Patents Assigned to Irdeto B.V.
-
Patent number: 10241720Abstract: The invention relates to a computer-implemented method for providing content to a particular recipient device of a plurality of recipient devices. Copies of one or more content elements of the content are generated and one or more of the copies are modified to obtain modified copies of the content elements. The content elements, including the one or more modified copies of the content elements, are stored in a storage. Selection information is transmitted to the particular recipient device in response to a request for providing the content. The selection information prescribes to the recipient device the modified copy to be retrieved by the recipient device for substantially each content element for which a modified copy is available.Type: GrantFiled: September 8, 2011Date of Patent: March 26, 2019Assignee: IRDETO B.V.Inventors: Dmitri Jarnikov, Jeroen Mathias Doumen
-
Patent number: 10237065Abstract: There is described a chip for performing cryptographic operations. The chip comprises a key storage module, a rule storage module, an interface module and a cryptographic module. The key storage module is configured to store one or more cryptographic keys. The rule storage module is configured to store one or more rules, each rule comprising respective rule data, the rule data identifying a respective predetermined cryptographic operation associated with the rule and further identifying at least one of the one or more cryptographic keys to be used in the respective predetermined cryptographic operation. The interface module is configured to receive a rule execution request, wherein the rule execution request comprises a rule identifier to identify a specific rule of the one or more rules to be executed. The cryptographic module is configured to execute the specific rule so as to perform the respective predetermined cryptographic operation in response to the rule execution request.Type: GrantFiled: March 31, 2014Date of Patent: March 19, 2019Assignee: Irdeto B.V.Inventors: Hans Dekker, Vladimir Zivkovic
-
Publication number: 20190073562Abstract: A method for identifying an object within a video sequence, wherein the video sequence comprises a sequence of images, wherein the method comprises, for each of one or more images of the sequence of images: using a first neural network to determine whether or not an object of a predetermined type is depicted within the image; and in response to the first neural network determining that an object of the predetermined type is depicted within the image, using an ensemble of second neural networks to identify the object determined as being depicted within the image.Type: ApplicationFiled: September 6, 2017Publication date: March 7, 2019Applicant: IRDETO B.V.Inventors: Milosh Stolikj, Dmitri Jarnikov
-
Patent number: 10212387Abstract: There are described methods and apparatus for scrambling digital content, such as video or audio content, by dividing the digital content into blocks set out in an original arrangement, and reordering the blocks from the original arrangement to a scrambled arrangement. Additional manipulation transforms such as rotations and reflections may be applied to individual blocks. A subsequent compression step may then be carried out. Methods and apparatus for carrying out corresponding descrambling of digital content are also described.Type: GrantFiled: March 28, 2013Date of Patent: February 19, 2019Assignee: IRDETO B.V.Inventors: Annie Liu, Catherine Chambers, Luc Martel, Martin Soukup
-
Patent number: 10185837Abstract: A flexible software library in which the software modules are defined as an abstract intermediate representation. The flexible library allows security transformation and performance attribute selections to be made by the end-user, rather than the library creator. Furthermore, since the flexible library contains an abstract representation of the software modules, the library can also be provisioned to contain an arbitrary number of named instances, representing specific sets of values for security and performance decisions, along with the corresponding native object-code resulting from those decisions. This permits distribution of software modules in a completely platform-independent manner while avoiding the disclosure of proprietary information, such as source-files.Type: GrantFiled: October 8, 2017Date of Patent: January 22, 2019Assignee: IRDETO B.V.Inventors: Grant Stewart Goodes, Clifford Liem
-
Publication number: 20180373849Abstract: A method for securing a webpage or a webapp processed by a browser executing on a client system, the method comprising the browser executing an instance of white-box protected code, wherein execution of the instance of white-box protected code causes the client system to: generate a message comprising message data for use by a control system to perform one or more security tests, the control system communicably connected to the client system via a network; send the message to the control system to enable the control system to perform the one or more security tests using the message data; receive a response from the control system based, at least in part, on the message; and process the response.Type: ApplicationFiled: December 14, 2016Publication date: December 27, 2018Applicant: IRDETO B.V.Inventors: Benjamin Geoffrey GIDLEY, Catherine Chambers, Yaser EFTEKHARI ROOZBEHANI, Yegui CAI, Yuan Xiang GU
-
Publication number: 20180357391Abstract: A method for accessing content at a device, wherein the device is arranged to execute a digital rights management (DRM) client of a DRM system and wherein the device is arranged to receive a broadcast signal comprising a plurality of encrypted portions of content for an item of content, each encrypted portion being packaged in a format of a conditional access system and being decryptable using a corresponding decryption key, wherein the method comprises an application executing on the device performing the steps of: for each of one or more of the encrypted portions: converting said encrypted portion from being packaged in the format of the conditional access system to being packaged in a format of the DRM system; providing said encrypted portion is packaged in the format of the DRM system to the DRM client; and either (a) providing a rights object according to the DRM system to the DRM client or (b) triggering the DRM client to obtain a rights object according to the DRM system; wherein the rights object corrType: ApplicationFiled: March 30, 2016Publication date: December 13, 2018Applicant: IRDETO B.V.Inventor: Hans DEKKER
-
Patent number: 10127387Abstract: A secure and fault-tolerant, or variation-tolerant, method and system to turn a set of N shares into an identifier even when only M shares from this set have a correct value. A secret sharing algorithm is used to generate a number of candidate identifiers from subsets of shares associated with asset parameters of a collection of assets. The most frequently occurring candidate identifier is then determined to be the final identifier. The method has particular applicability in the fields of node locking and fingerprinting.Type: GrantFiled: March 15, 2011Date of Patent: November 13, 2018Assignee: IRDETO B.V.Inventors: Philip Alan Eisen, Michael James Wiener, Grant Stewart Goodes, James Muir
-
Patent number: 10127390Abstract: There is provided a method of performing a cryptographic algorithm in software, the cryptographic algorithm comprising one or more processing steps, wherein each processing step is arranged to process a respective input to the processing step so as to generate an output corresponding to the input, characterized in that, for each of at least one of the one or more processing steps, the method comprises: providing a respective input for the processing step as an input to a plurality of implementations of the processing step, wherein each implementation is arranged to output a corresponding intermediate result represented using a respective predetermined output representation; and using the representation of the intermediate results to generate a result for the processing step that is based on each of the intermediate results, wherein, if each intermediate result is the output that corresponds to the input for the processing step then the result for the processing step is the output that corresponds to the inputType: GrantFiled: March 27, 2013Date of Patent: November 13, 2018Assignee: IRDETO B.V.Inventor: Michael Wiener
-
Patent number: 10120999Abstract: A system and method is provided for implementing platform security on a consumer electronic device having an open development platform. The device is of the type which includes an abstraction layer operable between device hardware and application software. A secured software agent is provided for embedding within the abstraction layer forming the operating system. The secured software agent is configured to limit access to the abstraction layer by either blocking loadable kernel modules from loading, blocking writing to the system call table or blocking requests to attach debug utilities to certified applications or kernel components.Type: GrantFiled: June 19, 2017Date of Patent: November 6, 2018Assignee: IRDETO B.V.Inventor: Ron Vandergeest
-
Publication number: 20180295512Abstract: The invention enables a software application to be executed on a mobile station in dependence of a SIM. Challenge data originating from the software application is input to the SIM to generate first response data using a security function of the SIM. The software application is enabled to be executed in dependence of the first response data. In addition, the challenge data may be transmitted to a verification server for the generation of second response data in dependence of the challenge data and possibly using an authentication center. The software application is then enabled to be executed in further dependence of the second response data.Type: ApplicationFiled: April 4, 2018Publication date: October 11, 2018Applicant: IRDETO B.V.Inventor: Jeroen Mathias Doumen
-
Publication number: 20180287878Abstract: There is described a method of monitoring a peer-to-peer network. The method comprises: (i) monitoring network traffic between a first peer and the peer-to-peer network so as to identify a first subset of peers in the peer-to-peer network; and (ii) preventing the first peer from communicating with at least one peer in the first subset of peers to thereby cause the first peer to communicate with at least one further peer in the peer-to-peer network so as to enable identification of the at least one further peer.Type: ApplicationFiled: March 30, 2015Publication date: October 4, 2018Applicant: IRDETO B.V.Inventor: Dmitri Jarnikov
-
Patent number: 10089495Abstract: There is described a method of obfuscating access to a data store by a software application. The method comprises accessing the data store using access operations. The access operations comprise real access operations and dummy access operations. Each real access operation is operable to access the data store as part of the execution of the software application. There is also described a computer program which, when executed by a processor, causes the processor to carry out the above method. There is also described a computer readable medium storing the above computer program. There is also described a system configured to carry out the above method.Type: GrantFiled: March 28, 2013Date of Patent: October 2, 2018Assignee: IRDETO B.V.Inventors: Calin Ciordas, Fan Zhang
-
Patent number: 10069810Abstract: There is described a method of enabling a content receiver to access encrypted content, the content receiver forming part of a home network. The method comprises executing, on a device that also forms part of the home network, a key provisioning application. The method further comprises the key provisioning application receiving a key provisioning message and, based on the key provisioning message, providing to the content receiver via the home network one or more content decryption keys for decrypting the encrypted content. There is also described a device arranged to carry out this method. In addition, there is described a content receiver arranged to (a) receive from the aforementioned device, via a home network, one or more content decryption keys for accessing encrypted content; and (b) decrypt encrypted content using the one or more content decryption keys. Related computer programs and computer readable mediums are also described.Type: GrantFiled: March 18, 2014Date of Patent: September 4, 2018Assignee: IRDETO B.V.Inventors: Wim Mooij, Graham Kill, Chunming Qie, Michiel Willemsen
-
Publication number: 20180232502Abstract: The invention provides a method, a hardware circuit and a hardware device for enabling a software application to be executed on a hardware device in dependence of the hardware circuit, while preventing the execution of a binary copy of the application in another hardware device. Challenge data originating from the software application is input to a hardware circuit of the hardware device, wherein the hardware circuit is configured to perform a deterministic function. Response data is generated by the hardware device, which is used to manipulate at least a part of the software application to thereby enable the software application to be executed.Type: ApplicationFiled: January 19, 2018Publication date: August 16, 2018Applicant: IRDETO B.V.Inventor: Jeroen Mathias Doumen
-
Patent number: 10013553Abstract: There is provided a method of protecting the execution of a software application, the method performed by a plurality of processes comprising a process for executing the software application and a plurality of protection processes, wherein each protection process in the plurality of protection processes is configured to: monitor a process state of at least one other process in the plurality of processes to determine whether said process state corresponds to a predetermined process state; and perform a predetermined action in response to a determination that said process state corresponds to the predetermined process state; wherein the plurality of protection processes are configured such that a process state of the process for executing the software application is monitored by at least one protection process and a process state of each protection process is monitored by at least one other protection process in the plurality of protection processes.Type: GrantFiled: March 27, 2013Date of Patent: July 3, 2018Assignee: IRDETO B.V.Inventors: Yunpeng Li, Chunming Qie
-
Publication number: 20180165226Abstract: A method for executing a process on a device, the device comprising one or more processors for executing the process and a memory, wherein the process has an associated first type of privilege, the method comprising: obtaining a portion of the memory for use by the process or for use by a further process being created by the process, wherein the portion of the memory is identified as both writable and executable memory, wherein the portion of the memory has an associated second type of privilege that is different from the first type of privilege.Type: ApplicationFiled: September 10, 2014Publication date: June 14, 2018Applicant: IRDETO B.V.Inventor: Robert KRTEN
-
Patent number: 9979989Abstract: There is disclosed a head-end system in which differently processed copies of content portions are reordered such that copies from different content portions are not interleaved in the final transport stream.Type: GrantFiled: April 4, 2016Date of Patent: May 22, 2018Assignee: IRDETO B.V.Inventor: Andrew Augustine Wajs
-
Patent number: 9973927Abstract: The invention enables a software application to be executed on a mobile station in dependence of a SIM. Challenge data originating from the software application is input to the SIM to generate first response data using a security function of the SIM. The software application is enabled to be executed in dependence of the first response data. In addition, the challenge data may be transmitted to a verification server for the generation of second response data in dependence of the challenge data and possibly using an authentication center. The software application is then enabled to be executed in further dependence of the second response data.Type: GrantFiled: March 21, 2012Date of Patent: May 15, 2018Assignee: IRDETO B.V.Inventor: Jeroen Mathias Doumen
-
Patent number: 9967089Abstract: A secure and change-tolerant method for obtaining an identifier for a collection of assets associated with a computing environment. Each asset has an asset parameter and the computing environment has a fingerprint based on an original collection of assets and on a codeword generation algorithm on the original collection of assets. The method comprises: retrieving the asset parameters of the collection of assets and processing the retrieved asset parameters to obtain code symbols. An error-correction algorithm is applied to the code symbols to obtain the identifier. The method can be used in node-locking.Type: GrantFiled: March 15, 2011Date of Patent: May 8, 2018Assignee: IRDETO B.V.Inventors: Fan Zhang, Andrew Augustine Wajs