Abstract: Systems and techniques for securing accessible computer-executable program code and systems are provided. One or more base functions may be generated and blended with existing program code, such that it may be difficult or impossible for a potential attacker to distinguish the base functions from the existing code. The systems and code also may be protected using a variety of other blending and protection techniques, such as fractures, variable dependent coding, dynamic data mangling, and cross-linking, which may be used individually or in combination, and/or may be blended with the base functions.

Abstract: Disclosed is an oil-pumping machine, which is characterized in that it is composed of a secondary sheave (5) of a wheel-cylinder type driven by an electric motor.

Abstract: Methods and devices for thwarting code and control flow based attacks on software. The source code of a subject piece of software is automatically divided into basic blocks of logic. Selected basic blocks are amended so that their outputs are extended. Similarly, other basic blocks are amended such that their inputs are correspondingly extended. The amendments increase or create dependencies between basic blocks such that tampering with one basic block's code causes other basic blocks to malfunction when executed.

Abstract: A method to secure a non-native application. The non-native application is processed to obtain an application stub to be triggered within a virtual machine. The processing of the non-native application also provide a native code function upon which the application stub depends. The non-native function is part of a trusted module that extends security services from the trusted module to the virtual machine. The trusted module is a native code application that creates a trusted zone as a root of trustiness extending to the virtual machine by an execution-enabling mechanism between the application tab and the non-native function.

Abstract: A method and system is provided to automatically propagate dependencies from one part of a software application to another previously unrelated part. Propagation of essential code functionality and data to other parts of the program serves to augment common arithmetic functions with Mixed Boolean Arithmetic (MBA) formulae that are bound to pre-existing parts of the program. A software application is first analyzed on a compiler level to determine the program properties which hold in the program. Thereafter, conditions are constructed based on these properties and encoded in formulae that encode the condition in data and operations. Real dependencies throughout the application are therefore created such that if a dependency is broken the program will no longer function correctly.

Abstract: Attacks by computer viruses, worm programs, and other hostile software (‘malware’), have become very serious problems for computer systems connected to large communication networks such as the Internet. One potential defense against such attacks is to employ diversity—that is, making each copy of the attacked software different. However, existing diversity techniques do not offer sufficient levels of protection. The invention provides an effective diversity solution by applying tamper resistant software (TRS) encoding techniques, to the communications that take place between software components, with corresponding changes to the code handling those communications. These communications may include, for example, data passed between software routines via parameters or mutually accessible variables, light-weight messages, signals and semaphores passed between threads, and messages passed between software processes. Effective TRS encoding techniques include data-flow encoding and mass-data encoding techniques.

Abstract: Systems and methods for unattended authentication of software applications to provide these applications with access to shared resources. A server password manager (SPM) module resident on a node also occupied by a requester software application requesting access to resources receives the requestor's request. The SPM module creates a request package containing the requestor's information as well as the node's identifying information. The request package is then transmitted to a credentials manager (CM) module in a CM node. The request package, encrypted by the SPM module with encryption keys previously generated by the CM module, is decrypted by the CM module. The contents are checked against data stored by the CM module regarding the SPM module and the requestor application when these were registered with the CM. If the data matches, then the CM provides credentials which are used to give the requestor application access to the requested resources.

Abstract: A method and system that provides secure modules that can address Java platform weaknesses and protect Java bytecode during execution time. The secure modules are implemented in C/C++ as an example. Because implementation of the security modules is made in C/C++, this enables use of security technology that secures C/C++ software code.

Abstract: A system and method for transforming a software application comprising binary code and optionally associated data, from an original form to a more secure form. The method includes performing a combination of binary transmutations to the application, and interlocking the transmutations by generating and placing interdependencies between the transmutations, wherein a transmutation is an irreversible change to the application. Different types of the transmutations are applied at varied granularities of the application. The transmutations are applied to the application code and the implanted code as well. The result is a transformed software application which is semantically equivalent to the original software application but is resistant to static and/or dynamic attacks.

Abstract: A method for rendering software resistant to reverse engineering. Replace at least one first constant (mathematical expression, etc.) in a computational expression with a second mixed mathematical and bitwise-Boolean expression, the first constant being simpler than the second expression and the second expression being based on the value or the variables found in the first constant (or expression).

Abstract: A light collection system including a light concentrating device and a reflective curving-surface device is provided. The light concentrating device receives at least a portion of an incident light and forwardly emits the portion of the incident light after concentrating and passing it through a first focal region, so as to obtain a first-stage output light. The reflective curving-surface device has an entrance aperture for receiving the first-stage output light. The reflective curving-surface device includes a reflective inner curving surface, and at least a portion of the reflective inner curving surface has a second focal region. The first focal region and the second focal region are confocal or approximately confocal within a range. As a result, at least a portion of the first-stage output light is confocally converted into a forwardly emitted second-stage output light.

Abstract: Methods and devices for thwarting code and control flow based attacks on software. The source code of a subject piece of software is automatically divided into basic blocks of logic. Selected basic blocks are amended so that their outputs are extended. Similarly, other basic blocks are amended such that their inputs are correspondingly extended. The amendments increase or create dependencies between basic blocks such that tampering with one basic block's code causes other basic blocks to malfunction when executed.

Abstract: A method for rendering software resistant to reverse engineering. Replace at least one first constant (mathematical expression, etc.) in a computational expression with a second mixed mathematical and bitwise-Boolean expression, the first constant being simpler than the second expression and the second expression being based on the value or the variables found in the first constant (or expression).

Abstract: Systems and methods for unattended authentication of software applications to provide these applications with access to shared resources. A server password manager (SPM) module resident on a node also occupied by a requester software application requesting access to resources receives the requestor's request. The SPM module creates a request package containing the requestor's information as well as the node's identifying information. The request package is then transmitted to a credentials manager (CM) module in a CM node. The request package, encrypted by the SPM module with encryption keys previously generated by the CM module, is decrypted by the CM module. The contents are checked against data stored by the CM module regarding the SPM module and the requestor application when these were registered with the CM. If the data matches, then the CM provides credentials which are used to give the requestor application access to the requested resources.

Abstract: A non-mask micro-flow etching process, comprising steps of: moving a nozzle capable of inkjetting an etchant over a substrate capable of being dissolved by the etchant; and inkjetting the etchant on the substrate from the nozzle. Means such as polishing and grinding are used to planarize the substrate by removing the flanges formed on the etched substrate. By the control of the size, the amount, the position, the moving direction and the traveling path of the nozzle, and the control of the droplet volume and the concentration of the etchant, as well as the matching of different substrates to a variety of etchants, micro-cups or micro-channels of any shape and formation can be formed to be adapted to electro-phoretic displays, semiconductor devices or any opto-electronic device requiring micro-structures.

Abstract: An encoding technique of the invention protects software programs and hardware designs from being copied, tampered with, and its functions from being exposed. The software programs and hardware designs (collectively called programs) thus encoded still remain executable. The encoding technique employs the concept of complexity of programs and produces proximity inversion in terms of functions contained in the programs, while preserving the behaviors. Various embodiments are possible to achieve this encoding which includes, for example, cascading and intertwining of blocks of the programs.

Abstract: An encoding technique of the invention protects software programs and hardware designs from being copied, tampered with, and its functions from being exposed. The software programs and hardware designs (collectively called programs) thus encoded still remain executable. The encoding technique employs the concept of complexity of programs and produces proximity inversion in terms of functions contained in the programs, while preserving the behaviors. Various embodiments are possible to achieve this encoding which includes, for example, cascading and intertwining of blocks of the programs.