Patents by Inventor Sharon Keidar-Barner
Sharon Keidar-Barner has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11144665Abstract: Method, apparatus and product for purpose-based data access control. Having a data about a subject, for which usage is approved for a purpose, a first encryption key associated with the first purpose is obtained. A link pointing to a first alias of the data is generated, the first alias being associated with the first purpose. The link pointing to the first alias is encrypted with the first encryption key to obtain a first encrypted link; and access is provided to the first encrypted link, whereby access to the data is obtainable by decrypting the first encrypted link with the first decryption key to obtain the first alias and using the first alias to access the data. In some cases, a second link for a second can be similarly generated. Upon revocation of approval, a corresponding alias is eliminated to prevent access thereby. The links may be retained in a decentralized ledger, such as a blockchain.Type: GrantFiled: October 16, 2018Date of Patent: October 12, 2021Assignee: International Business Machines CorporationInventors: Sima Nadler, Sharon Keidar Barner
-
Patent number: 11023362Abstract: An apparatus, a computer program product and a method for co-verification of systems comprising software and hardware components. The method comprises obtaining an over-approximation of the system that over-approximates the software or the hardware by using a non-deterministic version thereof; performing simulation of the over-approximation of the system; and utilizing an outcome of the simulation to guide a co-simulation of the system. The co-simulation comprises instrumenting the software to identify whether the coverage goals are reached during execution, generating a test input for the system, simulating execution of the test input by the instrumented software, wherein during said simulating, stimuli provided from the instrumented software to underlying hardware is provided to a hardware simulator that is configured to simulate the hardware-under-test; determining a coverage of the execution of the test input, and utilizing the coverage information in a successive iteration of the method.Type: GrantFiled: January 9, 2020Date of Patent: June 1, 2021Assignee: International Business Machines CorporationInventors: Fady Copty, Dov Murik, Sharon Keidar Barner
-
Patent number: 11003573Abstract: An apparatus, a computer program product and a method for co-verification of systems comprising software and hardware components. The method comprises obtaining an over-approximation of the system that over-approximates the software or the hardware by using a non-deterministic version thereof; performing simulation of the over-approximation of the system; and utilizing an outcome of the simulation to guide a co-simulation of the system. The co-simulation comprises instrumenting the software to identify whether the coverage goals are reached during execution, generating a test input for the system, simulating execution of the test input by the instrumented software, wherein during said simulating, stimuli provided from the instrumented software to underlying hardware is provided to a hardware simulator that is configured to simulate the hardware-under-test; determining a coverage of the execution of the test input, and utilizing the coverage information in a successive iteration of the method.Type: GrantFiled: January 9, 2020Date of Patent: May 11, 2021Assignee: International Business Machines CorporationInventors: Fady Copty, Dov Murik, Sharon Keidar Barner
-
Patent number: 10798075Abstract: A system, an apparatus, a computer program product and a method for obfuscation-based security and authentication. The method comprises: obtaining a different key for each different device; obfuscating an interface layer utilized by components of the device to interact, using the key, to produce an obfuscated interface layer; and providing, directly or indirectly, the two components with the key to allow the two components to utilize the obfuscated interface layer to interact with each other. The system comprises a plurality of devices that are instances of a same device and a server coupled to a memory retaining a plurality of keys, each of which is used to obfuscate interface layers of a different device to produce heterogeneous set of devices instead of a homogenous set of devices. Communications and operations with the plurality of devices are performed in an obfuscated manner through the server.Type: GrantFiled: January 29, 2018Date of Patent: October 6, 2020Assignee: International Business Machines CorporationInventors: Fady Copty, Ayman Jarrous, Ronen Levy, Sharon Keidar Barner
-
Patent number: 10742642Abstract: In some examples, a system for authenticating users can include a processor to train a first predictive application based on a first set of user engagements with advertisements, wherein the first predictive application is associated with a first advertising identifier. The processor can also train a second predictive application based on a second set of user engagements with the advertisements, wherein the second predictive application is associated with a second advertising identifier. Additionally, the processor can compare the first predictive application and the second predictive application and authenticate a user in response to detecting a similarity of the first predictive application and the second predictive application is below a threshold value, wherein authenticating the user enables the user to access a resource or service.Type: GrantFiled: October 25, 2018Date of Patent: August 11, 2020Assignee: International Business Machines CorporationInventors: Ayelet Avni, Fady Copty, Ayman Jarrous, Sharon Keidar-Barner, Shiri Lemel
-
Patent number: 10649887Abstract: An apparatus, a computer program product and a method for co-verification of systems comprising software and hardware components. The method comprises obtaining an over-approximation of the system that over-approximates the software or the hardware by using a non-deterministic version thereof; performing simulation of the over-approximation of the system; and utilizing an outcome of the simulation to guide a co-simulation of the system. The co-simulation comprises instrumenting the software to identify whether the coverage goals are reached during execution, generating a test input for the system, simulating execution of the test input by the instrumented software, wherein during said simulating, stimuli provided from the instrumented software to underlying hardware is provided to a hardware simulator that is configured to simulate the hardware-under-test; determining a coverage of the execution of the test input, and utilizing the coverage information in a successive iteration of the method.Type: GrantFiled: February 27, 2018Date of Patent: May 12, 2020Assignee: International Business Machines CorporationInventors: Fady Copty, Dov Murik, Sharon Keidar Barner
-
Publication number: 20200142814Abstract: An apparatus, a computer program product and a method for co-verification of systems comprising software and hardware components. The method comprises obtaining an over-approximation of the system that over-approximates the software or the hardware by using a non-deterministic version thereof; performing simulation of the over-approximation of the system; and utilizing an outcome of the simulation to guide a co-simulation of the system. The co-simulation comprises instrumenting the software to identify whether the coverage goals are reached during execution, generating a test input for the system, simulating execution of the test input by the instrumented software, wherein during said simulating, stimuli provided from the instrumented software to underlying hardware is provided to a hardware simulator that is configured to simulate the hardware-under-test; determining a coverage of the execution of the test input, and utilizing the coverage information in a successive iteration of the method.Type: ApplicationFiled: January 9, 2020Publication date: May 7, 2020Inventors: Fady Copty, Dov Murik, Sharon Keidar Barner
-
Publication number: 20200142815Abstract: An apparatus, a computer program product and a method for co-verification of systems comprising software and hardware components. The method comprises obtaining an over-approximation of the system that over-approximates the software or the hardware by using a non-deterministic version thereof; performing simulation of the over-approximation of the system; and utilizing an outcome of the simulation to guide a co-simulation of the system. The co-simulation comprises instrumenting the software to identify whether the coverage goals are reached during execution, generating a test input for the system, simulating execution of the test input by the instrumented software, wherein during said simulating, stimuli provided from the instrumented software to underlying hardware is provided to a hardware simulator that is configured to simulate the hardware-under-test; determining a coverage of the execution of the test input, and utilizing the coverage information in a successive iteration of the method.Type: ApplicationFiled: January 9, 2020Publication date: May 7, 2020Inventors: Fady Copty, Dov Murik, Sharon Keidar Barner
-
Publication number: 20200117827Abstract: Method, apparatus and product for purpose-based data access control. Having a data about a subject, for which usage is approved for a purpose, a first encryption key associated with the first purpose is obtained. A link pointing to a first alias of the data is generated, the first alias being associated with the first purpose. The link pointing to the first alias is encrypted with the first encryption key to obtain a first encrypted link; and access is provided to the first encrypted link, whereby access to the data is obtainable by decrypting the first encrypted link with the first decryption key to obtain the first alias and using the first alias to access the data. In some cases, a second link for a second can be similarly generated. Upon revocation of approval, a corresponding alias is eliminated to prevent access thereby. The links may be retained in a decentralized ledger, such as a blockchain.Type: ApplicationFiled: October 16, 2018Publication date: April 16, 2020Inventors: Sima Nadler, Sharon Keidar Barner
-
Patent number: 10606732Abstract: An apparatus, a computer program product and a method for hybrid genetic concolic co-verification of hardware and software. The method comprises repeatedly obtaining a test input for a system comprising a software and a hardware; performing a symbolic co-simulation of the system executing the test input to generate a symbolic co-simulation constraint and utilizing the symbolic co-simulation constraint to generate a new test input. The symbolic co-simulation comprises iteratively performing concolic execution of the software and symbolic simulation of the hardware. The concolic execution is guided using the test input and monitors software symbols.Type: GrantFiled: February 27, 2018Date of Patent: March 31, 2020Assignee: International Business Machines CorporationInventors: Fady Copty, Dov Murik, Sharon Keidar Barner
-
Publication number: 20190266071Abstract: An apparatus, a computer program product and a method for hybrid genetic concolic co-verification of hardware and software. The method comprises repeatedly obtaining a test input for a system comprising a software and a hardware; performing a symbolic co-simulation of the system executing the test input to generate a symbolic co-simulation constraint and utilizing the symbolic co-simulation constraint to generate a new test input. The symbolic co-simulation comprises iteratively performing concolic execution of the software and symbolic simulation of the hardware. The concolic execution is guided using the test input and monitors software symbols.Type: ApplicationFiled: February 27, 2018Publication date: August 29, 2019Inventors: Fady Copty, Dov Murik, Sharon Keidar Barner
-
Publication number: 20190266074Abstract: An apparatus, a computer program product and a method for co-verification of systems comprising software and hardware components. The method comprises obtaining an over-approximation of the system that over-approximates the software or the hardware by using a non-deterministic version thereof; performing simulation of the over-approximation of the system; and utilizing an outcome of the simulation to guide a co-simulation of the system. The co-simulation comprises instrumenting the software to identify whether the coverage goals are reached during execution, generating a test input for the system, simulating execution of the test input by the instrumented software, wherein during said simulating, stimuli provided from the instrumented software to underlying hardware is provided to a hardware simulator that is configured to simulate the hardware-under-test; determining a coverage of the execution of the test input, and utilizing the coverage information in a successive iteration of the method.Type: ApplicationFiled: February 27, 2018Publication date: August 29, 2019Inventors: FADY COPTY, DOV MURIK, SHARON KEIDAR BARNER
-
Patent number: 10387655Abstract: A method, apparatus and product for using a predictive model to predict if inputs reach a vulnerability of a program. Given a sample input, which when provided to a program being executed, is configured to cause execution of the program to reach a vulnerability, a set of variant inputs and labels thereof is generated based on the sample input and execution of the program with each variant input. A predictive model is trained based on the set of variant inputs and labels thereof, and provided to an input analysis platform configured to analyze an input; whereby the input analysis platform is enabled to predict whether an input would cause the program to reach the vulnerability prior to executing the program with the input and perform a responsive action accordingly.Type: GrantFiled: February 15, 2017Date of Patent: August 20, 2019Assignee: International Business Machines CorporationInventors: Fady Copty, Ayman Jarrous, Sharon Keidar-Barner, Tamer Salman
-
Patent number: 10380590Abstract: In some examples, a system for authenticating transactions can include a processor to detect metadata corresponding to a user of a mobile device, wherein the metadata comprises a call history from the mobile device. The processor can also detect transaction information corresponding to the user of the mobile device from a remote server, wherein the transaction information corresponds to a transaction initiated at a remote service provider and wherein the transaction information indicates a transaction type and transaction initiator information. The processor can also generate an authentication score of the transaction based on the metadata and the transaction information. The processor can also authorize the transaction based on the authentication score.Type: GrantFiled: December 7, 2016Date of Patent: August 13, 2019Assignee: International Business Machines CorporationInventors: Orit Edelstein, Sharon Keidar-Barner, Tamer Salman
-
Publication number: 20190238524Abstract: A system, an apparatus, a computer program product and a method for obfuscation-based security and authentication. The method comprises: obtaining a different key for each different device; obfuscating an interface layer utilized by components of the device to interact, using the key, to produce an obfuscated interface layer; and providing, directly or indirectly, the two components with the key to allow the two components to utilize the obfuscated interface layer to interact with each other. The system comprises a plurality of devices that are instances of a same device and a server coupled to a memory retaining a plurality of keys, each of which is used to obfuscate interface layers of a different device to produce heterogeneous set of devices instead of a homogenous set of devices. Communications and operations with the plurality of devices are performed in an obfuscated manner through the server.Type: ApplicationFiled: January 29, 2018Publication date: August 1, 2019Inventors: Fady Copty, Ayman Jarrous, Ronen Levy, Sharon Keidar Barner
-
Publication number: 20190132306Abstract: In some examples, a system for authenticating users can include a processor to train a first predictive application based on a first set of user engagements with advertisements, wherein the first predictive application is associated with a first advertising identifier. The processor can also train a second predictive application based on a second set of user engagements with the advertisements, wherein the second predictive application is associated with a second advertising identifier. Additionally, the processor can compare the first predictive application and the second predictive application and authenticate a user in response to detecting a similarity of the first predictive application and the second predictive application is below a threshold value, wherein authenticating the user enables the user to access a resource or service.Type: ApplicationFiled: October 25, 2018Publication date: May 2, 2019Inventors: Ayelet Avni, Fady Copty, Ayman Jarrous, Sharon Keidar-Barner, Shiri Lemel
-
Publication number: 20180232523Abstract: A method, apparatus and product for using a predictive model to predict if inputs reach a vulnerability of a program. Given a sample input, which when provided to a program being executed, is configured to cause execution of the program to reach a vulnerability, a set of variant inputs and labels thereof is generated based on the sample input and execution of the program with each variant input. A predictive model is trained based on the set of variant inputs and labels thereof, and provided to an input analysis platform configured to analyze an input; whereby the input analysis platform is enabled to predict whether an input would cause the program to reach the vulnerability prior to executing the program with the input and perform a responsive action accordingly.Type: ApplicationFiled: February 15, 2017Publication date: August 16, 2018Inventors: Fady Copty, Ayman Jarrous, Sharon Keidar-Barner, Tamer Salman
-
Publication number: 20180158061Abstract: In some examples, a system for authenticating transactions can include a processor to detect metadata corresponding to a user of a mobile device, wherein the metadata comprises a call history from the mobile device. The processor can also detect transaction information corresponding to the user of the mobile device from a remote server, wherein the transaction information corresponds to a transaction initiated at a remote service provider and wherein the transaction information indicates a transaction type and transaction initiator information. The processor can also generate an authentication score of the transaction based on the metadata and the transaction information. The processor can also authorize the transaction based on the authentication score.Type: ApplicationFiled: December 7, 2016Publication date: June 7, 2018Inventors: ORIT EDELSTEIN, SHARON KEIDAR-BARNER, TAMER SALMAN
-
Patent number: 9626272Abstract: A method, system and product for predicting impact of workload migration. The method comprising: obtaining a utilization pattern of a workload that is being executed on a first platform; generating a synthetic workload that is configured to have the utilization pattern when executed on the first platform; executing the synthetic workload on a second platform; and identifying a change in performance between execution of the synthetic workload on the first platform and between execution of the synthetic workload on the second platform in order to provide a prediction of an impact of migrating the workload from the first platform to the second platform.Type: GrantFiled: October 19, 2015Date of Patent: April 18, 2017Assignee: International Business Machines CorporationInventors: Andre Heilper, Sharon Keidar-Barner, Sergey Novikov
-
Patent number: 9274918Abstract: A method, system and product for predicting impact of workload migration. The method comprising: obtaining a utilization pattern of a workload that is being executed on a first platform; generating a synthetic workload that is configured to have the utilization pattern when executed on the first platform; executing the synthetic workload on a second platform; and identifying a change in performance between execution of the synthetic workload on the first platform and between execution of the synthetic workload on the second platform in order to provide a prediction of an impact of migrating the workload from the first platform to the second platform.Type: GrantFiled: July 25, 2013Date of Patent: March 1, 2016Assignee: International Business Machines CorporationInventors: Andre Heilper, Sharon Keidar-Barner, Sergey Novikov