公开(公告)号：US10749690B2

公开(公告)日：2020-08-18

申请号：US15858820

申请日：2017-12-29

Applicant: Samsung Electronics, Co. Ltd.

Inventor： Antonios Dimitrios Broumas

IPC: H04L29/06 ,  H04L9/32 ,  H04L9/14 ,  H04L9/00 ,  H04L9/30

Abstract: A method for access control on an electronic device includes the step of generating, by an electronic device, a certificate signed by a keymaster, the electronic device running an operating system, the operating system capable of distinguishing between applications and application processes and providing an execution environment. The method also includes the steps of indicating, by the certificate, an access privilege for an approved accessor and receiving from an application, a request subject to the access privilege indicated by the certificate. The method further includes the steps of identifying the application from which the request subject to the access privilege was received and determining, using the certificate, whether the application is an approved accessor.

公开(公告)号：US10733284B2

公开(公告)日：2020-08-04

申请号：US15287688

申请日：2016-10-06

Applicant: Samsung Electronics Co., Ltd

Inventor： Antonios Dimitrios Broumas ,  Naman R. Patel

IPC: G06F11/30 ,  G06F12/14 ,  G06F21/53 ,  G06F21/44 ,  G06F21/57 ,  H04L9/00 ,  H04L9/32 ,  H04L9/08 ,  G06F21/60 ,  G06F21/74

Abstract: A method and apparatus are provided for secure communication. The method includes binding an isolated environment, of a device, to a secure component. The secure component includes a secure application and data. The method also includes utilizing the isolated environment as an intermediary for communication of the data between the secure application and the device.

公开(公告)号：US09635014B2

公开(公告)日：2017-04-25

申请号：US14586045

申请日：2014-12-30

Applicant: Samsung Electronics Co., Ltd.

Inventor： Balakrishna Venkataraman ,  Antonios Dimitrios Broumas

IPC: H04L29/06 ,  G06F21/57 ,  H04L9/32 ,  G06F21/33 ,  H04L9/08

CPC classification number: H04L63/0823 ,  G06F21/33 ,  G06F21/335 ,  G06F21/57 ,  H04L9/0863 ,  H04L9/0897 ,  H04L9/321 ,  H04L9/3263 ,  H04L63/0272 ,  H04L63/0442 ,  H04L63/0815 ,  H04W12/04 ,  H04W12/06

Abstract: An apparatus and method for storing authentication information on an electronic device are provided. The method includes receiving, by the electronic device, a unique key and a certificate matching the unique key in a secure environment of the electronic device, storing the unique key and the certificate matching the unique key in a secure environment of the electronic device, and wherein at least one of the unique key and the certificate matching the unique key identifies the electronic device.

公开(公告)号：US10178087B2

公开(公告)日：2019-01-08

申请号：US15052131

申请日：2016-02-24

Applicant: Samsung Electronics Co., Ltd.

Inventor： Antonios Dimitrios Broumas ,  An Liu ,  Sia Jeffry Saputra

IPC: H04L29/06 ,  H04W12/08 ,  G06F21/31 ,  H04L9/32 ,  G06F21/83 ,  G06F21/84

Abstract: An apparatus and method for securing a personal identification number (PIN) on a mobile device are provided. The method may include receiving a request for the PIN from a secure element on the mobile device, instantiating a trusted user interface (TUI), collecting the PIN via the TUI, and securely transmitting the PIN from a trusted execution environment (TEE) associated with the TUI to a secure element (SE).

公开(公告)号：US09787648B2

公开(公告)日：2017-10-10

申请号：US14596040

申请日：2015-01-13

Applicant: Samsung Electronics Co., Ltd.

Inventor： Antonios Dimitrios Broumas ,  Pai Peng ,  Geng Chen

IPC: H04L9/32 ,  H04L29/06

CPC classification number: H04L63/0428 ,  H04L9/3228 ,  H04L9/3263 ,  H04L63/08

Abstract: A method includes receiving a challenge from an authentication consumer. The method also includes generating for display a figure associated with an identification, a public certificate, and a private key after receiving the challenge. The figure, the identification, the public certificate, and the private key are stored in a TrustZone (TZ) enriched environment. The method further includes receiving an input identification. The method includes verifying that the input identification matches the identification. The method also includes transmitting the challenge to the authentication consumer in response to verifying that the input identification matches the identification.

公开(公告)号：US20150381369A1

公开(公告)日：2015-12-31

申请号：US14596040

申请日：2015-01-13

Applicant: Samsung Electronics Co., Ltd.

Inventor： Antonios Dimitrios Broumas ,  Pai Peng ,  Ken Chen

IPC: H04L9/32 ,  H04L29/06

CPC classification number: H04L63/0428 ,  H04L9/3228 ,  H04L9/3263 ,  H04L63/08

Abstract: A method includes receiving a challenge from an authentication consumer. The method also includes generating for display a figure associated with an identification, a public certificate, and a private key after receiving the challenge. The figure, the identification, the public certificate, and the private key are stored in a TrustZone (TZ) enriched environment. The method further includes receiving an input identification. The method includes verifying that the input identification matches the identification. The method also includes transmitting the challenge to the authentication consumer in response to verifying that the input identification matches the identification.

Abstract translation: 一种方法包括从认证消费者接收挑战。 该方法还包括在接收到挑战之后生成用于显示与识别，公共证书和私钥相关联的数字。 该图，身份识别，公共证书和私钥存储在丰富的TrustZone（TZ）环境中。 该方法还包括接收输入标识。 该方法包括验证输入识别符合该识别。 该方法还包括响应于验证输入标识符合该标识而将该挑战传送给认证消费者。

公开(公告)号：US20180262344A1

公开(公告)日：2018-09-13

申请号：US15858820

申请日：2017-12-29

Applicant: Samsung Electronics, Co. Ltd.

Inventor： Antonios Dimitrios Broumas

IPC: H04L9/32 ,  H04L9/14 ,  H04L9/30 ,  H04L9/00

Abstract: A method for access control on an electronic device includes the step of generating, by an electronic device, a certificate signed by a keymaster, the electronic device running an operating system, the operating system capable of distinguishing between applications and application processes and providing an execution environment. The method also includes the steps of indicating, by the certificate, an access privilege for an approved accessor and receiving from an application, a request subject to the access privilege indicated by the certificate. The method further includes the steps of identifying the application from which the request subject to the access privilege was received and determining, using the certificate, whether the application is an approved accessor.

公开(公告)号：US10073985B2

公开(公告)日：2018-09-11

申请号：US15051340

申请日：2016-02-23

Applicant: Samsung Electronics Co., Ltd.

Inventor： Antonios Dimitrios Broumas

IPC: G06F21/62 ,  H04L9/08 ,  G06F21/60

CPC classification number: G06F21/6245 ,  G06F21/602 ,  G06F2221/2107 ,  H04L9/0866 ,  H04L9/3231

Abstract: An apparatus and method for securing sensitive data on a mobile device are provided. The method includes receiving an encryption or decryption request for the sensitive data on the mobile device, forwarding a file access request for the sensitive data to a secure environment, instantiating a trusted user interface (TUI), collecting user input via the TUI, generating a key using the collected user input, and encrypting or decrypting the sensitive data on the mobile device.

公开(公告)号：US20180101677A1

公开(公告)日：2018-04-12

申请号：US15287688

申请日：2016-10-06

Applicant: Samsung Electronics Co., Ltd

Inventor： Antonios Dimitrios Broumas ,  Naman R. Patel

IPC: G06F21/53 ,  G06F21/44 ,  G06F21/57 ,  H04L9/00

CPC classification number: G06F21/53 ,  G06F21/44 ,  G06F21/57 ,  G06F21/575 ,  G06F21/606 ,  G06F21/74 ,  H04L9/006 ,  H04L9/0838 ,  H04L9/0869 ,  H04L9/3273

Abstract: A method and apparatus are provided for secure communication. The method includes binding an isolated environment, of a device, to a secure component. The secure component includes a secure application and data. The method also includes utilizing the isolated environment as an intermediary for communication of the data between the secure application and the device.