-
公开(公告)号:US10595207B2
公开(公告)日:2020-03-17
申请号:US15258117
申请日:2016-09-07
Applicant: ARM IP Limited , ARM Ltd
Inventor: Geraint Luff , Brendan Moran , Milosch Meriac , Manuel Pegourie-Gonnard
Abstract: A method for verifying the integrity of data in a message by a data processing device, the message comprising a plurality of packets, the method comprising: receiving, at the device from a first resource, a manifest associated with the message, the manifest comprising a plurality of group check values for the plurality of packets; receiving, at the device, from the first or a different resource, the message; generating a first progression of rolling hashes for the plurality of packets; deriving group check values from the first progression of rolling hashes for groups of the plurality of packets along one or more paths; verifying the integrity of the data in the message based on or in response to a determination that the derived group check values correspond to the plurality of group check values in the manifest.
-
公开(公告)号:US20170070890A1
公开(公告)日:2017-03-09
申请号:US15258117
申请日:2016-09-07
Applicant: ARM IP Limited , ARM Ltd
Inventor: Geraint Luff , Brendan Moran , Milosch Meriac , Manuel Pegourie-Gonnard
Abstract: A method for verifying the integrity of data in a message by a data processing device, the message comprising a plurality of packets, the method comprising: receiving, at the device from a first resource, a manifest associated with the message, the manifest comprising a plurality of group check values for the plurality of packets; receiving, at the device, from the first or a different resource, the message; generating a first progression of rolling hashes for the plurality of packets; deriving group check values from the first progression of rolling hashes for groups of the plurality of packets along one or more paths; verifying the integrity of the data in the message based on or in response to a determination that the derived group check values correspond to the plurality of group check values in the manifest.
Abstract translation: 一种用于由数据处理设备验证消息中的数据的完整性的方法,所述消息包括多个分组,所述方法包括:在所述设备处从所述设备从第一资源接收与所述消息相关联的清单,所述清单包括 多个分组的多个组检查值; 在所述设备处从所述第一或不同资源接收所述消息; 产生用于所述多个分组的滚动哈希的第一进程; 从沿着一个或多个路径的多个分组的组的滚动哈希的第一进程中导出组检查值; 基于或响应于导出的组检查值对应于清单中的多个组检查值的确定来验证消息中的数据的完整性。
-
公开(公告)号:US11366904B2
公开(公告)日:2022-06-21
申请号:US15748788
申请日:2016-08-01
Applicant: ARM IP LIMITED
Inventor: Geraint Luff , Thomas Grocutt , Milosch Meriac , Jonathan Austin
IPC: G06F21/57 , G06F21/64 , G06F21/74 , G06F21/78 , H04L41/0859
Abstract: A machine-implemented method for controlling a configuration data item in a storage-equipped device having at least two security domains, comprising receiving, by one of the security domains, a configuration data item; storing the configuration data item; providing a security indication for the configuration data item; and when an event indicates untrustworthiness of the data item, invalidating a configuration effect of the stored configuration data item. Further provided is a machine-implemented method for controlling a storage-equipped device as a node in a network of devices, comprising receiving information that a data source or type of a configuration data item is untrusted; analysing metadata for the data source and the configuration data item; populating a knowledge base with analysed metadata; and responsive to the analysed metadata, transmitting security information to the network of devices. A corresponding device and computer program product are also described.
-
公开(公告)号:US10122718B2
公开(公告)日:2018-11-06
申请号:US14832428
申请日:2015-08-21
Applicant: ARM IP Limited , ARM Limited
Inventor: Milosch Meriac , Geraint Luff , William Allen Curtis , Remy Pottier
Abstract: In one example, a method includes obtaining, by a data processing device, first secret data associated with a first user and corresponding to a first location of a remote resource. The method further includes generating, using the first secret data, a first uniform resource locator (URL) usable to obtain the first location, and accessing the first location using the first URL. The method further includes obtaining, in response to transfer of usage rights of the data processing device from the first user to a second user, second secret data associated with the second user and corresponding to a second location of the remote resource. The method further includes generating, using the second secret data, a second URL usable to obtain the second location, and accessing the second location using the second URL. The second location is inaccessible via the first URL. The first location is inaccessible via the second URL.
-
公开(公告)号:US10671730B2
公开(公告)日:2020-06-02
申请号:US15749169
申请日:2016-07-07
Applicant: ARM IP LIMITED
Inventor: Jonathan Austin , Milosch Meriac , Thomas Grocutt , Geraint Luff
Abstract: A machine-implemented method is provided for securing a storage-equipped device against introduction of malicious configuration data into configuration data storage, the method comprising steps of receiving by the device, a trusted signal for modification of the configuration of the device; responsive to the receiving, placing the device into a restricted mode of operation and at least one of deactivating a service and rebooting the device; responsive to the placing the device into the restricted mode of operation and the deactivating or rebooting, permitting configuration data entry into a restricted portion of the configuration data storage. A corresponding device and computer program product are also described.
-
Patent Agency Ranking
公开(公告)号:US10735428B2
公开(公告)日:2020-08-04
申请号:US16149796
申请日:2018-10-02
Applicant: ARM IP Limited , ARM Limited
Inventor: Milosch Meriac , Geraint Luff , William Allen Curtis , Remy Pottier
Abstract: In one example, a method includes obtaining, by a data processing device, first secret data associated with a first user and corresponding to a first location of a remote resource. The method further includes generating, using the first secret data, a first uniform resource locator (URL) usable to obtain the first location, and accessing the first location using the first URL. The method further includes obtaining, in response to transfer of usage rights of the data processing device from the first user to a second user, second secret data associated with the second user and corresponding to a second location of the remote resource. The method further includes generating, using the second secret data, a second URL usable to obtain the second location, and accessing the second location using the second URL. The second location is inaccessible via the first URL. The first location is inaccessible via the second URL.
-
公开(公告)号:US10530586B2
公开(公告)日:2020-01-07
申请号:US15516766
申请日:2015-09-22
Applicant: ARM IP Limited
Inventor: Milosch Meriac , Geraint Luff
Abstract: A method of generating a shortcut certificate for authenticating a user digital certificate generated by an issuing certification authority; the method comprising: authenticating the digital certificate of the issuing certification authority; creating the shortcut certificate for the digital certificate of the issuing certification authority when the digital certificate of the issuing certification authority is authenticated; wherein the shortcut certificate comprises a signed entry of an authentication of the issuing certification authority.
-
公开(公告)号:US20190036928A1
公开(公告)日:2019-01-31
申请号:US16149796
申请日:2018-10-02
Applicant: ARM IP Limited , ARM Limited
Inventor: Milosch Meriac , Geraint Luff , William Allen Curtis , Remy Pottier
Abstract: In one example, a method includes obtaining, by a data processing device, first secret data associated with a first user and corresponding to a first location of a remote resource. The method further includes generating, using the first secret data, a first uniform resource locator (URL) usable to obtain the first location, and accessing the first location using the first URL. The method further includes obtaining, in response to transfer of usage rights of the data processing device from the first user to a second user, second secret data associated with the second user and corresponding to a second location of the remote resource. The method further includes generating, using the second secret data, a second URL usable to obtain the second location, and accessing the second location using the second URL. The second location is inaccessible via the first URL. The first location is inaccessible via the second URL.
-
公开(公告)号:US11218321B2
公开(公告)日:2022-01-04
申请号:US15315659
申请日:2015-05-29
Applicant: ARM IP LIMITED
Inventor: Milosch Meriac , Geraint Luff
IPC: H04L9/32 , G06F21/62 , G06F16/25 , G06F16/955 , H04L29/08 , G16Z99/00 , H04L29/06 , G06F12/0813 , H04L9/14 , H04L9/30 , G16H10/65 , G16H80/00
Abstract: A method of accessing data sent between a remote resource and a data processing device, the method comprising: caching data uploaded from the remote resource or caching data sent to the remote resource at one or more intermediate network nodes between the data processing device and the remote resource; and accessing the cached data stored at the one or more intermediate network nodes.
-
公开(公告)号:US10902100B2
公开(公告)日:2021-01-26
申请号:US15755064
申请日:2016-07-14
Applicant: ARM IP LIMITED
Inventor: Hugo John Martin Vincent , Geraint Luff
Abstract: A method for determining when a device is attached to a user, the method comprising activating an accelerometer provided at the device; activating a vibration motor provided at the device; measuring with the accelerometer vibrations at the device created by the vibration motor; and using the accelerometer measurements to determine whether the device is attached to the user.
-
-
-
-
-
-
-
-
-
Search Results
12
records
(took 0.021 seconds)
