Patents by Inventor Marius Schilder
Marius Schilder has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10872154Abstract: A semiconductor chip device include device state fuses that may be used to configure various device states and corresponding security levels for the semiconductor chip as it transitions from wafer manufacturing to provisioned device. The device states and security levels prevent the semiconductor chip from being accessed and exploited, for example, during manufacturing testing. A secure boot flow process for a semiconductor chip over its lifecycle is also disclosed. The secure boot flow may start at the wafer manufacturing stage and continue on through the insertion of keys and firmware.Type: GrantFiled: January 30, 2019Date of Patent: December 22, 2020Assignee: Google LLCInventors: Marius Schilder, Timothy Chen, Scott Johnson, Harrison Pham, Derek Martin
-
Patent number: 10491401Abstract: Systems, apparatuses, and methods for signing, and verifying the signature of, code to be executed by a target device. An example method of determining a verification hash of a code image to be executed by a target device comprises receiving a header and code image, determining an image hash based on metadata and the code image, determining a fuses hash based on values of hardware fuses of the target device, determining an information hash based on information stored in memory, determining a verification hash based on the image hash, the fuses hash, and the information hash, verifying the verification hash against a code signature in the header, obtaining an unlock constant based on the verification hash, comparing the unlock constant with a stored predetermined value to unlock a memory region of the target device, and executing the code in the code image on the target device.Type: GrantFiled: February 21, 2017Date of Patent: November 26, 2019Assignee: Google LLCInventors: Marius Schilder, Timothy Chen, Scott Johnson
-
Publication number: 20190163909Abstract: A semiconductor chip device include device state fuses that may be used to configure various device states and corresponding security levels for the semiconductor chip as it transitions from wafer manufacturing to provisioned device. The device states and security levels prevent the semiconductor chip from being accessed and exploited, for example, during manufacturing testing. A secure boot flow process for a semiconductor chip over its lifecycle is also disclosed. The secure boot flow may start at the wafer manufacturing stage and continue on through the insertion of keys and firmware.Type: ApplicationFiled: January 30, 2019Publication date: May 30, 2019Applicant: Google LLCInventors: Marius SCHILDER, Timothy CHEN, Scott JOHNSON, Harrison PHAM, Derek MARTIN
-
Patent number: 10223531Abstract: A semiconductor chip device include device state fuses that may be used to configure various device states and corresponding security levels for the semiconductor chip as it transitions from wafer manufacturing to provisioned device. The device states and security levels prevent the semiconductor chip from being accessed and exploited, for example, during manufacturing testing. A secure boot flow process for a semiconductor chip over its lifecycle is also disclosed. The secure boot flow may start at the wafer manufacturing stage and continue on through the insertion of keys and firmware.Type: GrantFiled: December 30, 2016Date of Patent: March 5, 2019Assignee: Google LLCInventors: Marius Schilder, Timothy Chen, Scott Johnson, Harrison Pham, Derek Martin
-
Publication number: 20180241568Abstract: Systems, apparatuses, and methods for signing, and verifying the signature of, code to be executed by a target device. An example method of determining a verification hash of a code image to be executed by a target device comprises receiving a header and code image, determining an image hash based on metadata and the code image, determining a fuses hash based on values of hardware fuses of the target device, determining an information hash based on information stored in memory, determining a verification hash based on the image hash, the fuses hash, and the information hash, verifying the verification hash against a code signature in the header, obtaining an unlock constant based on the verification hash, comparing the unlock constant with a stored predetermined value to unlock a memory region of the target device, and executing the code in the code image on the target device.Type: ApplicationFiled: February 21, 2017Publication date: August 23, 2018Applicant: GOOGLE INC.Inventors: Marius SCHILDER, Timothy CHEN, Scott JOHNSON
-
Publication number: 20180189493Abstract: A semiconductor chip device include device state fuses that may be used to configure various device states and corresponding security levels for the semiconductor chip as it transitions from wafer manufacturing to provisioned device. The device states and security levels prevent the semiconductor chip from being accessed and exploited, for example, during manufacturing testing. A secure boot flow process for a semiconductor chip over its lifecycle is also disclosed. The secure boot flow may start at the wafer manufacturing stage and continue on through the insertion of keys and firmware.Type: ApplicationFiled: December 30, 2016Publication date: July 5, 2018Applicant: Google Inc.Inventors: Marius SCHILDER, Timothy CHEN, Scott JOHNSON, Harrison PHAM, Derek MARTIN
-
Patent number: 8943309Abstract: A server receives a request from the client. The request includes a cryptographically protected object that includes a respective user identifier and validation value. When the respective user identifier is valid, the validation value fails a first requirement in a predefined manner, and a count of consecutively received cryptographically protected objects whose validation value has failed the first validation requirement is less than a threshold value that is greater than one, the server returns to the client a response to the request in accordance with the respective user identifier, the response including an updated cryptographically protected object that includes the respective user identifier and an updated validation value, and updates the count. When the respective user identifier is valid, the validation value fails a first requirement in the predefined manner, and the count is equal to or exceeds the threshold value, the server performs a predefined remedial action.Type: GrantFiled: December 12, 2006Date of Patent: January 27, 2015Assignee: Google Inc.Inventors: Marius Schilder, Robert C. Pike, Andrew B. Fikes, Michael Burrows
-
Patent number: 8850520Abstract: A first server associated with a first URL receives a request from a client, including a first object having a respective user identifier and validation value. The server evaluates the validation value of the received first object with respect to a first validation requirement. When the validation value of the first object fails the first validation requirement, the server sends a response to the client that causes the client to send a second request to a second URL that is distinct from the first URL. A second server associated with the second URL receives a request from the client that includes a second object, distinct from the first object. The second server evaluates the received second object with respect to a second validation requirement, and when the second object fails the second validation requirement, the second server invalidates the respective user identifier.Type: GrantFiled: December 12, 2006Date of Patent: September 30, 2014Assignee: Google Inc.Inventors: Robert C. Pike, Michael Burrows, Marius Schilder, Andrew B. Fikes
-
Patent number: 8176163Abstract: One or more servers receive requests from clients and send responses. At least a subset of the responses including cookies produced by the one or more servers, and at least a subset of the received requests including cookies that were previously produced by the one or more servers and sent to the clients with responses to previously processed requests. Each of the cookies includes a respective user identifier. The one or more servers analyzing the received cookies to detect a first condition, which indicates that a respective plurality of clients may be using cookies that have a shared user identifier. Upon detecting the first condition, the one or more servers send at least one of the clients of the respective plurality of clients a response that includes a new cookie having a user identifier that is distinct from the shared user identifier.Type: GrantFiled: March 5, 2010Date of Patent: May 8, 2012Assignee: Google Inc.Inventors: Andrew B. Fikes, Michael Burrows, Marius Schilder, Robert C. Pike
-
Patent number: 7779103Abstract: One or more servers receive requests from clients and send responses. At least a subset of the responses including cookies produced by the one or more servers, and at least a subset of the received requests including cookies that were previously produced by the one or more servers and sent to the clients with responses to previously processed requests. Each of the cookies includes a respective user identifier. The one or more servers analyzing the received cookies to detect a first condition, which indicates that a respective plurality of clients may be using cookies that have a shared user identifier. Upon detecting the first condition, the one or more servers send at least one of the clients of the respective plurality of clients a response that includes a new cookie having a user identifier that is distinct from the shared user identifier.Type: GrantFiled: December 12, 2006Date of Patent: August 17, 2010Assignee: Google Inc.Inventors: Andrew B. Fikes, Michael Burrows, Marius Schilder, Robert C. Pike