Patents by Inventor Taeho Kgil

Taeho Kgil has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 9807066
    Abstract: Techniques from the proposed invention relate to providing enhanced security. For example, techniques described herein allow a computer system, such as a mobile device, to support a wide variety of security functions and security sensitive applications on a mobile device by providing enhanced security via secure input and output data transmission and verification through a secure module. The secure module may cause user interfaces to be provided to users by providing obfuscated user interface data to the operating system that do not reveal elements that are part of the user interfaces. The secure module may receive obfuscated user input values representing user input values, and de-obfuscate these user input values, whereby the actual input values are not exposed to the underlying operating system. The secure module may track the flow of user input/output data through the computing device to ensure the integrity and authenticity of this data.
    Type: Grant
    Filed: October 12, 2016
    Date of Patent: October 31, 2017
    Assignee: Visa International Service Association
    Inventors: Selim Aissi, Taeho Kgil, Gyan Prakash
  • Publication number: 20170270528
    Abstract: Described herein is a platform and method for determining a confidence level associated with a transaction that utilizes dynamic data. In some embodiments, the confidence level is determined based on location data received in relation to the transaction. For example, some embodiments are directed to storing first location information collected from a mobile device provided in a request for the dynamic data, receiving second location information related to a transaction conducted using the dynamic data, and comparing the two with respect to the amount of time that has elapsed between collection of each to determine a confidence level associated with a likelihood that the transaction is authentic.
    Type: Application
    Filed: March 18, 2016
    Publication date: September 21, 2017
    Inventors: Gyan Prakash, Ajit Gaddam, Glenn Powell, Taeho Kgil, Christian Aabye
  • Patent number: 9769156
    Abstract: Embodiments of the invention relate to methods of generating and using an image-based derived key. In various embodiments, the image-based derived key may be used to facilitate user authentication and data encryption. For some embodiments, a method is disclosed comprising determining an image-based derived key, wherein the image-based derived key is generated from a selection of authentication images chosen by a user, encrypting data using the image-based derived key, and transmitting the encrypted data.
    Type: Grant
    Filed: November 22, 2016
    Date of Patent: September 19, 2017
    Assignee: Visa International Service Association
    Inventors: Selim Aissi, Taeho Kgil, Ajit Gaddam
  • Publication number: 20170177694
    Abstract: Embodiments of the invention are directed to systems and methods for maintaining coherency between different entities in a distributed system. A coherency module automatically detects a change in state in a first entity, wherein the change in state relates to a change in functional code in the first entity. A synchronization message is transmitted to a second entity to synchronize data in the second entity with data in the first entity as a result of the change in state, The second entity is configured to synchronize the data in the second entity with the data in the first entity after receiving the synchronization message.
    Type: Application
    Filed: March 9, 2017
    Publication date: June 22, 2017
    Inventors: Selim Aissi, Taeho Kgil
  • Patent number: 9633098
    Abstract: Embodiments of the invention are directed to systems and methods for maintaining coherency between different entities in a distributed system. A coherency module automatically detects a change in state in a first entity, wherein the change in state relates to a change in functional code in the first entity. A synchronization message is transmitted to a second entity to synchronize data in the second entity with data in the first entity as a result of the change in state. The second entity is configured to synchronize the data in the second entity with the data in the first entity after receiving the synchronization message.
    Type: Grant
    Filed: September 25, 2013
    Date of Patent: April 25, 2017
    Assignee: VISA INTERNATIONAL SERVICE ASSOCIATION
    Inventors: Selim Aissi, Taeho Kgil
  • Publication number: 20170078267
    Abstract: Embodiments of the invention relate to methods of generating and using an image-based derived key. In various embodiments, the image-based derived key may be used to facilitate user authentication and data encryption. For some embodiments, a method is disclosed comprising determining an image-based derived key, wherein the image-based derived key is generated from a selection of authentication images chosen by a user, encrypting data using the image-based derived key, and transmitting the encrypted data.
    Type: Application
    Filed: November 22, 2016
    Publication date: March 16, 2017
    Inventors: Selim Aissi, Taeho Kgil, Ajit Gaddam
  • Publication number: 20170063809
    Abstract: Techniques from the proposed invention relate to providing enhanced security. For example, techniques described herein allow a computer system, such as a mobile device, to support a wide variety of security functions and security sensitive applications on a mobile device by providing enhanced security via secure input and output data transmission and verification through a secure module. The secure module may cause user interfaces to be provided to users by providing obfuscated user interface data to the operating system that do not reveal elements that are part of the user interfaces. The secure module may receive obfuscated user input values representing user input values, and de-obfuscate these user input values, whereby the actual input values are not exposed to the underlying operating system. The secure module may track the flow of user input/output data through the computing device to ensure the integrity and authenticity of this data.
    Type: Application
    Filed: October 12, 2016
    Publication date: March 2, 2017
    Inventors: Selim Aissi, Taeho Kgil, Gyan Prakash
  • Patent number: 9537847
    Abstract: Embodiments of the invention relate to methods of generating and using an image-based derived key. In various embodiments, the image-based derived key may be used to facilitate user authentication and data encryption. For some embodiments, a method is disclosed comprising determining an image-based derived key, wherein the image-based derived key is generated from a selection of authentication images chosen by a user, encrypting data using the image-based derived key, and transmitting the encrypted data.
    Type: Grant
    Filed: June 13, 2014
    Date of Patent: January 3, 2017
    Assignee: VISA INTERNATIONAL SERVICE ASSOCIATION
    Inventors: Selim Aissi, Taeho Kgil, Ajit Gaddam
  • Patent number: 9530009
    Abstract: A dynamic root of trust can be injected in an application module on a client device using a backend server and can be continuously monitored to ensure authenticity, integrity and confidentiality at load time, run time and update time of the application module. The dynamic root of trust can be updated directly from the backend server and can be used to establish a time bound trust chain for the other software modules loaded and executed as part of the application module.
    Type: Grant
    Filed: June 27, 2014
    Date of Patent: December 27, 2016
    Assignee: Visa International Service Association
    Inventors: Selim Aissi, Taeho Kgil, Gyan Prakash
  • Publication number: 20160335441
    Abstract: The presenting invention relates to techniques for implementing a secure operating environment for the execution of applications on a computing devices (e.g., a mobile phone). In The secure operating environment may provide a trusted environment with dedicated computing resources to manage security and integrity of processing and data for the applications. The applications may be provided with a variety of security services and/or functions to meet different levels of security demanded by an application. The secure operating environment may include a security engine that enumerates and/or determines the security capabilities of the secure operating environment and the computing device, e.g., the hardware, the software, and/or the firmware of the computing device. The security engine may provide security services desired by applications by choosing from the security capabilities that are supported by the secure operating environment and the computing device.
    Type: Application
    Filed: July 26, 2016
    Publication date: November 17, 2016
    Inventors: Selim Aissi, Taeho Kgil, Gyan Prakash
  • Patent number: 9495544
    Abstract: Techniques from the proposed invention relate to providing enhanced security. For example, techniques described herein allow a computer system, such as a mobile device, to support a wide variety of security functions and security sensitive applications on a mobile device by providing enhanced security via secure input and output data transmission and verification through a secure module. The secure module may cause user interfaces to be provided to users by providing obfuscated user interface data to the operating system that do not reveal elements that are part of the user interfaces. The secure module may receive obfuscated user input values representing user input values, and de-obfuscate these user input values, whereby the actual input values are not exposed to the underlying operating system. The secure module may track the flow of user input/output data through the computing device to ensure the integrity and authenticity of this data.
    Type: Grant
    Filed: June 27, 2014
    Date of Patent: November 15, 2016
    Assignee: Visa International Service Association
    Inventors: Selim Aissi, Taeho Kgil, Gyan Prakash
  • Patent number: 9424421
    Abstract: The presenting invention relates to techniques for implementing a secure operating environment for the execution of applications on a computing devices (e.g., a mobile phone). In The secure operating environment may provide a trusted environment with dedicated computing resources to manage security and integrity of processing and data for the applications. The applications may be provided with a variety of security services and/or functions to meet different levels of security demanded by an application. The secure operating environment may include a security engine that enumerates and/or determines the security capabilities of the secure operating environment and the computing device, e.g., the hardware, the software, and/or the firmware of the computing device. The security engine may provide security services desired by applications by choosing from the security capabilities that are supported by the secure operating environment and the computing device.
    Type: Grant
    Filed: May 5, 2014
    Date of Patent: August 23, 2016
    Assignee: Visa International Service Association
    Inventors: Selim Aissi, Taeho Kgil, Gyan Prakash
  • Patent number: 9390251
    Abstract: Systems and methods of delivering data from a range of input devices may involve detecting an availability of data from an input device, wherein the input device is associated with a default input path of a mobile platform. An input device driver can be invoked in a security engine in response to the availability of the data if a hardware component in the default input path is in a secure input mode, wherein the security engine it associated with a secure input path of the mobile platform. Additionally, the input device driver may be used to retrieve the data from the input device into the security engine.
    Type: Grant
    Filed: July 31, 2012
    Date of Patent: July 12, 2016
    Assignee: Intel Corporation
    Inventors: Sasikanth Avancha, Ninad Kothari, Rajesh Banginwar, Taeho Kgil
  • Patent number: 9386045
    Abstract: Techniques for assessing the trustworthiness of a target device that a user device is attempting to communicate with are described. A user device may request one or more trustworthiness attributes of a target device before exchanging data with the target device. The user device may receive the one or more trustworthiness attributes of the target device, and determine, based on the received one or more trustworthiness attributes of the target device, a set of one or more security policies to enforce on a communication channel used for exchanging data between the user device and the target device. A communication channel between the user device and the target device can then be established according to the set of one or more security policies.
    Type: Grant
    Filed: December 19, 2013
    Date of Patent: July 5, 2016
    Assignee: Visa International Service Association
    Inventors: Taeho Kgil, Selim Aissi
  • Patent number: 9037869
    Abstract: Methods and systems may include a computing system having a display, a display controller with a decryption module, and a security element with security logic. The security logic can be configured to establish a secure path between the secure element and the display in response to a secure output mode request, wherein the secure path includes the display controller. In addition, the security logic may be configured to prevent the decryption module from being bypassed, and transmit encrypted data from the secure element to the display via the secure path.
    Type: Grant
    Filed: November 1, 2012
    Date of Patent: May 19, 2015
    Assignee: Intel Corporation
    Inventors: Sasikanth Avanch, Ninad Kothari, Rajesh Banginwar, Taeho Kgil
  • Publication number: 20150112838
    Abstract: Systems, devices, and methods used to provide real-time product information for retail products and services are generally disclosed herein. One example embodiment includes a referral application operating on a smartphone, configured to correlate data from multiple sources and provide context-aware recommendations and information relevant to a product or service being evaluated by a consumer in the physical shopping environment (such as a retail store). For example, the data may be obtained from a retailer's product information database, a retailer's competitor information database, an advertiser information database, an Internet-hosted service, a social network, or similar internal or external information sources. The real-time product information may be correlated, aggregated, and displayed to the user to either facilitate the retail purchase in the store, or encourage another online or retail purchase.
    Type: Application
    Filed: December 19, 2011
    Publication date: April 23, 2015
    Inventors: Hong Li, Eddie Balthasar, Rita H Wouhaybi, Taeho Kgil, Mark Price, Anand Rajan
  • Publication number: 20150030153
    Abstract: Embodiments of an invention for repeatable application-specific encryption key derivation are disclosed. In one embodiment, a processor includes a root key, an encryption engine, and execution hardware. The encryption engine is to perform an encryption operation using the root key, wherein the root key is accessible only to the encryption engine. The execution hardware is to execute instructions to deterministically generate an application-specific encryption key using the encryption algorithm.
    Type: Application
    Filed: February 9, 2012
    Publication date: January 29, 2015
    Applicant: Intel Corporation
    Inventors: Rajesh P. Banginwar, Taeho Kgil, Jesse Walker, Gary L. Graunke
  • Publication number: 20150006390
    Abstract: Steganographic techniques are used to embed financial information or authentication information within an image, audio, or video file using a quantization table and/or other filter. The file is then transmitted over an insecure network, such as a GSM cell phone network, and a server extracts the information from the image, audio, or video using the same quantization table and/or filter. Multiple sets of information, such as telephone numbers and/or payment account numbers, are extracted from the same image by those entities possessing the appropriate keys. The filters and tables used to embed financial information can be updated periodically or according to events. A video of images, some with embedded information, some with ‘dummy’ data, can be used to hide information over insecure networks for payment transactions.
    Type: Application
    Filed: June 23, 2014
    Publication date: January 1, 2015
    Inventors: Selim Aissi, Taeho Kgil, Ajit Gaddam, Robert Rutherford
  • Publication number: 20150007265
    Abstract: Techniques from the proposed invention relate to providing enhanced security. For example, techniques described herein allow a computer system, such as a mobile device, to support a wide variety of security functions and security sensitive applications on a mobile device by providing enhanced security via secure input and output data transmission and verification through a secure module. The secure module may cause user interfaces to be provided to users by providing obfuscated user interface data to the operating system that do not reveal elements that are part of the user interfaces. The secure module may receive obfuscated user input values representing user input values, and de-obfuscate these user input values, whereby the actual input values are not exposed to the underlying operating system. The secure module may track the flow of user input/output data through the computing device to ensure the integrity and authenticity of this data.
    Type: Application
    Filed: June 27, 2014
    Publication date: January 1, 2015
    Inventors: Selim Aissi, Taeho Kgil, Gyan Prakash
  • Publication number: 20150006601
    Abstract: Techniques are described for generating high quality entropy in a software only or a hardware assisted software environment, such as a virtualized environment. Embodiments of the invention describe creating an entropy pool within the virtualized environment using multiple sources of entropy. The entropy pool may be used in creating dynamically customizable and high entropy RNG and PUF. The sources of entropy may include trusted sources, untrusted sources and entropy sources with a varied scale of trust and entropy quality associated with them.
    Type: Application
    Filed: June 27, 2014
    Publication date: January 1, 2015
    Inventors: Selim Aissi, Taeho Kgil, Gyan Prakash