公开(公告)号：US10810098B2

公开(公告)日：2020-10-20

申请号：US15749108

申请日：2016-07-29

Applicant: ARM IP Limited

Inventor： Milosch Meriac ,  Thomas Christopher Grocutt ,  Jonathan Michael Austin ,  Geraint David Luff

IPC: G06F11/30 ,  G06F11/34 ,  G06F11/07 ,  G06F21/50 ,  G06F21/56

Abstract: A first processing component samples and lossily accumulates statistical activity data by generating at least one data bucket by segmenting a memory window in a memory and providing a map of the segmented memory window; sampling to detect activity in the data bucket and surjectively populating the map with statistical activity data; and responsive to a trigger, passing at least part of a population of the map to a second processing component. The second processing component receives and stores the at least part of the population of the surjective map, compares it with at least one previously stored map population; and on detecting anomalous patterning, performs an “anomaly detected” action.

公开(公告)号：US10333938B2

公开(公告)日：2019-06-25

申请号：US15001750

申请日：2016-01-20

Applicant: ARM IP Limited ,  ARM Limited

Inventor： Remy Pottier ,  Hugo John Martin Vincent ,  Amyas Edward Wykes Phillips ,  Christopher Mark Paola ,  Milosch Meriac

IPC: H04L29/06

Abstract: A method of creating, at a permissions management resource, access permissions relating to a subject device for at least one data processing device, the method comprising: obtaining, at the permissions management resource, input data; generating, at the permissions management resource, at least one permission relating to accessing the subject device in response to the input data; transmitting, from the permissions management resource to the subject device and/or the at least one processing device, a communication comprising the at least one permission.

公开(公告)号：US20180324146A1

公开(公告)日：2018-11-08

申请号：US15770621

申请日：2016-11-08

Applicant: Arm IP Limited

Inventor： Milosch Meriac

IPC: H04L29/06 ,  H04W4/70 ,  H04W4/80 ,  H04L9/32

CPC classification number: H04L63/0227 ,  H04L9/3213 ,  H04L63/1441 ,  H04W4/00 ,  H04W4/70 ,  H04W4/80

Abstract: Broadly speaking, embodiments of the present technique provide apparatus, systems and methods to enable secure communication between devices. In particular, the present techniques provide an apparatus configured to monitor for a data packet transmitted between a transmitter and a receiver, determine if the data packet is permitted to be transmitted, and act on at least part of the data packet to prevent the receiver from acting on the data packet if it is not permitted to be transmitted. In other words, the present techniques provide/implement security filters in a communication channel between a transmitter and a receiver to reduce the risk that unauthorised data packets are sent to, and implemented by, the receiver device.

公开(公告)号：US10122718B2

公开(公告)日：2018-11-06

申请号：US14832428

申请日：2015-08-21

Applicant: ARM IP Limited ,  ARM Limited

Inventor： Milosch Meriac ,  Geraint Luff ,  William Allen Curtis ,  Remy Pottier

IPC: H04W12/02 ,  H04L29/06 ,  H04L29/08

Abstract: In one example, a method includes obtaining, by a data processing device, first secret data associated with a first user and corresponding to a first location of a remote resource. The method further includes generating, using the first secret data, a first uniform resource locator (URL) usable to obtain the first location, and accessing the first location using the first URL. The method further includes obtaining, in response to transfer of usage rights of the data processing device from the first user to a second user, second secret data associated with the second user and corresponding to a second location of the remote resource. The method further includes generating, using the second secret data, a second URL usable to obtain the second location, and accessing the second location using the second URL. The second location is inaccessible via the first URL. The first location is inaccessible via the second URL.

公开(公告)号：US20180039510A1

公开(公告)日：2018-02-08

申请号：US15653095

申请日：2017-07-18

Applicant: ARM IP Limited

Inventor： Milosch Meriac ,  Alessandro Angelino

IPC: G06F9/48 ,  G06F9/50

CPC classification number: G06F9/4831 ,  G06F9/461 ,  G06F9/5055

Abstract: The machine implemented method for operating at least one electronic system comprises detecting a pattern of use of plural control parameters in a path through a graph of operational context switches to reach a target operational context; storing a representation of the pattern in association with an indicator identifying the target operational context; responsive to detecting at least one of a request for a switch of operation from a source operational context to the target operational context, a trapping on a resource access, and a detection of a breakpoint, retrieving the representation in accordance with the indicator identifying the target operational context; and responsive to the retrieving, applying at least one control parameter to said at least one electronic system to match the pattern.

公开(公告)号：US11194899B2

公开(公告)日：2021-12-07

申请号：US15578387

申请日：2016-05-31

Applicant: Arm IP Limited

Inventor： Alessandro Angelino ,  Milosch Meriac

IPC: G06F21/54 ,  G06F21/74 ,  G06F21/78 ,  G06F21/79 ,  G06F21/51 ,  G06F21/70 ,  G06F21/52 ,  G06F21/50 ,  G06F21/71 ,  G06F8/61 ,  G06F9/455 ,  G06F8/654 ,  G06F21/57

Abstract: A data processing apparatus having a first secure area and a second secure area coupled by a monitor is provided. The monitor applies security credentials to processing circuitry transitioning from the first secure area to the second secure area to enable the processing circuitry to perform functions in the second secure area. A call gateway comprising a transition instruction and access parameters stored in a trusted storage device is used by the monitor to determine when to applying the security credentials to the processing circuitry. The access parameters comprising a target function or a memory location.

公开(公告)号：US20210266308A1

公开(公告)日：2021-08-26

申请号：US17255087

申请日：2019-05-24

Applicant: Arm IP Limited

Inventor： Robert George Taylor ,  Brendan James Moran ,  Milosch Meriac ,  Geraint David Luff

IPC: H04L29/06 ,  H04L9/32

Abstract: Methods for delivering an authenticatable management activity to a group of remote devices in a networked computing environment is described herein. An authenticatable management activity may be any activity which requires internal state changes to be made at a remote device, such as software or firmware updates, system configuration operations, access control list update operations, file transfer operations, changes to user data etc., and which requires an operators approval of the activity before being performed. In addition to an operators approval of the activity, the management activity is required to be signed by an operator, such that the operator authorising the management activity is authenticated.

公开(公告)号：US10956577B2

公开(公告)日：2021-03-23

申请号：US16113241

申请日：2018-08-27

Applicant: Arm IP Limited

Inventor： Alessandro Angelino ,  Milosch Meriac ,  Brendan James Moran

IPC: G06F21/57 ,  G06F21/52 ,  G06F8/65

Abstract: An apparatus and methods are provided to defending device against attacks. When it is determined that a device is under attack, a determination is made as to whether a layout of objects within said at least one resource at said device is protecting said device against said attack. The determination is then transferred to a remote server together with a layout of the resource at the device. When it is determined that the layout of objects within the at least one resource at the device is not protecting the device against the attack, then the layout of the at least one resource is changed. Either the remote server or the device may determine whether to change the layout in response to the attack.

公开(公告)号：US10514903B2

公开(公告)日：2019-12-24

申请号：US15409833

申请日：2017-01-19

Applicant: ARM IP LIMITED

Inventor： James Crosby ,  Hugo John Martin Vincent ,  Milosch Meriac ,  Marcus Chang

IPC: G06F8/654 ,  G06F3/06 ,  G06F8/65 ,  G06F8/656 ,  G06F8/658

Abstract: A data processing device has a processor which executes software directly from non-volatile memory. The processor has a runtime component which dynamically maps software element identifiers specified by the software to corresponding software elements in memory. Mapping information is used to determine which software elements identifiers correspond to which software elements. This provides a level of indirection which can be used to make software updates more efficient, by updating only parts of the software while leaving old parts of the software as they are. Updated software elements can be stored to memory and the mapping information updated to point to the new elements, while existing mappings may be retained.

公开(公告)号：US10459716B2

公开(公告)日：2019-10-29

申请号：US15756129

申请日：2016-08-23

Applicant: Arm IP Limited

Inventor： Brendan Moran ,  Milosch Meriac

IPC: G06F8/65 ,  G06F9/46

Abstract: A machine-implemented method or data processing component for controlling the processing of digital content from plural sources by at least one data processing device comprises receiving at least two digital content manifests at the data processing device; receiving at least one digital content payload at the data processing device; and responsive to the at least two digital content manifests, performing an atomic action using the at least one digital content payload.