Patents by Inventor Dominique Bolignano
Dominique Bolignano has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11734428Abstract: The invention relates to an embedded system (1) comprising a processor (2) operated by means of a kernel (3) executable by said processor, a hardware peripheral (8, 9), a memory (5) and an application-related software program (6) recorded in said memory (5), said application-related software program (6) being executed by means of said kernel (3) executable by said processor (2), as well as a securing method. The invention is characterized in that the kernel (3) executable by said processor (2) controls said hardware peripheral (8, 9), obliges said application-related software program (6) to execute a policy, which is neither defined nor controlled by said program, for controlling access to said communication peripheral (8, 9), and is formally proven to satisfy at least one security property.Type: GrantFiled: August 7, 2018Date of Patent: August 22, 2023Assignee: PROVENRUNInventor: Dominique Bolignano
-
Publication number: 20220358219Abstract: A secure cloud computing architecture including: a first data management and/or computer program execution space (A) in which the data management or program execution is controlled by a user; and a second data management and/or computer program execution space (B) in which the data management or program execution is controlled by a third-party operator, first security policies (PSA) applied to the data or execution of programs in the first execution space (A); second security policies (PSB) applied to the data or execution of programs in the second execution space (B); a security property (P) expected by the user, compliance with the first and second security policies guaranteeing a data management and/or computer program execution in accordance with this property (P); and a trusted computing base (TCB) guaranteeing, in the absence of a violation, the application of the second security policies (PSB) in the management of the data and/or execution of the programs in the second execution space (B).Type: ApplicationFiled: July 1, 2020Publication date: November 10, 2022Applicant: PROVENRUNInventor: Dominique Bolignano
-
Patent number: 11153302Abstract: Some embodiments are directed to a method for peering between first and second modules each installed in a different device, the device of the first module includes a human-machine interface, and the two devices can be linked by an unsecure communication channel. The method can include: receiving via the human-machine interface a command setting the device of the first module in operating mode so the first module takes control of a part of the communication means of the first device in order to set them in a secure operating mode and takes control of the human-machine interface; establishing a temporarily secure communication between first and second modules; displaying on the human-machine interface a status signaling the set-up of the secure communication; receiving via the human-machine interface a peering acceptance command; and exchanging of keys/secrets between the modules through the temporarily secure communication channel to perform the peering.Type: GrantFiled: September 18, 2015Date of Patent: October 19, 2021Inventor: Dominique Bolignano
-
Patent number: 11074372Abstract: A secure terminal, particularly for protecting smartphones or tablets, includes: a display system including a screen and a graphical component for carrying out commands to display visual data on the screen; a central processing unit for carrying out executable program instructions and sending display commands to the display system; and a communication device connecting the central processing unit to the display system; a security processor for securely interpreting and/or processing display commands of secure visual data on the screen; a communication device connecting the security processor to the display system; and a means for visual recognition, by a user of the terminal, of a secure mode for displaying the secure visual data, which is displayed on the screen when the secure visual data is displayed, and is controlled by the security processor.Type: GrantFiled: September 22, 2015Date of Patent: July 27, 2021Assignee: PROVENRUNInventor: Dominique Bolignano
-
Publication number: 20200226259Abstract: The invention relates to an embedded system (1) comprising a processor (2) operated by means of a kernel (3) executable by said processor, a hardware peripheral (8, 9), a memory (5) and an application-related software program (6) recorded in said memory (5), said application-related software program (6) being executed by means of said kernel (3) executable by said processor (2), as well as a securing method. The invention is characterized in that the kernel (3) executable by said processor (2) controls said hardware peripheral (8, 9), obliges said application-related software program (6) to execute a policy, which is neither defined nor controlled by said program, for controlling access to said communication peripheral (8, 9), and is formally proven to satisfy at least one security property.Type: ApplicationFiled: August 7, 2018Publication date: July 16, 2020Applicant: PROVE & RUNInventor: Dominique Bolignano
-
Patent number: 9892016Abstract: A method for securing a first program, the first program including a finite number of program points and evolution rules associated to program points and defining the passage of a program point to another, the method including defining a plurality of exit cases and, when a second program is used in the definition of the first program, for each exit case, definition of a branching toward a specific program point of the first program or a declaration of branching impossibility, defining a set of properties to be proven, each associated with one of the constitutive elements of the first program, said set of properties comprising the branching impossibility as a particular property and establishment of the formal proof of the set of properties.Type: GrantFiled: November 3, 2016Date of Patent: February 13, 2018Inventor: Dominique Bolignano
-
Publication number: 20170295171Abstract: Some embodiments are directed to a method for peering between first and second modules each installed in a different device, the device of the first module includes a human-machine interface, and the two devices can be linked by an unsecure communication channel. The method can include: receiving via the human-machine interface a command setting the device of the first module in operating mode so the first module takes control of a part of the communication means of the first device in order to set them in a secure operating mode and takes control of the human-machine interface; establishing a temporarily secure communication between first and second modules; displaying on the human-machine interface a status signaling the set-up of the secure communication; receiving via the human-machine interface a peering acceptance command; and exchanging of keys/secrets between the modules through the temporarily secure communication channel to perform the peering.Type: ApplicationFiled: September 18, 2015Publication date: October 12, 2017Inventor: Dominique BOLIGNANO
-
Publication number: 20170293776Abstract: A secure terminal, particularly for protecting smartphones or tablets, includes: a display system (5) including a screen (2) and a graphical component (6) for carrying out commands to display visual data on the screen (2); a central processing unit (8) for carrying out executable program instructions and sending display commands to the display system (5); and a communication device (9-1) connecting the central processing unit (8) to the display system (5); a security processor (10) for securely interpreting and/or processing display commands of secure visual data on the screen (2); a communication device (9-2) connecting the security processor (10) to the display system (5); and a means (11) for visual recognition, by a user of the terminal (1), of a secure mode for displaying the secure visual data, which is displayed on the screen (2) when the secure visual data is displayed, and is controlled by the security processor (10).Type: ApplicationFiled: September 22, 2015Publication date: October 12, 2017Applicant: PROVE & RUNInventor: Dominique Bolignano
-
Publication number: 20170075788Abstract: A method for securing a first program, the first program including a finite number of program points and evolution rules associated to program points and defining the passage of a program point to another, the method including defining a plurality of exit cases and, when a second program is used in the definition of the first program, for each exit case, definition of a branching toward a specific program point of the first program or a declaration of branching impossibility, defining a set of properties to be proven, each associated with one of the constitutive elements of the first program, said set of properties comprising the branching impossibility as a particular property and establishment of the formal proof of the set of properties.Type: ApplicationFiled: November 3, 2016Publication date: March 16, 2017Inventor: Dominique Bolignano
-
Patent number: 9501383Abstract: A method for securing a first program, the first program including a finite number of program points and evolution rules associated to program points and defining the passage of a program point to another, the method including defining a plurality of exit cases and, when a second program is used in the definition of the first program, for each exit case, definition of a branching toward a specific program point of the first program or a declaration of branching impossibility, defining a set of properties to be proven, each associated with one of the constitutive elements of the first program, said set of properties comprising the branching impossibility as a particular property and establishment of the formal proof of the set of properties.Type: GrantFiled: February 26, 2013Date of Patent: November 22, 2016Inventor: Dominique Bolignano
-
Patent number: 9275236Abstract: A method for securing a first program with a second program, a third program and a fourth program, each program comprising constitutive elements having a finite number of program points and evolution rules associated with the program points and defining the passage from one program point to another program point, and each program comprising a definition of a set of properties each property being associated with one or more of the constitutive elements of the program. The fourth program constructed by defining at least one relation between at least one constitutive element of the second program and at least one constitutive element of the third program, said relation being named a correspondence relation, and at least one property of the third program being proven, propagate the proof of said property to at least one property of the first program by exploitation of the correspondence relation.Type: GrantFiled: June 28, 2013Date of Patent: March 1, 2016Inventor: Dominique Bolignano
-
Publication number: 20150007333Abstract: A method for securing a first program with a second program, a third program and a fourth program, each program comprising constitutive elements having a finite number of program points and evolution rules associated with the program points and defining the passage from one program point to another program point, and each program comprising a definition of a set of properties each property being associated with one or more of the constitutive elements of the program. The fourth program constructed by defining at least one relation between at least one constitutive element of the second program and at least one constitutive element of the third program, said relation being named a correspondence relation, and at least one property of the third program being proven, propagate the proof of said property to at least one property of the first program by exploitation of the correspondence relation.Type: ApplicationFiled: June 28, 2013Publication date: January 1, 2015Inventor: Dominique Bolignano
-
Publication number: 20140245259Abstract: A method for securing a first program, the first program including a finite number of program points and evolution rules associated to program points and defining the passage of a program point to another, the method including defining a plurality of exit cases and, when a second program is used in the definition of the first program, for each exit case, definition of a branching toward a specific program point of the first program or a declaration of branching impossibility, defining a set of properties to be proven, each associated with one of the constitutive elements of the first program, said set of properties comprising the branching impossibility as a particular property and establishment of the formal proof of the set of properties.Type: ApplicationFiled: February 26, 2013Publication date: August 28, 2014Inventor: Dominique Bolignano
-
Patent number: 8082450Abstract: According to the inventive method, the chip card, a counting function (FC), a counter (Cpt) and a private key (Cf) stored in the write-only part of the memory region are stored in a persistent memory, the counter and the private key (Cf) being accessible only by the counting function (FC). When the chip card receives a counter request emitted by an requesting entity (ER), the counting function (FC) performs a modification of the counter (Cpt) and a calculation of a signature, and sends a response to the applicant entity (ER). When the on-board system receives the response to the counter request, the signature contained in the response is checked.Type: GrantFiled: December 14, 2006Date of Patent: December 20, 2011Assignee: Trusted LogicInventors: Alexandre Frey, Dominique Bolignano, Axelle Apvrille
-
Patent number: 7882396Abstract: The inventive method for controlling a program execution integrity by verifying execution trace prints consists in updating the representative print of an execution path and/or data applied for a program execution, comparing the actual print value (dynamically calculated to an expected value (statistically fixed, equal to a value of the print if the program execution is not disturbed) at a determined program spots and in carrying out a particular processing by the program when the actual print differs from the expected value.Type: GrantFiled: December 16, 2004Date of Patent: February 1, 2011Assignee: Trusted LogicInventors: Dominique Bolignano, Xavier Leroy, Renaud Marlet
-
Publication number: 20100070804Abstract: The inventive method for controlling a program execution integrity by verifying execution trace prints consists in updating the representative print of an execution path and/or data applied for a program execution, comparing the actual print value (dynamically calculated to an expected value (statistically fixed, equal to a value of the print if the program execution is not disturbed) at a determined program spots and in carrying out a particular processing by the program when the actual print differs from the expected value.Type: ApplicationFiled: December 16, 2004Publication date: March 18, 2010Inventors: Dominique Bolignano, Xavier Leroy, Renaud Marlet
-
Publication number: 20080320315Abstract: According to the inventive method, the chip card, a counting function (FC), a counter (Cpt) and a private key (Cf) stored in the write-only part of the memory region are stored in a persistent memory, the counter and the private key (Cf) being accessible only by the counting function (FC). When the chip card receives a counter request emitted by an requesting entity (ER), the counting function (FC) performs a modification of the counter (Cpt) and a calculation of a signature, and sends a response to the applicant entity (ER). When the on-board system receives the response to the counter request, the signature contained in the response is checked.Type: ApplicationFiled: December 14, 2006Publication date: December 25, 2008Applicant: TRUSTED LOGICInventors: Alexandre Frey, Dominique Bolignano, Axelle Apvrille