Patents by Inventor Nigel Edwards

Nigel Edwards has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20210349836
    Abstract: Systems and methods are provided for binding one or more components to an identification component of a hardware module. Each of the serial numbers for the one or more components are included within a module-specific authentication certificate that is stored within the identification component of the hardware module. When connected to a computing platform, an authentication system of the computing platform is capable of retrieving the module-specific authentication certificate. The authentication system can compare the list of serial numbers included in the module-specific authentication certificate with one or more serial numbers read over a first interface. If the two lists of serial numbers match, the authentication system can flag the hardware module as authenticate through authentication of all components of the hardware module.
    Type: Application
    Filed: July 10, 2020
    Publication date: November 11, 2021
    Inventors: MELVIN K. BENEDICT, NIGEL EDWARDS, ERIC L. POPE
  • Publication number: 20210342162
    Abstract: A method comprising: generating, with a device, a nonce; writing, with the device, the nonce to a memory location accessible to a kernel; initializing the kernel; in response to an end of initialization, measuring a specified kernel space to produce a first result; writing the first result to a register of a second device; writing a location and size of the specified kernel space to a buffer; measuring the buffer; writing a result of buffer measurement to a second register of the second device; requesting a quote from the second device, the quote to include the nonce, the contents of the register, and the contents of the second register; and passing the quote to the device.
    Type: Application
    Filed: July 12, 2021
    Publication date: November 4, 2021
    Inventors: Geoffrey NDU, Nigel EDWARDS
  • Publication number: 20210311595
    Abstract: The present disclosure describes methods and systems for interpreting a table grouping input value associated with a table, wherein the table comprises a plurality of categories and a plurality of associated data sets corresponding to the plurality of categories, determining an aggregation value in response to the table grouping input value, wherein the aggregation value corresponds to at least one of the plurality of categories, and in response to the aggregation value, providing an aggregated table view.
    Type: Application
    Filed: March 16, 2021
    Publication date: October 7, 2021
    Inventors: Melissa Ming-Sak Boucher, Jeremy Edward Britton, Luke Bayes, Monica F. Caso, Alexander W. Deneui, Christopher Leland Eck, Nigel Robin Ellis, Filipe P. Fortes, David Lilja Greenspan, Brett Robert Hobbs, Matthew B. Hudson, Timothy Andrew James, Kenneth Francis Mendes, Shishir S. Mehrotra, Trevor Michael O'Brien, Lane Patrick Shackleton, Rhed Shi, Hariharan Sivaramakrishnan, Jason Peter Stowe, Jason Andrew Tamulonis, Himanshu Vasishth, Ramesh Krishna Vyaghrapuri, David Richard Wright, Irvin Zhan, Roger Mathieu Zurawicki
  • Patent number: 11138315
    Abstract: A system comprising an inner kernel of an operating system (OS) running at a higher privilege level than an outer kernel of the OS, the inner kernel to measure a data structure in a memory; a device including a measurement engine to measure the data structure in the memory, wherein the device operates independently of the OS; and a trusted execution environment including an application to compare measurements from the inner kernel and the measurement engine.
    Type: Grant
    Filed: January 17, 2018
    Date of Patent: October 5, 2021
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Geoffrey Ndu, Ludovic Emmanuel Paul Noel Jacquin, Nigel Edwards
  • Publication number: 20210286481
    Abstract: The present disclosure describes methods and systems for interpreting a first user input comprising a text flow entry, interpreting a second user input comprising one of an in-line data access entry and a table-based calculation entry, positioning a text entry value on a unified document surface in response to the first user input, creating at least one data structure in response to the one of the in-line data access entry and the table-based calculation entry, and positioning the data structure on the unified document surface.
    Type: Application
    Filed: December 21, 2020
    Publication date: September 16, 2021
    Inventors: Melissa Ming-Sak Boucher, Jeremy Edward Britton, Luke Bayes, Monica F. Caso, Alexander W. Deneui, Christopher Leland Eck, Nigel Robin Ellis, Filipe P. Fortes, David Lilja Greenspan, Brett Robert Hobbs, Matthew B. Hudson, Timothy Andrew James, Kenneth Francis Mendes, Shishir S. Mehrotra, Trevor Michael O'Brien, Lane Patrick Shackleton, Rhed Shi, Hariharan Sivaramakrishnan, Jason Peter Stowe, Jason Andrew Tamulonis, Himanshu Vasishth, Ramesh Krishna Vyaghrapuri, David Richard Wright, Irvin Zhan, Roger Mathieu Zurawicki
  • Publication number: 20210286479
    Abstract: The present disclosure describes methods and systems for a document server communicatively coupled to at least one client computing device, a document comprising an operation log, wherein the operation log comprises at least one first sequential operation defining operations to create data values of the document, a document object model, wherein the document is at least partially positioned on at least one of the document server and a first client computing device of the at least one client computing device, and a formula engine, wherein the formula engine is structured to determine a calculation definition in response to the user formula value and the document object model.
    Type: Application
    Filed: November 20, 2020
    Publication date: September 16, 2021
    Inventors: Melissa Ming-Sak Boucher, Jeremy Edward Britton, Luke Bayes, Monica F. Caso, Alexander W. Deneui, Christopher Leland Eck, Nigel Robin Ellis, Filipe P. Fortes, David Lilja Greenspan, Brett Robert Hobbs, Matthew B. Hudson, Timothy Andrew James, Kenneth Francis Mendes, Shishir S. Mehrotra, Trevor Michael O'Brien, Lane Patrick Shackleton, Rhed Shi, Hariharan Sivaramakrishnan, Jason Peter Stowe, Jason Andrew Tamulonis, Himanshu Vasishth, Ramesh Krishna Vyaghrapuri, David Richard Wright, Irvin Zhan, Roger Mathieu Zurawicki
  • Patent number: 11119789
    Abstract: A method comprising: generating, with a device, a nonce; writing, with the device, the nonce to a memory location accessible to a kernel; initializing the kernel; in response to an end of initialization, measuring a specified kernel space to produce a first result; writing the first result to a register of a second device; writing a location and size of the specified kernel space to a buffer; measuring the buffer; writing a result of buffer measurement to a second register of the second device; requesting a quote from the second device, the quote to include the nonce, the contents of the register, and the contents of the second register; and passing the quote to the device.
    Type: Grant
    Filed: April 25, 2018
    Date of Patent: September 14, 2021
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Geoffrey Ndu, Nigel Edwards
  • Patent number: 11106332
    Abstract: The present invention discloses receiving a first operation log from a first computing device, creating a first document view in response to the first operation log, the document view comprising content generated using at least a portion of the first operation log, providing the first document view to a display device, receiving a user document change input value, and creating a local operation log in response to the first operation log and the user document change input value, the local operation log comprising at least one sequential operation defining operations to create a second document, updating the first document view in response to the user document change input value, and communicating a change value for the first operation log to the first computing device in response to the first operation log and the local operation log.
    Type: Grant
    Filed: September 13, 2019
    Date of Patent: August 31, 2021
    Assignee: Coda Project, Inc.
    Inventors: Melissa Ming-Sak Boucher, Jeremy Edward Britton, Luke Bayes, Monica F. Caso, Alexander W. Deneui, Christopher Leland Eck, Nigel Robin Ellis, Filipe P. Fortes, David Lilja Greenspan, Brett Robert Hobbs, Matthew B. Hudson, Timothy Andrew James, Kenneth Francis Mendes, Shishir S. Mehrotra, Trevor Michael O'Brien, Lane Patrick Shackleton, Rhed Shi, Hariharan Sivaramakrishnan, Jason Peter Stowe, Jason Andrew Tamulonis, Himanshu Vasishth, Ramesh Krishna Vyaghrapuri, David Richard Wright, Irvin Zhan, Roger Mathieu Zurawicki
  • Publication number: 20210256118
    Abstract: Examples disclosed herein relate to integrity monitoring of a computing system using a kernel that can update its own code. Trust of state information is verified. Kernel code and module code are loaded into memory that is accessible to a device separate from a processor that loads the kernel code and module code. A measurement module is verified and loaded into memory. The state information can correspond to multiple symbols. The measurement module can measure the state information corresponding to each of the respective symbols to generate a set of initial measurements. The set of initial measurements can be provided to a device for integrity monitoring. The device is to compare a current measurement with an initial measurement to determine if a potential violation occurred. The device is to use a representation of a jump table to determine whether the potential violation is a violation.
    Type: Application
    Filed: April 16, 2021
    Publication date: August 19, 2021
    Inventors: Geoffrey NDU, Theofrastos KOULOURIS, Nigel EDWARDS
  • Publication number: 20210248239
    Abstract: A method of certifying a state of a platform includes receiving one or more software elements of a software stack of the platform by an authentication module and performing a hash algorithm on the software stack to generate one or more hash values. The software stack uniquely determines a software state of the platform. The method includes generating creation data, a creation hash, and a creation ticket, corresponding to the hash values and sending the creation ticket to the platform. The method also includes receiving the creation ticket by the authentication module and certifying the creation data and the creation hash based on the creation ticket. The method further includes generating a certified structure based on the creation data and performing the hash algorithm on the certified structure to generate a hash of the certified structure. The certified structure uniquely determines the software state of the platform.
    Type: Application
    Filed: April 28, 2021
    Publication date: August 12, 2021
    Inventors: Ludovic Emmanuel Paul Noel JACQUIN, Hamza ATTAK, Nigel EDWARDS
  • Patent number: 11017090
    Abstract: A method of certifying a state of a platform includes receiving one or more software elements of a software stack of the platform by an authentication module and performing a hash algorithm on the software stack to generate one or more hash values. The software stack uniquely determines a software state of the platform. The method includes generating creation data, a creation hash, and a creation ticket, corresponding to the hash values and sending the creation ticket to the platform. The method also includes receiving the creation ticket by the authentication module and certifying the creation data and the creation hash based on the creation ticket. The method further includes generating a certified structure based on the creation data and performing the hash algorithm on the certified structure to generate a hash of the certified structure. The certified structure uniquely determines the software state of the platform.
    Type: Grant
    Filed: December 17, 2018
    Date of Patent: May 25, 2021
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Ludovic Emmanuel Paul Noel Jacquin, Hamza Attak, Nigel Edwards
  • Patent number: 11017080
    Abstract: Examples disclosed herein relate to integrity monitoring of a computing system using a kernel that can update its own code. Trust of state information is verified. Kernel code and module code are loaded into memory that is accessible to a device separate from a processor that loads the kernel code and module code. A measurement module is verified and loaded into memory. The state information can correspond to multiple symbols. The measurement module can measure the state information corresponding to each of the respective symbols to generate a set of initial measurements. The set of initial measurements can be provided to a device for integrity monitoring. The device is to compare a current measurement with an initial measurement to determine if a potential violation occurred. The device is to use a representation of a jump table to determine whether the potential violation is a violation.
    Type: Grant
    Filed: June 13, 2018
    Date of Patent: May 25, 2021
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Geoffrey Ndu, Theofrastos Koulouris, Nigel Edwards
  • Publication number: 20210073003
    Abstract: Examples disclosed herein relate to using an integrity manifest certificate to verify the state of a platform. A device identity of a device that has the device identity provisioned and stored in a security co-processor to retrieve an integrity proof from the security co-processor. The device includes at least one processing element, at least one memory device, and a bus including at least one bus device, and wherein the device identity is associated with a device identity certificate signed by a first authority. The integrity proof includes a representation of each of a plurality of hardware components including the at least one processing element, the at least one memory device, the at least one bus device, and a system board and a representation of plurality of firmware components included in the device. The integrity proof is provided to a certification station.
    Type: Application
    Filed: September 10, 2019
    Publication date: March 11, 2021
    Inventors: Ludovic Emmanuel Paul Noel Jacquin, Nigel Edwards, Thomas M. Laffey
  • Publication number: 20210067520
    Abstract: A method includes providing, by a first electronic device, a first request to a second electronic device for the second electronic device to provide data to the first electronic device representing content that is stored in a security component of the second electronic device. The first electronic device receives the response from the second electronic device to the first request and, in response thereto, the first electronic device stores data in the first electronic device representing content that is stored in a security component of the second electronic device. The method includes performing cross-attestation. Performing the cross-attestation includes, in response to an attestation request that is provided by a verifier to the first electronic device, the first electronic device providing to the verifier data representing content that is stored in the security component of the first electronic device and data representing the content stored in the security component of the second electronic device.
    Type: Application
    Filed: August 27, 2019
    Publication date: March 4, 2021
    Inventors: Yongqi Wang, Ludovic Emmanuel Paul Noel Jacquin, Nigel Edwards
  • Patent number: 10938553
    Abstract: The present disclosure relates to generating an identifier, an encrypted value that is an original value encrypted, and a Message Authentication Code (MAC) at a server device, and to generating a message including a message header and a message body, said message header including the identifier and the MAC, and said message body including the encrypted value, and said that the MAC key used to compute the message authentication code is included in the original value to be encrypted, and further relates to transmitting the message to a client device.
    Type: Grant
    Filed: November 27, 2015
    Date of Patent: March 2, 2021
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Liqun Chen, Nigel Edwards
  • Patent number: 10929148
    Abstract: Example embodiments relate to executing services in containers. The examples disclosed herein include a computing device comprising instructions to load an inner portion of an operating system kernel in an inner region of a kernel space and an outer portion of the operating system kernel in an outer region of the kernel space. The example computing device may execute a service in a container in a user space. The container may be communicatively coupled with the outer region of the operating system kernel but divided from the inner portion of the operating system kernel.
    Type: Grant
    Filed: June 8, 2016
    Date of Patent: February 23, 2021
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Nigel Edwards, Chris I Dalton
  • Publication number: 20210026948
    Abstract: In some examples, a system executes a monitor separate from an operating system (OS) that uses mapping information in accessing data in a physical memory. The monitor identifies, using the mapping information, invariant information, that comprises program code, of the OS without suspending execution of the OS, the identifying comprising the monitor accessing the physical memory independently of the OS. The monitor determines, based on monitoring the invariant information of the OS, whether a security issue is present.
    Type: Application
    Filed: July 26, 2019
    Publication date: January 28, 2021
    Inventors: Geoffrey Ndu, Nigel Edwards
  • Patent number: 10853090
    Abstract: Examples relate to integrity reports. In an implementation, an entity for executing a function is launched, the entity operating one or more files for executing the function. In response to the entity being launched, an entity image integrity report is generated comprising, for one or more files operated by the entity, a reference to the file measurement in a first integrity report the first integrity report containing measurements of a plurality of files operable in one or more entities. Alternatively, in response to the entity being launched, an entity integrity report is generated comprising a file measurement for each of the files operated by the entity.
    Type: Grant
    Filed: January 22, 2018
    Date of Patent: December 1, 2020
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Ludovic Emmanuel Paul Noel Jacquin, Hamza Attak, Nigel Edwards, Guilherme de Campos Magalhaes
  • Patent number: 10783246
    Abstract: Examples relate to snapshots of system memory. In an example implementation, structural information of a process in a snapshot of system memory is compared with hashes or fuzzy hashes of executable regions of the same process in a previous snapshot of system memory to determine whether there is a structural anomaly.
    Type: Grant
    Filed: January 31, 2017
    Date of Patent: September 22, 2020
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Nigel Edwards, Michael John Wray
  • Publication number: 20200293652
    Abstract: Systems and methods for multi-dimensional attestation are provided. One method for multi-dimensional attestation includes upon occurrence of a triggering event, taking triggered measurements of a platform, the platform including a security co-processor and a volatile memory; extending a platform configuration register of the volatile memory to include the triggered measurements; taking snapshots of the platform configuration register over time; storing the snapshots in a snapshot memory; and upon request, sending the triggered measurements and the snapshots to a verifier for detection of potential attacks.
    Type: Application
    Filed: March 12, 2019
    Publication date: September 17, 2020
    Inventors: Yongqi Wang, Ludovic Emmanuel Paul Noel Jacquin, Nigel Edwards