公开(公告)号：US11050733B2

公开(公告)日：2021-06-29

申请号：US16519383

申请日：2019-07-23

Applicant: ARM IP Limited

Inventor： Amyas Edward Wykes Phillips ,  Milosch Meriac

IPC: H04L29/06 ,  H04W12/069 ,  H04W12/082 ,  H04L9/32 ,  H04W84/18

Abstract: A method for controlling communications between a data processing device in a first network and a target service in a second network via a gateway apparatus, the method comprising: transmitting a request to communicate with the target service from the data processing device to the gateway apparatus; transmitting device credentials from the data processing device to the gateway apparatus, wherein the credentials comprise information relating to the target service; verifying at the gateway apparatus an authentication status of the data processing device based on the device credentials; establishing a communication path between the data processing device and the target service if the authentication status is verified.

公开(公告)号：US10922155B2

公开(公告)日：2021-02-16

申请号：US15525620

申请日：2015-10-28

Applicant: ARM IP Limited

Inventor： Milosch Meriac ,  Geraint David Luff ,  Christopher Mark Paola

IPC: G06F9/54 ,  G06F9/50

Abstract: Methods of communication between a remote resource and a data processing device, the system include storing in a transaction queue a message posted from the remote resource; sending a request to create a guest transaction queue, the guest transaction queue being accessible by both the data processing device and the remote resource; creating the guest transaction queue; reading, by the data processing device, the message from the remote resource; responding, from the data processing device to the remote resource by posting a message to the guest transaction queue; reading, by the remote resource, the message from the data processing device.

公开(公告)号：US10911245B2

公开(公告)日：2021-02-02

申请号：US15549505

申请日：2016-01-25

Applicant: ARM IP Limited ,  ARM LIMITED

Inventor： Remy Pottier ,  Amyas Edward Wykes Phillips ,  Milosch Meriac

IPC: H04L29/06 ,  H04L9/32 ,  H04L9/14 ,  H04L9/30

Abstract: There is disclosed a method of establishing trust between an agent device and a verification apparatus, the method comprising: obtaining, at the agent device, a trust credential, wherein the trust credential relates to an aspect of the agent device and comprises authentication information for identifying at least one party trusted by the verification apparatus and/or device data relating to the agent device; transmitting, from the agent device to the verification apparatus, the trust credential; obtaining, at the verification apparatus, the trust credential; analysing, at the verification apparatus, the trust credential; determining, at the verification apparatus, whether the agent device is trusted based on the analysis; and responsive to determining the agent device is trusted, establishing trust between the agent device and the verification apparatus.

公开(公告)号：US10855474B2

公开(公告)日：2020-12-01

申请号：US16025403

申请日：2018-07-02

Applicant: ARM IP Limited

Inventor： Milosch Meriac ,  Brendan James Moran

IPC: H04L9/32

Abstract: A method of authorizing an operation on a remote device with a cryptographic signature verification component, the remote device being operable in a communications network having human-readable messages with message signatures, comprising receiving at an arbitrator an authorization request to perform an operation requiring authorization on the remote device; retrieving from the request an operation identifier and plaintext data; sending a human-readable request with the identifier and the plaintext data to an authorizer; receiving a reply from an authorizer, the reply message comprising at least the plaintext data and a verifiable cryptographic signature identifying the authorizer derived from the request; and on receiving the reply, sending a request to perform the operation to the remote device with an authorization derived from at least the cryptographic signature, the cryptographic signature being suitable for verification by the cryptographic signature verification component on the remote device.

公开(公告)号：US10757100B2

公开(公告)日：2020-08-25

申请号：US15659849

申请日：2017-07-26

Applicant: ARM IP Limited

Inventor： Alessandro Angelino ,  Milosch Meriac

IPC: H04L29/06 ,  G06F21/60 ,  G06F21/62 ,  G06F21/55 ,  H04L29/12 ,  G06F21/33

Abstract: A machine implemented method for protecting a target domain and a source domain from unauthorized accesses. The method comprising: identifying an exit call gateway comprising an exit transition instruction and at least one exit access parameter, said exit access parameters restricting exit from said source domain; identifying an entry call gateway corresponding to said exit call gateway, said entry call gateway comprising a transition instruction and at least one entry access parameter, said entry access parameters restricting access to said target domain; determining that said exit access parameters and said entry access parameters are compatible with each other; and performing a context switch from said source domain to said target domain, when said exit access parameters and said entry access parameters are complied with.

公开(公告)号：US10742655B2

公开(公告)日：2020-08-11

申请号：US15317805

申请日：2015-05-29

Applicant: ARM IP LIMITED

Inventor： Robert George Taylor ,  Milosch Meriac ,  Andrew John Pritchard ,  Hannes Tschofenig ,  Christopher Mark Paola

IPC: H04L29/06 ,  G06F21/62 ,  G06F21/10

Abstract: Access to a resource controlled by a resource server (6, 8) is provided using a validity token issued by a validation server (4). When a resource request from a user (12) is received at the resource server (6, 8), then the resource server (6, 8) determines if the resource request satisfies a policy. If the resource request satisfies the policy, then access to the resource may be permitted without confirming the validity of the validation token with the validation server (4). Conversely, if the resource request does not satisfy the policy, then validation of the validation token with the validation server (4) is performed before the access requested is permitted.

公开(公告)号：US10693656B2

公开(公告)日：2020-06-23

申请号：US15532671

申请日：2015-11-30

Applicant: ARM IP Limited

Inventor： Andrew John Pritchard ,  Geraint Luff ,  Milosch Meriac

IPC: H04L29/06 ,  H04L9/32 ,  H04L29/08 ,  H04W4/38 ,  H04L9/06 ,  H04L12/24

Abstract: There is provided a method of scanning for a remote device, the method comprising: generating, at a data processing device, a search input; transforming, at the data processing device, the search input to provide a transformed output, wherein the transformed output is representative of the search input; transmitting, a communication comprising the transformed output from the data processing device to the remote device; receiving, at the data processing a device, a communication from the remote device based on the transformed output.

公开(公告)号：US10579418B2

公开(公告)日：2020-03-03

申请号：US15653095

申请日：2017-07-18

Applicant: ARM IP Limited

Inventor： Milosch Meriac ,  Alessandro Angelino

IPC: G06F9/48 ,  G06F9/50

Abstract: The machine implemented method for operating at least one electronic system comprises detecting a pattern of use of plural control parameters in a path through a graph of operational context switches to reach a target operational context; storing a representation of the pattern in association with an indicator identifying the target operational context; responsive to detecting at least one of a request for a switch of operation from a source operational context to the target operational context, a trapping on a resource access, and a detection of a breakpoint, retrieving the representation in accordance with the indicator identifying the target operational context; and responsive to the retrieving, applying at least one control parameter to said at least one electronic system to match the pattern.

公开(公告)号：US10404704B2

公开(公告)日：2019-09-03

申请号：US15509040

申请日：2015-08-18

Applicant: ARM IP Limited

Inventor： Amyas Edward Wykes Phillips ,  Milosch Meriac

IPC: H04L29/06 ,  H04W12/06 ,  H04L9/32 ,  H04W12/08 ,  H04W84/18

Abstract: A method for controlling communications between a data processing device in a first network and a target service in a second network via a gateway apparatus, the method comprising: transmitting a request to communicate with the target service from the data processing device to the gateway apparatus; transmitting device credentials from the data processing device to the gateway apparatus, wherein the credentials comprise information relating to the target service; verifying at the gateway apparatus an authentication status of the data processing device based on the device credentials; establishing a communication path between the data processing device and the target service if the authentication status is verified.

公开(公告)号：US20170257760A1

公开(公告)日：2017-09-07

申请号：US15447729

申请日：2017-03-02

Applicant: ARM IP Limited

Inventor： Brendon James Moran ,  Milosch Meriac ,  Geraint David Luff

IPC: H04W12/06 ,  H04W12/04 ,  H04W4/02

CPC classification number: H04W12/06 ,  H04L63/107 ,  H04L63/18 ,  H04W4/023 ,  H04W4/70 ,  H04W4/80 ,  H04W12/04

Abstract: A machine implemented method of authenticating a communication channel between a first device and a second device by providing proof of proximity between both devices, the method comprising: generating, at the first device, an acoustic authentication signal to be received at the second device via a solid body acoustic coupling established between the first device and the second device thereby providing proof of proximity between both devices and so authenticating the communication channel between the first device and the second device.