Patents by Inventor Eran Birk
Eran Birk has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11856032Abstract: Technologies for providing policy-based secure containers for multiple enterprise applications include a client computing device and an enterprise policy server. The client computing device sends device attribute information and a request for access to an enterprise application to the enterprise policy server. The enterprise policy server determines a device trust level based on the device attribute information and a data sensitivity level based on the enterprise application, and sends a security policy to the client computing device based on the device trust level and the data sensitivity level. The client computing device references or creates a secure container for the security policy, adds the enterprise application to the secure container, and enforces the security policy while executing the enterprise application in the secure container. Multiple enterprise applications may be added to each secure container. Other embodiments are described and claimed.Type: GrantFiled: September 21, 2021Date of Patent: December 26, 2023Assignee: Intel CorporationInventors: Tarun Viswanathan, Uri Kahana, Alan Ross, Eran Birk
-
Publication number: 20220217181Abstract: Technologies for providing policy-based secure containers for multiple enterprise applications include a client computing device and an enterprise policy server. The client computing device sends device attribute information and a request for access to an enterprise application to the enterprise policy server. The enterprise policy server determines a device trust level based on the device attribute information and a data sensitivity level based on the enterprise application, and sends a security policy to the client computing device based on the device trust level and the data sensitivity level. The client computing device references or creates a secure container for the security policy, adds the enterprise application to the secure container, and enforces the security policy while executing the enterprise application in the secure container. Multiple enterprise applications may be added to each secure container. Other embodiments are described and claimed.Type: ApplicationFiled: September 21, 2021Publication date: July 7, 2022Inventors: Tarun Viswanathan, Uri Kahana, Alan Ross, Eran Birk
-
Patent number: 11252198Abstract: Technologies for providing policy-based secure containers for multiple enterprise applications include a client computing device and an enterprise policy server. The client computing device sends device attribute information and a request for access to an enterprise application to the enterprise policy server. The enterprise policy server determines a device trust level based on the device attribute information and a data sensitivity level based on the enterprise application, and sends a security policy to the client computing device based on the device trust level and the data sensitivity level. The client computing device references or creates a secure container for the security policy, adds the enterprise application to the secure container, and enforces the security policy while executing the enterprise application in the secure container. Multiple enterprise applications may be added to each secure container. Other embodiments are described and claimed.Type: GrantFiled: September 11, 2019Date of Patent: February 15, 2022Assignee: INTEL CORPORATIONInventors: Tarun Viswanathan, Uri Kahana, Alan Ross, Eran Birk
-
Publication number: 20200112591Abstract: Technologies for providing policy-based secure containers for multiple enterprise applications include a client computing device and an enterprise policy server. The client computing device sends device attribute information and a request for access to an enterprise application to the enterprise policy server. The enterprise policy server determines a device trust level based on the device attribute information and a data sensitivity level based on the enterprise application, and sends a security policy to the client computing device based on the device trust level and the data sensitivity level. The client computing device references or creates a secure container for the security policy, adds the enterprise application to the secure container, and enforces the security policy while executing the enterprise application in the secure container. Multiple enterprise applications may be added to each secure container. Other embodiments are described and claimed.Type: ApplicationFiled: September 11, 2019Publication date: April 9, 2020Inventors: Tarun Viswanathan, Uri Kahana, Alan Ross, Eran Birk
-
Patent number: 10592639Abstract: A client platform supports digital rights management. The client platform comprises a digital rights management (DRM) engine which, when executed, enables the client platform to monitor download operations performed by the client platform and to obtain a shadow image for a digital content item from a DRM blockchain, in response to an operation to download the digital content item from a remote source. The shadow image comprises a hash of the digital content item and copyright policy settings to indicate security constraints for the digital content item. The client platform may automatically determine whether the copyright policy settings for the digital content item allow modification of the digital content item. A user may be allowed to create a modified version of the digital content item only if the copyright policy settings allow modification of the digital content item. Other embodiments are described and claimed.Type: GrantFiled: September 6, 2016Date of Patent: March 17, 2020Assignee: Intel CorporationInventors: Tamara Gaidar, Eran Birk, Nava Levy, Glen J. Anderson, Ned M. Smith
-
Patent number: 10511638Abstract: Technologies for providing policy-based secure containers for multiple enterprise applications include a client computing device and an enterprise policy server. The client computing device sends device attribute information and a request for access to an enterprise application to the enterprise policy server. The enterprise policy server determines a device trust level based on the device attribute information and a data sensitivity level based on the enterprise application, and sends a security policy to the client computing device based on the device trust level and the data sensitivity level. The client computing device references or creates a secure container for the security policy, adds the enterprise application to the secure container, and enforces the security policy while executing the enterprise application in the secure container. Multiple enterprise applications may be added to each secure container. Other embodiments are described and claimed.Type: GrantFiled: October 23, 2018Date of Patent: December 17, 2019Assignee: Intel CorporationInventors: Tarun Viswanathan, Uri Kahana, Alan D. Ross, Eran Birk
-
Publication number: 20190058737Abstract: Technologies for providing policy-based secure containers for multiple enterprise applications include a client computing device and an enterprise policy server. The client computing device sends device attribute information and a request for access to an enterprise application to the enterprise policy server. The enterprise policy server determines a device trust level based on the device attribute information and a data sensitivity level based on the enterprise application, and sends a security policy to the client computing device based on the device trust level and the data sensitivity level. The client computing device references or creates a secure container for the security policy, adds the enterprise application to the secure container, and enforces the security policy while executing the enterprise application in the secure container. Multiple enterprise applications may be added to each secure container. Other embodiments are described and claimed.Type: ApplicationFiled: October 23, 2018Publication date: February 21, 2019Inventors: Tarun Viswanathan, Uri Kahana, Alan D. Ross, Eran Birk
-
Patent number: 10157273Abstract: Embodiments of methods, apparatuses, and storage mediums associated with eye movement based knowledge demonstration, having a particular application to authentication, are disclosed. In embodiments, a computing device may determine whether a received input of a pattern of eye movements is consistent with an expected pattern of eye movements of a user when the user attempts to visually locate a piece of information embedded in a display. In embodiments, the expected pattern of eye movements may include patterns related to fixations and/or other statistical patterns, however, may not be limited to such patterns. In applications, determining consistency or correlation with the expected pattern of eye movements may identify the user by simultaneously verifying at least factors of authentication—that of biometric criteria related to a user's pattern of eye movements and a password or other information known to the user.Type: GrantFiled: November 28, 2016Date of Patent: December 18, 2018Assignee: Intel CorporationInventors: Eran Birk, Shai Kavas, Michal Jacob, Omer Ben-Shalom
-
Patent number: 10122766Abstract: Technologies for providing policy-based secure containers for multiple enterprise applications include a client computing device and an enterprise policy server. The client computing device sends device attribute information and a request for access to an enterprise application to the enterprise policy server. The enterprise policy server determines a device trust level based on the device attribute information and a data sensitivity level based on the enterprise application, and sends a security policy to the client computing device based on the device trust level and the data sensitivity level. The client computing device references or creates a secure container for the security policy, adds the enterprise application to the secure container, and enforces the security policy while executing the enterprise application in the secure container. Multiple enterprise applications may be added to each secure container. Other embodiments are described and claimed.Type: GrantFiled: February 23, 2016Date of Patent: November 6, 2018Assignee: Intel CorporationInventors: Tarun Viswanathan, Uri Kahana, Alan D. Ross, Eran Birk
-
Patent number: 10091216Abstract: Technologies are provided in embodiments for receiving policy information associated with at least one security exception, the security exception relating to execution of at least one program, determining an operation associated with the security exception based, at least in part, on the policy information, and causing the operation to be performed, based at least in part, on a determination that the at least one security exception occurred.Type: GrantFiled: March 28, 2016Date of Patent: October 2, 2018Assignee: Intel CorporationInventors: Gal Chanoch, Eran Birk, Baiju Patel, Steven Grobman, Tobias Kohlenberg, Rajeev Gopalakrishna
-
Publication number: 20180068091Abstract: A client platform supports digital rights management. The client platform comprises a digital rights management (DRM) engine which, when executed, enables the client platform to monitor download operations performed by the client platform and to obtain a shadow image for a digital content item from a DRM blockchain, in response to an operation to download the digital content item from a remote source. The shadow image comprises a hash of the digital content item and copyright policy settings to indicate security constraints for the digital content item. The client platform may automatically determine whether the copyright policy settings for the digital content item allow modification of the digital content item. A user may be allowed to create a modified version of the digital content item only if the copyright policy settings allow modification of the digital content item. Other embodiments are described and claimed.Type: ApplicationFiled: September 6, 2016Publication date: March 8, 2018Applicant: Intel CorporationInventors: Tamara Gaidar, Eran Birk, Nava Levy, Glen J. Anderson, Ned M. Smith
-
Publication number: 20170171218Abstract: Systems and methods may provide for receiving runtime input from one or more unlock interfaces of a device and selecting a level of access with regard to the device from a plurality of levels of access based on the runtime input. The selected level of access may have an associated security policy, wherein an authentication of the runtime input may be conducted based on the associated security policy. In one example, one or more cryptographic keys are used to place the device in an unlocked state with regard to the selected level of access if the authentication is successful. If the authentication is unsuccessful, on the other hand, the device may be maintained in a locked state with regard to the selected level of access.Type: ApplicationFiled: February 17, 2017Publication date: June 15, 2017Inventors: Keith Shippy, Tobias Kohlenberg, Mubashir Mian, Ned Smith, Omer Ben-Shalom, Tarun Viswanathan, Dennis Morgan, Timothy Verrall, Manish Dave, Eran Birk
-
Publication number: 20170116404Abstract: Embodiments of methods, apparatuses, and storage mediums associated with eye movement based knowledge demonstration, having a particular application to authentication, are disclosed. In embodiments, a computing device may determine whether a received input of a pattern of eye movements is consistent with an expected pattern of eye movements of a user when the user attempts to visually locate a piece of information embedded in a display. In embodiments, the expected pattern of eye movements may include patterns related to fixations and/or other statistical patterns, however, may not be limited to such patterns. In applications, determining consistency or correlation with the expected pattern of eye movements may identify the user by simultaneously verifying at least factors of authentication—that of biometric criteria related to a user's pattern of eye movements and a password or other information known to the user.Type: ApplicationFiled: November 28, 2016Publication date: April 27, 2017Inventors: Eran Birk, Shai Kavas, Michal Jacob, Omer Ben-Shalom
-
Patent number: 9578037Abstract: Systems and methods may provide for receiving runtime input from one or more unlock interfaces of a device and selecting a level of access with regard to the device from a plurality of levels of access based on the runtime input. The selected level of access may have an associated security policy, wherein an authentication of the runtime input may be conducted based on the associated security policy. In one example, one or more cryptographic keys are used to place the device in an unlocked state with regard to the selected level of access if the authentication is successful. If the authentication is unsuccessful, on the other hand, the device may be maintained in a locked state with regard to the selected level of access.Type: GrantFiled: November 25, 2015Date of Patent: February 21, 2017Assignee: Intel CorporationInventors: Keith Shippy, Tobias Kohlenberg, Mubashir Mian, Ned Smith, Omer Ben-Shalom, Tarun Viswanathan, Dennis Morgan, Timothy Verrall, Manish Dave, Eran Birk
-
Patent number: 9530294Abstract: An item of value comprises an assembly of parts. The parts comprise a component that has value independent of the item, and an assembly security system that is operable to communicate with a central security system via a wide area network. The component comprises a component security system that is operable to communicate with the assembly security system. The assembly security system is operable to perform operations comprising (a) saving component data that identifies the component as part of the item; (b) after saving the component data, monitoring the component, via the component security system, to automatically determine whether the component has left a predetermined zone of proximity, relative to the item; and (c) in response to determining that the component has left the predetermined zone of proximity, automatically notifying the central security system that the component has left the predetermined zone of proximity. Other embodiments are described and claimed.Type: GrantFiled: December 23, 2013Date of Patent: December 27, 2016Assignee: Intel CorporationInventors: Eran Birk, Omer Ben-Shalom, Yosi Govezensky, Yoram Hassidim
-
Patent number: 9519768Abstract: Embodiments of methods, apparatuses, and storage mediums associated with eye movement based knowledge demonstration, having a particular application to authentication, are disclosed. In embodiments, a computing device may determine whether a received input of a pattern of eye movements is consistent with an expected pattern of eye movements of a user when the user attempts to visually locate a piece of information embedded in a display. In embodiments, the expected pattern of eye movements may include patterns related to fixations and/or other statistical patterns, however, may not be limited to such patterns. In applications, determining consistency or correlation with the expected pattern of eye movements may identify the user by simultaneously verifying at least factors of authentication—that of biometric criteria related to a user's pattern of eye movements and a password or other information known to the user.Type: GrantFiled: December 23, 2011Date of Patent: December 13, 2016Assignee: Intel CorporationInventors: Eran Birk, Shai Kavas, Michal Jacob, Omer Ben-Shalom
-
Publication number: 20160323297Abstract: Technologies are provided in embodiments for receiving policy information associated with at least one security exception, the security exception relating to execution of at least one program, determining an operation associated with the security exception based, at least in part, on the policy information, and causing the operation to be performed, based at least in part, on a determination that the at least one security exception occurred.Type: ApplicationFiled: March 28, 2016Publication date: November 3, 2016Inventors: Gal Chanoch, Eran Birk, Baiju Patel, Steven Grobman, Tobias Kohlenberg, Rajeev Gopalakrishna
-
Publication number: 20160315974Abstract: Technologies for providing policy-based secure containers for multiple enterprise applications include a client computing device and an enterprise policy server. The client computing device sends device attribute information and a request for access to an enterprise application to the enterprise policy server. The enterprise policy server determines a device trust level based on the device attribute information and a data sensitivity level based on the enterprise application, and sends a security policy to the client computing device based on the device trust level and the data sensitivity level. The client computing device references or creates a secure container for the security policy, adds the enterprise application to the secure container, and enforces the security policy while executing the enterprise application in the secure container. Multiple enterprise applications may be added to each secure container. Other embodiments are described and claimed.Type: ApplicationFiled: February 23, 2016Publication date: October 27, 2016Inventors: Tarun Viswanathan, Uri Kahana, Alan D. Ross, Eran Birk
-
Patent number: 9298911Abstract: Technologies are provided in embodiments for receiving policy information associated with at least one security exception, the security exception relating to execution of at least one program, determining an operation associated with the security exception based, at least in part, on the policy information, and causing the operation to be performed, based at least in part, on a determination that the at least one security exception occurred.Type: GrantFiled: March 15, 2013Date of Patent: March 29, 2016Assignee: INTEL CORPORATIONInventors: Gal Chanoch, Eran Birk, Baiju Patel, Steven Grobman, Tobias Kohlenberg, Rajeev Gopalakrisha
-
Publication number: 20160080393Abstract: Systems and methods may provide for receiving runtime input from one or more unlock interfaces of a device and selecting a level of access with regard to the device from a plurality of levels of access based on the runtime input. The selected level of access may have an associated security policy, wherein an authentication of the runtime input may be conducted based on the associated security policy. In one example, one or more cryptographic keys are used to place the device in an unlocked state with regard to the selected level of access if the authentication is successful. If the authentication is unsuccessful, on the other hand, the device may be maintained in a locked state with regard to the selected level of access.Type: ApplicationFiled: November 25, 2015Publication date: March 17, 2016Inventors: Keith Shippy, Tobias Kohlenberg, Mubashir Mian, Ned Smith, Omer Ben-Shalom, Tarun Viswanathan, Dennis Morgan, Timothy Verrall, Manish Dave, Eran Birk