公开(公告)号：US10791091B1

公开(公告)日：2020-09-29

申请号：US15895897

申请日：2018-02-13

Applicant: Architecture Technology Corporation

Inventor： Clint Sanders ,  Ranga S. Ramanujan ,  Timothy Hartley

IPC: H04L29/06 ,  H04L12/18 ,  H04L12/761

Abstract: Disclosed is a high assurance unified switching device corresponding to a modular, standards-compliant extensible network switch supporting multiple security domains with data isolation of multiple data packets obtained from the multiple security domains. The device may comprise an inner layer router and an outer layer security wrapper (outer layer router). The ports on the outer layer router are configured for different security domains and assigned corresponding key pairs. The ports use the assigned key pairs for encrypting data packets prior to routing and decrypt the data after routing such that there is an isolation of data packets of different security domains. A routed packet arriving at the wrong port cannot be decrypted and therefore is dropped.

公开(公告)号：US10762183B1

公开(公告)日：2020-09-01

申请号：US15866046

申请日：2018-01-09

Applicant: Architecture Technology Corporation

Inventor： Deborah K. Charan ,  Ranga Ramanujan

IPC: G06F21/32 ,  A61B5/0402 ,  G06K9/00

Abstract: In general, the techniques of this disclosure describe a computing device in a secure domain that is configured to receive, via a guard device, an authentication factor from a biometric authentication device in a non-secure domain. The biometric authentication device is in a non-secure domain, and the authentication factor comprises an identifier of a prospective user of the biometric authentication device. The computing device may then determine, based on the received authentication factor, whether the prospective user is a trusted user of the computing device based on the authentication factor. Responsive to determining that the prospective user of the biometric authentication device is the trusted user, the computing device may enable access to one or more applications on the computing device.

公开(公告)号：US20200273357A1

公开(公告)日：2020-08-27

申请号：US16871616

申请日：2020-05-11

Applicant: Architecture Technology Corporation

Inventor： Eric R. Chartier ,  Evan Eaves ,  William Colligan ,  Andrew Murphy

IPC: G08G5/04 ,  G08G5/00 ,  G08G5/06 ,  G08G5/02

Abstract: An automatic, autonomous, and aircraft-centric interference advisory method is executed entirely on a first aircraft operating on a movement area of a runway, the movement are including ramps, taxiways, and runways. The method includes a processor onboard the first aircraft computing a first movement projection for the first aircraft using first aircraft data received at the first aircraft; the processor computing additional second movement projections for multiple second aircraft operating on the movement area of the airport using second data regarding each of the multiple second aircraft; the processor detecting a threat to the first aircraft on approach to a defined intersection of the movement area from any of the multiple second aircraft based on a corresponding second movement projection within a configurable time limit of entry into the defined intersection by the first aircraft; and providing on the first aircraft, a threat advisory for a detected threat.

公开(公告)号：US10726729B1

公开(公告)日：2020-07-28

申请号：US15793304

申请日：2017-10-25

Applicant: Architecture Technology Corporation

Inventor： Evan Eaves ,  William Colligan

IPC: G08G5/00

Abstract: A method for securing flight operations of an unmanned aerial system (UAS) includes a processor receiving a flight operation for a UAS, the flight operation defining a UAS flight profile; and the processor, based on a designation of the flight operation as sensitive, controlling an automatic dependent surveillance-broadcast (ADS-B) transponder on the UAS to broadcast a dummy aircraft identification different from an ICAO-assigned transponder code, and dummy airframe information during at least a portion of the flight operation.

公开(公告)号：US20200233938A1

公开(公告)日：2020-07-23

申请号：US16839728

申请日：2020-04-03

Applicant: Architecture Technology Corporation

Inventor： Joseph Sirianni ,  Matthew Donovan

IPC: G06F21/12 ,  G06F21/60 ,  H04L29/06

Abstract: A method for detecting, identifying, and mitigating advanced persistent threats in a computer network having one or more computers includes a processor in the computer network: receiving a request to access a resource in the computer network; identifying the request as originating from an application executing on the computer network; executing an anomaly operation to determine a behavior of the application is one of anomalous and not anomalous; executing a privilege operation to determine the request is one of permanently allowed and not-permanently allowed; granting access to the resource for both a non-anomalous-behaving application and a permanently allowed request; and generating and displaying, on a graphical user interface of the computer network, and prompt for either an anomalous-behaving application or a not-permanently allowed request.

公开(公告)号：US10715327B1

公开(公告)日：2020-07-14

申请号：US15992924

申请日：2018-05-30

Applicant: Architecture Technology Corporation

Inventor： Ranga S. Ramanujan ,  Deborah K. Charan ,  Barry A. Trent ,  Jordan C. Bonney

IPC: H04L9/00 ,  H04L9/32 ,  H04L29/06

Abstract: Embodiments for a method for issuing a software credential token with reliance on a hardware credential token are disclosed. A data server that allows access thereto via a set of hardware credential tokens is provided. The method includes receiving a request for a software credential token from a personal computing device. The request includes an indication of a hardware credential token upon which the request relies. An email address and a public key corresponding to the hardware credential token are obtained. The method also includes sending an email to the email address. The email includes a one-time password encrypted with the public key. Access to the email is restricted to an individual to which the hardware credential token was issued. The method also includes receiving an inputted password from the personal computing device. If the inputted password matches the one-time password, a software credential token is issued to a user.

公开(公告)号：US10674446B1

公开(公告)日：2020-06-02

申请号：US15973870

申请日：2018-05-08

Applicant: Architecture Technology Corporation

Inventor： Barry A. Trent

IPC: H04M1/00 ,  H04W52/02 ,  H04W4/02

Abstract: Embodiments for a module for scheduling sleep/wake intervals for a first one or more communication devices are disclosed. The module includes a computer readable medium having instructions thereon. The instructions, when executed by one or more processing devices, cause the one or more processing devices to obtain a coverage prediction for the first one or more communication devices. The coverage prediction indicates intervals during which a second one or more communication devices are predicted to be within range of the first one or more communication devices. The instructions also cause the one or more processing devices to generate sleep intervals and wake intervals for the first one or more communication devices based on the coverage predictions.

公开(公告)号：US10664574B1

公开(公告)日：2020-05-26

申请号：US15791258

申请日：2017-10-23

Applicant: Architecture Technology Corporation

Inventor： Judson Powers ,  Paul Nicotera ,  Ryan Marotz

IPC: H04L29/06 ,  G06F21/10 ,  G06F21/44 ,  G06F21/62 ,  G06F21/60

Abstract: In general, the disclosure is directed to data storage within a peer-to-peer network that includes a plurality of computing devices. A first computing device of the peer-to-peer network stores an encrypted file in a data storage component. The first computing device creates file information metadata comprising details of the encrypted file and peer information metadata comprising details of the first computing device. The first computing device updates a file distributed hash table to include the file information metadata and a peer distributed hash table to include the peer information metadata. At least a portion of the file distributed hash table is stored on a first group of one or more computing devices of the plurality of computing devices. Further, at least a portion of the peer distributed hash table is stored on a second group of one or more computing devices of the plurality of computing devices.

公开(公告)号：US10659476B2

公开(公告)日：2020-05-19

申请号：US15262979

申请日：2016-09-12

Applicant: Architecture Technology Corporation

Inventor： Ranga Ramanujan ,  Benjamin L. Burnett

IPC: H04L29/06 ,  H04L12/28

Abstract: This disclosure is directed to monitoring a crypto-partitioned, or cipher-text, wide-area network (WAN). A first computing device may be situated in a plain-text portion of a first enclave behind a first inline network encryptor (INE). A second device may be positioned in a plain-text portion of a second enclave behind a second INE. The two enclaves may be separated by a cipher-text WAN, over which the two enclaved may communicate. The first computing device may receive a data packet from the second computing device. The first computing device may then determine contents of a header of the data packet. The first computing device may, based at least in part on the contents of the header of the data packet, determine a status of the cipher-text WAN.

公开(公告)号：US10609076B1

公开(公告)日：2020-03-31

申请号：US16022531

申请日：2018-06-28

Applicant: Architecture Technology Corporation

Inventor： Timothy Hartley ,  Ranga Ramanujan ,  Jafar Al-Gharaibeh

IPC: H04L29/06 ,  H04L29/08 ,  H04W12/08 ,  H04W12/02 ,  G06F21/53 ,  G06F3/06 ,  G06F21/74 ,  H04L12/26

Abstract: An example method includes receiving an indication of a selection of a first application environment that includes a first virtual environment associated with a first security domain and is configured to isolate execution of software applications within the first application environment, suspending execution of a second application environment that includes a second virtual environment associated with a second security domain different from the first security domain, initiating execution of the first application environment, identifying information associated with the first security domain and provided by the first application environment that is to be sent to an external computing device associated with the first security domain, selecting communication network(s) from one or more communication networks that are each available to the mobile computing device for data communication, encrypting, based on the first security domain and network(s), the information, and sending, to the external computing device via the network(s), the encrypted information.