Patents by Inventor Matus Harvan
Matus Harvan has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11551035Abstract: A method for evaluating data is based on a computational model, the computational model comprising model data, a training function and a prediction function. The method includes training the computational model by: receiving training data and training result data for training the computational model, and computing the model data from the training data and the training result data with the training function. The method includes predicting result data by: receiving field data for predicting result data; and computing the result data from the field data and the model data with the prediction function. The training data may be plaintext and the training result data may be encrypted with a homomorphic encryption algorithm, wherein the model data may be computed in encrypted form from the training data and the encrypted training result data with the training function.Type: GrantFiled: August 6, 2018Date of Patent: January 10, 2023Assignee: ABB SCHWEIZ AGInventors: Johannes Schneider, Matus Harvan, Sebastian Obermeier, Thomas Locher, Yvonne-Anne Pignolet
-
Patent number: 11109231Abstract: The present invention provides an approach for granting access and respectively denying access to an instruction set of a device. The technical teaching provides the advantage that unauthorized access can be effectively prevented. Hence, maintenance work can be performed by specialized staff and security sensitive parts of the instruction sets are secured.Type: GrantFiled: March 21, 2016Date of Patent: August 31, 2021Assignee: ABB Schweiz AGInventors: Matus Harvan, Roman Schlegel, Sebastian Obermeier, Thomas Locher
-
Patent number: 11075748Abstract: The application relates to a method for computing a probabilistic encryption scheme for encrypting a data item in an electronic device including: computing a plurality of random bit strings in a computation cluster; sending the computed plurality of random strings to the electronic device; generating a random string (rE) for using in the encryption scheme in the electronic device using a subset of the plurality of the random strings computed in the computation cluster and encrypting the data item using the random string computed in the electronic device. The present application also relates to a corresponding system and corresponding computer program product including one or more computer readable media having computer executable instructions for performing the steps of the method.Type: GrantFiled: November 13, 2018Date of Patent: July 27, 2021Assignee: ABB SCHWEIZ AGInventors: Thomas Locher, Johannes Schneider, Matus Harvan, Sebastian Obermeier, Yvonne-Anne Pignolet
-
Patent number: 11018857Abstract: The present invention discloses a method for computing a secret value including a first secret using a function including an operation, comprising: computing, by a host, a first encrypted value of the first secret with a first key; sending, by the host, the first encrypted value to a value holder and the first key to a key holder, wherein the value holder and the key holder are independently trusted by the host; computing, by the value holder, a computed encrypted value from the first encrypted value using the function; and computing, by the key holder, a computed key from the first key using the function.Type: GrantFiled: January 16, 2018Date of Patent: May 25, 2021Assignee: ABB Schweiz AGInventors: Johannes Schneider, Matus Harvan, Roman Schlegel, Sebastian Obermeier, Thomas Locher
-
Patent number: 10990684Abstract: The present invention generally relates to a context-aware security self-assessment method or module that determines the context in which the device is used and based on this, assesses the devices security settings. The context may refer to the system environment, the applications the device is used for, and/or the current life-cycle stage of the device, without being limited to said contexts. The method of the present invention preferably prioritizes and rates the security relevant findings and presents them in combination with mitigation options through a web interface, a configuration tool, or through notifications in the control system.Type: GrantFiled: September 18, 2018Date of Patent: April 27, 2021Assignee: ABB Power Grids Switzerland AGInventors: Sebastian Obermeier, Roman Schlegel, Johannes Schneider, Thomas Locher, Matus Harvan
-
Patent number: 10928815Abstract: A computer system is configured to process alarm activations received from technical systems, where an alarm activation represents a deviation of the technical status of a technical system from normal. The system includes: a data storage interface for receiving alarm activations in data storage, where the recorded alarm activations correspond to alarms; a data processor for: determining, from the recorded alarm activations, time intervals for alarm analysis; and computing similarity measures between the time intervals that depend on the occurrence of the recorded alarm activations in the time intervals, and where the contribution of an alarm activation to the similarity of two time intervals is reduced with an increasing occurrence of the alarm in the time intervals; and a user interface configured to provide pairs of time intervals to an operator of the one or more technical systems that include time intervals with similarity measures indicating similar alarm.Type: GrantFiled: February 21, 2019Date of Patent: February 23, 2021Assignee: ABB SCHWEIZ AGInventors: Martin Hollender, Matus Harvan
-
Patent number: 10795990Abstract: A method of automatically generating secure code includes: receiving source code and security constraints for the source code, the security constraints encoding, to what extend a variable in the source code is considered secure; and generating secure code from the source code and the security constraints by replacing non-secure operations in the source code, which operate on the variables considered as secure, with secure operations; wherein a secure operation is an operation, which, when applied to at least one encrypted variable, generates an encrypted result, which, when decrypted, is the result of the non-secure operation applied to the not encrypted variable.Type: GrantFiled: August 13, 2018Date of Patent: October 6, 2020Assignee: ABB Schweiz AGInventors: Johannes Schneider, Matus Harvan, Sebastian Obermeier, Thomas Locher, Yvonne-Anne Pignolet
-
Patent number: 10685141Abstract: The invention relates to a method for storing data blocks from client devices to a cloud storage system, the method includes the steps of: d) storing an encrypted first data block and a challenge of the first data block of a first client device on the cloud storage system, e) determining if a hash of a second data block of a second client device stored on the cloud storage system equals the hash of the first data block, f) if yes, transmitting the challenge of the first data block from the cloud storage system to the second client device, g) extracting, at the second client device, the bits at the positions or at the range contained in the challenge, hashing the extracted bits, encrypting the hashed bits with a public key of the first client device or of the second client device and uploading the encrypted bits from the second client device to the cloud storage system, and h) storing the encrypted bits from the second client device on the cloud storage system.Type: GrantFiled: February 4, 2019Date of Patent: June 16, 2020Assignee: ABB Scheiz AGInventors: Johannes Schneider, Matus Harvan, Sebastian Obermeier, Thomas Locher, Yvonne-Anne Pignolet
-
Patent number: 10680799Abstract: The application relates to a method for aggregation of a performance indicator of a device including: concatenating a respective first data item to a plurality of second data items in the device; encrypting the plurality of concatenated second data items relevant for computing the performance indicator using a first encryption key in the device, wherein the first encryption key is based on an additive homomorphic encryption scheme; sending the encrypted concatenated second data items to a computation cluster; computing the performance indicator on the computation cluster using the encrypted concatenated second data items and computing an aggregate value regarding the performance indicator by summing up the encrypted concatenated second data items; sending the aggregate value to a server of a service provider of the device; decrypting the aggregate value using a second encryption key on the server of the service provider; and verifying the decrypted result by checking whether the decrypted sum computed by summType: GrantFiled: November 13, 2018Date of Patent: June 9, 2020Assignee: ABB Schweiz AGInventors: Johannes Schneider, Matus Harvan, Sebastian Obermeier, Thomas Locher, Yvonne-Anne Pignolet
-
Publication number: 20190187672Abstract: A computer system is configured to process alarm activations received from technical systems, where an alarm activation represents a deviation of the technical status of a technical system from normal. The system includes: a data storage interface for receiving alarm activations in data storage, where the recorded alarm activations correspond to alarms; a data processor for: determining, from the recorded alarm activations, time intervals for alarm analysis; and computing similarity measures between the time intervals that depend on the occurrence of the recorded alarm activations in the time intervals, and where the contribution of an alarm activation to the similarity of two time intervals is reduced with an increasing occurrence of the alarm in the time intervals; and a user interface configured to provide pairs of time intervals to an operator of the one or more technical systems that include time intervals with similarity measures indicating similar alarm.Type: ApplicationFiled: February 21, 2019Publication date: June 20, 2019Inventors: Martin Hollender, Matus Harvan
-
Publication number: 20190171847Abstract: The invention relates to a method for storing data blocks from client devices to a cloud storage system, the method includes the steps of: d) storing an encrypted first data block and a challenge of the first data block of a first client device on the cloud storage system, e) determining if a hash of a second data block of a second client device stored on the cloud storage system equals the hash of the first data block, f) if yes, transmitting the challenge of the first data block from the cloud storage system to the second client device, g) extracting, at the second client device, the bits at the positions or at the range contained in the challenge, hashing the extracted bits, encrypting the hashed bits with a public key of the first client device or of the second client device and uploading the encrypted bits from the second client device to the cloud storage system, and h) storing the encrypted bits from the second client device on the cloud storage system.Type: ApplicationFiled: February 4, 2019Publication date: June 6, 2019Inventors: Johannes Schneider, Matus Harvan, Sebastian Obermeier, Thomas Locher, Yvonne-Anne Pignolet
-
Publication number: 20190130113Abstract: The present invention generally relates to a context-aware security self-assessment method or module that determines the context in which the device is used and based on this, assesses the devices security settings. The context may refer to the system environment, the applications the device is used for, and/or the current life-cycle stage of the device, without being limited to said contexts. The method of the present invention preferably prioritizes and rates the security relevant findings and presents them in combination with mitigation options through a web interface, a configuration tool, or through notifications in the control system.Type: ApplicationFiled: September 18, 2018Publication date: May 2, 2019Inventors: Sebastian Obermeier, Roman Schlegel, Johannes Schneider, Thomas Locher, Matus Harvan
-
Publication number: 20190097787Abstract: The invention relates to a method for aggregation of a performance indicator of a device comprising the steps of: concatenating a respective first data item to a plurality of second data items in the device; encrypting the plurality of concatenated second data items relevant for computing the performance indicator using a first encryption key in the device, wherein the first encryption key is based on an additive homomorphic encryption scheme; sending the encrypted concatenated second data items to a computation cluster; computing the performance indicator on the computation cluster using the encrypted concatenated second data items and computing an aggregate value regarding the performance indicator by summing up the encrypted concatenated second data items; sending the aggregate value to a server of a service provider of the device; decrypting the aggregate value using a second encryption key on the server of the service provider; and verifying the decrypted result by checking whether the decrypted sum compType: ApplicationFiled: November 13, 2018Publication date: March 28, 2019Inventors: Johannes Schneider, Matus Harvan, Sebastian Obermeier, Thomas Locher, Yvonne-Anne Pignolet
-
Publication number: 20190089526Abstract: The application relates to a method for computing a probabilistic encryption scheme for encrypting a data item in an electronic device including: computing a plurality of random bit strings in a computation cluster; sending the computed plurality of random strings to the electronic device; generating a random string (rE) for using in the encryption scheme in the electronic device using a subset of the plurality of the random strings computed in the computation cluster and encrypting the data item using the random string computed in the electronic device. The present application also relates to a corresponding system and corresponding computer program product including one or more computer readable media having computer executable instructions for performing the steps of the method.Type: ApplicationFiled: November 13, 2018Publication date: March 21, 2019Inventors: Thomas Locher, Johannes Schneider, Matus Harvan, Sebastian Obermeier, Yvonne-Anne Pignolet
-
Publication number: 20190005233Abstract: A method of automatically generating secure code includes: receiving source code and security constraints for the source code, the security constraints encoding, to what extend a variable in the source code is considered secure; and generating secure code from the source code and the security constraints by replacing non-secure operations in the source code, which operate on the variables considered as secure, with secure operations; wherein a secure operation is an operation, which, when applied to at least one encrypted variable, generates an encrypted result, which, when decrypted, is the result of the non-secure operation applied to the not encrypted variable.Type: ApplicationFiled: August 13, 2018Publication date: January 3, 2019Inventors: Johannes Schneider, Matus Harvan, Sebastian Obermeier, Thomas Locher, Yvonne-Anne Pignolet
-
Publication number: 20180349740Abstract: A method for evaluating data is based on a computational model, the computational model comprising model data, a training function and a prediction function. The method includes training the computational model by: receiving training data and training result data for training the computational model, and computing the model data from the training data and the training result data with the training function. The method includes predicting result data by: receiving field data for predicting result data; and computing the result data from the field data and the model data with the prediction function. The training data may be plaintext and the training result data may be encrypted with a homomorphic encryption algorithm, wherein the model data may be computed in encrypted form from the training data and the encrypted training result data with the training function.Type: ApplicationFiled: August 6, 2018Publication date: December 6, 2018Inventors: Johannes Schneider, Matus Harvan, Sebastian Obermeier, Thomas Locher, Yvonne-Anne Pignolet
-
Publication number: 20180227121Abstract: The present invention discloses a method for computing a secret value including a first secret using a function including an operation, comprising: computing, by a host, a first encrypted value of the first secret with a first key; sending, by the host, the first encrypted value to a value holder and the first key to a key holder, wherein the value holder and the key holder are independently trusted by the host; computing, by the value holder, a computed encrypted value from the first encrypted value using the function; and computing, by the key holder, a computed key from the first key using the function.Type: ApplicationFiled: January 16, 2018Publication date: August 9, 2018Inventors: Johannes Schneider, Matus Harvan, Roman Schlegel, Sebastian Obermeier, Thomas Locher
-
Publication number: 20160283702Abstract: The present invention provides an approach for granting access and respectively denying access to an instruction set of a device. The technical teaching provides the advantage that unauthorized access can be effectively prevented. Hence, maintenance work can be performed by specialized staff and security sensitive parts of the instruction sets are secured.Type: ApplicationFiled: March 21, 2016Publication date: September 29, 2016Inventors: Matus Harvan, Roman Schlegel, Sebastian Obermeier, Thomas Locher