Abstract: A system for secure data protection and encryption for computing devices. The present invention includes a fast encryption technique for quickly ensuring that the correct binding parameters are used for an encrypted data file. The encrypted file is used in two ways. Because unsecure data could pass through a peripheral device to gain access to a secure computing environment, a dongle housing encryption and decryption subsystems is placed in between the unsecure sources and the peripheral that can encrypt and decrypt data intended for the secure computing environment. The firmware of the computing device can be updated by dividing the update file into encrypted segments that are verified on the device and placed into non-volatile memory. When all parts have been received, decrypted, and written into memory, the device reboots using the updated firmware.

Abstract: A method for verifying a set of policy instructions to be used by a policy decision point (PDP) in adjudicating access requests to protected resources. The policy instructions are in the form of Horn clauses or conditional tag-expressions that are validated against a known test policy or desired outcome. The policy instructions are then compiled into aggregate form. When a plurality of policy instructions creates a conflict, the policy instructions are hierarchically organized to resolve said conflict.

Abstract: A system for controlling file access on a mobile computing device. Policy conditions are held at a policy decision point (PDP) and can be dynamically modified at run-time. Access requests to a file or set of files are intercepted by an agent that subsequently brokers the adjudication of said request via a secure, encrypted and hidden back-channel where the requestor is never allowed access to or knowledge of either the adjudication process or the parameters associated with adjudication. The PDP then returns either an access approval or denial based on said policy conditions.

Abstract: Systems and methods are described for utilizing a secure environment on a mobile computing device for applying policy-based decision management in response to access requests from untrusted areas. A policy decision processor (PDP) within the secure environment provides a policy decision in response to an access query. A decision cache within the secure environment can be used to store policy decisions for faster resolution of access requests. Policy enforcement points (PEPs) are placed between external devices that are trying to access the device and the secured environment, where the PEPs are used to enforce the policy-based decision, and can be located either inside or outside the secure environment. Decision certificates can be formulated using validity information and timestamps, and used for validation policy certificates. Memory in non-secure areas can also be marked (colored) for use in performing trusted operations in order to optimize system resource usage.

Abstract: A system for performing coincident boot of computing devices having non-volatile memory and secure and non-secure partitions on the same System on Chip (SoC) or on a similarly capable computing device with secure division and separation of sensitive memory resources, secure protection of intellectual property during boot and post-boot, and support for secure interoperations between secure and non-secure states. The system packages components of the boot loader into a single signed and encrypted package. That package is loaded into the non-secure memory where it is verified before being extracted to the secure partition.

Abstract: A system and method for secure access to computing services in trusted computing environments. The present invention facilitates the execution of services in a secure environment by unsecure requestors where the requestor has no visibility into the secure environment. A remote service creates an encrypted data bundle (EDB) consisting of the request and associated data and transmits the EDB to the unsecure requestor. The EDB is then transmitted to the Trusted Service Receiver (TSR) in the secure environment that decrypts the EDB and determines if the request is valid and permissible. If valid and permissible, the TSR determines what secure service will be required and Trusted Services (TS) are invoked. TSR then collects results from each TS invoked and transmits the result according to the instructions in the request.

Abstract: A system and methods for context-aware and situation-aware secure, policy-based access control for computing devices. The invention enhances the previously disclosed policy-based control system by adding contextual information to the set of resources by which a policy decision point can adjudicate a query to execute a transaction or to access a secure resource. Policy information points are able to store information collected over time related to resources under the control of the system. The system can further include an analytical processing engine capable of inferring new information from existing information that also can be used by the decision points. The policy information points provide context to the decision. They are also able to consider and include information that is external to the system or detected outside the system itself.

Abstract: A system and method for hardware implementations of policy-based secure computing environments for Internet enabled devices. The present invention facilitates a secure computing environment for any Internet enabled device where policy rules can be described as hardware components that allow or deny access to resources on the device. A compiler produces a hardware description language (HDL) of the hardware components based on given policy rules for that component. The system may be partially or completely implemented in hardware to address inherent limitations of a software only solution. The invention provides greater flexibility to the overall system in terms of performance, security, and expressiveness of the policy rules that must be executed.

Abstract: A system for policy-managed secure code execution and messaging for computing devices where each trusted application is managed independently of others and is not visible to unauthorized inspection or execution. If a file bundle received by the system contains metadata concerning the context of the file or its execution, the metadata is decrypted if necessary. If the file bundle containing the executable code is encrypted, its key is stored in a policy server to await adjudication of the request to execute. If the policy server allows execution of the executable code, the key stored in the policy server is used to decrypt the file bundle and the resulting executable code is stored as a trusted application in secure memory. Future requests to execute the trusted application are adjudicated by the policy server and enforced by the exclusive policy execution point associated with that trusted application in secure memory.

Abstract: A system and method for policy-based active Data Loss Prevention (DLP) using a two-step process to first determine if an attempt to access a data object is governed by DLP policy, and if so, then applying the DLP policy to either allow or deny access. Attempts by an agent to access, create, modify, or distribute a data object are trapped by a policy execution point. A first query determines if DLP policies govern that access request. If they do, then the metadata is decrypted to form a second query to a policy decision point to adjudicate the access request. If the access request is allowed, then a second key is provided to decrypt the data object for further processing. The system further provides for the encryption of unencrypted data objects to protect them for all future access queries.

Abstract: Systems and methods for secure, policy-based, access control and management of mobile computing devices, including policy decision enforcement mechanisms, device and private network presence testing, aspects of file system controls, policy set sanity checking algorithms, performance optimizations.

Abstract: Policy-based client-server systems and methods for attestation in managing and securing mobile computing devices. Attestation provides the means to make efficient, secure, and reproducible use of knowledge possessed by trusted expert parties and authorities within the expression and enforcement of policies for controlling use of, and access to, onboard software and hardware, network capabilities, and remote assets and services. Aspects of secure attestation of applications that use shared and dynamically loaded libraries are presented, as well as potential business models for attestation used in such a policy-based system. The system of the present invention resolves attestation record conflicts using digital certificates and digital signatures.

Abstract: An autonomous and adaptive method and system for secure, policy-based control of remote and locally controlled computing devices. The invention uses a policy-based access control mechanism to achieve adaptive and dynamic behavior modification based on the context of the local operating environment of the computing device. The modification system assesses the desirability of actions or outcomes as determined by the policy rules and modifies them accordingly, thus altering the behavior of the computing device. The system can utilize a machine learning technique, pattern matching and heuristic evaluation. When applied to the control of robotic and autonomous devices, the system allows the robot to offload adjudication to a remote system and also facilitates cooperative behaviors between robots operating in dynamic environments.

Abstract: The invention pertains to a system and method to display contextual information, including data and messaging, based on a secure, policy-managed set of instructions for selecting, distributing, and presenting information on a device. The system accepts one or more streams of contextual information in any digital form from one or more data sources. The contextual information is assessed via a set of policy instructions that may include time, location, hierarchy of ownership, type of contextual information, assessed importance of the contextual information, and display availability. Only approved contextual information is transmitted to the device for display.

Abstract: Policy-based client-server systems and methods for attestation in managing and securing mobile computing devices. Attestation provides the means to make efficient, secure, and reproducible use of knowledge possessed by trusted expert parties and authorities within the expression and enforcement of policies for controlling use of, and access to, onboard software and hardware, network capabilities, and remote assets and services. Aspects of secure attestation of applications that use shared and dynamically loaded libraries are presented, as well as potential business models for attestation used in such a policy-based system.