-
公开(公告)号:US20250061239A1
公开(公告)日:2025-02-20
申请号:US18234241
申请日:2023-08-15
Applicant: NXP B.V.
Inventor: Lawrence Loren Case , Sheilah Credo Phan
Abstract: Methods and systems for multi-modal security access control for a System on a Chip (SoC) are disclosed herein. In an example embodiment, a method includes providing a secure enclave including a plurality of bus masters and a Sentinel Resource Domain Controller (SRDC), and receiving a request to access a control, asset, or resource. The method further includes assessing a plurality of attributes that include each of: a first attribute that is a privilege mode attribute; a second attribute that concerns an applicability or inapplicability of a Runtime Root of Trust (RROT) mode; a third attribute relating to a bus master type; and a fourth attribute related to a security state. The method additionally includes determining, based upon the attributes, whether the request is granted or denied, and causing the control, asset, or resource to which the request is directed to be accessible or inaccessible based upon the determining.
-
公开(公告)号:US12218963B2
公开(公告)日:2025-02-04
申请号:US17903017
申请日:2022-09-05
Applicant: Richard D'souza
Inventor: Richard D'souza
Abstract: The present invention relates management of security of a computing environment. The method may include; monitoring and learning, through a master computer, a data traffic of the each of the coupled connecting node to alter a security design to speed up the communications; analysing, through the master computer, the data traffic to categorize the each of the coupled connecting node into a first category of node, which is accessed by a human and a second category of node, which is accessed by a bot; utilizing, at the master computer, one or more secured hidden servers for determining a first data communication route to speed up data traffic for the human and a second data communication route to prevent data traffic above a pre-set limit, for the bot.
-
3.发明申请公开(公告)号:US20250005210A1
公开(公告)日:2025-01-02
申请号:US18882401
申请日:2024-09-11
Applicant: BEIJING BEYONDINFO TECHNOLOGY CO., LTD.
Inventor: Hao Zhang , Hua Du , Zhenhe Cai
Abstract: A device and method used for protection against attacks using a HID keyboard or mouse, the device comprising: one or more HID internal interfaces for connecting the HID input interface of the protected device; one or more HID external interfaces for connecting to the external device; a forwarding control module for connecting to the HID internal interface and HID external interface respectively; and protocol analysis module, for performing protocol analysis on the external device connected to the HID external interface to determine whether the external device is a legitimate HID keyboard or mouse device; wherein, the forwarding control module is used to switch the HID internal interface and the HID external on or off to prevent illegal HID keyboard or mouse devices from accessing to the protected device. The present invention can prevent the unauthorized access of HID keyboard or mouse devices from damaging the protected devices.
-
4.发明授权公开(公告)号:US12182580B2
公开(公告)日:2024-12-31
申请号:US18170574
申请日:2023-02-17
Applicant: HUAWEI TECHNOLOGIES CO., LTD.
Inventor: Yutao Li
IPC: G06F9/4401 , G06F13/42 , G06F21/85
Abstract: A method, apparatus and storage medium for starting up peripheral component interconnect express (PCIE) device are provided. According to the method, a basic input/output system (BIOS) attempts to verify firmware of a PCIE device to determine whether the firmware of the PCIE device is tampered with. Moreover, the BIOS may only start up a PCIE device with firmware that succeeds in the verification. Therefore, a computer device is prevented from starting up a PCIE device with firmware that is tampered with, thereby reducing the security risk caused by the PCIE device to the computer device.
-
公开(公告)号:US20240386147A1
公开(公告)日:2024-11-21
申请号:US18198916
申请日:2023-05-18
Applicant: Verzon Patent and Licensing Inc.
Inventor: John M Stokes , Emilia C. Quijano , Manuel E. Caceres
Abstract: One or more computing devices, systems, and/or methods for device authentication for bus communication are provided. Connection of a device to a bus of a host device is detected. Accordingly, a driver is loaded by the host device for communicating with the device over the bus. A bus authentication operation is performed by the host device to determine whether to allow or block the device from further communicating over the bus. The host device (e.g., the driver, an operating system, etc.) attempts to verify authentication information associated with the device. If the authentication information is successfully verified, then the device is allowed to continue communicating over the bus. Otherwise, the device is blocked from communicating over the bus.
-
Patent Agency Ranking
公开(公告)号:US12135831B2
公开(公告)日:2024-11-05
申请号:US17706747
申请日:2022-03-29
Applicant: INTERNATIONAL BUSINESS MACHINES CORPORATION
Inventor: Christopher J Colonna , Pasquale A. Catalano , Michael James Becht , Stephen Robert Guendert
Abstract: An approach for extending encryption to input/output (I/O) on Peripheral Component Interconnect express (PCIe) links. The approach receives a proposal list of available encryption mechanisms. The approach selects an encryption mechanism from the proposal list, the encryption mechanism performs the encryption without encryption services from an associated Host Bus Adapter (HBA). The approach directs the I/O to the encryption mechanism.
-
公开(公告)号:US12135801B2
公开(公告)日:2024-11-05
申请号:US17820628
申请日:2022-08-18
Applicant: Intel Corporation
Inventor: Soham Jayesh Desai , Siddhartha Chhabra , Bin Xing , Pradeep M. Pappachan , Reshma Lal
IPC: G06F21/00 , G06F13/20 , G06F13/28 , G06F21/57 , G06F21/60 , G06F21/62 , G06F21/85 , G09C1/00 , H04L9/32 , H04L9/40 , G06F21/51 , H04L9/06
Abstract: Technologies for trusted I/O include a computing device having a hardware cryptographic agent, a cryptographic engine, and an I/O controller. The hardware cryptographic agent intercepts a message from the I/O controller and identifies boundaries of the message. The message may include multiple DMA transactions, and the start of message is the start of the first DMA transaction. The cryptographic engine encrypts the message and stores the encrypted data in a memory buffer. The cryptographic engine may skip and not encrypt header data starting at the start of message or may read a value from the header to determine the skip length. In some embodiments, the cryptographic agent and the cryptographic engine may be an inline cryptographic engine. In some embodiments, the cryptographic agent may be a channel identifier filter, and the cryptographic engine may be processor-based. Other embodiments are described and claimed.
-
公开(公告)号:US20240362319A1
公开(公告)日:2024-10-31
申请号:US18765561
申请日:2024-07-08
Applicant: Mobileye Vision Technologies Ltd.
Inventor: Eran BEN-AVI , Leonid SMOLYANSKY
CPC classification number: G06F21/51 , G06F21/85 , B60W50/00 , B60W2050/0083 , B60W2420/403 , G06F2221/034 , G06F2221/2143
Abstract: Disclosed embodiments provide systems and methods that can be used as part of or in combination with autonomous navigation, autonomous driving, or driver assist technology features. As opposed to fully autonomous driving, driver assist technology may refer to any suitable technology to assist drivers in the navigation or control of their vehicles. In various embodiments, the system may include one or more cameras mountable in a vehicle and an associated processor that monitors the environment of the vehicle. In further embodiments, additional types of sensors can be mounted in the vehicle and can be used in the autonomous navigation or driver assist systems. These systems and methods may include the use of a shared cache that is shared by a group of processing units to improve analysis of images captured by the one or more cameras.
-
公开(公告)号:US12124619B2
公开(公告)日:2024-10-22
申请号:US17133469
申请日:2020-12-23
Applicant: Intel Corporation
Inventor: Jose Niell , Kiel Boyle , Bradley Burres
CPC classification number: G06F21/78 , G06F21/602 , G06F21/85
Abstract: Methods and apparatus for Virtual Machine (VM) encryption of block storage with end-to-end data integrity protection in a SmartNIC. For a Write operation, the NIC is configured to encrypt a data block, append the encrypted data block with protection information (PI) generated using data in the data block to generate a protected data block and forward the protected data block onto a network or fabric to be delivered to a storage node. For a Read operation, the NIC is configured to receive a protected data block comprising cipher text including encrypted payload data concatenated with an encrypted inner PI and an outer PI, use the inner and outer PIs to perform PI checks, decrypt the cipher text to extract payload data, and forward or write at least the payload to a host. The inner and outer PIs and data formats are compliant with an NVMe specification.
-
10.发明公开公开(公告)号:US20240346186A1
公开(公告)日:2024-10-17
申请号:US18133736
申请日:2023-04-12
Applicant: Dell Products L.P.
Inventor: Gregory W. Lazar
CPC classification number: G06F21/78 , G06F21/602 , G06F21/85
Abstract: A drive subsystem engages in data communication with a storage controller by establishing logic for selectively decrypting data communications based on identification of a controller encryption port as source port in received data communications. Data communications from the storage controller are processed by (1) for data commands, based on a non-encrypting port being identified as the source port, delivering the received data commands without decryption to the target drive, and (2) for a security command containing secret data enabling operation of the target drive, based on the controller encryption port being identified as the source port, decrypting the security command and delivering the decrypted security command to the target drive.
-
-
-
-
-
-
-
-
-
Search Results
1355
records
(took 0.024 seconds)
