Abstract: The disclosed invention includes a dwelling fixture. The dwelling fixture includes a compartment configured to contain packages delivered to the dwelling, an interior door to access the compartment from the interior of the dwelling, and an exterior door to access the compartment from the exterior of the dwelling. The interior door and/or exterior door includes a locking mechanism to secure the compartment. The dwelling fixture is easily and securely installable through the walls of the dwelling. The exterior door is flush with the exterior of the dwelling and aesthetically integrated with trim that adapts to any exterior finish.

Abstract: A method for managing operability of an on-chip debug capability (24) in a product (26) configured to execute software (30) includes storing (74, 76) a debug public key (40) and an operational public key (44) in product memory (54). The software (30) with either a debug signature (82) or an operational signature (88) is saved (84) in the memory (56). When enablement indication is received, the debug signature (82) is validated (102) using the debug public key (40). The debug capability (24) is enabled upon validation of the signature (82) and the software (30) is allowed to execute. When disablement indication is received, the operational signature (88) is verified (112) using the operational public key (44). The on-chip debug capability (24) is disabled upon verification of the signature (88) and the software (30) is allowed to execute.

Abstract: A processor, scan controller, and method for protecting sensitive information from electronic hacking is disclosed. To maintain the security of the sensitive data present in a processor, the scan controller denies access to the scan chain until data is cleared from scan-observable portions of the processor, then clears the scan chain again prior to exiting test mode and resuming normal operation. Clearing or otherwise modifying data stored in the scan-observable portions of a processor when transitioning to and/or from a test mode will prevent unauthorized personnel from simply shifting secure data out of the scan chain, and from pre-loading data into the scan chain prior to normal operation in an attempt to set sensitive state information.

Abstract: A communication network (22) includes a central node (30) loaded with a trusted key (26) and key material (56) corresponding to an asymmetric key agreement protocol (48). The network (22) further includes vulnerable nodes (32) loaded with key material (69) corresponding to the protocol (48). Successive secure connections (68, 70) are established between the central node (30) and the vulnerable nodes (32) using the key material (56, 69) to generate a distinct session key (52) for each of the secure connections (68, 70). The trusted key (26) and one of the session keys (52) are utilized to produce a mission key (39). The mission key (39) is transferred from the central node (30) to each of the vulnerable nodes (32) via each of the secure connections (68, 70) using the corresponding current session key (52). The mission key (39) functions for secure communication within the communication network (22).

Abstract: A programmable electronic device (10) stores a number of cipher-text software modules (14) to which access is granted after evaluating a user's token (55, 80, 82), a software-restriction class (58) for a requested software module (14), and/or a currently active access-control model (60). Access-control models (60) span a range from uncontrolled to highly restrictive. Models (60) become automatically activated and deactivated as users are added to and deleted from the device (10). A virtual internal user proxy that does not require users to provide tokens (80, 82) is used to enable access to modules (16) classified in a global software-restriction class (62) or when an uncontrolled-access-control model (68) is active. Both licensed modules (76) and unlicensed modules (18,78) may be loaded in the device (10). However, no keys are provided to enable decryption of unlicensed modules (18,78).

Abstract: Authentication management of software (22) in a product (28) encompasses trust anchor assignment (66) and trust anchor verification (68). A root public key (40) of a root trust anchor (32) is stored (80) in non-changeable memory (54) in the product (28). A signed operational public key (86) is formed by attaching a root signature (84) to an operational public key (44) of an operational trust anchor (34) using a root private key (38). An operational signature (96) is appended to the software (22) using an operational private key. (42) to form signed software (98). The signed operational public key (86) and the signed software (98) are saved in changeable memory (56) in the product (28). Upon verification of the root signature (84) utilizing the root public key (40) and validation of the operational signature (96) using the operational public key (44), the software (22) is authenticated and enabled to execute.

Abstract: A method for managing operability of an on-chip debug capability (24) in a product (26) configured to execute software (30) includes storing (74, 76) a debug public key (40) and an operational public key (44) in product memory (54). The software (30) with either a debug signature (82) or an operational signature (88) is saved (84) in the memory (56). When enablement indication is received, the debug signature (82) is validated (102) using the debug public key (40). The debug capability (24) is enabled upon validation of the signature (82) and the software (30) is allowed to execute. When disablement indication is received, the operational signature (88) is verified (112) using the operational public key (44). The on-chip debug capability (24) is disabled upon verification of the signature (88) and the software (30) is allowed to execute.

Abstract: A processor, scan controller, and method for protecting sensitive information from electronic hacking is disclosed. To maintain the security of the sensitive data present in a processor, the scan controller denies access to the scan chain until data is cleared from scan-observable portions of the processor, then clears the scan chain again prior to exiting test mode and resuming normal operation. Clearing or otherwise modifying data stored in the scan-observable portions of a processor when transitioning to and/or from a test mode will prevent unauthorized personnel from simply shifting secure data out of the scan chain, and from pre-loading data into the scan chain prior to normal operation in an attempt to set sensitive state information.

Abstract: A coaxial plug assembly is shown provided with a main housing which houses a coaxial plug connector. A retention housing is provided which latches to the main housing and which retains the coaxial connector in place. In some embodiments, the retention housing includes an integral locking plate to which a cable exit member can be attached for orienting the cable exit in a 90° angle exit relative to the coaxial connector. In another embodiment a locking plate is integrally attached to the coaxial cable sleeve and includes a cable exit portion which is latchingly connected to the locking part.

Abstract: An electrical connector assembly including a housing and a retainer releasably supported by the housing is provided. The retainer includes a clip receiver configured to retain a supporting clip and a lock configured to engage an electrical connector for restricting axial movement thereof relative to the housing.

Abstract: A processor, scan controller, and method for protecting sensitive information from electronic hacking is disclosed. To maintain the security of the sensitive data present in a processor, the scan controller denies access to the scan chain until data is cleared from scan-observable portions of the processor, then clears the scan chain again prior to exiting test mode and resuming normal operation. Clearing or otherwise modifying data stored in the scan-observable portions of a processor when transitioning to and/or from a test mode will prevent unauthorized personnel from simply shifting secure data out of the scan chain, and from pre-loading data into the scan chain prior to normal operation in an attempt to set sensitive state information.

Abstract: A connector assembly including a first connector attachable to a first electrical component and a second connector attachable to a second electrical component and releasably engaged with the first connector. The second connector includes a housing, a latch member and a hinge hingedly attaching the latch member to a surface of the housing. The hinge includes at least one beam extending from the latch member to the surface of the housing and curving 90 degrees from the latch member. The latch member includes a push portion at one end and a lock engagement portion at an opposite end. Push portion has an upper push surface configured to receive a force and an opposing lower surface facing the outer surface of the housing and defining a space between outer surface and push portion. The lower surface includes a rib protruding into the space between the outer surface and push portion.

Abstract: A secure memory and processing system is disclosed for use in various types of communication devices. The secure processing system provides for the encryption and storage of sensitive data in a storage medium external to the secure processing system. The encrypted data is decrypted with encryption logic circuitry within the secure memory and transferred to a zeroizable memory for use by a host processor. The secure memory uses a laser-scribed encryption key coupled to encryption logic circuitry within the secure memory for encrypting and decrypting the sensitive information.

Abstract: A method for purchasing items over a non-secure communication channel uses a secure communication device. The secure communication device includes a host processor, a secure memory that includes a laser-scribed encryption key, and a non-secure memory for storing encrypted data. A user's sensitive data is encrypted within the secure memory using the laser-scribed encryption key and stored as encrypted data in the non-secure memory. An encrypted credit card number and an encrypted secret key is retrieved from the non-secure memory, the encrypted credit card and secret key are decrypted with the laser-scribed encryption key, the credit card number is encrypted with a session key, and the encrypted credit card number is transferred over the network to a destination such as an internet vendor.

Abstract: A shielded jack assembly is shown having a front cylindrical tube, and a rear ground shell portion. The rear ground shell is stamped and formed from pre-plated metal, and includes a partial cylindrical portion, plate portions extending downwardly therefrom, and printed circuit board portions depending from the plate portions. A rear wall portion is integral with the partial cylindrical portion, and depends therefrom via a hinge. The rear wall portion is bent to cover the end opening in the partial cylindrical portion.

Abstract: A processor, scan controller, and method for protecting sensitive information from electronic hacking is disclosed. To maintain the security of the sensitive data present in a processor, the scan controller denies access to the scan chain until data is cleared from scan-observable portions of the processor, then clears the scan chain again prior to exiting test mode and resuming normal operation. Clearing or otherwise modifying data stored in the scan-observable portions of a processor when transitioning to and/or from a test mode will prevent unauthorized personnel from simply shifting secure data out of the scan chain, and from pre-loading data into the scan chain prior to normal operation in an attempt to set sensitive state information.

Abstract: Method for securing encryption keys for encrypting software while providing for secure updates of the key for other or updated versions of the software. A First Encryption Key which is used to encrypt an initial software version includes a FIRST SPLIT portion and a TOKEN portion. The FIRST SPLIT portion can be stored in an anti-tamper storage memory of a hardware product and the TOKEN can be stored in external storage medium so that the FIRST SPLIT and the TOKEN are separately provided to separate personnel of the user while the identity of the First Encryption Key is kept secure by remaining in custody of the provider. The user employs the hardware to combine the FIRST SPLIT and TOKEN to generate the First Encryption Key within the hardware to decrypt the encrypted software. To facilitate updates the provider combines the First Encryption Key with a Second Encryption Key to generate an UPDATE SPLIT for updated software which is encrypted with the Second Encryption Key.

Abstract: A system and method allows portable, encrypted data to be accessible through multiple hosts, including new hosts (14), without requiring a secure link to the new hosts. A split key encryption system encrypts (52) data and stores the encrypted data on a portable device (10). A split of the encryption key is stored (54) in the portable device (10), and another split of the key is stored (54) in a home host (12) . A password-modified key is then made (58) by combining a password with the encryption key. This password-modified key is then reduced (58), with one split being stored on the host (12) and another split stored on the portable device (10) . Data can be accessed with a new host (14) by transferring (78) the host password-modified split to the new host (14) and entering (80) the password into the portable device (10).

Abstract: A call is connected between secure terminals (16) through a network (12). If a network address for the call is included on an approved list (46), a secure call setup procedure (54) is performed automatically. One terminal (16) automatically sends an auto-secure signal. If the other terminal detects the auto-secure signal, secure call setup procedure (54) is performed automatically. The secure call setup procedure (54) determines a current user-identity for the opposing party. If the current user-identity corresponds to a user-identity included on an approved list (76), an abbreviated secure call setup process (80) is performed. If the current user identity is not approved, a full secure call setup process (78) is performed. The abbreviated process (80) differs from the full process (78) in that it uses a traffic key obtained from a prior secure communication session and may be performed more quickly.