Having Separate Add-on Board Patents (Class 713/192)
  • Patent number: 11651707
    Abstract: The invention introduces an apparatus for encrypting and decrypting user data, including a memory, a bypass-flag writing circuit and a flash interface controller. The bypass-flag writing circuit writes a bypass flag in a remaining bit of space of the memory that is originally allocated for storing an End-to-End Data Path Protection (E2E DPP), where the bypass flag indicates whether user data has been encrypted. The flash interface controller reads the user data, the E2E DPP and the bypass flag from the memory and programs the user data, the E2E DPP and the bypass flag into the flash device.
    Type: Grant
    Filed: December 5, 2019
    Date of Patent: May 16, 2023
    Assignee: SILICON MOTION, INC.
    Inventor: An-Pang Li
  • Patent number: 11652831
    Abstract: Examples disclosed herein relate to processing health information of a computing device according to a deep learning model to determine whether an anomaly has occurred. Multiple computing devices can be part of a system. One of the computing devices includes a host processing element, a management controller separate from the host processing element, and a deep learning model that includes parameters that are trained to identify anomalistic behavior for the computing device. The management controller can receive health information from multiple components of the computing device and process the health information according to the deep learning model to determine whether an anomaly occurred.
    Type: Grant
    Filed: April 14, 2020
    Date of Patent: May 16, 2023
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Joseph Wright, Chris Davenport
  • Patent number: 11651061
    Abstract: A memory controller and a storage device including the same are disclosed. A memory controller for controlling a nonvolatile memory includes: a security access control module configured to convert biometric authentication data received from a biometric module into security configuration data having a data format according to a security standard protocol and perform, based on the security configuration data, at least one of authority registration and authority authentication of a user authority set for an access control of a secure area of the nonvolatile memory, encrypted user data being stored in the secure area; and a data processing unit configured to, based on an access to the secure area being permitted, encrypt user data received from a host device or decrypt the encrypted user data read from the secure area.
    Type: Grant
    Filed: September 29, 2020
    Date of Patent: May 16, 2023
    Assignee: SAMSUNG ELECTRONICS CO., LTD.
    Inventors: Seungjae Lee, Mingon Shin, Jisoo Kim, Hwasoo Lee, Myeongjong Ju
  • Patent number: 11641281
    Abstract: In some examples, a management controller includes a communication interface to communicate with a computing device, where the management controller is separate from a processor of the computing device. The management controller includes a management processor to receive, from the computing device, a first hash value that is based on a first hash function applied on an input value and a salt, generate a second hash value based on applying a second hash function on the first hash value and a pepper, and send the second hash value to the computing device.
    Type: Grant
    Filed: April 29, 2020
    Date of Patent: May 2, 2023
    Assignee: Hewlett Packard Enterprise Development LP
    Inventors: Joseph Wright, Chris Davenport, Andrew Cartes
  • Patent number: 11630903
    Abstract: In an embodiment, a system is provided in which the private key is managed in hardware and is not visible to software. The system may provide hardware support for public key generation, digital signature generation, encryption/decryption, and large random prime number generation without revealing the private key to software. The private key may thus be more secure than software-based versions. In an embodiment, the private key and the hardware that has access to the private key may be integrated onto the same semiconductor substrate as an integrated circuit (e.g. a system on a chip (SOC)). The private key may not be available outside of the integrated circuit, and thus a nefarious third party faces high hurdles in attempting to obtain the private key.
    Type: Grant
    Filed: October 27, 2020
    Date of Patent: April 18, 2023
    Assignee: Apple Inc.
    Inventors: Timothy R. Paaske, Mitchell D. Adler, Conrad Sauerwald, Fabrice L. Gautier, Shu-Yi Yu
  • Patent number: 11627149
    Abstract: Various embodiments of the present invention set forth techniques for security monitoring of a network connection, including analyzing network traffic data for a network connection associated with a computing device, identifying one or more network traffic metrics for the network connection based on the network traffic data, determining that the network connection corresponds to at least one network connection profile based on the one or more network traffic metrics, detecting a potential security threat for the network connection based on the one or more network traffic metrics and the at least one network connection profile, and initiating a mitigation action with respect to the network connection in response to detecting the potential security threat. Advantageously, the techniques allow detecting potential security threats based on network traffic metrics and categorizations, without requiring monitoring of the content or the total volume of all traffic exchanged via the connection.
    Type: Grant
    Filed: June 1, 2020
    Date of Patent: April 11, 2023
    Assignee: SPLUNK INC.
    Inventor: John Clifton Pierce
  • Patent number: 11620374
    Abstract: In some embodiments, securing device commands includes a first electronic device receiving a command authorization request message from a second electronic device, including a device command to be performed by the second electronic device, a command argument, and a first message authentication code (MAC) generated by applying a hash function to the device command, the command argument and a first counter value. The first electronic device generates a second MAC by applying the hash function to the device command, the command argument and a second counter value synchronized with the first counter value. The first electronic device compares the first MAC and the second MAC to authenticate the device command and transmit a command approval message or a command denial message. The command approval message causes the second electronic device to perform the device command and the command denial message causes the second electronic device to reject the device command.
    Type: Grant
    Filed: February 8, 2021
    Date of Patent: April 4, 2023
    Assignee: Capital One Services, LLC
    Inventors: David Kelly Wurmfeld, Kevin Osborn
  • Patent number: 11615716
    Abstract: One embodiment provides an apparatus. The apparatus includes a lightweight cryptographic engine (LCE), the LCE is optimized and has an associated throughput greater than or equal to a target throughput.
    Type: Grant
    Filed: July 9, 2020
    Date of Patent: March 28, 2023
    Assignee: Intel Corporation
    Inventors: Santosh Ghosh, Li Zhao, Manoj R. Sastry
  • Patent number: 11601271
    Abstract: Examples of cloud-based removable drive encryption policy enforcement and recovery key management are described. In some examples, a removable drive encryption policy is received from a cloud-based management service. A removable drive is recognized by an operating system of a client device. An encryption command causes the operating system to request user password creation and encrypt the removable drive. A recovery key is identified from a write-output of the operating system. The recovery key is transmitted to the cloud-based management service for storage in a cloud-based removable drive recovery key escrow.
    Type: Grant
    Filed: December 2, 2020
    Date of Patent: March 7, 2023
    Assignee: VMWARE, INC.
    Inventor: Adarsh Kesari
  • Patent number: 11556652
    Abstract: A system for securing electronic devices includes a processor, a storage medium communicatively coupled to the processor, and a monitoring application comprising computer-executable instructions on the medium. The instructions are readable by the processor. The monitoring application is configured to receive an indication that a client has been affected by malware, cause the client to boot from a trusted operating system image, cause a launch of a secured security application on the client from a trusted application image, and analyze a malware status of the client through the secured security application.
    Type: Grant
    Filed: September 20, 2021
    Date of Patent: January 17, 2023
    Assignee: Musarubra US LLC
    Inventors: Dmitri Rubakha, Francisco M. Cuenca-Acuna, Hector R. Juarez, Leandro I. Costantino
  • Patent number: 11551230
    Abstract: Systems, apparatuses, methods, and computer-readable media are provided for detecting security attacks based on transaction flow graphs. Other embodiments may be described and/or claimed.
    Type: Grant
    Filed: January 13, 2021
    Date of Patent: January 10, 2023
    Assignee: VISA INTERNATIONAL SERVICE ASSOCIATION
    Inventors: Jianhua Huang, Chiranjeet Chetia
  • Patent number: 11550482
    Abstract: A method and apparatus for controlling access to memory is disclosed. In one implementation, a memory controller may receive a memory access request that may include a virtual memory address, a device identifier (ID) and a protected access indicator. Additionally, the memory controller can receive page table entries including a physical memory address based on the virtual memory address and a security attribute associated with the physical memory address. The memory controller may access a memory based on the physical memory address, the security attribute, the protected access indicator, and the device ID.
    Type: Grant
    Filed: April 9, 2020
    Date of Patent: January 10, 2023
    Assignee: Synaptics Incorporated
    Inventors: Pontus Evert Lidman, Fook Shian Toong, Jingliang Li, Hongjie Guan
  • Patent number: 11538436
    Abstract: Systems and methods are described for a display driver integrated circuit that is configured to certify whether an application processor and the display driver integrated circuit are genuine products. The display driver integrated circuit includes: an encryptor for generating first encrypted data by encrypting first data; a data converter for converting the first data into a first converted signal expressed with four or more voltage levels; an interface for providing the first converted signal to a host processor, and receiving, from the host processor, a second converted signal corresponding to second encrypted data generated by the host processor; and a determiner for controlling a display panel by comparing the first encrypted data with converted data corresponding to the second encrypted data. The second converted signal transferred through the interface is expressed with the voltage levels.
    Type: Grant
    Filed: March 4, 2020
    Date of Patent: December 27, 2022
    Assignee: SAMSUNG DISPLAY CO., LTD.
    Inventors: Ho Seok Han, Jun Yong Park
  • Patent number: 11531758
    Abstract: Embodiments described herein provide for a system, method, and apparatus to provision domains in a secure enclave processor to support multiple users. One embodiment provides for an apparatus comprising a first processor to receive a set of credentials associated with one of multiple user accounts on the apparatus and a second processor including a secure circuit to provide a secure enclave, the secure enclave to receive a request from the first processor to authenticate the set of credentials, the request including supplied credentials and an authentication type, where the secure enclave is to block the request from the first processor in response to a determination that the user account has exceeded a threshold number of successive failed authentication attempts for the authentication type.
    Type: Grant
    Filed: December 15, 2020
    Date of Patent: December 20, 2022
    Assignee: Apple Inc.
    Inventors: Pierre Oliver Martel, Arthur Mesh, Wade Benson
  • Patent number: 11532013
    Abstract: A method includes receiving, from a computing device, a request for content hosted by a content provider and determining one or more experiment variations for the requested content that the computing device is assigned to based, at least in part, on the request. The method further includes generating, by a processing device, a hash value of the one or more experiment variations and transmitting the hash value to the computing device and to a caching server.
    Type: Grant
    Filed: June 17, 2019
    Date of Patent: December 20, 2022
    Assignee: OPTIMIZELY, INC.
    Inventors: Michael James Connolly, Jr., Lauren Pappone, Michael Hood, Asa Schachar
  • Patent number: 11520493
    Abstract: Processing circuitry may support a secure domain and a less secure domain, where secure information associated with a secure software process is prevented from being accessed by a less secure software process in the less secure domain. Shared resource is accessible to both secure and less secure software processes. In response to detection of an anomaly condition, allocation policy for the shared resource is switched from a shared allocation policy to a secure-biased allocation policy. The secure-biased allocation policy has a stronger bias of resource allocation to secure software processes than the shared allocation policy.
    Type: Grant
    Filed: July 23, 2019
    Date of Patent: December 6, 2022
    Assignee: ARM TECHNOLOGY (CHINA) CO. LTD
    Inventor: Chi-Chang Lai
  • Patent number: 11520894
    Abstract: A controller that is separate from a processor of the system verifies controller code for execution on the controller. In response to verifying the controller code, the controller verifies system boot code.
    Type: Grant
    Filed: June 8, 2020
    Date of Patent: December 6, 2022
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Jeffrey Kevin Jeansonne, Valiuddin Y Ali, James M. Mann, Boris Balacheff
  • Patent number: 11516011
    Abstract: A blockchain integrated station initiates a ciphertext request to a server, where the ciphertext request includes first information associated with input data of an off-chain contract. The blockchain integrated station obtains, from the server, an execution result, where the execution result is obtained by the server by executing the off-chain contract using the input data.
    Type: Grant
    Filed: June 29, 2021
    Date of Patent: November 29, 2022
    Assignee: Alipay (Hangzhou) Information Technology Co., Ltd.
    Inventors: Changzheng Wei, Ying Yan, Hui Zhang
  • Patent number: 11513585
    Abstract: In one embodiment, a system includes power management control that controls a duty cycle of a processor to manage power. The duty cycle may be the amount of time that the processor is powered on as a percentage of the total time. By frequently powering up and powering down the processor during a period of time, the power consumption of the processor may be controlled while providing the perception that the processor is continuously available. For example, the processor may be a graphics processing unit (GPU), and the period of time over which the duty cycle is managed may be a frame to be displayed on the display screen viewed by a user of the system.
    Type: Grant
    Filed: April 2, 2021
    Date of Patent: November 29, 2022
    Assignee: Apple Inc.
    Inventors: Patrick Y. Law, Robert A. Drebin, Keith Cox, James S. Ismail
  • Patent number: 11494508
    Abstract: Systems and methods for securing objects in a computing environment. Objects are encrypted using keys that are also encrypted after encrypting the objects. In order to access the objects, a master key that is unknown to the service storing the objects and/or managing the keys is used to decrypt the keys so that the objects can be decrypted with the decrypted key. Thus, a key is needed to access the key needed to access the object. The master key is typically maintained separately from all of the encrypted objects and corresponding encrypted keys.
    Type: Grant
    Filed: May 8, 2020
    Date of Patent: November 8, 2022
    Assignee: EMC IP HOLDING COMPANY LLC
    Inventor: Ray David Whitmer
  • Patent number: 11483153
    Abstract: Some embodiments are directed to a cryptographic device (20). A reliable bit function may be applied to a raw shared key (k*) to obtain reliable indices, indicating coefficients of a raw shared key, and reliable bits derived from the indicated coefficients. Reconciliation data (h) may be generated for the indicated coefficients of the raw shared key. A code word may be encapsulated using the reliable bits by applying an encapsulation function, obtaining encapsulated data (c) which may be transferred.
    Type: Grant
    Filed: July 17, 2019
    Date of Patent: October 25, 2022
    Assignee: Koninklijke Philips N.V.
    Inventors: Oscar Garcia-Morchon, Sauvik Bhattacharya, Ludovicus Marinus Gerardus Maria Tolhuizen
  • Patent number: 11475129
    Abstract: A method and device for protecting a flow-conducting device of an installation against cavitation initiated by cyber attacks. At least one signal relating to an operating state of the installation is evaluated by an evaluation unit in order to detect a cyber attack by comparison with at least one reference value. If the evaluation unit detects a willfully brought-about irregular operating mode of the installation based on the evaluation, the unit passes on signals to components of the installation to bring about an installation operating mode which is in compliance with regulations and during which generation of cavitation is avoided, and produces a state in which the flow-conducting device is protected against the current cyber attack and/or against future cyber attacks.
    Type: Grant
    Filed: August 1, 2018
    Date of Patent: October 18, 2022
    Assignee: KSB SE & Co. KGaA
    Inventors: Franz Gerhard Bosbach, Soenke Brodersen
  • Patent number: 11477036
    Abstract: A device receives, from an application, a request to access an attestation key stored in a secure element of the device. The device obtains an attestation policy, by which to verify an identity of the application. The device examines an application file associated with the application, to determine whether the application file satisfies the attestation policy. The device selectively generates a temporary key based on a result of examining the application file. The temporary key may be used to access the attestation key. The temporary key may be generated based on the application file satisfying the attestation policy, and may not be generated based on the application file not satisfying the attestation policy.
    Type: Grant
    Filed: August 20, 2020
    Date of Patent: October 18, 2022
    Assignee: Verizon Patent and Licensing Inc.
    Inventors: Manuel Enrique Caceres, Bruno Mendez, Mauricio Pati Caldeira De Andrada, Warren Hojilla Uy, Young R. Choi
  • Patent number: 11444789
    Abstract: In order to improve the efficiency of transfer to outside devices while necessary buffer memory is suppressed, the present invention is an information processing apparatus for decoding a packet that is encrypted in accordance with Transport Layer Security (TLS) protocols and in which a padding portion has a variable length, the information processing apparatus including acquisition means for acquiring an encrypted packet on a unit data basis, decoding means for decoding the encrypted packet on the unit data basis, output means for outputting decoded data obtained through the decoding performed by the decoding means to an external device in accordance with an order in which the decoding is performed by the decoding means, and control means for restricting output to be performed by the output means in a case where a padding pattern is detected from the decoded data obtained through the decoding performed by the decoding means.
    Type: Grant
    Filed: October 2, 2019
    Date of Patent: September 13, 2022
    Assignee: Canon Kabushiki Kaisha
    Inventor: Akiyoshi Momoi
  • Patent number: 11436109
    Abstract: A system includes a parallel redundancy protocol (PRP) link redundancy entity (LRE) configured to receive data and copy the data to create a first copy of the data and a second copy of the data for transmission and a switch configured to cause operation between a first PRP media access control security (MACsec) mode and a second PRP MACsec mode to encrypt the data. The first PRP MACsec mode includes performing MACsec encryption on the data received by the PRP LRE prior to the data being copied by the PRP LRE, and the second PRP MACsec mode includes performing the MACsec encryption on the first copy of the data and the second copy of the data after the data has been copied by the PRP LRE.
    Type: Grant
    Filed: August 31, 2021
    Date of Patent: September 6, 2022
    Assignee: Schweitzer Engineering Laboratories, Inc.
    Inventor: Colin Gordon
  • Patent number: 11431482
    Abstract: A system and method for securely encrypting and booting a headless appliance. A computerized method is disclosed that includes: providing the network appliance with content encrypted with a secret key; launching the network appliance in a fallback configuration that provides limited operational capabilities; forwarding a request for the secret key to an online service that independently utilizes an identity provider to establish trust with an appliance administrator; receiving the secret key from the online service upon establishment of trust with the appliance administrator; decrypting the content with the secret key received from the online service; and utilizing the content to launch the network appliance in a full configuration.
    Type: Grant
    Filed: February 8, 2021
    Date of Patent: August 30, 2022
    Assignee: CITRIX SYSTEMS, INC.
    Inventors: Ioannis Beredimas, Snigdhendu Mukhopadhyay, Adam Phillip Schultz
  • Patent number: 11423179
    Abstract: A data processing method based on an integrated chip is provided. The method includes providing computing information of a trusted computing chip to a high-speed encryption chip, and invoking the high-speed encryption chip to perform data encryption or trusted computing based on the computing information. As such, after these two types of chips are integrated, these two types of secure computing (the trusted computing and the data encryption) can share common computing information. Compared with using individual sets of computing information before integration, corresponding hardware and management costs are reduced. Moreover, the trusted computing chip is superior to the high-speed encryption chip in terms of functional integrity and reliability for data encryption functions. Storing the computing information by the trusted computing chip can improve the security of the data encryption.
    Type: Grant
    Filed: March 25, 2019
    Date of Patent: August 23, 2022
    Assignee: Alibaba Group Holding Limited
    Inventors: Yingfang Fu, Peng Xiao
  • Patent number: 11424919
    Abstract: Protecting usage of key store content at a given user device of an end user includes receiving the key store content at the given user device. The key store content includes key materials encrypted using encryption credentials compatible with the given user device. The key store content is in a format compatible with the given user device. The encrypted key materials of the key store content are imported to a protected key store of the given user device, wherein all the key materials of the key store content are imported at one go. The key materials are stored at the protected key store in the encrypted form, and are non-exportable from the key store. Internally within the protected key store, one or more key store integrated services of the given user device are allowed to access the non-exportable key materials for use, via key references only.
    Type: Grant
    Filed: December 1, 2017
    Date of Patent: August 23, 2022
    Assignee: Gurulogic Microsystems Oy
    Inventors: Tuomas Kärkkäinen, Ossi Kalevo, Mikko Sahlbom
  • Patent number: 11397834
    Abstract: A method for storing encrypted data in a non-volatile memory device, that includes receiving, by a processor, an indication of a power interruption event; disabling, based on the indication, decryption of encrypted data read from a volatile memory module; copying the encrypted data from the volatile memory module to cache; and copying the encrypted data from the cache to the non-volatile memory device.
    Type: Grant
    Filed: July 31, 2020
    Date of Patent: July 26, 2022
    Assignee: EMC IP Holding Company LLC
    Inventors: Walter A. O'Brien, III, Thomas N. Dibb
  • Patent number: 11394700
    Abstract: Described are platforms, systems, and methods for providing an in-line, transparent Transmission Control Protocol (TCP)/Transport Layer Security (TLS) proxy. In one aspect, a programmable input output (IO) device comprises at least one advanced reduced instruction set computer (RISC) machine (ARM) core communicably coupled to at least one central processing unit (CPU) core of a host device; a programmable P4 pipeline comprising a cryptographic offload subsystem; and a memory unit. The programmable IO device executing instruction stored on the memory unit comprising: establishing a session for an incoming TCP connection received from a remote host via the at least one ARM core; processing data packets received from the remote host via the programmable P4 pipeline; decrypting the received data packets via the cryptographic offload subsystem; and providing the decrypted data packets to the host device.
    Type: Grant
    Filed: January 31, 2020
    Date of Patent: July 19, 2022
    Assignee: PENSANDO SYSTEMS INC.
    Inventors: Sameer Kittur, Raghava Kodigenahalli Sivaramu, Alok Rathore, Vijay Sampath, Vipin Jain
  • Patent number: 11303653
    Abstract: An information security system that includes an information security engine configured to monitor data transmissions within a network and to detect a first attack by a malicious software element. The information security engine is further configured to detect a second attack by the malicious software element within a predetermined time interval from the first attack and to transfer the malicious software element from the network to an emulated network in response to detecting the second attack. The information security engine is further configured to generate an attack log comprising behavior characteristics for attacks performed by the malicious software element in the emulated network and to train a machine learning model based on behavior characteristics from the attack log.
    Type: Grant
    Filed: August 12, 2019
    Date of Patent: April 12, 2022
    Assignee: Bank of America Corporation
    Inventors: Jo-Ann Taylor, Michael J. Sbandi, Benjamin F. Tweel
  • Patent number: 11258581
    Abstract: A method is provided for transmitting encrypted packets from a first node to a second node of a communication network. The first node pads each plaintext packet with a respective padding content. The padded plaintext packets are then encrypted and transmitted to the second node. For each plaintext packet, the first node randomly selects the padding size in a range comprised between a minimum padding size and a maximum padding size. If the size of a plaintext packet is lower than a predefined minimum packet size, the minimum padding size is set equal to the difference between predefined minimum packet size and the plaintext packet size.
    Type: Grant
    Filed: December 15, 2016
    Date of Patent: February 22, 2022
    Assignee: Telecom Italia S.p.A.
    Inventor: Mauro Cociglio
  • Patent number: 11204832
    Abstract: A method is provided for detecting a cold boot attack in a data processing system. The data processing system includes a processor, a memory with ECC, and a monitor circuit. In the method, during a boot process of the data processing system, the monitor circuit counts read and write accesses to the memory and maintains a count of the number of errors in the memory detected by the ECC. The read and write access count and the error count are used to detect suspicious activity that may indicate a cold boot attack on the memory. A data processing system that implements the method is also provided.
    Type: Grant
    Filed: April 2, 2020
    Date of Patent: December 21, 2021
    Assignee: NXP B.V.
    Inventor: Jan-Peter Schat
  • Patent number: 11171990
    Abstract: A security system within a digital network receives a request to access a feature of the digital network from a remote computing device. The security system obtains obtains characteristic data corresponding to the remote computing device and generates a security score corresponding to the remote computing device based at least in part on the characteristic data. The security system compares the security score to an access threshold, allowing the remote computing device to access to the feature of the digital network if the security score exceeds the access threshold.
    Type: Grant
    Filed: November 1, 2018
    Date of Patent: November 9, 2021
    Assignee: Entreda, Inc.
    Inventors: Siddharth Yenamandra, Farshad Ghaffari
  • Patent number: 11146388
    Abstract: A method of encrypting a data file includes: opening the data file; selecting, via a first user interface, a portion of the data file; encrypting, via an encryption component, the selected portion of the data file as one of a first level of encryption associated with a first authorized user and a second level of encryption associated with a second authorized user so as to create an encrypted data file; and saving the encrypted data file. The encryption component includes an out-of-band encryption key component having stored therein, a first encryption key associated with the first level of encryption and a second encryption key associated with the second level of encryption.
    Type: Grant
    Filed: October 28, 2019
    Date of Patent: October 12, 2021
    Assignee: United States of America as represented by the Secretary of the Navy
    Inventors: Matthew Galligan, Nhan Nguyen, John P. Waxler, William Dennis Bressler
  • Patent number: 11113402
    Abstract: Methods, systems and apparatuses may provide for technology that includes a system on chip (SoC) having a root of trust and an embedded controller to conduct functional safety operations and non-functional safety operations with respect to the SoC. The technology may also include an enhanced serial peripheral interface (eSPI) coupled to the SoC and the embedded controller, wherein the eSPI is to tunnel communications associated with the functional safety operations between the embedded controller and the root of trust.
    Type: Grant
    Filed: March 29, 2019
    Date of Patent: September 7, 2021
    Assignee: Intel Corporation
    Inventors: Mikal Hunsaker, Mark Feuerstraeter, Asad Azam, Zhenyu Zhu, Navtej Singh
  • Patent number: 11062040
    Abstract: Disclosed herein are methods, systems, and apparatus, including computer programs encoded on computer storage media, for enabling blockchain-based service of process. One method includes: receiving a request generated based on a blockchain-based application for delivering a notice associated with a legal action from a serving party to another party. The serving party is determined to be a registered user of the blockchain-based application. A time that the request is received is recorded on the blockchain. If the party to be served is determined to be a registered user of the blockchain-based application, identifying one or more manners of delivering the notice based on available communication methods included in the registration information of the serving party and registration information of the party to be served. The notice to the party to be served is determined based on at least one of the one or more manners.
    Type: Grant
    Filed: December 13, 2019
    Date of Patent: July 13, 2021
    Assignee: Advanced New Technologies Co., Ltd.
    Inventor: Zhiguo Li
  • Patent number: 11042655
    Abstract: A method for data decryption comprises receiving, over an AXI bus operating in burst mode, data access requests for data units stored in a memory, subdividing the requests received into requests for encrypted data units and requests for non-encrypted data units, forwarding both requests for encrypted data units and requests for non-encrypted data units towards the memory, retrieving the respective sets of data units over the AXI bus, and applying Advanced Encryption Standard, AES, processing to the requests for encrypted data units by calculating decryption masks for the encrypted data units and applying the decryption masks calculated to the encrypted data units retrieved. Subdividing the requests into requests for encrypted data units and requests for non-encrypted data units is performed depending on data start addresses and security information conveyed by the requests.
    Type: Grant
    Filed: March 7, 2019
    Date of Patent: June 22, 2021
    Assignee: STMICROELECTRONICS S.r.l.
    Inventors: Giuseppe Guarnaccia, Rosalino Critelli
  • Patent number: 10999059
    Abstract: An integrated circuit comprising a CPU coupled to a system bus, a network interface configured to interface with an external device, and a crypto neuromorphic core coupled to the system bus. The cryptographic core comprising a processor or core, an internal bus, and a non-transitory computer-readable memory, wherein the crypto neuromorphic core is isolated from the CPU and the network interface via the system bus and the crypto neuromorphic core runs its own operating system. The crypto neuromorphic core is configured to: contain a secure core comprising a secure processor and dedicated/protected memory; store a private key in the dedicated/protected memory accessible to the secure core but not accessible to other components of the crypto neuromorphic core, the central processing unit, and the network interface; add data to a blockchain using the private key via the network interface; and read data from the blockchain via the network interface.
    Type: Grant
    Filed: January 29, 2019
    Date of Patent: May 4, 2021
    Inventor: Alexander Yuan Shi
  • Patent number: 10901704
    Abstract: A software cryptography library management program allows a user to provide a software cryptography library via a graphical user interface. A cryptography toolbox program displays to the user a plurality of cryptographic operation modules in a cryptography toolbox view such that each of the cryptographic operation modules is a graphical shape representation of an operation that performs one or more of application programming interfaces from the provided software cryptography library. A cryptography design program allows the user to place cryptographic operation modules in a drawing area to form a cryptosystem. The user sends a command to a simulation engine to simulate the cryptosystem using the application programming interfaces. The user may send a different command to a code generation engine to generate code from the cryptosystem using the application programming interfaces.
    Type: Grant
    Filed: July 19, 2020
    Date of Patent: January 26, 2021
    Assignee: XMODN SECURITY, LLC
    Inventor: Nader Mazen Rabadi
  • Patent number: 10896265
    Abstract: An example apparatus can include a memory device and a controller coupled to the memory device configured to receive a command including command information to access a register from a host device. The controller can grant access to the register in response to the controller determining the command is valid and/or deny access to the register in response to the controller determining the command is invalid. The controller can determine the command is valid by calculating an answer using a seed from the command in a formula and verifying the calculated answer matches an answer from the command. The command, once verified as valid, can allow the host device to access configuration registers and/or data registers.
    Type: Grant
    Filed: August 2, 2018
    Date of Patent: January 19, 2021
    Assignee: Micron Technology, Inc.
    Inventor: Kevin R. Duncan
  • Patent number: 10891083
    Abstract: A method and associated system for randomizing data to be stored in a memory storage device including, receiving a plurality of data bytes to be randomized at a memory controller and written to a page of a memory storage device, wherein the page comprises a plurality of data sectors and wherein each of the plurality of data sectors are configured to store a plurality of data bytes, randomizing a first portion of the plurality of data bytes using a first randomizer initialized by a first seed to generate a first portion of randomized data bytes and randomizing a second portion of the plurality of data bytes using a second randomizer initialized by a second seed to generate a second portion of randomized data bytes, wherein the first seed is uncorrelated with the second seed.
    Type: Grant
    Filed: March 14, 2018
    Date of Patent: January 12, 2021
    Assignee: MICROSEMI SOLUTIONS (US), INC.
    Inventors: Unnikrishnan Sivaraman Nair, Rino Micheloni, Alessia Marelli
  • Patent number: 10878113
    Abstract: Techniques are disclosed relating to data storage. In various embodiments, a computing device includes first and second processors and memory having stored therein a first encrypted operating system executable by the first processor and a second encrypted operating system executable by the second processor. The computing device also includes a secure circuit configured to receive, via a first mailbox mechanism of the secure circuit, a first request from the first processor for a first cryptographic key usable to decrypt the first operating system. The secure circuit is further configured to receive, via a second mailbox mechanism of the secure circuit, a second request from the second processor for a second cryptographic key usable to decrypt the second operating system, and to provide the first and second cryptographic keys.
    Type: Grant
    Filed: September 27, 2018
    Date of Patent: December 29, 2020
    Assignee: Apple Inc.
    Inventors: Wade Benson, Michael J. Smith, Joshua P. de Cesare
  • Patent number: 10853504
    Abstract: In an embodiment, a system is provided in which the private key is managed in hardware and is not visible to software. The system may provide hardware support for public key generation, digital signature generation, encryption/decryption, and large random prime number generation without revealing the private key to software. The private key may thus be more secure than software-based versions. In an embodiment, the private key and the hardware that has access to the private key may be integrated onto the same semiconductor substrate as an integrated circuit (e.g. a system on a chip (SOC)). The private key may not be available outside of the integrated circuit, and thus a nefarious third party faces high hurdles in attempting to obtain the private key.
    Type: Grant
    Filed: November 22, 2019
    Date of Patent: December 1, 2020
    Assignee: Apple Inc.
    Inventors: Timothy R. Paaske, Mitchell D. Adler, Conrad Sauerwald, Fabrice L. Gautier, Shu-Yi Yu
  • Patent number: 10839370
    Abstract: A transaction device for securing a transaction includes an NFC controller, a communication interface, an application processor, a display and a user input device. The NFC controller is configured to receive, via a contactless NFC interface, data related to the transaction from an external device. The communication interface is configured to receive an application program for the transaction device. The application processor is coupled to the NFC controller and configured to process the application program. The display is coupled to the application processor and configured to display transaction information. The user input device is linked to the NFC controller and configured to receive a user acknowledgement of the transaction.
    Type: Grant
    Filed: July 18, 2018
    Date of Patent: November 17, 2020
    Assignee: VERIMATRIX
    Inventor: Jean-Bernard Blanchet
  • Patent number: 10810138
    Abstract: This disclosure is directed to a processing device including a memory to store data, processing circuitry to process data, the processing circuitry including a memory controller to control access to the memory and encryption circuitry to encrypt and decrypt data, and I/O circuitry. The I/O circuitry includes an I/O port to write data to a storage device and to read data from the storage device and an enable encryption bit associated with the I/O port, the I/O port to receive a request to read data from the memory, to send a read command to the memory controller with an enable encryption attribute set when the enable encryption bit is set, and to send a read command to the memory controller with the enable encryption attribute not set when the enable encryption bit is not set.
    Type: Grant
    Filed: June 14, 2018
    Date of Patent: October 20, 2020
    Assignee: Intel Corporation
    Inventors: Samantha Edirisooriya, Robert Z. Papp
  • Patent number: 10735409
    Abstract: A communication adapter for authentication of a user includes a receiving unit for receiving encrypted credentials, a decryption unit for decrypting the encrypted credentials and an output unit for outputting the decrypted credentials to a terminal device.
    Type: Grant
    Filed: March 23, 2017
    Date of Patent: August 4, 2020
    Assignee: Fraunhofer-Gesellschaft zur Foerderung der angewandten Forschung e.V.
    Inventors: Erik Krempel, Mario Kaufmann
  • Patent number: 10715509
    Abstract: Systems and methods for encryption key shredding to protect non-persistent data are described. In one embodiment, the storage system device may include a storage drive and a controller. In some embodiments, the controller may be configured to power on the storage drive, identify an encryption key on the storage drive created upon powering on the storage drive, and encrypt data in a cache of the storage drive using the encryption key. In some embodiments, the controller may be configured to power off the storage drive and delete the encryption key upon powering off the storage drive. In some cases, the storage drive may include at least one of a solid state drive and a hard disk drive. In some embodiments, the storage drive may include a hybrid storage drive that includes both a solid state drive and a hard disk drive.
    Type: Grant
    Filed: October 30, 2018
    Date of Patent: July 14, 2020
    Assignee: SEAGATE TECHNOLOGY LLC
    Inventors: Stacey Secatch, Kristofer C. Conklin, Dana L. Simonson, Robert W. Moss
  • Patent number: 10701061
    Abstract: The invention introduces a method for blocking unauthorized applications, at least containing: receiving an input parameter from an application; determining whether the application is authenticated by inspecting content of the input parameter; randomly generating a session key, storing the session key in a file and storing the file in a path that can be accessed by a motherboard support service and the application only when the application is authenticated; and replying with the path and a filename of the file to the application.
    Type: Grant
    Filed: September 18, 2017
    Date of Patent: June 30, 2020
    Assignee: VIA TECHNOLOGIES, INC.
    Inventors: Guanghui Wu, Jinglin Liu
  • Patent number: 10685145
    Abstract: The instruction code including an instruction code stored in the area where the encrypted instruction code is stored in a non-rewritable format is authenticated using a specific key which is specific to the core where the instruction code is executed or an authenticated key by a specific key to perform an encryption processing for the input and output data between the core and the outside.
    Type: Grant
    Filed: April 12, 2019
    Date of Patent: June 16, 2020
    Assignee: SOCIONEXT INC.
    Inventors: Seiji Goto, Jun Kamada, Taiji Tamiya