Tamper Resistant Patents (Class 713/194)
  • Patent number: 10243937
    Abstract: A method of performing an equality check in a secure system, including: receiving an input v having a known input property; splitting the input v into t secret shares vi where i is an integer index and t is greater than 1; splitting an input x into k secret shares xi where i is an integer index and k is greater than 1; splitting the secret shares xi into a s chunks resulting in s·k chunks yj where j is an integer index; calculating a mapping chain t times for each secret share vi, wherein the mapping chain including s·k affine mappings Fj, wherein yj and Fj?1(yj?1) are the inputs to Fj and the F0(y0)=vi; and determining if the outputs have a known output property indicating that the input x equals a desired value.
    Type: Grant
    Filed: July 8, 2016
    Date of Patent: March 26, 2019
    Assignee: NXP B.V.
    Inventor: Wilhelmus Petrus Adrianus Johannus Michiels
  • Patent number: 10194113
    Abstract: The present invention discloses a video signal switching circuit and switching method. The switching circuit includes: a regulating circuit connected to a first cable and configured to regulate the first cable to be in a pull-up state or a released state; a detection circuit connected to the first cable and configured to detect a first voltage value on the first cable when the first cable is in the pull-up state or detect a second voltage value on the first cable when the first cable is in the released state; and a controller configured to determine a change in the first voltage value or the second voltage value from the detection circuit, wherein the controller controls a second cable to transmit the video signal when determining that the second voltage value increases, or the controller controls the first cable to transmit the video signal when determining that the first voltage value decreases.
    Type: Grant
    Filed: December 11, 2015
    Date of Patent: January 29, 2019
    Assignee: HANGZHOU HIKVISION DIGITAL TECHNOLOGY CO., LTD.
    Inventors: Peng Yin, Huan Zhang, Qiufang Liang
  • Patent number: 10171485
    Abstract: Approaches for providing security in a networked computing environment are provided. The method includes detecting, by at least one computer device, a breach of a first system in the networked computing environment. The method also includes identifying a second system in the in the networked computing environment as an at-risk system based on a proximity of the second system to the first system. The method additionally includes re-generating, by the at least one computer device, the second system as a new system at a new location in the networked computing environment. The method further includes converting, by the at least one computer device, the second system to a decoy system.
    Type: Grant
    Filed: December 13, 2017
    Date of Patent: January 1, 2019
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Gregory J. Boss, Rick A. Hamilton, II, Jeffrey R. Hoy, Agueda M. H. Magro
  • Patent number: 10157248
    Abstract: The invention relates to a method and an apparatus for designing a circuit suitable for generating random bits and to a circuit for generating random bits. A random bit string which is used as a binary random number is generated, for example. The proposed method and the apparatus as well as the circuit are used to implement random number generators, for example. A jth specific function from a set of bijective mappings is selected as the jth function, wherein the jth specific function carries out a jth fixed-point-free mapping. At least one ith mapping device is then selected. An ith specific function from a set of bijective mappings is assigned to the ith function, with the result that an ith concatenation of the i functions carries out an ith fixed-point-free mapping.
    Type: Grant
    Filed: September 17, 2014
    Date of Patent: December 18, 2018
    Assignee: Siemens Aktiengesellschaft
    Inventors: Pascale Böffgen, Markus Dichtl
  • Patent number: 10121144
    Abstract: In order to validate a user to facilitate conducting a high-valued financial transaction via wireless communication between an electronic device (such as a smartphone) and another electronic device (such as a point-of-sale terminal), the electronic device may authenticate the user prior to the onset of the high-valued financial transaction. In particular, a secure enclave processor in a processor may provide local validation information that is specific to the electronic device to a secure element in the electronic device when received local authentication information that is specific to the electronic device (such as a biometric identifier of the user) matches stored authentication information. Moreover, an authentication applet in the secure element may provide the local validation information to an activated payment applet in the secure element. This may enable the payment applet to conduct the high-valued financial transaction via wireless communication, such as near-field communication.
    Type: Grant
    Filed: September 2, 2014
    Date of Patent: November 6, 2018
    Assignee: Apple Inc.
    Inventor: Ahmer A. Khan
  • Patent number: 10108380
    Abstract: An information processing apparatus includes an information holding unit that holds pieces of information acquired from an external apparatus; an execution unit that reads a partial program having specific information, among the pieces of information acquired from the external apparatus, described therein, and executes a program including the partial program with reference to the pieces of information held in the information holding unit.
    Type: Grant
    Filed: October 20, 2017
    Date of Patent: October 23, 2018
    Assignee: FUJI XEROX CO., LTD.
    Inventors: Satoshi Takaoka, Kiyoko Shimadate
  • Patent number: 10108821
    Abstract: A program execution device capable of protecting a program against unauthorized analysis and alteration is provided. The program execution device includes an execution unit, a first protection unit, and a second protection unit. The execution unit executes a first program and a second program, and is connected with an external device that is capable of controlling the execution. The first protection unit disconnects the execution unit from the external device while the execution unit is executing the first program. The second protection unit protects the first program while the execution unit is executing the second program.
    Type: Grant
    Filed: September 29, 2017
    Date of Patent: October 23, 2018
    Assignee: PANASONIC INTELLECTUAL PROPERTY CORPORATION OF AMERICA
    Inventors: Hideki Matsushima, Teruto Hirota, Yukie Shoda, Shunji Harada
  • Patent number: 10061922
    Abstract: Systems and methods for malware detection techniques, which detect malware by identifying the C&C communication between the malware and the remote host. In particular, the disclosed techniques distinguish between request-response transactions that carry C&C communication and request-response transactions of innocent traffic. Individual request-response transactions may be analyzed rather than entire flows, and fine-granularity features examined within the transactions. As such, these methods and systems are highly effective in distinguishing between malware C&C communication and innocent traffic, i.e., in detecting malware with high detection probability and few false alarms.
    Type: Grant
    Filed: April 30, 2013
    Date of Patent: August 28, 2018
    Assignee: Verint Systems Ltd.
    Inventors: Yuval Altman, Assaf Yosef Kere, Ido Krupkin, Pinhas Rozenblum
  • Patent number: 10055568
    Abstract: Embodiments of the present invention disclose a method, computer program product, and device for accessing encrypted data. A communication link may be established between an authorization dongle and a secure device having encrypted data stored thereon. A communication link may also be established between the authorization dongle and a secure server. An encryption key associated with the encrypted data may be received from the secure server. The encryption key may be stored in volatile memory on the authorization dongle. An indication that a user is attempting to access the encrypted data may be received. The encryption key may be transmitted from the authorization dongle to the secure device in response to the user attempting to access the encrypted data.
    Type: Grant
    Filed: September 1, 2017
    Date of Patent: August 21, 2018
    Assignee: International Business Machines Corporation
    Inventors: Timothy Biesecker, Louie A. Dickens, Mark S. Fleming
  • Patent number: 10045207
    Abstract: The disclosure provides a client device for hearing device communication and related method. The client device comprises a processing unit, a memory unit, and an interface. The processing unit is configured to send a session request for a session to the hearing device via the interface. The processing unit is configured to receive a session response from the hearing device via the interface. The processing unit is configured to obtain a session key based on e.g. the session response. The processing unit is configured to determine hearing device data and/or to generate session data e.g. based on the session key and the hearing device data. The processing unit is configured to send the session data to the hearing device via the interface.
    Type: Grant
    Filed: November 9, 2016
    Date of Patent: August 7, 2018
    Assignee: GN HEARING A/S
    Inventors: Brian Dam Pedersen, Allan Munk Vendelbo
  • Patent number: 10037425
    Abstract: Suspicious file prospecting activity is detected based on patterns of file system access. A user's file system access is monitored over a specific time period. A sequence of the file accesses (e.g., represented as path names) made by the user during the time period is recorded. Distances between the recorded file accesses are determined, for example as edit distances. A distance sequence is recorded, comprising a record of the determined distances. The distance sequence is reduced to one or more baseline statistics describing the pattern of the user's access of the file system during the given period of time. At least one subsequent anomaly in the user's access of the file system is detected, by comparing at least one subsequently calculated statistic representing at least one subsequent pattern of the user's file system access to the at least one baseline statistic.
    Type: Grant
    Filed: August 26, 2015
    Date of Patent: July 31, 2018
    Assignee: Symantec Corporation
    Inventors: Aleatha Parker-Wood, Andrew Gardner
  • Patent number: 10033644
    Abstract: A flow in a flow set having an access control (“AC”) policy assigned is monitored. A bandwidth used by the flow is determined. One or more packets associated with the flow are selectively dropped based on at least one of the used bandwidth and the AC policy.
    Type: Grant
    Filed: February 12, 2013
    Date of Patent: July 24, 2018
    Assignee: Adara Networks, Inc.
    Inventor: Randall Stewart
  • Patent number: 9959394
    Abstract: The invention relates to a device for decrypting protected content and for providing the decrypted content for playback. The device comprises one or more system software modules providing functions for facilitating the decryption of the protected content and at least one client software module assigned to a provider of protected content. The client software module is adapted to access functions of the system software modules in order to control the system software to decrypt the protected content of the provider. Moreover, the device is adapted to validate the system software and/or a further client software module and to prevent the decryption and/or provision of the protected content of the provider, if the system software and/or the further client software module are not validated successfully.
    Type: Grant
    Filed: June 10, 2015
    Date of Patent: May 1, 2018
    Assignee: VODAFONE GMBH
    Inventors: Marnix Vlot, Christoph Schaaf
  • Patent number: 9947412
    Abstract: A data writing method for a rewritable non-volatile memory module is provided. The method includes recording a plurality of characteristic parameters corresponding to a plurality of data to be programmed; arranging the data according to the characteristic parameters and identifying frequently-read data among the plurality of data according to the characteristic parameters, and programming the frequently-read data into a first physical programming unit of a rewritable non-volatile memory module, wherein a time for reading data from the first physical programming unit is less than a time for reading data from a second physical programming unit of the rewritable non-volatile memory module. Accordingly, the reading performance for the data can be effectively improved.
    Type: Grant
    Filed: May 23, 2017
    Date of Patent: April 17, 2018
    Assignee: PHISON ELECTRONICS CORP.
    Inventor: Chun-Yang Hu
  • Patent number: 9946853
    Abstract: Techniques for application code obfuscation are disclosed. In one embodiment, the techniques may be realized as a method including receiving application code and testing data associated with the application; automatically generating obfuscated application code from the received application code; automatically testing the obfuscated application code by running the obfuscated application code and inputting at least the recorded inputs from the testing data while recording associated outputs; in response to determining that the associated outputs from automatically testing the obfuscation code do not match the testing data outputs, modifying the obfuscated application code and automatically testing the modified obfuscated application code against the testing data; and, in response to determining that outputs from automatically testing the modified obfuscated application code match the testing data outputs, transmitting the modified obfuscated application code as a successful obfuscation of the application.
    Type: Grant
    Filed: September 17, 2015
    Date of Patent: April 17, 2018
    Assignee: Symantec Corporation
    Inventors: Gary Chirhart, Brian T. Witten
  • Patent number: 9836612
    Abstract: Protecting data is disclosed, including: analyzing, using one or more processors, a set of scripting resource source data to determine a plurality of semantic units; determining a tree-structured source data based at least in part on mapping values of the plurality of semantic units to respective ones of a plurality of semantic structures; selecting an obfuscation strategy to apply to the tree-structured source data, wherein the selected obfuscation strategy includes one or more obfuscation techniques; determining an obfuscated tree-structured source data based at least in part by applying the selected obfuscation strategy to the tree-structured source data; and converting the obfuscated tree-structured source data into a set of obfuscated scripting resource source data.
    Type: Grant
    Filed: May 16, 2014
    Date of Patent: December 5, 2017
    Assignee: Alibaba Group Holding Limited
    Inventor: Jian Li
  • Patent number: 9836600
    Abstract: A multi-stage event detector for monitoring a system, the multi-stage event detector including: a process generator operable to generate main and sub-processes, each main and sub-process being operable to generate and initiate a detection agent each of which is operable to be triggered by detecting the occurrence of a trigger event and to report back to its generating process or sub-process upon being so triggered. Each process or sub-process is operable to respond to receipt of a report from a triggered detection agent by reporting the detection of a multi-stage event to an overall controller.
    Type: Grant
    Filed: March 31, 2014
    Date of Patent: December 5, 2017
    Assignee: British Telecommunications PLC
    Inventors: Ian Herwono, Zhan Cui
  • Patent number: 9803610
    Abstract: A system and method for preventing unauthorized modification to engine control software or an engine control system of, for example, a refrigerated transport application is provided. Particularly, the embodiments described herein prevent unauthorized parties from inadvertently or intentionally making changes to the engine control software used for controlling the engine or the engine control system that could, for example, potentially bypass emission strategies implemented in the refrigerated transport application. Accordingly, emission strategies such as, for example, EPA Tier IV not-to-exceed (“NTE”) regulations can be maintained.
    Type: Grant
    Filed: April 1, 2014
    Date of Patent: October 31, 2017
    Assignee: THERMO KING CORPORATION
    Inventors: Cullen Evan Hall, Gary McGinley, Erich Albert Lucht, Michael James Vanous, Michael Dean Turnquist
  • Patent number: 9805203
    Abstract: Implementations of the present disclosure include methods, systems, and computer-readable storage media for receiving, by a SSCA module of a server, source code data based on one or more web pages of a website, analyzing, by the SSCA module, the source code data using static analysis to provide initial results, the initial results including identifiers respectively assigned to one or more variables provided in the source code data, transmitting, by the SSCA module, a request to the website through a proxy server, the request being based on the initial results, the proxy server receiving a response and transmitting a rewritten response to a DSCA module executed on a client, receiving, by the SSCA module, updated source code data from the DSCA module, the updated source code data being provided based on the rewritten response, and updating, by the SSCA module, the initial results based on the updated source code data.
    Type: Grant
    Filed: April 21, 2015
    Date of Patent: October 31, 2017
    Assignee: SAP SE
    Inventors: Martin Johns, Sebastian Lekies, Benjamin Raethlein
  • Patent number: 9800597
    Abstract: A system and a method are disclosed for identifying network threats based on hierarchical classification. The system receives packet flows from a data network and determines flow features for the received packet flows based on data from the packet flows. The system also classifies each packet flow into a flow class based on flow features of the packet flow. Based on a criterion, the system selects packet flows from the received packet flows and places the selected packet flows into an event set that represents an event on the network. The system determines event set features for the event set based on the flow features of the selected packet flows. The system then classifies the event set into a set class based on the determined event set features. Based on the set class, the computer system may report a threat incident on an internetworking device that originated the selected packet flows.
    Type: Grant
    Filed: October 3, 2016
    Date of Patent: October 24, 2017
    Assignee: Cisco Technology, Inc.
    Inventors: Karel Bartos, Michal Sofka
  • Patent number: 9779239
    Abstract: According to an aspect of an embodiment, a method may include determining a set of entity instances in a software program. Each entity instance may correspond to a program entity through which the software program performs an interaction with an external entity that is external to the software program. The method may also include determining an identity of each external entity. Additionally, the method may include determining a set of data-flow predicates and a set of control-flow predicates that are satisfied by the software program. Further, the method may include comparing the set of data-flow predicates and the set of control-flow predicates with a signature library that includes one or more malicious software signatures. The method may further include determining that the software program is malicious in response to the set of data-flow predicates and the set of control-flow predicates matching one or more malicious software signatures.
    Type: Grant
    Filed: March 15, 2015
    Date of Patent: October 3, 2017
    Assignee: FUJITSU LIMITED
    Inventors: Mukul R. Prasad, Wei Yang
  • Patent number: 9762241
    Abstract: Some embodiments include apparatus and methods using a first ring oscillator, a second ring oscillator, and circuit coupled to the first and second ring oscillators. The first ring oscillator includes a first memory cell and a first plurality of stages coupled to the first memory cell. The second ring oscillator includes a second memory cell and a second plurality of stages coupled to the second memory cell. The circuit includes a first input node coupled to an output node of the first ring oscillator and a second input node coupled to an output node of the second ring oscillator. In one of such embodiments, the circuit can operate to generate identification information to authenticate the apparatus.
    Type: Grant
    Filed: June 30, 2016
    Date of Patent: September 12, 2017
    Assignee: Intel Corporation
    Inventors: Charles Augustine, Suriya Ashok Kumar, Carlos Tokunaga, James W. Tschanz
  • Patent number: 9747787
    Abstract: Described are methods, recording media, and devices for configuring a home-automation installation comprising at least one first part of the home-automation installation and one second part of the home-automation installation and one configuration device. The first part of the home-automation installation comprises elements including a remote control unit and equipment controlled by the remote control unit, communicating over a first home-automation network, the first part having a first key, and the second part of the home-automation installation comprises elements including a remote control unit and equipment controlled by the remote control unit, communicating over a second home-automation network, the second part having a second key.
    Type: Grant
    Filed: February 26, 2013
    Date of Patent: August 29, 2017
    Assignee: SOMFY SAS
    Inventors: Arnaud Desbiolles, Stephane Marmey, Mickael Mugnier
  • Patent number: 9740834
    Abstract: The invention relates to a device for accessing protected content, the device comprising a secure module for accessing the protected content and a control unit external to the secure module for controlling access operations for the protected content. The device is configured to receive usage rights data for the protected content, the usage rights data including first and second usage rights data defining permissions for uses of the protected content, and the device is configured to enable a requested use of the protected content upon a check whether the use is permitted by usage rights data, the check being made in the secure module based on to the first usage rights data and the check being made in the control unit based on the second usage rights data. Moreover, the invention relates to a method for operating the device.
    Type: Grant
    Filed: August 26, 2015
    Date of Patent: August 22, 2017
    Assignee: Vodafone GmbH
    Inventors: Marnix Vlot, Christoph Schaaf
  • Patent number: 9740570
    Abstract: Resynchronization of folders shared among multiple client devices over a network is provided. Metadata and hash values stored on the client device are moved from a metadata database to a resynchronization database, and the data in the metadata database is deleted. Metadata is created for locally stored synchronized files. For each file, the created metadata is compared to the metadata stored in the resynchronization database. If the metadata matches, hash values are retrieved from the resynchronization database and stored with the created metadata in the metadata database. If the metadata does not match, hashes for the file are created and stored with the created metadata in the metadata database. A synchronization operation may be performed which consists of comparing the files stored on the client to the synchronized versions on a host server and updating or adding files that are not present or not up to date.
    Type: Grant
    Filed: June 24, 2016
    Date of Patent: August 22, 2017
    Assignee: Dropbox, Inc.
    Inventors: John Lai, Elmer Charles Jubb, IV
  • Patent number: 9736142
    Abstract: Technologies for tokenizing data including a computing device to extract plaintext data from an input file to be tokenized. The computing device performs data domain-specific format-preserving encryption on the extracted plaintext data based on a first cryptographic key to generate encrypted data and replaces one or more portions of the encrypted data with corresponding portions of alternative data based on a mapping table that maps encrypted data to alternative data. The computing device further performs data domain-specific format-preserving encryption on the alternative data based on a second cryptographic key to generate a token and stores the token in an output file.
    Type: Grant
    Filed: September 6, 2016
    Date of Patent: August 15, 2017
    Assignee: Intel Corporation
    Inventors: Mark H. Davis, Alexander S. Lukichev
  • Patent number: 9730314
    Abstract: The present invention provides a security assembly for protecting a device includes first and second security wraps fitted to the device. The first security wrap covers a first area of the device. The second security wrap partially overlaps the first security wrap and covers a second area of the device. Each of the first and second security wraps has a security screen having first and second screen terminals and a conductive track extending between the first and second screen terminals. A conductive structure is disposed in an overlapping area between the first and second security wraps and coupled to the second screen terminal of the first security screen and to the first screen terminal of the second security screen.
    Type: Grant
    Filed: August 16, 2016
    Date of Patent: August 8, 2017
    Assignee: JOHNSON ELECTRIC S.A.
    Inventor: Vincent Daniel Jean Salle
  • Patent number: 9710744
    Abstract: A dynamic transaction card that is manufactured using conductive plastic jumpers that will dissolve when in contact with a solvent used to tamper with the dynamic transaction card. Internal components of a dynamic transaction card may be manufactured using a synthetic or semi-synthetic organic material, such as, for example, plastics. These materials may be conductive to provide functionality to a dynamic transaction card, such as a connection between an integrated circuit and other card components such that when the materials dissolve, the connections are broken and the dynamic transaction card may be inactive due to the loss of various connections.
    Type: Grant
    Filed: April 14, 2016
    Date of Patent: July 18, 2017
    Assignee: Capital One Services, LLC
    Inventors: David Wurmfeld, James Zarakas, Theodore Markson, Saleem Sangi, Tyler Locke, Kevin Kelly
  • Patent number: 9665699
    Abstract: A non-transitory machine-readable storage medium encoded with instructions for execution by a keyed encryption operation by a cryptographic system mapping an input message having an encoded portion and a padding portion to an output message, including: instructions for receiving a padding value k; instructions for receiving the input message, wherein the padding portion has a size indicated by the padding value k; instructions for computing a first portion of the encryption operation to produce a first portion output; instructions for computing a compensation factor corresponding to the padding portion of the input message; and instructions for compensating the first portion output based upon the compensation factor.
    Type: Grant
    Filed: March 13, 2015
    Date of Patent: May 30, 2017
    Assignee: NXP B.V.
    Inventors: Wil Michiels, Jan Hoogerbrugge, Joachim Trescher
  • Patent number: 9654468
    Abstract: Systems and methods for secure remote biometric authentication are provided. A network-based biometric authentication platform stores biometric templates for individuals which have been securely enrolled with the authentication platform. A plurality of sensor platforms separately establishes secure communications with the biometric authentication platform. The sensor platform can perform a biometric scan of an individual and generate a biometric authentication template. The sensor platform then requests biometric authentication of the individual by the biometric authentication platform via the established secure communications. The biometric authentication platform compares the generated biometric template to one or more of the enrolled biometric templates stored in memory at the biometric authentication platform. The result of the authentication is then communicated to the requesting sensor platform via the established secure communications.
    Type: Grant
    Filed: December 20, 2013
    Date of Patent: May 16, 2017
    Assignee: Avago Technologies General IP (Singapore) Pte. Ltd.
    Inventor: Mark Buer
  • Patent number: 9607180
    Abstract: In an information processing apparatus and a method of controlling the same, settings for prohibiting an access to a removable medium is performed, and even if the setting is set, the access to the removable medium is permitted in a case where the information processing apparatus is activated in the maintenance mode.
    Type: Grant
    Filed: November 14, 2014
    Date of Patent: March 28, 2017
    Assignee: Canon Kabushiki Kaisha
    Inventor: Yasuharu Sugano
  • Patent number: 9600672
    Abstract: Techniques are described for dynamically enabling or disabling portions of an executing software module based on control data. During compilation of source code for a software module, switching instructions may be generated to enable the conditional bypassing of executable instructions for one or more functions described in the source code. In some cases, the switching instructions may be generated for the public functions of a software module. During execution of the software module, the switching instructions may trap a call to a function and dynamically determine whether to execute the function based on the value of control data corresponding to the function. A user interface may be presented to enable an operator to set the control data to enable or disable the execution of one or more functions.
    Type: Grant
    Filed: December 4, 2014
    Date of Patent: March 21, 2017
    Assignee: AMAZON TECHNOLOGIES, INC.
    Inventor: Harsha Ramalingam
  • Patent number: 9546610
    Abstract: A system and method for preventing unauthorized modification to engine control software or an engine control system of, for example, a refrigerated transport application is provided. Particularly, the embodiments described herein prevent unauthorized parties from inadvertently or intentionally making changes to the engine control software used for controlling the engine or the engine control system that could, for example, potentially bypass emission strategies implemented in the refrigerated transport application. Accordingly, emission strategies such as, for example, EPA Tier IV not-to-exceed (“NTE”) regulations can be maintained.
    Type: Grant
    Filed: April 1, 2014
    Date of Patent: January 17, 2017
    Assignee: THERMO KING CORPORATION
    Inventors: Cullen Evan Hall, Gary McGinley, Erich Albert Lucht, Michael James Vanous, Michael Dean Turnquist
  • Patent number: 9503437
    Abstract: The disclosure provides a client device for hearing device communication and related method. The client device comprises a processing unit, a memory unit, and an interface. The processing unit is configured to send a session request for a session to the hearing device via the interface. The processing unit is configured to receive a session response from the hearing device via the interface. The processing unit is configured to obtain a session key based on e.g. the session response. The processing unit is configured to determine hearing device data and/or to generate session data e.g. based on the session key and the hearing device data. The processing unit is configured to send the session data to the hearing device via the interface.
    Type: Grant
    Filed: December 17, 2014
    Date of Patent: November 22, 2016
    Assignee: GN RESOUND A/S
    Inventors: Brian Dam Pedersen, Allan Munk Vendelbo
  • Patent number: 9496230
    Abstract: Embodiments relate to the detection of semiconductor tampering with a light-sensitive circuit. A tamper detection device for an integrated circuit includes a light-sensitive circuit disposed within a package of an integrated circuit. The light-sensitive circuit closes in response to an exposure to a light source, indicating a tamper condition.
    Type: Grant
    Filed: April 30, 2015
    Date of Patent: November 15, 2016
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Qing Cao, Shu-Jen Han, Li-Wen Hung
  • Patent number: 9471285
    Abstract: Systems, methods, and computer program embodiments are disclosed for detecting third party software components in a software codebase. In an embodiment, a source file containing source code may be received at a server, and a code signature may be generated for the source file based on a determined structure of the source code. The generated code signature may then be compared to signatures stored in a reference database to identify matching third party software files. In an embodiment, the reference database may store a plurality of code signatures corresponding to third party software files. A list of the identified third party software files may be created and presented to a user.
    Type: Grant
    Filed: July 9, 2015
    Date of Patent: October 18, 2016
    Assignee: SYNOPSYS, INC.
    Inventors: Mahshad Koohgoli, Xiaojun Shen, Christopher Potts, Aida Malaki
  • Patent number: 9462008
    Abstract: A system and a method are disclosed for identifying network threats based on hierarchical classification. The system receives packet flows from a data network and determines flow features for the received packet flows based on data from the packet flows. The system also classifies each packet flow into a flow class based on flow features of the packet flow. Based on a criterion, the system selects packet flows from the received packet flows and places the selected packet flows into an event set that represents an event on the network. The system determines event set features for the event set based on the flow features of the selected packet flows. The system then classifies the event set into a set class based on the determined event set features. Based on the set class, the computer system may report a threat incident on an internetworking device that originated the selected packet flows.
    Type: Grant
    Filed: October 21, 2014
    Date of Patent: October 4, 2016
    Assignee: Cisco Technology, Inc.
    Inventors: Karel Bartos, Michal Sofka
  • Patent number: 9455233
    Abstract: A system for generating a tamper detection signal indicating tampering with one or more circuits of an integrated circuit (IC) includes both a static wire mesh and an active wire mesh. The wire meshes can be formed in the same layer over the circuits to be protected or in different layers. The wire meshes also may cover the entire chip area or only predetermined areas, such as over secure memory and register areas. The wire meshes are connected to a tamper detection module, which monitors the meshes and any signals transmitted via the meshes to detect attempts to access the protected circuits via micro-probing.
    Type: Grant
    Filed: December 2, 2015
    Date of Patent: September 27, 2016
    Assignee: FREESCALE SEMICONDUCTOR, INC.
    Inventors: Rishi Bhooshan, Mohit Arora, Rakesh Pandey
  • Patent number: 9450756
    Abstract: A method and a system for authenticating an entity based on a symmetric encryption algorithm are provided. The method includes the following steps: 1) an entity A sends an authentication request message to an entity B; 2) after receiving the authentication request message, the entity B sends an authentication response message to the entity A; 3) the entity A determines the validity of the entity B according to the received authentication response message. The implementation cost of the system can be reduced by using the authentication according to the invention.
    Type: Grant
    Filed: December 22, 2010
    Date of Patent: September 20, 2016
    Assignee: CHINA IWNCOMM CO., LTD.
    Inventors: Zhiqiang Du, Manxia Tie, Guoqiang Zhang, Qin Li
  • Patent number: 9430675
    Abstract: The present invention provides a method and apparatus for protecting an Encrypting PIN Pad (EPP) against tampering. The apparatus provides an EPP comprising a first layer comprising at least two spaced apart electrode elements, and a second layer comprising at least one bridge element for electrically bridging a space between the at least two electrode elements when the first layer and the second layer are urged together.
    Type: Grant
    Filed: May 21, 2013
    Date of Patent: August 30, 2016
    Assignee: NCR Corporation
    Inventor: Grant A. McNicoll
  • Patent number: 9378063
    Abstract: Embodiments include apparatuses, systems, and methods mobile coprocessing. A connection is established between a mobile device and an auxiliary computing device. The mobile device implements a CPU abstraction layer and a virtual CPU between a software stack and a CPU of the mobile device. The abstraction layer allows for the mobile device to offload tasks to the auxiliary computing device while the software stack interacts with the abstraction layer as if the tasks are being executed by the CPU of the mobile device. The mobile device of allocates tasks to the auxiliary computing device based on various parameters, including properties of the auxiliary computing device, metrics of the connection, and priorities of the tasks.
    Type: Grant
    Filed: October 15, 2013
    Date of Patent: June 28, 2016
    Assignee: QUALCOMM Incorporated
    Inventors: Michael-David Nakayoshi Canoy, Sisil Mehta, Kirtika Ruchandani
  • Patent number: 9378396
    Abstract: A memory controller controlling a nonvolatile memory is provided. The memory controller includes an encryption key feeder configured to feed a cipher key according to a logical address transferred from a host; and an encryption engine configured to perform an encryption operation on data transferred from the host or a decryption operation on data transferred from the nonvolatile memory device, using the cipher key provided from the encryption key feeder.
    Type: Grant
    Filed: April 30, 2015
    Date of Patent: June 28, 2016
    Assignee: SAMSUNG ELECTRONICS CO., LTD.
    Inventors: Youngjin Cho, Hyunsik Kim
  • Patent number: 9349266
    Abstract: Generally, this disclosure provides devices, systems and methods for securing a mobile platform with a security cable, employing an electronically controlled locking mechanism which may be in communication with the platform. A device may include a lock to mate with a lock receiver of the platform, and the lock is coupled to the cable; a locking mechanism driver module to controllably engage and release the lock from the lock receiver; and a communication interface module to receive a signal from the platform and to control the locking mechanism driver module based on the signal.
    Type: Grant
    Filed: December 3, 2013
    Date of Patent: May 24, 2016
    Assignee: Intel Corporation
    Inventor: Robert J. Stoddard
  • Patent number: 9323987
    Abstract: An apparatus and method for detecting forgery/falsification of a homepage. The apparatus includes a homepage image shot generation module for generating homepage image shots of an entire screen of an accessed homepage. A character string extraction module extracts character strings from each homepage image shot using an OCR technique. A character string comparison module compares each of the extracted character strings with character strings required for determination of homepage forgery/falsification, thus determining whether the extracted character string is a normal character string or a falsified character string. A homepage falsification determination module determines whether the corresponding homepage has been forged/falsified, based on results of the comparison. A character string learning module learns the character string extracted from the homepage image shot, based on results of the determination, and classifies the character string as the normal character string or the falsified character string.
    Type: Grant
    Filed: August 25, 2014
    Date of Patent: April 26, 2016
    Assignee: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE
    Inventors: Taek kyu Lee, Geun Yong Kim, Seok won Lee, Myeong Ryeol Choi, Hyung Geun Oh, KiWook Sohn
  • Patent number: 9323955
    Abstract: The method for protecting a logic or mathematical operator of the NOR operator type, able to be used for executing a program in a microprocessor electronic module wherein the execution of the NOR operator is replaced by the execution (CAL-XORSEC(1) of a sequence Si operations having for final result a result identical to that of the XOR function. The sequence of operations Si composed of elementary operations with AND, OR and NOT is selected at each XOR operator from a set of eight equivalent sequences (S1 to S8) after determination CAL-NDO) of an order number ND0=1 according to the parameters of the program and/or a random parameter R supplied by a pseudo-random number generator (14).
    Type: Grant
    Filed: December 20, 2001
    Date of Patent: April 26, 2016
    Assignee: GEMALTO SA
    Inventors: Nicolas Giraud, Abraham Brolh, Patrice Hameau
  • Patent number: 9311492
    Abstract: Some embodiments of the invention provide a content-distribution system. In some embodiments, the content-distribution system distributes device-restricted content and device-unrestricted content. Device-restricted content is content that can only be played on devices that the system associates with the particular user. Device-unrestricted content is content that can be played on any device without any restrictions. However, for at least one operation or service other than playback, device-unrestricted content has to be authenticated before this operation or service can be performed on the content. In some embodiments, the system facilitates this authentication by specifying a verification parameter for a piece of device-unrestricted content.
    Type: Grant
    Filed: September 13, 2012
    Date of Patent: April 12, 2016
    Assignee: APPLE INC.
    Inventors: Augustin J. Farrugia, Gianpaolo Fasoli, Bertrand Mollinier Toublet, Mathieu Ciet
  • Patent number: 9275196
    Abstract: Systems, methods, and other embodiments associated with implementing security functions in a read-only memory (ROM) are described. According to one embodiment, an device includes a read-only memory (ROM) that stores (i) a plurality of security functions and (ii) a mapping of locations of the plurality of security functions in the ROM. The device also includes a processing unit configured to, in response to a request by a process being executed by the processing unit, determine a location in the ROM of a security function using the mapping, and execute the security function for the process from the ROM.
    Type: Grant
    Filed: May 30, 2013
    Date of Patent: March 1, 2016
    Assignee: MARVELL WORLD TRADE Ltd.
    Inventors: Kahraman D. Akdemir, Tolga Nihat Aytek
  • Patent number: 9275006
    Abstract: A method for updating configuration information includes, in a computing device including a processor, memory, and an operating system, initiating an update to at least one configuration setting of the computing device. The update may be downloaded from at least one update data source. The update may include configuration update data and configuration update metadata. The update may be verified by comparing the configuration update metadata with metadata associated with a current version of the at least one configuration setting. The update may be installed if it is verified. The update to the at least one configuration setting may be installed based on an intent from an unsecure component of the computing device. The unsecure component may include content consuming application installed on the device, a component of a computing platform of the device, and/or an update-seeker application installed on the device.
    Type: Grant
    Filed: December 18, 2012
    Date of Patent: March 1, 2016
    Assignee: Google Inc.
    Inventors: Adrian L. Ludwig, Curtis Gerald Condra, IV, Nicholas Neil Kralevich, IV
  • Patent number: 9270672
    Abstract: Provided are a method, a corresponding apparatus and a computer program product for performing a group authentication and key agreement procedure. A method comprises initiating, by a master device in a group of devices, a group authentication and key agreement procedure towards an authentication entity, wherein a shared group key is defined for use in the group authentication and key agreement procedure; performing mutual authentication between the master device and the authentication entity based upon the shared group key; and performing mutual authentication between the authenticated master device and other devices in the group based upon the shared group key for completion of the group authentication and key agreement procedure. With the claimed invention, the impact of the signaling overhead on a network can be significantly decreased without substantive modification to the existing architecture of the network.
    Type: Grant
    Filed: May 26, 2011
    Date of Patent: February 23, 2016
    Assignee: Nokia Technologies Oy
    Inventors: Silke Holtmanns, Da Jiang Zhang
  • Patent number: 9250709
    Abstract: A data entry device including a housing formed of at least two portions, data entry circuitry located within the housing, at least one case-open switch assembly operative to sense when the housing is opened and tamper indication circuitry operative to receive an input from the at least one case-open switch assembly and to provide an output indication of possible tampering with the data entry circuitry located within the housing, the at least one case-open switch assembly including an arrangement of electrical contacts including at least first, second and third contacts and a displaceable conductive element, the tamper indication circuitry and the third contact together being operative such that when the third contact is short circuited to at least one of the first contact, the second contact and another contact, an output indication of possible tampering is provided.
    Type: Grant
    Filed: January 8, 2015
    Date of Patent: February 2, 2016
    Assignee: VERIFONE, INC.
    Inventors: Mehran Mirkazemi-Moud, John Barrowman, Christian Eric Schulz, Arnon Aviv, Amihay Avital, Sergey Meron, Dave Faoro