公开(公告)号：US20170041290A1

公开(公告)日：2017-02-09

申请号：US15048531

申请日：2016-02-19

Applicant: Samsung Electronics Co., Ltd.

Inventor： Peng NING ,  Stephen E. MCLAUGHLIN ,  Michael C. GRACE ,  Ahmed M. AZAB ,  Rohan BHUTKAR ,  Wenbo SHEN ,  Xun CHEN ,  Yong CHOI ,  Ken CHEN

IPC: H04L29/06 ,  G07C5/08 ,  H04W12/10 ,  G06F13/40 ,  H04L9/32 ,  G07C5/02 ,  G06F13/10

CPC classification number: H04L63/0209 ,  G06F13/102 ,  G06F13/4068 ,  G07C5/008 ,  G07C5/02 ,  G07C5/08 ,  H04L9/3247 ,  H04L63/0823 ,  H04L63/101 ,  H04L67/12 ,  H04W12/08 ,  H04W12/10

Abstract: An apparatus and method of an attachment device for interfacing with an on-board diagnostic system of a vehicle is provided. The device includes an application processor configured to receive input from a terminal, control processing of the input by the on-board diagnostic system, transmit a result of the processing of the input by the on-board diagnostic system to the terminal, and a secure element interposed in the communication path between the application processor and the on-board diagnostic system, the secure element configured to filter the input of an on-board diagnostic operation that is untrusted.

Abstract translation: 提供了一种用于与车载车载诊断系统进行接口的附接装置的装置和方法。 该设备包括：应用处理器，被配置为从终端接收输入，对车载诊断系统的输入进行控制处理，将车载诊断系统的输入处理结果发送到终端;以及安全 插入在应用处理器和车载诊断系统之间的通信路径中的元件，安全元件被配置为过滤不可信任的车载诊断操作的输入。

公开(公告)号：US20160253520A1

公开(公告)日：2016-09-01

申请号：US15054699

申请日：2016-02-26

Applicant: Samsung Electronics Co., Ltd.

Inventor： Kwanghwan MOON ,  Peng NING ,  Ken CHEN ,  Sangwoo RYU ,  SJ OH ,  Sami ORAVA ,  KyungBae PARK

IPC: G06F21/62 ,  G06F9/54 ,  H04L9/08 ,  G06F21/72 ,  G06F21/44

CPC classification number: G06F9/545 ,  G06F21/44 ,  G06F21/602 ,  G06F21/6281 ,  G06F21/72 ,  G06F21/73 ,  H04L9/0819 ,  H04L9/088 ,  H04L9/0894 ,  H04L2209/80

Abstract: An apparatus and a method for encrypting and decrypting data in a device are provided. The apparatus includes a processor and a memory. The processor is configured to transmit a data command from an application to an encryption driver that executes in a kernel space, determine if the application is authenticated to perform the data command based on an access policy, transmit, when the application is authenticated, a first key to a cryptographic library that executes in an application space, and perform the data command based on the first key after receiving a response via the cryptographic library. The first key is stored in an encryption driver in the kernel space and is not available to applications in the application space.

Abstract translation: 提供了一种用于加密和解密设备中的数据的装置和方法。 该装置包括处理器和存储器。 处理器被配置为将数据命令从应用程序发送到在内核空间中执行的加密驱动程序，基于访问策略确定应用程序是否被认证以执行数据命令，当应用程序被认证时，发送第一 在应用空间中执行的加密库的密钥，以及在经由加密库接收到响应之后，基于第一密钥执行数据命令。 第一个密钥存储在内核空间中的加密驱动程序中，不适用于应用程序空间中的应用程序。

公开(公告)号：US20170098070A1

公开(公告)日：2017-04-06

申请号：US15048534

申请日：2016-02-19

Applicant: Samsung Electronics Co., Ltd.

Inventor： Peng NING ,  Stephen E. MCLAUGHLIN ,  Michael C. GRACE ,  Ahmed M. AZAB ,  Rohan BHUTKAR ,  Wenbo SHEN ,  Xun CHEN ,  Yong CHOI ,  Ken CHEN

IPC: G06F21/51 ,  G06F21/60

CPC classification number: G06F21/51 ,  G06F21/57 ,  G06F21/602 ,  G06F21/64 ,  G06F21/85 ,  G06F2221/034 ,  G07C5/0808

Abstract: An apparatus and method of a hardware isolated secure element protecting a plurality of mission critical subsystems are provided. The method includes performing an actuation operation received across an unsecure path that modifies the state of a mission critical subsystem, performing a diagnostic operation received across the unsecure path that requests state information of the mission critical subsystem, storing information used to determine which of the diagnostic operation and the actuation operation received across the unsecure path are performed, and flashing an execution image of an electronic control unit when the execution image of the electronic control unit is received across the unsecure path.

公开(公告)号：US20170083604A1

公开(公告)日：2017-03-23

申请号：US15053250

申请日：2016-02-25

Applicant: Samsung Electronics Co., Ltd.

Inventor： Abdul SYED-EBRAHIM ,  Peng NING ,  Ken CHEN

IPC: G06F17/30

CPC classification number: G06F21/6227 ,  G06F16/245 ,  G06F2221/2107

Abstract: An apparatus and method for operating a relational database (DB) are provided. The method includes determining a sensitivity classification for a column of a table in the DB, performing encryption, using a data encryption key (DEK), of sensitive data when writing the sensitive data to the column determined to be sensitive, performing decryption, using the DEK, of the encrypted sensitive data when reading the sensitive data from the column determined to be sensitive, and performing writing to the column and reading from the column of unencrypted non-sensitive data when the column is determined to be non-sensitive.