keidar
-
Publication number: 20180063079Abstract: A system for the maintenance and creation of security tunnels between IoT devices and IoT cloud servers, comprising the steps of receiving one or more packets from one or more IoT devices in a smart router, routing the one or more packets to an agent within the router, the agent performing one or more services on the one or more packets, routing the one or more packets to a WAN port of the router, and sending the one or more packets by a cloud secure tunnel to one or more IoT cloud servers. The system may have secure tunnels that are formed between the IoT devices using a unique password for each IoT device. The additional step of selectively stopping communication between the IoT devices and the router, wherein when the communication of one IoT device to the router is compromised, the remaining tunnels with unique passwords are integral.Type: ApplicationFiled: September 1, 2016Publication date: March 1, 2018Applicant: ZitoVault, Inc.Inventors: Gang Ding, Ron Keidar, Timothy McElwee
-
Patent number: 9836414Abstract: A processor for processing data from a buffer memory, implemented in hardware, may allow writing of output data, processed based on input data from at least one secure location associated with a secure address range of the buffer memory, to one or more secure locations associated with the secure address range. Further, the processor may block writing of output data, processed based on input data from at least one secure location associated with the secure address range, to one or more insecure locations associated with an insecure address range of the buffer memory.Type: GrantFiled: December 16, 2014Date of Patent: December 5, 2017Assignee: Qualcomm, IncorporatedInventors: Sudeep Kittilingal, Jayanth Mandayam, Ron Keidar
-
Publication number: 20170308705Abstract: Technologies for updating a processing device, where a first device image is stored in a first (non-volatile) memory. When a new second device image is received via a communication interface, a first boot of the device is performed and a boot loader performs security processing on the second device image. Once security processing has passed, the second device image is set as a trial image and executed. The executed image is monitored to determine if predetermined operational parameters in the device are met. If the parameters are met, the second device image is set as a current image and the first device image is deactivated. A second boot is performed to make the new image operational for the device and the anti-rollback version one-time programmable fuses are blown. If the parameters are not met, the device revers to the first device image.Type: ApplicationFiled: April 22, 2016Publication date: October 26, 2017Inventors: Chad Karaginides, Xu Guo, Eugen Pirvu, Dhaval Patel, Ron Keidar, Amit Shukla, Selvaraj Jaikumar, Yau Chu
-
Patent number: 9798887Abstract: Disclosed is an apparatus and method to securely activate or revoke a key. For example, the apparatus may comprise: a storage device to store a plurality of pre-stored keys; a communication interface to receive an activate key command and a certificate associated with one of the pre-stored keys; and a processor. The processor may be coupled to the storage device and the communication interface and may be configured to: implement the activate key command to reboot the apparatus with the pre-stored key and the certificate; and determine if the reboot is successful.Type: GrantFiled: August 26, 2015Date of Patent: October 24, 2017Assignee: QUALCOMM IncorporatedInventors: Ron Keidar, Yau Chu, Xu Guo
-
Patent number: 9779262Abstract: Disclosed is a method and apparatus to decrypt file segments in parallel. In one embodiment, an integrated circuit may be used with a storage device of a computing device that comprises: a hardware interface to communicate with the storage device; a crypto-engine to encrypt file segments to be stored on the storage device and to decrypt file segments read from the storage device; and a processor. The processor may be configured to: read a plurality of decrypted file segments from the storage device through the crypto-engine in parallel; and to store the plurality of decrypted file segments.Type: GrantFiled: April 20, 2015Date of Patent: October 3, 2017Assignee: QUALCOMM IncorporatedInventors: Ron Keidar, Osman Koyuncu, Assaf Shacham
-
Patent number: 9767063Abstract: System and method for providing adaptive access to a hardware block on a computer system.Type: GrantFiled: March 4, 2015Date of Patent: September 19, 2017Assignee: QUALCOMM IncorporatedInventors: Ron Keidar, Osman Koyuncu, Michael Batenburg
-
Publication number: 20170249183Abstract: System and method for providing adaptive access to a hardware block on a computer system.Type: ApplicationFiled: May 15, 2017Publication date: August 31, 2017Inventors: Ron KEIDAR, Osman KOYUNCU, Michael BATENBURG
-
Patent number: 9749141Abstract: A secure boot method includes: obtaining a certificate digest at a digest processor from a write-once, always-on memory; calculating a flash digest using the digest processor by cryptographically processing a sensitive information image; and comparing, using the digest processor, the flash digest with the certificate digest.Type: GrantFiled: September 25, 2015Date of Patent: August 29, 2017Assignee: QUALCOMM IncorporatedInventors: Ron Keidar, Eugen Pirvu, Jeff Smith
-
Publication number: 20170238235Abstract: According to embodiments the disclosure, a router management server may be utilized to manage a plurality of home routers. Appropriate access control rules may be determined by the router management server for various client devices including IoT devices based on the type and/or make/model of the client devices. MAC address-bound WLAN passphrases may be assigned to the client devices and bound to the MAC addresses associated the client devices. Further, WLAN passphrases may be associated with expiration periods and/or access control rules. Therefore, a secure home network environment that takes into account the vulnerabilities of IoT devices may be achieved without the involvement of an IT department. Moreover, embodiments of the disclosure improve the flexibility of WLAN passphrase management.Type: ApplicationFiled: February 17, 2016Publication date: August 17, 2017Inventors: Ron Keidar, Timothy McElwee
-
Publication number: 20170238236Abstract: According to embodiments the disclosure, a router management server may be utilized to manage a plurality of home routers. Appropriate access control rules may be determined by the router management server for various client devices including IoT devices based on the type and/or make/model of the client devices. MAC address-bound WLAN passphrases may be assigned to the client devices and bound to the MAC addresses associated the client devices. Further, WLAN passphrases may be associated with expiration periods and/or access control rules. Therefore, a secure home network environment that takes into account the vulnerabilities of IoT devices may be achieved without the involvement of an IT department. Moreover, embodiments of the disclosure improve the flexibility of WLAN passphrase management.Type: ApplicationFiled: May 24, 2016Publication date: August 17, 2017Inventors: Jack B. Miller, Ron Keidar, Timothy McElwee
-
Publication number: 20170238183Abstract: According to embodiments the disclosure, a router management server may be utilized to manage a plurality of home routers. Appropriate access control rules may be determined by the router management server for various client devices including IoT devices based on the type and/or make/model of the client devices. MAC address-bound WLAN passphrases may be assigned to the client devices and bound to the MAC addresses associated the client devices. Further, WLAN passphrases may be associated with expiration periods and/or access control rules. Therefore, a secure home network environment that takes into account the vulnerabilities of IoT devices may be achieved without the involvement of an IT department. Moreover, embodiments of the disclosure improve the flexibility of WLAN passphrase management.Type: ApplicationFiled: March 25, 2016Publication date: August 17, 2017Inventors: Ron Keidar, Timothy McElwee
-
Patent number: 9736536Abstract: Techniques for preventing circumvention of digital rights management protections on electronic content are provided. A method according to these techniques includes receiving a content stream, obtaining samples from the content stream, generating a histogram based on the samples from the content stream, classifying the content stream as including audio content or non-audio content based on the histogram, and modifying portions of the content stream responsive to classifying the content stream as including non-audio content. The content stream can be modified such that any video content included in the content stream would be rendered unplayable, while audio content included in the content stream remains playable.Type: GrantFiled: April 2, 2015Date of Patent: August 15, 2017Assignee: QUALCOMM IncorporatedInventors: Roberto Avanzi, Simo Petteri Kangaslampi, Ron Keidar, Chang-Kuk Choi
-
Publication number: 20170222994Abstract: Disclosed is a device that obtains and stores a secret key. The device may comprise a transceiver configured to: transmit a command for a secret key to a server; transmit an identifier to the server; and receive a wrapped secret key from the server. The device may further comprise: a storage device; and a processor. The processor may be coupled to the transceiver and the storage device and the processor may be configured to: receive the wrapped secret key from the transceiver; unwrap the wrapped secret key to obtain the secret key; and store the secret key in the storage device.Type: ApplicationFiled: April 13, 2017Publication date: August 3, 2017Inventor: Ron Keidar
-
Patent number: 9723351Abstract: This disclosure describes devices, systems and techniques relating to a dongle device that is designed to provide broadcast video capabilities to an electronic device. In one example, a dongle device is configured to communicatively couple to an electronic device, wherein the dongle device comprises a multimedia receiver that receives a broadcast that includes multimedia data, and a web server that communicates the multimedia data to a web browser of the electronic device.Type: GrantFiled: August 17, 2010Date of Patent: August 1, 2017Assignee: QUALCOMM IncorporatedInventors: Ron Keidar, Igor Malamant, Yitzhak Sabo, Tomer Rafael Ben-Chen
-
Publication number: 20170093586Abstract: Techniques for managing certificates on a computing device are provided. An example method according to these techniques includes receiving an image file comprising a hash value of a certificate on which a certificate action is to be performed, the certificate action being a revocation action or an activation action, the image file having been signed by a signing certificate, determining whether the image file has been signed by a valid certificate by comparing a hash value of the signing certificate to a plurality of hash values associated with certificates stored in a one-time programmable memory of the computing device, and performing the certificate action, responsive to the image file having been signed by the valid certificate and the certificate on which the certificate action is to be performed having been found in the memory, by setting a value of an indicator associated with the certificate in the memory.Type: ApplicationFiled: September 25, 2015Publication date: March 30, 2017Inventors: Maria MIRANDA, Qazi BASHIR, Satyajit PATNE, Ron KEIDAR