Patents by Inventor Geraint Luff
Geraint Luff has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11366904Abstract: A machine-implemented method for controlling a configuration data item in a storage-equipped device having at least two security domains, comprising receiving, by one of the security domains, a configuration data item; storing the configuration data item; providing a security indication for the configuration data item; and when an event indicates untrustworthiness of the data item, invalidating a configuration effect of the stored configuration data item. Further provided is a machine-implemented method for controlling a storage-equipped device as a node in a network of devices, comprising receiving information that a data source or type of a configuration data item is untrusted; analysing metadata for the data source and the configuration data item; populating a knowledge base with analysed metadata; and responsive to the analysed metadata, transmitting security information to the network of devices. A corresponding device and computer program product are also described.Type: GrantFiled: August 1, 2016Date of Patent: June 21, 2022Assignee: ARM IP LIMITEDInventors: Geraint Luff, Thomas Grocutt, Milosch Meriac, Jonathan Austin
-
Patent number: 11218321Abstract: A method of accessing data sent between a remote resource and a data processing device, the method comprising: caching data uploaded from the remote resource or caching data sent to the remote resource at one or more intermediate network nodes between the data processing device and the remote resource; and accessing the cached data stored at the one or more intermediate network nodes.Type: GrantFiled: May 29, 2015Date of Patent: January 4, 2022Assignee: ARM IP LIMITEDInventors: Milosch Meriac, Geraint Luff
-
Patent number: 10902100Abstract: A method for determining when a device is attached to a user, the method comprising activating an accelerometer provided at the device; activating a vibration motor provided at the device; measuring with the accelerometer vibrations at the device created by the vibration motor; and using the accelerometer measurements to determine whether the device is attached to the user.Type: GrantFiled: July 14, 2016Date of Patent: January 26, 2021Assignee: ARM IP LimitedInventors: Hugo John Martin Vincent, Geraint Luff
-
Patent number: 10735428Abstract: In one example, a method includes obtaining, by a data processing device, first secret data associated with a first user and corresponding to a first location of a remote resource. The method further includes generating, using the first secret data, a first uniform resource locator (URL) usable to obtain the first location, and accessing the first location using the first URL. The method further includes obtaining, in response to transfer of usage rights of the data processing device from the first user to a second user, second secret data associated with the second user and corresponding to a second location of the remote resource. The method further includes generating, using the second secret data, a second URL usable to obtain the second location, and accessing the second location using the second URL. The second location is inaccessible via the first URL. The first location is inaccessible via the second URL.Type: GrantFiled: October 2, 2018Date of Patent: August 4, 2020Assignees: ARM IP Limited, ARM LimitedInventors: Milosch Meriac, Geraint Luff, William Allen Curtis, Remy Pottier
-
Patent number: 10693656Abstract: There is provided a method of scanning for a remote device, the method comprising: generating, at a data processing device, a search input; transforming, at the data processing device, the search input to provide a transformed output, wherein the transformed output is representative of the search input; transmitting, a communication comprising the transformed output from the data processing device to the remote device; receiving, at the data processing a device, a communication from the remote device based on the transformed output.Type: GrantFiled: November 30, 2015Date of Patent: June 23, 2020Assignee: ARM IP LimitedInventors: Andrew John Pritchard, Geraint Luff, Milosch Meriac
-
Patent number: 10671730Abstract: A machine-implemented method is provided for securing a storage-equipped device against introduction of malicious configuration data into configuration data storage, the method comprising steps of receiving by the device, a trusted signal for modification of the configuration of the device; responsive to the receiving, placing the device into a restricted mode of operation and at least one of deactivating a service and rebooting the device; responsive to the placing the device into the restricted mode of operation and the deactivating or rebooting, permitting configuration data entry into a restricted portion of the configuration data storage. A corresponding device and computer program product are also described.Type: GrantFiled: July 7, 2016Date of Patent: June 2, 2020Assignee: ARM IP LimitedInventors: Jonathan Austin, Milosch Meriac, Thomas Grocutt, Geraint Luff
-
Patent number: 10595207Abstract: A method for verifying the integrity of data in a message by a data processing device, the message comprising a plurality of packets, the method comprising: receiving, at the device from a first resource, a manifest associated with the message, the manifest comprising a plurality of group check values for the plurality of packets; receiving, at the device, from the first or a different resource, the message; generating a first progression of rolling hashes for the plurality of packets; deriving group check values from the first progression of rolling hashes for groups of the plurality of packets along one or more paths; verifying the integrity of the data in the message based on or in response to a determination that the derived group check values correspond to the plurality of group check values in the manifest.Type: GrantFiled: September 7, 2016Date of Patent: March 17, 2020Assignees: ARM Ltd, ARM IP LimitedInventors: Geraint Luff, Brendan Moran, Milosch Meriac, Manuel Pegourie-Gonnard
-
Patent number: 10530586Abstract: A method of generating a shortcut certificate for authenticating a user digital certificate generated by an issuing certification authority; the method comprising: authenticating the digital certificate of the issuing certification authority; creating the shortcut certificate for the digital certificate of the issuing certification authority when the digital certificate of the issuing certification authority is authenticated; wherein the shortcut certificate comprises a signed entry of an authentication of the issuing certification authority.Type: GrantFiled: September 22, 2015Date of Patent: January 7, 2020Assignee: ARM IP LimitedInventors: Milosch Meriac, Geraint Luff
-
Publication number: 20190036928Abstract: In one example, a method includes obtaining, by a data processing device, first secret data associated with a first user and corresponding to a first location of a remote resource. The method further includes generating, using the first secret data, a first uniform resource locator (URL) usable to obtain the first location, and accessing the first location using the first URL. The method further includes obtaining, in response to transfer of usage rights of the data processing device from the first user to a second user, second secret data associated with the second user and corresponding to a second location of the remote resource. The method further includes generating, using the second secret data, a second URL usable to obtain the second location, and accessing the second location using the second URL. The second location is inaccessible via the first URL. The first location is inaccessible via the second URL.Type: ApplicationFiled: October 2, 2018Publication date: January 31, 2019Inventors: Milosch Meriac, Geraint Luff, William Allen Curtis, Remy Pottier
-
Publication number: 20190012463Abstract: A machine-implemented method for controlling a configuration data item in a storage-equipped device having at least two security domains, comprising receiving, by one of the security domains, a configuration data item; storing the configuration data item; providing a security indication for the configuration data item; and when an event indicates untrustworthiness of the data item, invalidating a configuration effect of the stored configuration data item. Further provided is a machine-implemented method for controlling a storage-equipped device as a node in a network of devices, comprising receiving information that a data source or type of a configuration data item is untrusted; analysing metadata for the data source and the configuration data item; populating a knowledge base with analysed metadata; and responsive to the analysed metadata, transmitting security information to the network of devices. A corresponding device and computer program product are also described.Type: ApplicationFiled: August 1, 2016Publication date: January 10, 2019Inventors: Geraint LUFF, Thomas GROCUTT, Milosch MERIAC, Jonathan AUSTIN
-
Patent number: 10122718Abstract: In one example, a method includes obtaining, by a data processing device, first secret data associated with a first user and corresponding to a first location of a remote resource. The method further includes generating, using the first secret data, a first uniform resource locator (URL) usable to obtain the first location, and accessing the first location using the first URL. The method further includes obtaining, in response to transfer of usage rights of the data processing device from the first user to a second user, second secret data associated with the second user and corresponding to a second location of the remote resource. The method further includes generating, using the second secret data, a second URL usable to obtain the second location, and accessing the second location using the second URL. The second location is inaccessible via the first URL. The first location is inaccessible via the second URL.Type: GrantFiled: August 21, 2015Date of Patent: November 6, 2018Assignees: ARM IP Limited, ARM LimitedInventors: Milosch Meriac, Geraint Luff, William Allen Curtis, Remy Pottier
-
Publication number: 20180247036Abstract: A method for determining when a device is attached to a user, the method comprising activating an accelerometer provided at the device; activating a vibration motor provided at the device; measuring with the accelerometer vibrations at the device created by the vibration motor; and using the accelerometer measurements to determine whether the device is attached to the user.Type: ApplicationFiled: July 14, 2016Publication date: August 30, 2018Applicant: ARM IP LIMITEDInventors: Hugo John Martin VINCENT, Geraint LUFF
-
Publication number: 20180225458Abstract: A machine-implemented method is provided for securing a storage-equipped device against introduction of malicious configuration data into configuration data storage, the method comprising steps of receiving by the device, a trusted signal for modification of the configuration of the device; responsive to the receiving, placing the device into a restricted mode of operation and at least one of deactivating a service and rebooting the device, responsive to the placing the device into the restricted mode of operation and the deactivating or rebooting, permitting configuration data entry into a restricted portion of the configuration data storage. A corresponding device and computer program product are also described.Type: ApplicationFiled: July 7, 2016Publication date: August 9, 2018Applicant: ARM IP LIMITEDInventors: Jonathan AUSTIN, Milosch MERIAC, Thomas GROCUTT, Geraint LUFF
-
Publication number: 20170373855Abstract: There is provided a method of scanning for a remote device, the method comprising: generating, at a data processing device, a search input; transforming, at the data processing device, the search input to provide a transformed output, wherein the transformed output is representative of the search input; transmitting, a communication comprising the transformed output from the data processing device to the remote device; receiving, at the data processing a device, a communication from the remote device based on the transformed output.Type: ApplicationFiled: November 30, 2015Publication date: December 28, 2017Inventors: Andrew John PRITCHARD, Geraint LUFF, Milosch MERIAC
-
Publication number: 20170295025Abstract: A method of generating a shortcut certificate for authenticating a user digital certificate generated by an issuing certification authority; the method comprising: authenticating the digital certificate of the issuing certification authority; creating the shortcut certificate for the digital certificate of the issuing certification authority when the digital certificate of the issuing certification authority is authenticated; wherein the shortcut certificate comprises a signed entry of an authentication of the issuing certification authority.Type: ApplicationFiled: September 22, 2015Publication date: October 12, 2017Inventors: Milosch MERIAC, Geraint LUFF
-
Publication number: 20170187536Abstract: A method of accessing data sent between a remote resource and a data processing device, the method comprising: caching data uploaded from the remote resource or caching data sent to the remote resource at one or more intermediate network nodes between the data processing device and the remote resource; and accessing the cached data stored at the one or more intermediate network nodes.Type: ApplicationFiled: May 29, 2015Publication date: June 29, 2017Applicant: ARM IP LIMITEDInventors: Milosch MERIAC, Geraint LUFF
-
Publication number: 20170070890Abstract: A method for verifying the integrity of data in a message by a data processing device, the message comprising a plurality of packets, the method comprising: receiving, at the device from a first resource, a manifest associated with the message, the manifest comprising a plurality of group check values for the plurality of packets; receiving, at the device, from the first or a different resource, the message; generating a first progression of rolling hashes for the plurality of packets; deriving group check values from the first progression of rolling hashes for groups of the plurality of packets along one or more paths; verifying the integrity of the data in the message based on or in response to a determination that the derived group check values correspond to the plurality of group check values in the manifest.Type: ApplicationFiled: September 7, 2016Publication date: March 9, 2017Inventors: Geraint Luff, Brendan Moran, Milosch Meriac, Manuel Pegourie-Gonnard
-
Publication number: 20170054721Abstract: In one example, a method includes obtaining, by a data processing device, first secret data associated with a first user and corresponding to a first location of a remote resource. The method further includes generating, using the first secret data, a first uniform resource locator (URL) usable to obtain the first location, and accessing the first location using the first URL. The method further includes obtaining, in response to transfer of usage rights of the data processing device from the first user to a second user, second secret data associated with the second user and corresponding to a second location of the remote resource. The method further includes generating, using the second secret data, a second URL usable to obtain the second location, and accessing the second location using the second URL. The second location is inaccessible via the first URL. The first location is inaccessible via the second URL.Type: ApplicationFiled: August 21, 2015Publication date: February 23, 2017Inventors: Milosch Meriac, Geraint Luff, William Allen Curtis, Remy Pottier