Patents by Inventor Micah J. Sheller
Micah J. Sheller has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9934372Abstract: Technologies for performing orientation-independent bioimpedance-based user authentication include a compute device. The compute device includes a plurality of electrodes usable to transmit an alternating current and measure a bioimpedance in a section of the body of a user. The compute device is to transmit, with a pair of the electrodes, an alternating current through the section of the body of the user, measure, with a pair of the electrodes, a bioimpedance of the section of the body to the transmitted alternating current, generate a tomographic image as a function of the measured bioimpedance, identify a position of a fiduciary marker in the tomographic image, rotate the tomographic image to a predefined orientation as a function of the position of the fiduciary marker, extract one or more biometric features from the rotated tomographic image, and perform authentication of the user as a function of the extracted one or more biometric features.Type: GrantFiled: April 1, 2017Date of Patent: April 3, 2018Assignee: Intel CorporationInventors: Cory Cornelius, Micah J. Sheller, Jason Martin
-
Patent number: 9922194Abstract: In one embodiment, a system comprises: a processor including at least one core to execute instructions; a plurality of sensors, including a first sensor to determine location information regarding a location of the system; and a security engine to apply a security policy to the system. In this embodiment, the security engine includes a policy logic to determine one of a plurality of security policies to apply based at least in part on the location information, where the location information indicates a location different than locations associated with the plurality of security policies. Other embodiments are described and claimed.Type: GrantFiled: February 7, 2017Date of Patent: March 20, 2018Assignee: Intel CorporationInventors: Nathaniel J. Goss, Nathan Heldt-Sheller, Kevin C. Wells, Micah J. Sheller, Sindhu Pandian, Ned M. Smith, Bernard N. Keany
-
Publication number: 20180077154Abstract: In embodiments, apparatuses, methods and storage media (transitory and non-transitory) are described that are associated with user profile selection using contextual authentication. In various embodiments, a first user of a computing device may be authenticated and have an access control state corresponding to a first user profile established, the computing device may select a second user profile based at least in part a changed user characteristic, and the computing device may present a resource based at least in part on the second user profile. In various embodiments, the computing device may include a sensor and a user profile may be selected based at least in part on an output of the sensor and a previously stored template generated by a machine learning classifier.Type: ApplicationFiled: November 15, 2017Publication date: March 15, 2018Inventors: Ned M. Smith, Hannah L. Scurfield, Nathan Heldt-Sheller, Micah J. Sheller, Nathaniel J. Goss, Kevin C. Wells, Sindhu Pandian
-
Publication number: 20180069855Abstract: In embodiments, apparatuses, methods and storage media (transitory and non-transitory) are described that are associated with user profile selection using contextual authentication. In various embodiments, a first user of a computing device may be authenticated and have an access control state corresponding to a first user profile established, the computing device may select a second user profile based at least in part a changed user characteristic, and the computing device may present a resource based at least in part on the second user profile. In various embodiments, the computing device may include a sensor and a user profile may be selected based at least in part on an output of the sensor and a previously stored template generated by a machine learning classifier.Type: ApplicationFiled: November 14, 2017Publication date: March 8, 2018Inventors: Ned M. Smith, Hannah L. Scurfield, Nathan Heldt-Sheller, Micah J. Sheller, Nathaniel J. Goss, Kevin C. Wells, Sindhu Pandian
-
Patent number: 9871779Abstract: Generally, this disclosure describes a continuous authentication confidence module. A system may include user device including processor circuitry configured to determine presence data; a confidence factor including at least one of a sensor configured to capture sensor input and a system monitoring module configured to monitor activity of the user device; memory configured to store a confidence score and an operating system; and a continuous authentication confidence module configured to determine the confidence score in response to an initial authentication of a specific user, update the confidence score based, at least in part, an expectation of user presence and/or selected presence data, and notify the operating system that the authentication is no longer valid if the updated confidence score is within a tolerance of a session close threshold; the initial authentication configured to open a session, the confidence score configured to indicate a current strength of authentication during the session.Type: GrantFiled: August 28, 2015Date of Patent: January 16, 2018Assignee: Intel CorporationInventors: Micah J. Sheller, Conor P. Cahill, Jason Martin, Ned M. Smith, Brandon Baker
-
Patent number: 9866555Abstract: Various embodiments are generally directed to an apparatus, method, and other techniques to maintain user authentications with common trusted devices. If a user is in possession of a first computing device (e.g., a smartphone), an unlocked state of the first trusted device is maintained if the user is using a nearby trusted device (e.g., a computer) within a certain amount of time. If the first trusted device is in a pocket or other container, a longer span of time is granted to the user to register an on-body state.Type: GrantFiled: December 23, 2015Date of Patent: January 9, 2018Assignee: INTEL CORPORATIONInventors: Micah J. Sheller, Yonghong Huang, Narjala P. Bhasker, Jason Martin, Cory Cornelius
-
Publication number: 20170374509Abstract: Various embodiments are generally directed to the provision and use of geometric location based security systems that use multiple beacons for determining a location. A beacon transmitted from an ultrasound broadcast as well as one or more different wireless broadcasts can be used to geo-locate a device and provide access controls based on the geo-location.Type: ApplicationFiled: April 5, 2017Publication date: December 28, 2017Applicant: INTEL CORPORATIONInventors: Ned M. Smith, Micah J. Sheller, Nathan Heldt-Sheller
-
Patent number: 9817964Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to facilitate secure screen input. An example disclosed system includes a user interface (UI) manager to generate a UI comprising a quantity of ordinal entry points, each one of the quantity of ordinal entry points comprising a repeating selectable pattern, an ordinal sequence generator to generate an initial randomized combination of the quantity of ordinal entry points, the randomized combination stored in a trusted execution environment, and an offset calculator to calculate a password entry value by comparing an offset value and direction value retrieved from the UI with the initial randomized combination of the quantity of ordinal entry points.Type: GrantFiled: December 6, 2016Date of Patent: November 14, 2017Assignee: INTEL CORPORATIONInventors: Bradley W. Corrion, Micah J. Sheller, Jeffrey M. Tripp
-
Publication number: 20170318016Abstract: Technologies for supporting and implementing multiple digital rights management protocols on a client device are described. In some embodiments, the technologies include a client device having an architectural enclave which may function to identify one of a plurality of digital rights management protocols for protecting digital information to be received from a content provider or a sensor. The architectural enclave select a preexisting secure information processing environment (SIPE) to process said digital information, if a preexisting SIPE supporting the DRM protocol is present on the client. If a preexisting SIPE supporting the DRM protocol is not present on the client, the architectural enclave may general a new SIPE that supports the DRM protocol on the client. Transmission of the digital information may then be directed to the selected preexisting SIPE or the new SIPE, as appropriate.Type: ApplicationFiled: July 18, 2017Publication date: November 2, 2017Applicant: INTEL CORPORATIONInventors: Ned M. SMITH, Nathan HELDT-SHELLER, Reshma LAL, Micah J. SHELLER, Matthew E. HOEKSTRA
-
Patent number: 9798559Abstract: In an example, a computing device may include a trusted execution environment (TEE) for executing signed and verified code. The device may receive a trusted binary object in a first form, but the object may need to be converted to a second format, either on-the-fly, or in advance. This may include, for example, a bytecode interpreter, script interpreter, runtime engine, compiler, just-in-time compiler, or other species of binary translator. The binary translator may be run from the TEE, and the output may then be signed by the TEE and treated as a new trusted binary.Type: GrantFiled: December 27, 2014Date of Patent: October 24, 2017Assignee: McAfee, Inc.Inventors: Samir Shah, Ned M. Smith, Jason Martin, Micah J. Sheller, Somnath Chakrabarti, Bin Xing
-
Patent number: 9781113Abstract: Technologies for supporting and implementing multiple digital rights management protocols on a client device are described. In some embodiments, the technologies include a client device having an architectural enclave which may function to identify one of a plurality of digital rights management protocols for protecting digital information to be received from a content provider or a sensor. The architectural enclave select a preexisting secure information processing environment (SIPE) to process said digital information, if a preexisting SIPE supporting the DRM protocol is present on the client. If a preexisting SIPE supporting the DRM protocol is not present on the client, the architectural enclave may general a new SIPE that supports the DRM protocol on the client. Transmission of the digital information may then be directed to the selected preexisting SIPE or the new SIPE, as appropriate.Type: GrantFiled: December 19, 2013Date of Patent: October 3, 2017Assignee: INTEL CORPORATIONInventors: Ned M. Smith, Nathan Heldt-Sheller, Reshma Lal, Micah J. Sheller, Matthew E. Hoekstra
-
Publication number: 20170244684Abstract: Generally, this disclosure describes technologies for securely storing and using biometric authentication information, such as biometric reference templates. In some embodiments, the technologies include a client device that stores one or more biometric reference templates in a memory thereof. The client device may transfer such templates to an authentication device. The transfer may be conditioned on verification that the authentication device includes a suitable protected environment for the templates and will execute an acceptable temporary storage policy. The technologies may also include an authentication device that is configured to temporarily store biometric reference templates received from a client device in a protected environment thereof. Upon completion of biometric authentication or the occurrence of a termination event, the authentication devices may delete the biometric reference templates from the protected environment.Type: ApplicationFiled: March 7, 2017Publication date: August 24, 2017Inventors: NED M. SMITH, CONOR P. CAHILL, MICAH J. SHELLER, JASON MARTIN
-
Publication number: 20170214526Abstract: In an embodiment, a security engine of a processor includes an identity provider logic to generate a first key pair of a key pairing associating system user and a service provider that provides a web service and having a second system coupled to the system via a network, to perform a secure communication with the second system to enable the second system to verify that the identity provider logic is executing in a trusted execution environment, and responsive to the verification, to send a first key of the first key pair to the second system. This key may enable the second system to verify an assertion communicated by the identity provider logic that the user has been authenticated to the system according to a multi-factor authentication. Other embodiments are described and claimed.Type: ApplicationFiled: February 3, 2017Publication date: July 27, 2017Inventors: Ned M. Smith, Conor P. Cahill, Victoria C. Moore, Jason Martin, Micah J. Sheller
-
Publication number: 20170180363Abstract: In embodiments, apparatuses, methods and storage media (transitory and non-transitory) are described that are associated with user profile selection using contextual authentication. In various embodiments, a first user of a computing device may be authenticated and have an access control state corresponding to a first user profile established, the computing device may select a second user profile based at least in part a changed user characteristic, and the computing device may present a resource based at least in part on the second user profile. In various embodiments, the computing device may include a sensor and a user profile may be selected based at least in part on an output of the sensor and a previously stored template generated by a machine learning classifier.Type: ApplicationFiled: March 3, 2017Publication date: June 22, 2017Inventors: Ned M. Smith, Hannah L. Scurfield, Nathan Heldt-Sheller, Micah J. Sheller, Nathaniel J. Goss, Kevin C. Wells, Sindhu Pandian
-
Publication number: 20170169231Abstract: Technologies for information security include a computing device with one or more sensors. The computing device may authenticate a user and, after successful authentication, analyze sensor data to determine whether it is likely that the user authenticated under duress. If so, the computing device performs a security operation such as generating an alert or presenting false but plausible data to the user. Additionally or alternatively, the computing device, within a trusted execution environment, may monitor sensor data and apply a machine-learning classifier to the sensor data to identify an elevated risk of malicious attack. For example, the classifier may identify potential user identification fraud. The computing device may trigger a security response if elevated risk of attack is detected. For example, the trusted execution environment may trigger increased authentication requirements or increased anti-theft monitoring for the computing device. Other embodiments are described and claimed.Type: ApplicationFiled: February 28, 2017Publication date: June 15, 2017Inventors: Jasmeet Chhabra, Ned M. Smith, Micah J. Sheller, Nathan Heldt-Sheller
-
Publication number: 20170154179Abstract: Methods, apparatus, systems and articles of manufacture are disclosed to facilitate secure screen input. An example disclosed system includes a user interface (UI) manager to generate a UI comprising a quantity of ordinal entry points, each one of the quantity of ordinal entry points comprising a repeating selectable pattern, an ordinal sequence generator to generate an initial randomized combination of the quantity of ordinal entry points, the randomized combination stored in a trusted execution environment, and an offset calculator to calculate a password entry value by comparing an offset value and direction value retrieved from the UI with the initial randomized combination of the quantity of ordinal entry points.Type: ApplicationFiled: December 6, 2016Publication date: June 1, 2017Inventors: Bradley W. Corrion, Micah J. Sheller, Jeffrey M. Tripp
-
Publication number: 20170147822Abstract: In one embodiment, a system comprises: a processor including at least one core to execute instructions; a plurality of sensors, including a first sensor to determine location information regarding a location of the system; and a security engine to apply a security policy to the system. In this embodiment, the security engine includes a policy logic to determine one of a plurality of security policies to apply based at least in part on the location information, where the location information indicates a location different than locations associated with the plurality of security policies. Other embodiments are described and claimed.Type: ApplicationFiled: February 7, 2017Publication date: May 25, 2017Inventors: Nathaniel J. Goss, Nathan Heldt-Sheller, Kevin C. Wells, Micah J. Sheller, Sindhu Pandian, Ned M. Smith, Bernard N. Keany
-
Patent number: 9659158Abstract: Technologies for determining a confidence of user authentication include authenticating a user of a computing device based on a set of authentication factors and a fusion function that fuses the set of authentication factors to generate an authentication result. A false accept rate and a false reject rate of the authentication result is determined, and an authentication confidence for the authentication result is determined. The authentication of the user is performed passively, without interruption or interruption of the user. If the authentication confidence is below a threshold value, an active authentication procedure may be performed.Type: GrantFiled: December 27, 2014Date of Patent: May 23, 2017Assignee: Intel CorporationInventors: Micah J. Sheller, Ned M. Smith, Nathan Heldt-Sheller
-
Patent number: 9648457Abstract: Various embodiments are generally directed to the provision and use of geometric location based security systems that use multiple beacons for determining a location. A beacon transmitted from an ultrasound broadcast as well as one or more different wireless broadcasts can be used to geo-locate a device and provide access controls based on the geo-location.Type: GrantFiled: December 16, 2014Date of Patent: May 9, 2017Assignee: INTEL CORPORATIONInventors: Ned M. Smith, Micah J. Sheller, Nathan Heldt-Sheller
-
Patent number: 9628477Abstract: In embodiments, apparatuses, methods and storage media (transitory and non-transitory) are described that are associated with user profile selection using contextual authentication. In various embodiments, a first user of a computing device may be authenticated and have an access control state corresponding to a first user profile established, the computing device may select a second user profile based at least in part a changed user characteristic, and the computing device may present a resource based at least in part on the second user profile. In various embodiments, the computing device may include a sensor and a user profile may be selected based at least in part on an output of the sensor and a previously stored template generated by a machine learning classifier.Type: GrantFiled: December 23, 2014Date of Patent: April 18, 2017Assignee: Intel CorporationInventors: Ned M. Smith, Hannah L. Scurfield, Nathan Heldt-Sheller, Micah J. Sheller, Nathaniel J. Goss, Kevin C. Wells, Sindhu Pandian