公开(公告)号：US11366904B2

公开(公告)日：2022-06-21

申请号：US15748788

申请日：2016-08-01

Applicant: ARM IP LIMITED

Inventor： Geraint Luff ,  Thomas Grocutt ,  Milosch Meriac ,  Jonathan Austin

IPC: G06F21/57 ,  G06F21/64 ,  G06F21/74 ,  G06F21/78 ,  H04L41/0859

Abstract: A machine-implemented method for controlling a configuration data item in a storage-equipped device having at least two security domains, comprising receiving, by one of the security domains, a configuration data item; storing the configuration data item; providing a security indication for the configuration data item; and when an event indicates untrustworthiness of the data item, invalidating a configuration effect of the stored configuration data item. Further provided is a machine-implemented method for controlling a storage-equipped device as a node in a network of devices, comprising receiving information that a data source or type of a configuration data item is untrusted; analysing metadata for the data source and the configuration data item; populating a knowledge base with analysed metadata; and responsive to the analysed metadata, transmitting security information to the network of devices. A corresponding device and computer program product are also described.

公开(公告)号：US10122718B2

公开(公告)日：2018-11-06

申请号：US14832428

申请日：2015-08-21

Applicant: ARM IP Limited ,  ARM Limited

Inventor： Milosch Meriac ,  Geraint Luff ,  William Allen Curtis ,  Remy Pottier

IPC: H04W12/02 ,  H04L29/06 ,  H04L29/08

Abstract: In one example, a method includes obtaining, by a data processing device, first secret data associated with a first user and corresponding to a first location of a remote resource. The method further includes generating, using the first secret data, a first uniform resource locator (URL) usable to obtain the first location, and accessing the first location using the first URL. The method further includes obtaining, in response to transfer of usage rights of the data processing device from the first user to a second user, second secret data associated with the second user and corresponding to a second location of the remote resource. The method further includes generating, using the second secret data, a second URL usable to obtain the second location, and accessing the second location using the second URL. The second location is inaccessible via the first URL. The first location is inaccessible via the second URL.

公开(公告)号：US10671730B2

公开(公告)日：2020-06-02

申请号：US15749169

申请日：2016-07-07

Applicant: ARM IP LIMITED

Inventor： Jonathan Austin ,  Milosch Meriac ,  Thomas Grocutt ,  Geraint Luff

IPC: G06F9/44 ,  G06F21/57 ,  G06F21/64 ,  G06F21/74 ,  G06F9/445 ,  G06F21/32

Abstract: A machine-implemented method is provided for securing a storage-equipped device against introduction of malicious configuration data into configuration data storage, the method comprising steps of receiving by the device, a trusted signal for modification of the configuration of the device; responsive to the receiving, placing the device into a restricted mode of operation and at least one of deactivating a service and rebooting the device; responsive to the placing the device into the restricted mode of operation and the deactivating or rebooting, permitting configuration data entry into a restricted portion of the configuration data storage. A corresponding device and computer program product are also described.

公开(公告)号：US10595207B2

公开(公告)日：2020-03-17

申请号：US15258117

申请日：2016-09-07

Applicant: ARM IP Limited ,  ARM Ltd

Inventor： Geraint Luff ,  Brendan Moran ,  Milosch Meriac ,  Manuel Pegourie-Gonnard

IPC: H04L9/32 ,  H04W12/12 ,  H04W4/70 ,  H04W12/10 ,  H04L29/06 ,  H04W4/80 ,  H04W4/06

Abstract: A method for verifying the integrity of data in a message by a data processing device, the message comprising a plurality of packets, the method comprising: receiving, at the device from a first resource, a manifest associated with the message, the manifest comprising a plurality of group check values for the plurality of packets; receiving, at the device, from the first or a different resource, the message; generating a first progression of rolling hashes for the plurality of packets; deriving group check values from the first progression of rolling hashes for groups of the plurality of packets along one or more paths; verifying the integrity of the data in the message based on or in response to a determination that the derived group check values correspond to the plurality of group check values in the manifest.

公开(公告)号：US10735428B2

公开(公告)日：2020-08-04

申请号：US16149796

申请日：2018-10-02

Applicant: ARM IP Limited ,  ARM Limited

Inventor： Milosch Meriac ,  Geraint Luff ,  William Allen Curtis ,  Remy Pottier

IPC: H04L29/06 ,  H04W12/02 ,  H04L29/08

Abstract: In one example, a method includes obtaining, by a data processing device, first secret data associated with a first user and corresponding to a first location of a remote resource. The method further includes generating, using the first secret data, a first uniform resource locator (URL) usable to obtain the first location, and accessing the first location using the first URL. The method further includes obtaining, in response to transfer of usage rights of the data processing device from the first user to a second user, second secret data associated with the second user and corresponding to a second location of the remote resource. The method further includes generating, using the second secret data, a second URL usable to obtain the second location, and accessing the second location using the second URL. The second location is inaccessible via the first URL. The first location is inaccessible via the second URL.

公开(公告)号：US10530586B2

公开(公告)日：2020-01-07

申请号：US15516766

申请日：2015-09-22

Applicant: ARM IP Limited

Inventor： Milosch Meriac ,  Geraint Luff

IPC: H04L29/00 ,  H04L9/32 ,  H04L9/14 ,  H04L9/30 ,  H04L29/06 ,  H04W12/04 ,  H04W12/06

Abstract: A method of generating a shortcut certificate for authenticating a user digital certificate generated by an issuing certification authority; the method comprising: authenticating the digital certificate of the issuing certification authority; creating the shortcut certificate for the digital certificate of the issuing certification authority when the digital certificate of the issuing certification authority is authenticated; wherein the shortcut certificate comprises a signed entry of an authentication of the issuing certification authority.

公开(公告)号：US20190036928A1

公开(公告)日：2019-01-31

申请号：US16149796

申请日：2018-10-02

Applicant: ARM IP Limited ,  ARM Limited

Inventor： Milosch Meriac ,  Geraint Luff ,  William Allen Curtis ,  Remy Pottier

IPC: H04L29/06 ,  H04L29/08 ,  H04W12/02

Abstract: In one example, a method includes obtaining, by a data processing device, first secret data associated with a first user and corresponding to a first location of a remote resource. The method further includes generating, using the first secret data, a first uniform resource locator (URL) usable to obtain the first location, and accessing the first location using the first URL. The method further includes obtaining, in response to transfer of usage rights of the data processing device from the first user to a second user, second secret data associated with the second user and corresponding to a second location of the remote resource. The method further includes generating, using the second secret data, a second URL usable to obtain the second location, and accessing the second location using the second URL. The second location is inaccessible via the first URL. The first location is inaccessible via the second URL.

公开(公告)号：US11218321B2

公开(公告)日：2022-01-04

申请号：US15315659

申请日：2015-05-29

Applicant: ARM IP LIMITED

Inventor： Milosch Meriac ,  Geraint Luff

IPC: H04L9/32 ,  G06F21/62 ,  G06F16/25 ,  G06F16/955 ,  H04L29/08 ,  G16Z99/00 ,  H04L29/06 ,  G06F12/0813 ,  H04L9/14 ,  H04L9/30 ,  G16H10/65 ,  G16H80/00

Abstract: A method of accessing data sent between a remote resource and a data processing device, the method comprising: caching data uploaded from the remote resource or caching data sent to the remote resource at one or more intermediate network nodes between the data processing device and the remote resource; and accessing the cached data stored at the one or more intermediate network nodes.

公开(公告)号：US10902100B2

公开(公告)日：2021-01-26

申请号：US15755064

申请日：2016-07-14

Applicant: ARM IP LIMITED

Inventor： Hugo John Martin Vincent ,  Geraint Luff

IPC: G06F21/30 ,  G06F21/31 ,  G06K9/00 ,  H04W12/06 ,  G06F21/32

Abstract: A method for determining when a device is attached to a user, the method comprising activating an accelerometer provided at the device; activating a vibration motor provided at the device; measuring with the accelerometer vibrations at the device created by the vibration motor; and using the accelerometer measurements to determine whether the device is attached to the user.

公开(公告)号：US10693656B2

公开(公告)日：2020-06-23

申请号：US15532671

申请日：2015-11-30

Applicant: ARM IP Limited

Inventor： Andrew John Pritchard ,  Geraint Luff ,  Milosch Meriac

IPC: H04L29/06 ,  H04L9/32 ,  H04L29/08 ,  H04W4/38 ,  H04L9/06 ,  H04L12/24

Abstract: There is provided a method of scanning for a remote device, the method comprising: generating, at a data processing device, a search input; transforming, at the data processing device, the search input to provide a transformed output, wherein the transformed output is representative of the search input; transmitting, a communication comprising the transformed output from the data processing device to the remote device; receiving, at the data processing a device, a communication from the remote device based on the transformed output.