-
公开(公告)号:US20190036705A1
公开(公告)日:2019-01-31
申请号:US16025403
申请日:2018-07-02
Applicant: ARM IP Limited
Inventor: Milosch Meriac , Brendan James Moran
IPC: H04L9/32
Abstract: A method of authorizing an operation on a remote device with a cryptographic signature verification component, the remote device being operable in a communications network having human-readable messages with message signatures, comprising receiving at an arbitrator an authorization request to perform an operation requiring authorization on the remote device; retrieving from the request an operation identifier and plaintext data; sending a human-readable request with the identifier and the plaintext data to an authorizer; receiving a reply from an authorizer, the reply message comprising at least the plaintext data and a verifiable cryptographic signature identifying the authorizer derived from the request; and on receiving the reply, sending a request to perform the operation to the remote device with an authorization derived from at least the cryptographic signature, the cryptographic signature being suitable for verification by the cryptographic signature verification component on the remote device.
-
公开(公告)号:US20180048648A1
公开(公告)日:2018-02-15
申请号:US15659849
申请日:2017-07-26
Applicant: ARM IP Limited
Inventor: Alessandro Angelino , Milosch Meriac
Abstract: A machine implemented method for protecting a target domain and a source domain from unauthorized accesses. The method comprising: identifying an exit call gateway comprising an exit transition instruction and at least one exit access parameter, said exit access parameters restricting exit from said source domain; identifying an entry call gateway corresponding to said exit call gateway, said entry call gateway comprising a transition instruction and at least one entry access parameter, said entry access parameters restricting access to said target domain; determining that said exit access parameters and said entry access parameters are compatible with each other; and performing a context switch from said source domain to said target domain, when said exit access parameters and said entry access parameters are complied with.
-
公开(公告)号:US11210393B2
公开(公告)日:2021-12-28
申请号:US16303291
申请日:2017-04-06
Applicant: Arm IP Limited
Inventor: Milosch Meriac , Alessandro Angelino
Abstract: A technology for mutually isolating accessors of a shared electronic device from leakage of context data after a context switch comprises: on making the shared electronic device available to the plurality of accessors, establishing a portion of storage as an indicator location for the shared electronic device; when a first accessor requests use of the shared electronic device, writing at least one device-reset-required indicator to the indicator location; on switching context to a new context, after context save, when a second accessor requests use of the shared electronic device, resetting context data of the shared electronic device to a known state and reconciling the first device-reset-required indicator and a second device-reset-required indicator for the new context.
-
公开(公告)号:US11146400B2
公开(公告)日:2021-10-12
申请号:US16820233
申请日:2020-03-16
Applicant: ARM IP Limited , ARM Ltd
Inventor: Geraint David Luff , Brendan James Moran , Milosch Meriac , Manuel Pegourie-Gonnard
IPC: H04L9/32 , H04W4/70 , H04L29/06 , H04W12/10 , H04W12/12 , H04W12/102 , H04W12/106 , H04W12/122 , H04W4/80 , H04W4/06
Abstract: A method for verifying the integrity of data in a message by a data processing device, the message comprising a plurality of packets, the method comprising: receiving, at the device from a first resource, a manifest associated with the message, the manifest comprising a plurality of group check values for the plurality of packets; receiving, at the device, from the first or a different resource, the message; generating a first progression of rolling hashes for the plurality of packets; deriving group check values from the first progression of rolling hashes for groups of the plurality of packets along one or more paths; verifying the integrity of the data in the message based on or in response to a determination that the derived group check values correspond to the plurality of group check values in the manifest.
-
公开(公告)号:US10986074B2
公开(公告)日:2021-04-20
申请号:US15434510
申请日:2017-02-16
Applicant: ARM IP Limited
Inventor: Amyas Edward Wykes Phillips , Milosch Meriac
Abstract: A method of generating wireless communications from a transmit-only device, the method comprising: generating, at the transmit-only device, a first current session key; generating, at the transmit-only device, operational data; generating, at the transmit-only device, crypto-data by performing a cryptographic operation on the operational data using the first current session key; transmitting, from the transmit-only device, a first identifier to enable a resource derive the first current session key; transmitting, from the transmit-only device, the crypto-data.
-
Patent Agency Ranking
公开(公告)号:US10860354B2
公开(公告)日:2020-12-08
申请号:US15304302
申请日:2015-04-20
Applicant: ARM IP LIMITED
Inventor: Milosch Meriac , Hugo John Martin Vincent , James Crosby
Abstract: A data processing system operates in a plurality of modes including a first privilege mode and a second privilege mode with the first privilege mode giving rights of access that are not available in the second privilege mode. Application code executes in the second privilege mode and generates function calls to hypervisor code which executes in the first privilege mode. These function calls are to perform a secure function requiring the rights of access which are only available in the first privilege mode. Scheduling code which executes in the second privilege mode controls scheduling of both the application code and the hypervisor code. Memory protection circuitry operating with physical addresses serves to control access permissions required to access different regions within the memory address space using configuration data which is written by the hypervisor code. The hypervisor code temporarily grants access to different regions within the physical memory address space to the system in the second privilege mode as needed to support the execution of code scheduled by the scheduling code.
-
公开(公告)号:US20200288322A1
公开(公告)日:2020-09-10
申请号:US16820233
申请日:2020-03-16
Applicant: ARM IP Limited , ARM Ltd
Inventor: Geraint David Luff , Brendan James Moran , Milosch Meriac , Manuel Pegourie-Gonnard
Abstract: A method for verifying the integrity of data in a message by a data processing device, the message comprising a plurality of packets, the method comprising: receiving, at the device from a first resource, a manifest associated with the message, the manifest comprising a plurality of group check values for the plurality of packets; receiving, at the device, from the first or a different resource, the message; generating a first progression of rolling hashes for the plurality of packets; deriving group check values from the first progression of rolling hashes for groups of the plurality of packets along one or more paths; verifying the integrity of the data in the message based on or in response to a determination that the derived group check values correspond to the plurality of group check values in the manifest.
-
公开(公告)号:US10732690B2
公开(公告)日:2020-08-04
申请号:US15982560
申请日:2018-05-17
Applicant: Arm IP Limited
Inventor: Niklas Lennart Hauser , Brendan James Moran , Milosch Meriac
IPC: G06F1/3206 , G06F1/28 , G06F8/65 , G01R31/392
Abstract: Broadly speaking, the present techniques provide methods, apparatus and systems for monitoring operation of a device. More particularly, the present techniques provide methods for monitoring operation of a device by observing state transitions which occur during the running of a device process following a firmware update, and either comparing the observed state transitions to a state transition map generated within the device or comparing the observed state transitions to a state transition model in, or associated with, the firmware update.
-
公开(公告)号:US10671730B2
公开(公告)日:2020-06-02
申请号:US15749169
申请日:2016-07-07
Applicant: ARM IP LIMITED
Inventor: Jonathan Austin , Milosch Meriac , Thomas Grocutt , Geraint Luff
Abstract: A machine-implemented method is provided for securing a storage-equipped device against introduction of malicious configuration data into configuration data storage, the method comprising steps of receiving by the device, a trusted signal for modification of the configuration of the device; responsive to the receiving, placing the device into a restricted mode of operation and at least one of deactivating a service and rebooting the device; responsive to the placing the device into the restricted mode of operation and the deactivating or rebooting, permitting configuration data entry into a restricted portion of the configuration data storage. A corresponding device and computer program product are also described.
-
公开(公告)号:US10595207B2
公开(公告)日:2020-03-17
申请号:US15258117
申请日:2016-09-07
Applicant: ARM IP Limited , ARM Ltd
Inventor: Geraint Luff , Brendan Moran , Milosch Meriac , Manuel Pegourie-Gonnard
Abstract: A method for verifying the integrity of data in a message by a data processing device, the message comprising a plurality of packets, the method comprising: receiving, at the device from a first resource, a manifest associated with the message, the manifest comprising a plurality of group check values for the plurality of packets; receiving, at the device, from the first or a different resource, the message; generating a first progression of rolling hashes for the plurality of packets; deriving group check values from the first progression of rolling hashes for groups of the plurality of packets along one or more paths; verifying the integrity of the data in the message based on or in response to a determination that the derived group check values correspond to the plurality of group check values in the manifest.
-
-
-
-
-
-
-
-
-
Search Results
61
records
(took 0.02 seconds)
