Patents by Inventor Sara Bitan-Erlich
Sara Bitan-Erlich has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20220182229Abstract: One of the main obstacles of securing industrial control systems is the lack of an appropriate security model that is both implementable by vendors and addresses the inherent security and usability issues needed by organizations. Current solutions such as device passwords and IPSec lack scalable key management infrastructure and fine granularity access control mechanisms. A security model for industrial control systems that supports organizational level authorizations and authentication requirements, while hiding the low-level details (e.g., keys and passwords) from the users is disclosed. It also enables easy addition and removal of PLCs, engineering station, HMI devices and users, and assigning permission to them. A major advantage is its support for hybrid ICS systems, characterized by co-existence of legacy devices and new devices, while using the same protocol. Devices may communicate therein either natively, or by a connected converter.Type: ApplicationFiled: December 7, 2021Publication date: June 9, 2022Applicant: Technion Research & Development Foundation LimitedInventors: Eli BIHAM, Sara BITAN-ERLICH, Alon DANKNER
-
Patent number: 11245550Abstract: A system for authenticating messages transmitted on a bus based on physical location of transmitting units, comprising a reflector adapted to inject a plurality of reflection signals at a first point of a line topology bus, each in response to each of a plurality of messages transmitted by a plurality of bus connected units and a probe adapted to intercept the messages and the reflection signals at a second point of the bus. The probe calculates propagation timing between a reception time of the message and a reception time of an associated reflection signal transmitted in response to the message and determines validity of the message according to a match between the calculated propagation timing and a predefined propagation timings associated with the bus connected units. Wherein the bus connected units are statically connected to the bus between the first point and the second point.Type: GrantFiled: December 18, 2018Date of Patent: February 8, 2022Assignee: Technion Research & Development Foundation LimitedInventors: Eli Biham, Eli Gavril, Sara Bitan-Erlich
-
Publication number: 20200403825Abstract: A system for authenticating messages transmitted on a bus based on physical location of transmitting units, comprising a reflector adapted to inject a plurality of reflection signals at a first point of a line topology bus, each in response to each of a plurality of messages transmitted by a plurality of bus connected units and a probe adapted to intercept the messages and the reflection signals at a second point of the bus. The probe calculates propagation timing between a reception time of the message and a reception time of an associated reflection signal transmitted in response to the message and determines validity of the message according to a match between the calculated propagation timing and a predefined propagation timings associated with the bus connected units. Wherein the bus connected units are statically connected to the bus between the first point and the second point.Type: ApplicationFiled: December 18, 2018Publication date: December 24, 2020Applicant: Technion Research & Development Foundation LimitedInventors: Eli BIHAM, Eli GAVRIL, Sara BITAN-ERLICH
-
Patent number: 8369526Abstract: Device, system, and method of executing secure-processing (SEP) applications. Some demonstrative embodiments include a secure-processing (SEP) hardware module including a processor capable of executing at least one SEP application, wherein the SEP hardware module is configured to perform at least one of encrypting and decrypting data handled by the SEP application using an application-specific application-key corresponding to the SEP application, only if the processor begins execution of the SEP application at an approved entry point of the SEP application, and wherein the application-key corresponding to the SEP application is based at least on an internal key internally stored by the SEP hardware module and on application-specific information corresponding to the SEP application. Other embodiments are described and claimed.Type: GrantFiled: February 12, 2009Date of Patent: February 5, 2013Assignee: Discretix Technologies Ltd.Inventors: Hagai Bar-El, Sara Bitan-Erlich
-
Patent number: 7653200Abstract: A multiple entity gateway for supporting cellular authentication from a non-cellular network, the gateway comprising a plurality of entities each located at a different one of a plurality of secure zones and having at least one gap between said entities across said secure zones, said gateway being configured to predefine communication signals allowed across said gap between said entities, thereby to filter out non-allowed signals, and provide secure cellular authentication for a communication originating from said non-cellular network. The gateway allows cellular users to connect to a cellular network via a wireless local area network such as a hotspot, use the services of the cellular network, the Internet and the hotspot at will, and be securely authenticated and charged through the cellular infrastructure.Type: GrantFiled: March 13, 2003Date of Patent: January 26, 2010Assignee: Flash Networks LtdInventors: Yair Karmi, Sara Bitan-Erlich, Stuart Jeffery, Eyal Katz, Yaron Peleg
-
Publication number: 20090202078Abstract: Device, system, and method of executing secure-processing (SEP) applications. Some demonstrative embodiments include a secure-processing (SEP) hardware module including a processor capable of executing at least one SEP application, wherein the SEP hardware module is configured to perform at least one of encrypting and decrypting data handled by the SEP application using an application-specific application-key corresponding to the SEP application, only if the processor begins execution of the SEP application at an approved entry point of the SEP application, and wherein the application-key corresponding to the SEP application is based at least on an internal key internally stored by the SEP hardware module and on application-specific information corresponding to the SEP application. Other embodiments are described and claimed.Type: ApplicationFiled: February 12, 2009Publication date: August 13, 2009Inventors: Hagai BAR-EL, Sara BITAN-ERLICH
-
Publication number: 20080263130Abstract: A system and apparatus for content delivery to storage. Delivery may be performed according to content types, which may be, for example, content object identifier, a flow of content objects, and store channel levels. Delivery may be performed according to a virtual network defined over a physical network infrastructure and further using peer-to-peer, multicast and/or unicast protocols.Type: ApplicationFiled: March 13, 2008Publication date: October 23, 2008Inventors: Nir MICHALOWITZ, Sara Bitan-Erlich, Ronen Hod, Itamar Gilad, Yechiam Yemini, Amit Shaked, Roni Rosen, Baruch Even, Rennen Hallak
-
Publication number: 20080215437Abstract: A system, method, and apparatus for downloading advertisements, storing advertisements on a storage device, selecting advertisements for presentation, and presenting selected advertisements. In some embodiments of the invention, advertisements may be dynamically associated and presented in coordination with content according to predefined parameters, stored information, and other criteria. Advertisement credits may be allocated in exchange for advertisement consumption. Advertisements and other information may be exchanged with remote servers. Other embodiments are described and claimed.Type: ApplicationFiled: January 29, 2008Publication date: September 4, 2008Inventors: Jimmy Levy, Nir Michalowitz, Ronen Hod, Itamar Gilad, Sivan Perry Tafla, Yechiam Yemini, Sara Bitan-Erlich
-
Publication number: 20080208715Abstract: According to embodiments of the present invention, a user's local storage system may be used to create a virtual personal mall comprising one or more virtual personal stores and configured for purchasing products by one or several providers. The virtual personal store and/or virtual personal mall may be organized in virtual shelves. Each virtual shelf may contain a group of products with one or more common properties, for example, books by a certain author and/or published by a certain publisher, and/or supplied by the same virtual personal store provider, etc. The groups may be defined by the virtual personal store provider and/or by the user and/or by a group of users.Type: ApplicationFiled: February 27, 2008Publication date: August 28, 2008Inventors: Ronen HOD, Itamar Gilad, Yechiam Yemini, Sivan Perry Tafla, Jimmy Levy, Nir Michalowitz, Shirley Grill, Sara Bitan-Erlich
-
Publication number: 20050124288Abstract: A multiple entity gateway for supporting cellular authentication from a non-cellular network, the gateway comprising a plurality of entities each located at a different one of a plurality of secure zones and having at least one gap between said entities across said secure zones, said gateway being configured to predefine communication signals allowed across said gap between said entities, thereby to filter out non-allowed signals, and provide secure cellular authentication for a communication originating from said non-cellular network. The gateway allows cellular users to connect to a cellular network via a wireless local area network such as a hotspot, use the services of the cellular network, the Internet and the hotspot at will, and be securely authenticated and charged through the cellular infrastructure.Type: ApplicationFiled: March 13, 2003Publication date: June 9, 2005Inventors: Yair Karmi, Sara Bitan-Erlich, Stuart Jeffery, Eyal Katz, Yaron Peleg