Abstract: A method of providing user data privacy for smart devices in a user's home uses a network of smart home routers to route encrypted data packets from the smart devices instead of sending them directly to a cloud-based service. An onion routing network for protecting the privacy of smart devices uses a plurality of smart home routers and an allowlist of domains accessed by smart devices to decide which data packets are routed through the network.

Abstract: Apparatus and method securely transfer first data from a source device to a target device. A wireless signal having (a) a higher speed channel conveying second data and (b) a lower speed channel conveying the first data is transmitted. The lower speed channel is formed by selectively transmitting the wireless signal from one of a first and second antennae of the source device based upon the first data. The first and second antenna are positioned a fixed distance apart and the target device uses a received signal strength indication (RSSI) of the first signal to decode the lower speed channel and receive the first data.

Abstract: A system and method for authenticating users of a digital device includes an authentication device attached to an authorized user. The authentication device includes one or more motion sensors and acts as a user identity token. To authenticate with a digital device, the user performs one or more interactions with the digital device using the hand associated with the authentication device. The digital device correlates the inputs received due to the interactions with the user's hand and/or wrist movement, as measured by the authentication device. Access to the digital device is allowed if the inputs and movements are correlated.

Abstract: A wearable device for detecting eating episodes uses a contact microphone to provide audio signals through an analog front end to an analog-to-digital converter to digitize the audio and provide digitized audio to a processor; and a processor configured with firmware in a memory to extract features from the digitized audio. A classifier determines eating episodes from the extracted features. In embodiments, messages describing the detected eating episodes are transmitted to a cell phone, insulin pump, or camera configured to record video of the wearer's mouth.

Abstract: A secure, integrated data system and method users both blockchain and Trusted Execution Environment (TEE) technologies to achieve information provenance for data, particularly, mobile health device data. Using a blockchain to record and enforce data access policies removes the need to trust a single entity with gatekeeping the health data. Instead, participants form a consortium and collectively partake in verifying and enforcing access policies for data stored in private data silos. Data access and computation takes place inside of TEEs, which preserves data confidentiality and provides a verifiable attestation that can be stored on the blockchain for the purpose of information provenance.

Abstract: A system and method for authenticating users of a digital device includes an authentication device attached to an authorized user. The authentication device includes one or more motion sensors and acts as a user identity token. To authenticate with a digital device, the user performs one or more interactions with the digital device using the hand associated with the authentication device. The digital device correlates the inputs received due to the interactions with the user's hand and/or wrist movement, as measured by the authentication device. Access to the digital device is allowed if the inputs and movements are correlated.

Abstract: Apparatus and method securely transfer first data from a source device to a target device. A wireless signal having (a) a higher speed channel conveying second data and (b) a lower speed channel conveying the first data is transmitted. The lower speed channel is formed by selectively transmitting the wireless signal from one of a first and second antennae of the source device based upon the first data. The first and second antenna are positioned a fixed distance apart and the target device uses a received signal strength indication (RSSI) of the first signal to decode the lower speed channel and receive the first data.

Abstract: A system has a first electronic device with optical sensor, digital radio transceiver, and processor with firmware; this device is typically portable or wearable. The system also has a computerized device with a display, a second digital radio transceiver, and a second processor with firmware. The first and computerized devices are configured to set up a digital radio link when in radio range. The second processor uses a spot on the display to optically transmit a digital message including a secret such as an encryption key or subkey and/or an authentication code adapted for authenticating an encrypting the radio link. The first device receives the digital message via its optical sensor, and uses the digital message to validate and establish encryption on the radio link. In embodiments, the system determines a location of the first device on the display and positions the transmission spot at the determined location.

Abstract: Apparatus and method securely transfer first data from a source device to a target device. A wireless signal having (a) a higher speed channel conveying second data and (b) a lower speed channel conveying the first data is transmitted. The lower speed channel is formed by selectively transmitting the wireless signal from one of a first and second antennae of the source device based upon the first data. The first and second antenna are positioned a fixed distance apart and the target device uses a received signal strength indication (RSSI) of the first signal to decode the lower speed channel and receive the first data.

Abstract: Apparatus and method securely transfer first data from a source device to a target device. A wireless signal having (a) a higher speed channel conveying second data and (b) a lower speed channel conveying the first data is transmitted. The lower speed channel is formed by selectively transmitting the wireless signal from one of a first and second antennae of the source device based upon the first data. The first and second antenna are positioned a fixed distance apart and the target device uses a received signal strength indication (RSSI) of the first signal to decode the lower speed channel and receive the first data.

Abstract: A technique performs a security operation. The technique includes receiving first activity data from a mobile device, the first activity data identifying activity by a user that is currently using the mobile device. The technique further includes receiving second activity data from an electronic wearable apparatus, the second activity data identifying physical activity by a wearer that is currently wearing the electronic wearable apparatus. The technique further includes, based on the first activity data received from the mobile device and the second activity data received from the electronic wearable apparatus, performing an assessment operation that provides an assessment result indicating whether the user that is currently using the mobile device and the wearer that is currently wearing the electronic wearable apparatus are the same person. With such a technique, authentication may be continuous but without burdening the user to repeatedly re-enter a password.

Abstract: A wearable master electronic device (Amulet) has a processor with memory, the processor coupled to a body-area network (BAN) radio and uplink radio. The device has firmware for BAN communications with wearable nodes to receive data, and in an embodiment, send configuration data. The device has firmware for using the uplink radio to download apps and configurations, and upload data to a server. An embodiment has accelerometers in Amulet and wearable node, and firmware for using accelerometer readings to determine if node and Amulet are worn by the same subject. Other embodiments use pulse sensors or microphones in the Amulet and node to both identify a subject and verify the Amulet and node are worn by the same subject. Another embodiment uses a bioimpedance sensor to identify the subject. The wearable node may be an insulin pump, chemotherapy pump, TENS unit, cardiac monitor, or other device.

Abstract: A system and method for authenticating and continuously verifying authorized users of a digital device includes an authentication device attached to an arm or wrist of authorized users. The authentication device has an accelerometer, digital radio, a processor configured to provide identity information over the radio, and to transmit motion data. The motion data is received by the digital device and the identity transmitted is verified as an identity associated with an authorized user. Input at a touchscreen, touchpad, mouse, trackball, or keyboard of the digital device is detected, and correlated with the motion data. Access to the digital device is allowed if the detected input and the detected motion data correlate, and disallowed otherwise.

Abstract: A system has a first electronic device with optical sensor, digital radio transceiver, and processor with firmware; this device is typically portable or wearable. The system also has a computerized device with a display, a second digital radio transceiver, and a second processor with firmware. The first and computerized devices are configured to set up a digital radio link when in radio range. The second processor uses a spot on the display to optically transmit a digital message including a secret such as an encryption key or subkey and/or an authentication code adapted for authenticating an encrypting the radio link. The first device receives the digital message via its optical sensor, and uses the digital message to validate and establish encryption on the radio link. In embodiments, the system determines a location of the first device on the display and positions the transmission spot at the determined location.

Abstract: A wearable master electronic device (Amulet) has a processor with memory, the processor coupled to a body-area network (BAN) radio and uplink radio. The device has firmware for BAN communications with wearable nodes to receive data, and in an embodiment, send configuration data. The device has firmware for using the uplink radio to download apps and configurations, and upload data to a server. An embodiment has accelerometers in Amulet and wearable node, and firmware for using accelerometer readings to determine if node and Amulet are worn by the same subject. Other embodiments use pulse sensors or microphones in the Amulet and node to both identify a subject and verify the Amulet and node are worn by the same subject. Another embodiment uses a bioimpedance sensor to identify the subject. The wearable node may be an insulin pump, chemotherapy pump, TENS unit, cardiac monitor, or other device.

Abstract: A wearable master electronic device (Amulet) has a processor with memory, the processor coupled to a body-area network (BAN) radio and uplink radio. The device has firmware for BAN communications with wearable nodes to receive data, and in an embodiment, send configuration data. The device has firmware for using the uplink radio to download apps and configurations, and upload data to a server. An embodiment has accelerometers in Amulet and wearable node, and firmware for using accelerometer readings to determine if node and Amulet are worn by the same subject. Other embodiments use pulse sensors or microphones in the Amulet and node to both identify a subject and verify the Amulet and node are worn by the same subject. Another embodiment uses a bioimpedance sensor to identify the subject. The wearable node may be an insulin pump, chemotherapy pump, TENS unit, cardiac monitor, or other device.

Abstract: A system and method for authenticating and continuously verifying authorized users of a digital device includes an authentication device attached to an arm or wrist of authorized users. The authentication device has an accelerometer, digital radio, a processor configured to provide identity information over the radio, and to transmit motion data. The motion data is received by the digital device and the identity transmitted is verified as an identity associated with an authorized user. Input at a touchscreen, touchpad, mouse, trackball, or keyboard of the digital device is detected, and correlated with the motion data. Access to the digital device is allowed if the detected input and the detected motion data correlate, and disallowed otherwise.

Abstract: A wearable master electronic device (Amulet) has a processor with memory, the processor coupled to a body-area network (BAN) radio and uplink radio. The device has firmware for BAN communications with wearable nodes to receive data, and in an embodiment, send configuration data. The device has firmware for using the uplink radio to download apps and configurations, and upload data to a server. An embodiment has accelerometers in Amulet and wearable node, and firmware for using accelerometer readings to determine if node and Amulet are worn by the same subject. Other embodiments use pulse sensors or microphones in the Amulet and node to both identify a subject and verify the Amulet and node are worn by the same subject. Another embodiment uses a bioimpedance sensor to identify the subject. The wearable node may be an insulin pump, chemotherapy pump, TENS unit, cardiac monitor, or other device.

Abstract: Methods and structure for dynamically tailoring selection of rich content for recommendation to a user wherein the recommendation process determines recommendations in accordance with past user selections. A server process (102) provides lists of recommended content to a client process (100), through a WAN (104), associated with an identified user. The user on the client process (100) then selects content and provides the server process (102) with a rating through the user feedback input (112).