公开(公告)号：US10922155B2

公开(公告)日：2021-02-16

申请号：US15525620

申请日：2015-10-28

Applicant: ARM IP Limited

Inventor： Milosch Meriac ,  Geraint David Luff ,  Christopher Mark Paola

IPC: G06F9/54 ,  G06F9/50

Abstract: Methods of communication between a remote resource and a data processing device, the system include storing in a transaction queue a message posted from the remote resource; sending a request to create a guest transaction queue, the guest transaction queue being accessible by both the data processing device and the remote resource; creating the guest transaction queue; reading, by the data processing device, the message from the remote resource; responding, from the data processing device to the remote resource by posting a message to the guest transaction queue; reading, by the remote resource, the message from the data processing device.

公开(公告)号：US10911245B2

公开(公告)日：2021-02-02

申请号：US15549505

申请日：2016-01-25

Applicant: ARM IP Limited ,  ARM LIMITED

Inventor： Remy Pottier ,  Amyas Edward Wykes Phillips ,  Milosch Meriac

IPC: H04L29/06 ,  H04L9/32 ,  H04L9/14 ,  H04L9/30

Abstract: There is disclosed a method of establishing trust between an agent device and a verification apparatus, the method comprising: obtaining, at the agent device, a trust credential, wherein the trust credential relates to an aspect of the agent device and comprises authentication information for identifying at least one party trusted by the verification apparatus and/or device data relating to the agent device; transmitting, from the agent device to the verification apparatus, the trust credential; obtaining, at the verification apparatus, the trust credential; analysing, at the verification apparatus, the trust credential; determining, at the verification apparatus, whether the agent device is trusted based on the analysis; and responsive to determining the agent device is trusted, establishing trust between the agent device and the verification apparatus.

公开(公告)号：US10855474B2

公开(公告)日：2020-12-01

申请号：US16025403

申请日：2018-07-02

Applicant: ARM IP Limited

Inventor： Milosch Meriac ,  Brendan James Moran

IPC: H04L9/32

Abstract: A method of authorizing an operation on a remote device with a cryptographic signature verification component, the remote device being operable in a communications network having human-readable messages with message signatures, comprising receiving at an arbitrator an authorization request to perform an operation requiring authorization on the remote device; retrieving from the request an operation identifier and plaintext data; sending a human-readable request with the identifier and the plaintext data to an authorizer; receiving a reply from an authorizer, the reply message comprising at least the plaintext data and a verifiable cryptographic signature identifying the authorizer derived from the request; and on receiving the reply, sending a request to perform the operation to the remote device with an authorization derived from at least the cryptographic signature, the cryptographic signature being suitable for verification by the cryptographic signature verification component on the remote device.

公开(公告)号：US10757100B2

公开(公告)日：2020-08-25

申请号：US15659849

申请日：2017-07-26

Applicant: ARM IP Limited

Inventor： Alessandro Angelino ,  Milosch Meriac

IPC: H04L29/06 ,  G06F21/60 ,  G06F21/62 ,  G06F21/55 ,  H04L29/12 ,  G06F21/33

Abstract: A machine implemented method for protecting a target domain and a source domain from unauthorized accesses. The method comprising: identifying an exit call gateway comprising an exit transition instruction and at least one exit access parameter, said exit access parameters restricting exit from said source domain; identifying an entry call gateway corresponding to said exit call gateway, said entry call gateway comprising a transition instruction and at least one entry access parameter, said entry access parameters restricting access to said target domain; determining that said exit access parameters and said entry access parameters are compatible with each other; and performing a context switch from said source domain to said target domain, when said exit access parameters and said entry access parameters are complied with.

公开(公告)号：US10742655B2

公开(公告)日：2020-08-11

申请号：US15317805

申请日：2015-05-29

Applicant: ARM IP LIMITED

Inventor： Robert George Taylor ,  Milosch Meriac ,  Andrew John Pritchard ,  Hannes Tschofenig ,  Christopher Mark Paola

IPC: H04L29/06 ,  G06F21/62 ,  G06F21/10

Abstract: Access to a resource controlled by a resource server (6, 8) is provided using a validity token issued by a validation server (4). When a resource request from a user (12) is received at the resource server (6, 8), then the resource server (6, 8) determines if the resource request satisfies a policy. If the resource request satisfies the policy, then access to the resource may be permitted without confirming the validity of the validation token with the validation server (4). Conversely, if the resource request does not satisfy the policy, then validation of the validation token with the validation server (4) is performed before the access requested is permitted.

公开(公告)号：US10693656B2

公开(公告)日：2020-06-23

申请号：US15532671

申请日：2015-11-30

Applicant: ARM IP Limited

Inventor： Andrew John Pritchard ,  Geraint Luff ,  Milosch Meriac

IPC: H04L29/06 ,  H04L9/32 ,  H04L29/08 ,  H04W4/38 ,  H04L9/06 ,  H04L12/24

Abstract: There is provided a method of scanning for a remote device, the method comprising: generating, at a data processing device, a search input; transforming, at the data processing device, the search input to provide a transformed output, wherein the transformed output is representative of the search input; transmitting, a communication comprising the transformed output from the data processing device to the remote device; receiving, at the data processing a device, a communication from the remote device based on the transformed output.

公开(公告)号：US10579418B2

公开(公告)日：2020-03-03

申请号：US15653095

申请日：2017-07-18

Applicant: ARM IP Limited

Inventor： Milosch Meriac ,  Alessandro Angelino

IPC: G06F9/48 ,  G06F9/50

Abstract: The machine implemented method for operating at least one electronic system comprises detecting a pattern of use of plural control parameters in a path through a graph of operational context switches to reach a target operational context; storing a representation of the pattern in association with an indicator identifying the target operational context; responsive to detecting at least one of a request for a switch of operation from a source operational context to the target operational context, a trapping on a resource access, and a detection of a breakpoint, retrieving the representation in accordance with the indicator identifying the target operational context; and responsive to the retrieving, applying at least one control parameter to said at least one electronic system to match the pattern.

公开(公告)号：US10404704B2

公开(公告)日：2019-09-03

申请号：US15509040

申请日：2015-08-18

Applicant: ARM IP Limited

Inventor： Amyas Edward Wykes Phillips ,  Milosch Meriac

IPC: H04L29/06 ,  H04W12/06 ,  H04L9/32 ,  H04W12/08 ,  H04W84/18

Abstract: A method for controlling communications between a data processing device in a first network and a target service in a second network via a gateway apparatus, the method comprising: transmitting a request to communicate with the target service from the data processing device to the gateway apparatus; transmitting device credentials from the data processing device to the gateway apparatus, wherein the credentials comprise information relating to the target service; verifying at the gateway apparatus an authentication status of the data processing device based on the device credentials; establishing a communication path between the data processing device and the target service if the authentication status is verified.

公开(公告)号：US20170257760A1

公开(公告)日：2017-09-07

申请号：US15447729

申请日：2017-03-02

Applicant: ARM IP Limited

Inventor： Brendon James Moran ,  Milosch Meriac ,  Geraint David Luff

IPC: H04W12/06 ,  H04W12/04 ,  H04W4/02

CPC classification number: H04W12/06 ,  H04L63/107 ,  H04L63/18 ,  H04W4/023 ,  H04W4/70 ,  H04W4/80 ,  H04W12/04

Abstract: A machine implemented method of authenticating a communication channel between a first device and a second device by providing proof of proximity between both devices, the method comprising: generating, at the first device, an acoustic authentication signal to be received at the second device via a solid body acoustic coupling established between the first device and the second device thereby providing proof of proximity between both devices and so authenticating the communication channel between the first device and the second device.

公开(公告)号：US20170070890A1

公开(公告)日：2017-03-09

申请号：US15258117

申请日：2016-09-07

Applicant: ARM IP Limited ,  ARM Ltd

Inventor： Geraint Luff ,  Brendan Moran ,  Milosch Meriac ,  Manuel Pegourie-Gonnard

IPC: H04W12/12 ,  H04L9/06 ,  H04L29/06 ,  H04L9/32

Abstract: A method for verifying the integrity of data in a message by a data processing device, the message comprising a plurality of packets, the method comprising: receiving, at the device from a first resource, a manifest associated with the message, the manifest comprising a plurality of group check values for the plurality of packets; receiving, at the device, from the first or a different resource, the message; generating a first progression of rolling hashes for the plurality of packets; deriving group check values from the first progression of rolling hashes for groups of the plurality of packets along one or more paths; verifying the integrity of the data in the message based on or in response to a determination that the derived group check values correspond to the plurality of group check values in the manifest.

Abstract translation: 一种用于由数据处理设备验证消息中的数据的完整性的方法，所述消息包括多个分组，所述方法包括：在所述设备处从所述设备从第一资源接收与所述消息相关联的清单，所述清单包括 多个分组的多个组检查值; 在所述设备处从所述第一或不同资源接收所述消息; 产生用于所述多个分组的滚动哈希的第一进程; 从沿着一个或多个路径的多个分组的组的滚动哈希的第一进程中导出组检查值; 基于或响应于导出的组检查值对应于清单中的多个组检查值的确定来验证消息中的数据的完整性。