Patents by Inventor Rafie Shamsaasef
Rafie Shamsaasef has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11941143Abstract: A secure cloud-based node-locking service with built-in attack detection to eliminate fuzzing, cloning and other attacks is disclosed. White-box base files are securely stored on the cloud service and are not vulnerable to accidental leakage. A secure cloud-based dynamic secret encoding service reduces the risk of exposure of unprotected secrets and other sensitive data.Type: GrantFiled: February 17, 2023Date of Patent: March 26, 2024Assignee: ARRIS Enterprises LLCInventors: Lex Aaron Anderson, Rafie Shamsaasef, Alexander Medvinsky
-
Publication number: 20230370270Abstract: A method and apparatus, and system for providing device credentials to a plurality of devices is disclosed.Type: ApplicationFiled: May 10, 2023Publication date: November 16, 2023Applicant: ARRIS Enterprises LLCInventors: Alexander MEDVINSKY, Xin QIU, Ting YAO, Jason PASION, Oscar JIANG, Rafie SHAMSAASEF, Tat Keung CHAN
-
Publication number: 20230269066Abstract: A system and method for provisioning confidential data such as unique credentials is described. The technique initializes a whitebox cryptographic software module to a particular PKI client to soft-lock whitebox cryptographic operations to the particular PKI client and uniquely encrypting the credentials with a node-locking key (NLK) derivable from a digital certificate.Type: ApplicationFiled: February 9, 2023Publication date: August 24, 2023Applicant: ARRIS Enterprises LLCInventors: Tat Keung CHAN, Alexander MEDVINSKY, Rafie SHAMSAASEF, Fariba BAREZ
-
Publication number: 20230195925Abstract: A secure cloud-based node-locking service with built-in attack detection to eliminate fuzzing, cloning and other attacks is disclosed. White-box base files are securely stored on the cloud service and are not vulnerable to accidental leakage. A secure cloud-based dynamic secret encoding service reduces the risk of exposure of unprotected secrets and other sensitive data.Type: ApplicationFiled: February 17, 2023Publication date: June 22, 2023Applicant: ARRIS Enterprises LLCInventors: Lex Aaron ANDERSON, Rafie SHAMSAASEF, Alexander MEDVINSKY
-
Patent number: 11625498Abstract: A secure cloud-based node-locking service with built-in attack detection to eliminate fuzzing, cloning and other attacks is disclosed. White-box base files are securely stored on the cloud service and are not vulnerable to accidental leakage. A secure cloud-based dynamic secret encoding service reduces the risk of exposure of unprotected secrets and other sensitive data.Type: GrantFiled: April 15, 2022Date of Patent: April 11, 2023Assignee: ARRIS Enterprises LLCInventors: Lex Aaron Anderson, Rafie Shamsaasef, Alexander Medvinsky
-
Publication number: 20220417001Abstract: A cloud-based system and method for encrypting media content is disclosed. The system comprises a key server microservice, for receiving control word requests and for generating encoded control words and a software encryption microservice, communicatively coupled to the key server microservices, the encryption microservice for receiving the media content, for generating the control word requests, for receiving the encoded control words, and for white-box encrypting the media content according to the generated encoded control words.Type: ApplicationFiled: June 23, 2022Publication date: December 29, 2022Applicant: ARRIS Enterprises LLCInventors: Rafie SHAMSAASEF, Lawrence COOK
-
Publication number: 20220366071Abstract: A secure cloud-based node-locking service with built-in attack detection to eliminate fuzzing, cloning and other attacks is disclosed. White-box base files are securely stored on the cloud service and are not vulnerable to accidental leakage. A secure cloud-based dynamic secret encoding service reduces the risk of exposure of unprotected secrets and other sensitive data.Type: ApplicationFiled: April 15, 2022Publication date: November 17, 2022Applicant: ARRIS Enterprises LLCInventors: Lex Aaron ANDERSON, Rafie SHAMSAASEF, Alexander MEDVINSKY
-
Publication number: 20220109656Abstract: A method and video decoder system using the method are provided for identifying video frames in an encoded or encrypted video stream without performing decoding or decryption. The method includes: receiving a video data stream comprised of a plurality of transport stream (TS) packets; detecting a first video frame in the video data stream, wherein detection of the first video frame includes registering a last checked position at the start of the video data stream, examining bytes in a next TS packet to identify a predetermined pattern indicating a network abstraction layer (NAL) unit, repeating the examining step until two TS packets have been identified that include an NAL unit, wherein the last checked position is updated after each examining step, and identifying a video frame based on a position of the NAL unit identified in the two TS packets; and repeating the detecting step for a plurality of additional video frames in the video data stream.Type: ApplicationFiled: December 17, 2021Publication date: April 7, 2022Applicant: ARRIS Enterprises LLCInventors: Rafie Shamsaasef, Polly Tang, Kuang Ming Chen, William S. Watson
-
Patent number: 11206244Abstract: A method and video decoder system using the method are provided for identifying video frames in an encoded or encrypted video stream without performing decoding or decryption. The method includes: receiving a video data stream comprised of a plurality of transport stream (TS) packets; detecting a first video frame in the video data stream, wherein detection of the first video frame includes registering a last checked position at the start of the video data stream, examining bytes in a next TS packet to identify a predetermined pattern indicating a network abstraction layer (NAL) unit, repeating the examining step until two TS packets have been identified that include an NAL unit, wherein the last checked position is updated after each examining step, and identifying a video frame based on a position of the NAL unit identified in the two TS packets; and repeating the detecting step for a plurality of additional video frames in the video data stream.Type: GrantFiled: December 21, 2018Date of Patent: December 21, 2021Assignee: ARRIS Enterprise LLCInventors: Rafie Shamsaasef, Polly Tang, Kuang Ming Chen, William S. Watson
-
Publication number: 20210349970Abstract: A method and system provide the ability to enforce application protection in the cloud. A request to register an application is received in a registration tool executing within a cloud computing environment. The registration tool collects application information data and protection policy settings, and registers the application by returning, to a build-time environment, a secure protection authorization (SPA) certificate that authorizes the application to be built. A build registration tool executing in the cloud computing environment receives, from a cloud protection toolchain executing in the build-time environment, signed build-data that includes the SPA and build information for a build of the application. After determining, in the cloud, that the SPA is authenticate, developer credentials are authorized, and the build information is valid, the build registration tool responds to the cloud protection toolchain that the build for the application is authorized.Type: ApplicationFiled: May 5, 2021Publication date: November 11, 2021Applicant: ARRIS Enterprises LLCInventors: Rafie Shamsaasef, Lex A. Anderson, Alexander Medvinsky
-
Publication number: 20210334358Abstract: A method and system provide the ability to dynamically verify an executable. Encrypted build data and developer permissions are received from a first developer into a build registration tool within a secure cloud computing environment. The encrypted build data includes a build identification (ID), a dynamic code signing certificate (CER), and developer credentials. The build registration tool authenticates the developer credentials based on developer permissions. A dynamic code signing tool (within the secure cloud computing environment) decrypts the encrypted build data and activates the executable by dynamically signing the executable to obtain a dynamic code signature (SEC). The SEC is delivered for runtime deployment.Type: ApplicationFiled: April 27, 2021Publication date: October 28, 2021Inventors: Alexander Medvinsky, Rafie Shamsaasef, Lex A. Anderson
-
Patent number: 10749675Abstract: A method for whitebox cryptography is provided for computing an algorithm (m,S) with input m and secret S, using one or more white-box encoded operations. The method includes accepting an encoded input c, where c=Enc(P,m); accepting an encoded secret S?, where S?=Enc(P,S); performing one or more operations on the encoded input c and the encoded secret S? modulo N to obtain an encoded output c?; and decoding the encoded output c? with the private key p to recover an output m? according to m?=Dec(p,c?), such that m?=(m,S).Type: GrantFiled: January 9, 2018Date of Patent: August 18, 2020Assignee: ARRIS Enterprises LLCInventors: Lex Aaron Anderson, Alexander Medvinsky, Rafie Shamsaasef
-
Publication number: 20200204525Abstract: A method and video decoder system using the method are provided for identifying video frames in an encoded or encrypted video stream without performing decoding or decryption. The method includes: receiving a video data stream comprised of a plurality of transport stream (TS) packets; detecting a first video frame in the video data stream, wherein detection of the first video frame includes registering a last checked position at the start of the video data stream, examining bytes in a next TS packet to identify a predetermined pattern indicating a network abstraction layer (NAL) unit, repeating the examining step until two TS packets have been identified that include an NAL unit, wherein the last checked position is updated after each examining step, and identifying a video frame based on a position of the NAL unit identified in the two TS packets; and repeating the detecting step for a plurality of additional video frames in the video data stream.Type: ApplicationFiled: December 21, 2018Publication date: June 25, 2020Inventors: Rafie Shamsaasef, Polly Tang, Kuang Ming Chen, William S. Watson
-
Publication number: 20190188157Abstract: A method is provided to dynamically encode data at runtime with a tagged data element in a program associated with an obfuscation algorithm randomly selected during runtime. Instructions for invoking the obfuscation algorithm are generated when a compiler encounters the tagged variable in the source code. At runtime, unencoded data is encoded by the obfuscation algorithm when the unencoded data is copied to the tagged data element; encoded data is re-encoded by the obfuscation algorithm when the encoded data is copied from a differently tagged data element to the tagged data element, wherein the differently tagged data element is associated with a different obfuscation algorithm; and encoded data is decoded by the obfuscation algorithm when the encoded data is copied from the tagged data element to an untagged data element.Type: ApplicationFiled: December 14, 2017Publication date: June 20, 2019Inventors: Rafie Shamsaasef, Lex Aaron Anderson
-
Patent number: 10171429Abstract: A method and system are provided for processing a media stream including at least a portion of a media program in a player executed by a computer. The player is configured for: (a) receiving the media stream, wherein the media stream is comprised of one or more chunks; (b) subdividing the chunks into one or more packets, wherein one or more of the packets include video data; (c) obfuscating or de-obfuscating at least some of the video data; and (d) concatenating the video data into one or more frames for playback by the player.Type: GrantFiled: June 10, 2016Date of Patent: January 1, 2019Assignee: ARRIS Enterprises LLCInventors: Polly Tang, Rafie Shamsaasef, Paul Moroney
-
Patent number: 10162944Abstract: Systems and methods are provided for digital rights management of licensed media content. Client library components and server library components provide digital rights management services. A client-side hosting application accesses client library functionality through invocation of client application programming interfaces (APIs). A server-side hosting application accesses server library functionality through invocation of server APIs. Licenses for specific media content can be requested and issued, and appropriately licensed media content can be played. Client and server library components can function essentially absent direct communication, such as that employing a transport layer. Communications between client and server library components can be carried by the hosting applications.Type: GrantFiled: March 30, 2016Date of Patent: December 25, 2018Assignee: ARRIS Enterprises LLCInventors: Ambikacharan P. Makam, Paul Moroney, Steven Anderson, Rafie Shamsaasef, Nicol C. P. So
-
Publication number: 20180198613Abstract: A method for whitebox cryptography is provided for computing an algorithm (m,S) with input m and secret S, using one or more white-box encoded operations. The method includes accepting an encoded input c, where c=Enc(P,m); accepting an encoded secret S?, where S?=Enc(P,S); performing one or more operations on the encoded input c and the encoded secret S? modulo N to obtain an encoded output c?; and decoding the encoded output c? with the private key p to recover an output m? according to m?=Dec(p,c?), such that m?=(m,S).Type: ApplicationFiled: January 9, 2018Publication date: July 12, 2018Inventors: Lex Aaron Anderson, Alexander Medvinsky, Rafie Shamsaasef
-
Patent number: 10015542Abstract: A method and system are provided for securely storing and retrieving live off-disk media programs. Events delineate media segments, each of which are encrypted with a different key so as to be streamable to a remote device via digital living network alliance (DLNA) or HTTP live streaming protocols. Media segments and identifiers for managing the storage and retrieval of such media segments are compatible with live streaming data structures, obviating the need to re-encrypt data streams.Type: GrantFiled: March 14, 2014Date of Patent: July 3, 2018Assignee: ARRIS Enterprises LLCInventors: Rafie Shamsaasef, William P Franks, Geetha Mangalore, Paul Moroney
-
Publication number: 20160366107Abstract: A method and system are provided for processing a media stream including at least a portion of a media program in a player executed by a computer. The player is configured for: (a) receiving the media stream, wherein the media stream is comprised of one or more chunks; (b) subdividing the chunks into one or more packets, wherein one or more of the packets include video data; (c) obfuscating or de-obfuscating at least some of the video data; and (d) concatenating the video data into one or more frames for playback by the player.Type: ApplicationFiled: June 10, 2016Publication date: December 15, 2016Inventors: Polly Tang, Rafie Shamsaasef, Paul Moroney
-
Patent number: 9516364Abstract: A source device determines content rights for encrypted content in the first encoding standard using a first rights data file. The source device creates a second rights data file for transcoded content in the second encoding standard. The source device performs a key management operation including communicating a decryption key for the encrypted content in the first encoding standard to a transcoder. The source device transfers the encrypted content in the first encoding standard to the transcoder. The transcoder decrypts the encrypted content, transcodes the content from the first encoding standard to the content in the second encoding standard, and re-encrypts the content in the second encoding standard using a second encryption key. The transcoder then transfers the encrypted content in the second encoding standard to an indicated device.Type: GrantFiled: March 29, 2010Date of Patent: December 6, 2016Assignee: GOOGLE TECHNOLOGY HOLDINGS LLCInventors: Petr Peterka, Gerald R. Johnson, Geetha Mangalore, Rafie Shamsaasef