专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20160180093A1 PROVISIONING LOCATION-BASED SECURITY POLICY 有权
标题翻译：提供基于位置的安全政策
公开(公告)号：US20160180093A1
公开(公告)日：2016-06-23
申请号：US14580517
申请日：2014-12-23
申请人： Nathaniel J. Goss , Nathan Heldt-Sheller , Kevin C. Wells , Micah J. Sheller , Sindhu Pandian , Ned M. Smith , Bernard N. Keany
发明人： Nathaniel J. Goss , Nathan Heldt-Sheller , Kevin C. Wells , Micah J. Sheller , Sindhu Pandian , Ned M. Smith , Bernard N. Keany
IPC分类号： G06F21/57
CPC分类号： G06F21/57 , G06F21/31 , G06F21/6218 , G06F21/629 , G06F2221/034 , G06F2221/2105 , G06F2221/2111 , H04L63/107
摘要： In one embodiment, a system comprises: a processor including at least one core to execute instructions; a plurality of sensors, including a first sensor to determine location information regarding a location of the system; and a security engine to apply a security policy to the system. In this embodiment, the security engine includes a policy logic to determine one of a plurality of security policies to apply based at least in part on the location information, where the location information indicates a location different than locations associated with the plurality of security policies. Other embodiments are described and claimed.
摘要翻译：在一个实施例中，系统包括：处理器，其包括执行指令的至少一个核心; 多个传感器，包括用于确定关于系统位置的位置信息的第一传感器; 以及将安全策略应用于系统的安全引擎。在该实施例中，安全引擎包括策略逻辑，用于至少部分地基于位置信息来确定要应用的多个安全策略中的一个，其中位置信息指示与多个安全策略相关联的位置不同的位置。描述和要求保护其他实施例。

2. 发明申请

US20150304736A1 TECHNOLOGIES FOR HARDENING THE SECURITY OF DIGITAL INFORMATION ON CLIENT PLATFORMS 审中-公开
标题翻译：加强客户平台数字信息安全的技术
公开(公告)号：US20150304736A1
公开(公告)日：2015-10-22
申请号：US14127542
申请日：2013-06-04
申请人： Reshma Lal , Jason Martin , Micah J. Sheller , Michael M. Amirfathi , Nathan Heldt-Sheller , Pradeep M. Pappachan
发明人： Reshma Lal , Jason Martin , Micah J. Sheller , Michael M. Amirfathi , Nathan Heldt-Sheller , Pradeep M. Pappachan
IPC分类号： H04N21/647 , H04L9/08
CPC分类号： H04N21/64715 , G06F21/10 , G06F21/72 , H04L9/0816 , H04L2209/24
摘要： Technologies for hardening the security of digital information on a client device are described. In some embodiments, the client device includes a secure processing environment such as a secure enclave, which may be used to protect digital information on a client platform. The secure environment(s) may also protect assets which may be used to access the digital information. Using the secure processing environment(s), the described technologies may protect digital information as it is provided to, stored on, accessed on, and/or processed for display by a client device, even if the client device may be infested with malware or subject to attack by another entity.
摘要翻译：描述了在客户端设备上加强数字信息安全性的技术。在一些实施例中，客户端设备包括诸如安全飞地之类的安全处理环境，其可以用于保护客户端平台上的数字信息。安全环境还可以保护可能用于访问数字信息的资产。使用安全处理环境，所描述的技术可以保护数字信息，因为它被提供给存储，访问和/或处理以供客户端设备显示，即使客户端设备可能被恶意软件或受另一实体的攻击。

3. 发明申请

US20150143118A1 END-TO-END SECURE COMMUNICATION SYSTEM 有权
标题翻译：端到端安全通信系统
公开(公告)号：US20150143118A1
公开(公告)日：2015-05-21
申请号：US14127533
申请日：2013-06-04
申请人： Micah J. Sheller , Reshma Lal , Pradeep M. Pappachan , Krystof C. Zmudzinski
发明人： Micah J. Sheller , Reshma Lal , Pradeep M. Pappachan , Krystof C. Zmudzinski
IPC分类号： H04L29/06 , H04L9/32
CPC分类号： H04L63/0428 , H04L9/14 , H04L9/3223 , H04L63/062 , H04L63/08 , H04L2209/60
摘要： The present disclosure is directed to an end-to-end secure communication system wherein, in addition to encrypting transmissions between clients, communication-related operations occurring within each client may also be secured. Each client may comprise a secure processing environment to process encrypted communication information received from other clients and locally-captured media information for transmission to other clients. The secure processing environment may include resources to decrypt received encrypted communication information and to process the communication information into media information for presentation by the client. The secure processing environment may also operate in reverse to provide locally recorded audio, image, video, etc. to other clients. Encryption protocols may be employed at various stages of information processing in the client to help ensure that information being transferred between the processing resources cannot be read, copied, altered, etc. In one example implementation, a server may manage interaction between clients, provision encryption keys, etc.
摘要翻译：本公开涉及一种端到端安全通信系统，其中除了加密客户端之间的传输之外，还可以确保在每个客户端内发生的与通信相关的操作。每个客户端可以包括用于处理从其他客户端接收的加密通信信息和本地捕获的媒体信息以便传输到其他客户端的安全处理环境。安全处理环境可以包括用于解密所接收的加密通信信息并将通信信息处理成媒体信息以供客户呈现的资源。安全处理环境也可以相反地操作，以向其他客户端提供本地记录的音频，图像，视频等。可以在客户端的信息处理的各个阶段采用加密协议，以帮助确保在处理资源之间传递的信息不能被读取，复制，改变等。在一个示例实现中，服务器可以管理客户端之间的交互，提供加密钥匙等

4. 发明申请

US20140366111A1 CONTINUOUS AUTHENTICATION CONFIDENCE MODULE 有权
标题翻译：连续认证信任模块
公开(公告)号：US20140366111A1
公开(公告)日：2014-12-11
申请号：US13994016
申请日：2013-03-15
申请人： Micah J. Sheller , Conor P. Cahill , Jason Martin , Ned M. Smith , Brandon Baker
发明人： Micah J. Sheller , Conor P. Cahill , Jason Martin , Ned M. Smith , Brandon Baker
IPC分类号： H04L29/06
CPC分类号： H04L63/08 , G06F21/31 , G06F21/316 , G06F2221/2101 , G06F2221/2103 , G06F2221/2139 , H04L63/0861 , H04L67/14 , H04L67/24
摘要： Generally, this disclosure describes a continuous authentication confidence module. A system may include user device including processor circuitry configured to determine presence data; a confidence factor including at least one of a sensor configured to capture sensor input and a system monitoring module configured to monitor activity of the user device; memory configured to store a confidence score and an operating system; and a continuous authentication confidence module configured to determine the confidence score in response to an initial authentication of a specific user, update the confidence score based, at least in part, an expectation of user presence and/or selected presence data, and notify the operating system that the authentication is no longer valid if the updated confidence score is within a tolerance of a session close threshold; the initial authentication configured to open a session, the confidence score configured to indicate a current strength of authentication during the session.
摘要翻译：通常，本公开描述了连续认证置信模块。系统可以包括用户设备，包括被配置为确定存在数据的处理器电路; 包括被配置为捕获传感器输入的传感器中的至少一个的置信因子和被配置为监视用户设备的活动的系统监视模块中的至少一个; 存储器被配置为存储置信度分数和操作系统; 以及连续认证置信模块，被配置为响应于特定用户的初始认证来确定置信度得分，至少部分地基于用户存在和/或选择的存在数据的期望来更新置信度分数，并且通知操作系统，如果更新的置信度分数在会话关闭阈值的容限内，认证不再有效; 所述初始认证被配置为打开会话，所述置信度分数被配置为指示所述会话期间的当前认证强度。

5. 发明申请

US20170085565A1 Maintaining user authenticaitons with common trusted devices 有权
公开(公告)号：US20170085565A1
公开(公告)日：2017-03-23
申请号：US14757769
申请日：2015-12-23
申请人： Micah J. Sheller , Yonghong Huang , Narjala P. Bhasker , Jason Martin , Cory Cornelius
发明人： Micah J. Sheller , Yonghong Huang , Narjala P. Bhasker , Jason Martin , Cory Cornelius
IPC分类号： H04L29/06
CPC分类号： H04L63/0876 , G06F1/163 , G06F3/01 , G06F3/014 , G06F3/017 , G06F21/30 , G06F21/305 , H04L63/0492 , H04L63/0853 , H04W12/06 , H04W12/08
摘要： Various embodiments are generally directed to an apparatus, method, and other techniques to maintain user authentications with common trusted devices. If a user is in possession of a first computing device (e.g., a smartphone), an unlocked state of the first trusted device is maintained if the user is using a nearby trusted device (e.g., a computer) within a certain amount of time. If the first trusted device is in a pocket or other container, a longer span of time is granted to the user to register an on-body state.

6. 发明申请

US20160188853A1 TECHNOLOGIES FOR AUTHENTICATING A USER OF A COMPUTING DEVICE BASED ON AUTHENTICATION CONTEXT STATE 审中-公开
公开(公告)号：US20160188853A1
公开(公告)日：2016-06-30
申请号：US14866950
申请日：2015-09-26
申请人： Ned M. Smith , Nathan Heldt-Sheller , Micah J. Sheller , Kevin C. Wells , Hannah L. Scurfield , Nathaniel J. Goss , Sindhu Pandian , Brad H. Needham
发明人： Ned M. Smith , Nathan Heldt-Sheller , Micah J. Sheller , Kevin C. Wells , Hannah L. Scurfield , Nathaniel J. Goss , Sindhu Pandian , Brad H. Needham
IPC分类号： G06F21/31 , H04W12/06
CPC分类号： G06F21/31 , G06F21/41 , G06F21/53 , G06F21/88 , G06F2221/2105 , G06F2221/2111 , G06F2221/2147 , H04L9/3226 , H04L63/0815 , H04L2209/127 , H04L2209/805 , H04W12/06 , H04W88/02
摘要： Technologies for authenticating a user of a computing device based on an authentication context state includes generating context state outputs indicative of various context states of a mobile computing device based on sensor data generated by sensors of the mobile computing device. An authentication manager of the computing device implements an authentication state machine to authenticate a user of the computing device. The authentication state machine includes a number of authentication states, and each authentication state includes one or more transitions to another authentication state. Each of the transitions is dependent upon a context state output. The computing device may also include a device security manager, which implements a security state machine that includes a number of security states. Transition between security states is dependent upon the present authentication state of the user. The device security manager may implement a different security function in each security state.

7. 发明申请

US20160188848A1 TECHNOLOGIES FOR AUTHENTICATING A USER OF A COMPUTING DEVICE BASED ON AUTHENTICATION CONTEXT STATE 有权
标题翻译：基于认证上下文状态认证计算机设备的用户的技术
公开(公告)号：US20160188848A1
公开(公告)日：2016-06-30
申请号：US14583671
申请日：2014-12-27
申请人： Ned M. Smith , Nathan Heldt-Sheller , Micah J. Sheller , Kevin C. Wells , Hannah L. Scurfield , Nathaniel J. Goss , Sindhu Pandian , Brad H. Needham
发明人： Ned M. Smith , Nathan Heldt-Sheller , Micah J. Sheller , Kevin C. Wells , Hannah L. Scurfield , Nathaniel J. Goss , Sindhu Pandian , Brad H. Needham
IPC分类号： G06F21/31
CPC分类号： G06F21/31 , G06F21/41 , G06F21/53 , G06F21/88 , G06F2221/2105 , G06F2221/2111 , G06F2221/2147 , H04L9/3226 , H04L63/0815 , H04L2209/127 , H04L2209/805 , H04W12/06 , H04W88/02
摘要： Technologies for authenticating a user of a computing device based on an authentication context state includes generating context state outputs indicative of various context states of a mobile computing device based on sensor data generated by sensors of the mobile computing device. An authentication manager of the computing device implements an authentication state machine to authenticate a user of the computing device. The authentication state machine includes a number of authentication states, and each authentication state includes one or more transitions to another authentication state. Each of the transitions is dependent upon a context state output. The computing device may also include a device security manager, which implements a security state machine that includes a number of security states. Transition between security states is dependent upon the present authentication state of the user. The device security manager may implement a different security function in each security state.
摘要翻译：基于认证上下文状态来认证计算设备的用户的技术包括基于由移动计算设备的传感器生成的传感器数据来生成指示移动计算设备的各种上下文状态的上下文状态输出。计算设备的认证管理器实现认证状态机以验证计算设备的用户。认证状态机包括多个认证状态，并且每个认证状态包括到另一认证状态的一个或多个转换。每个转换都取决于上下文状态输出。计算设备还可以包括设备安全管理器，其实现包括多个安全状态的安全状态机。安全状态之间的转换取决于用户当前的认证状态。设备安全管理器可以在每个安全状态下实现不同的安全功能。

8. 发明申请

US20150363582A1 TECHNOLOGIES FOR DETERMINING CONFIDENCE OF USER AUTHENTICATION 有权
标题翻译：用于确定用户认证信心的技术
公开(公告)号：US20150363582A1
公开(公告)日：2015-12-17
申请号：US14583662
申请日：2014-12-27
申请人： Micah J. Sheller , Ned M. Smith , Nathan Heldt-Sheller
发明人： Micah J. Sheller , Ned M. Smith , Nathan Heldt-Sheller
IPC分类号： G06F21/31
CPC分类号： G06F21/31
摘要： Technologies for determining a confidence of user authentication include authenticating a user of a computing device based on a set of authentication factors and a fusion function that fuses the set of authentication factors to generate an authentication result. A false accept rate and a false reject rate of the authentication result is determined, and an authentication confidence for the authentication result is determined. The authentication of the user is performed passively, without interruption or interruption of the user. If the authentication confidence is below a threshold value, an active authentication procedure may be performed.
摘要翻译：用于确定用户认证的置信度的技术包括基于一组认证因素验证计算设备的用户，以及融合功能，该融合功能将认证因子集合到一起以产生认证结果。确定认证结果的错误接受率和错误拒绝率，并且确定认证结果的认证置信度。用户的认证被动地进行，不会中断或中断用户。如果认证信度低于阈值，则可以执行主动认证过程。

9. 发明申请

US20150235024A1 METHODS AND APPARATUS TO FACILITATE SECURE SCREEN INPUT 有权
标题翻译：方法和装置，以便安全屏幕输入
公开(公告)号：US20150235024A1
公开(公告)日：2015-08-20
申请号：US14362399
申请日：2013-12-23
申请人： Bradley W. Corrion , Micah J. Sheller , Jeffrey M. Tripp
发明人： Bradley W. Corrion , Micah J. Sheller , Jeffrey M. Tripp
IPC分类号： G06F21/56 , G06F21/31 , H04L29/06
CPC分类号： G06F21/36 , G06F3/04845 , G06F3/04886 , G06F21/31 , G06F21/552 , G06F21/56 , G06F2221/034 , H04L63/083
摘要： Methods, apparatus, systems and articles of manufacture are disclosed to facilitate secure screen input. An example disclosed system includes a user interface (UI) manager to generate a UI comprising a quantity of ordinal entry points, each one of the quantity of ordinal entry points comprising a repeating selectable pattern, an ordinal sequence generator to generate an initial randomized combination of the quantity of ordinal entry points, the randomized combination stored in a trusted execution environment, and an offset calculator to calculate a password entry value by comparing an offset value and direction value retrieved from the UI with the initial randomized combination of the quantity of ordinal entry points.
摘要翻译：公开了方法，装置，系统和制品以便于安全的屏幕输入。一个示例公开的系统包括用户界面（UI）管理器，用于生成包括一定数量的顺序入口点的UI，每个数量的顺序入口点包括重复的可选择模式，序数序列生成器，用于生成初始随机化组合顺序入口点的数量，存储在可信执行环境中的随机化组合，以及偏移计算器，用于通过将从UI获取的偏移值和方向值与序数量的初始随机组合进行比较来计算密码输入值积分

10. 发明授权

US09600670B2 Provisioning location-based security policy 有权
公开(公告)号：US09600670B2
公开(公告)日：2017-03-21
申请号：US14580517
申请日：2014-12-23
申请人： Nathaniel J. Goss , Nathan Heldt-Sheller , Kevin C. Wells , Micah J. Sheller , Sindhu Pandian , Ned M. Smith , Bernard N. Keany
发明人： Nathaniel J. Goss , Nathan Heldt-Sheller , Kevin C. Wells , Micah J. Sheller , Sindhu Pandian , Ned M. Smith , Bernard N. Keany
IPC分类号： H04L29/06 , G06F21/57 , G06F21/62
CPC分类号： G06F21/57 , G06F21/31 , G06F21/6218 , G06F21/629 , G06F2221/034 , G06F2221/2105 , G06F2221/2111 , H04L63/107
摘要： In one embodiment, a system comprises: a processor including at least one core to execute instructions; a plurality of sensors, including a first sensor to determine location information regarding a location of the system; and a security engine to apply a security policy to the system. In this embodiment, the security engine includes a policy logic to determine one of a plurality of security policies to apply based at least in part on the location information, where the location information indicates a location different than locations associated with the plurality of security policies. Other embodiments are described and claimed.

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式