专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

WO2016010602A2 APPLICATIONS OF SECURED MEMORY AREAS AND SECURE ENVIRONMENTS IN POLICY-BASED ACCESS CONTROL SYSTEMS FOR MOBILE COMPUTING DEVICES 审中-公开
标题翻译：安全存储区域和安全环境在移动计算设备的基于策略的访问控制系统中的应用
公开(公告)号：WO2016010602A2
公开(公告)日：2016-01-21
申请号：PCT/US2015/027561
申请日：2015-04-24
申请人： SEQUITUR LABS, INC.
发明人： ATTFIELD, Philip , SCHAFFNER, Daniel , HENDRICK, Michael Thomas
IPC分类号： G06F21/30
CPC分类号： H04W12/08 , G06F21/44 , G06F21/57 , G06F21/62 , H04L63/0853 , H04L63/20
摘要： Systems and methods are described for utilizing a secure environment on a mobile computing device for applying policy-based decision management in response to access requests from untrusted areas. A policy decision processor (PDP) within the secure environment provides a policy decision in response to an access query. A decision cache within the secure environment can be used to store policy decisions for faster resolution of access requests. Policy enforcement points (PEPs) are placed between external devices that are trying to access the device and the secured environment, where the PEPs are used to enforce the policy-based decision, and can be located either inside or outside the secure environment. Decision certificates can be formulated using validity information and timestamps, and used for validation policy certificates. Memory in non-secure areas can also be marked (colored) for use in performing trusted operations in order to optimize system resource usage.
摘要翻译：描述了用于在移动计算设备上利用安全环境的系统和方法，用于响应于来自不受信任区域的访问请求而应用基于策略的决策管理。安全环境内的策略决策处理器（PDP）提供响应于访问查询的策略决定。安全环境中的决策缓存可用于存储策略决定以更快地解决访问请求。策略执行点（PEP）放置在试图访问设备的外部设备和安全环境之间，PEP用于执行基于策略的决策，并且可以位于安全环境内部或外部。可以使用有效性信息和时间戳制定决策证书，并用于验证策略证书。非安全区域中的内存也可以被标记（彩色），用于执行信任操作，以优化系统资源的使用。

2. 发明申请

WO2015026389A2 UTILIZATIONS AND APPLICATIONS OF NEAR FIELD COMMUNICATIONS IN MOBILE DEVICE MANAGEMENT AND SECURITY 审中-公开
标题翻译：近场通信在移动设备管理和安全中的应用与应用
公开(公告)号：WO2015026389A2
公开(公告)日：2015-02-26
申请号：PCT/US2013/078004
申请日：2013-12-27
申请人： SEQUITUR LABS, INC. , HENDRICK, Michael Thomas , REED, Mark , SHCAFFNER, Dan , ATTFIELD, Philip , NARVAEZ, Julia , CHENARD, Paul
发明人： HENDRICK, Michael Thomas , REED, Mark , SHCAFFNER, Dan , ATTFIELD, Philip , NARVAEZ, Julia , CHENARD, Paul
CPC分类号： G06F21/629 , G06F21/82 , G06F2221/2111 , G06F2221/2149 , H04L67/125 , H04M1/72577 , H04M2250/04 , H04W4/021 , H04W4/043 , H04W4/14 , H04W4/80 , H04W12/08
摘要： Systems and methods for using Near Field Communications 1 (NFC) m\d other short-range wireless communications technologies in mobile device management and security. Uses of NFC devices of both passive and active types are presented herein, as "policy control points" (PCPs) within a policy-based system for mobile handset management, in situations where granular control of handset capabilities is required. Certain location-based, as well as non-location-specific variants of the invention are presented as examples.
摘要翻译：在移动设备管理和安全性中使用近场通信NFC（近距离无线通信）其他短距离无线通信技术的系统和方法在此呈现被动和主动类型的NFC设备的使用，作为“策略控制点” （PCPs）在基于策略的移动手机管理系统中，在需要精细控制手机功能的情况下。

3. 发明申请

WO2016172237A1 SYSTEM AND METHODS FOR CONTEXT-AWARE AND SITUATION-AWARE SECURE, POLICY-BASED ACCESS CONTROL FOR COMPUTING DEVICES 审中-公开
标题翻译：用于计算设备的基于策略的访问控制的系统和方法
公开(公告)号：WO2016172237A1
公开(公告)日：2016-10-27
申请号：PCT/US2016/028481
申请日：2016-04-20
申请人： SEQUITUR LABS, INC.
发明人： ATTFIELD, Philip , CHENARD, Paul , CURRY, SImon , NARVAEZ, Julia , REED, Mark
IPC分类号： G06F17/00 , H04L29/06
CPC分类号： G06F21/6218 , G06F21/606 , H04L63/20 , H04W4/70 , H04W4/80 , H04W12/08
摘要： A system and methods for context-aware and situation-aware secure, policy-based access control for computing devices. The invention enhances the previously disclosed policy-based control system by adding contextual information to the set of resources by which a policy decision point can adjudicate a query to execute a transaction or to access a secure resource. Policy information points are able to store information collected over time related to resources under the control of the system. The system can further include an analytical processing engine capable of inferring new information from existing information that also can be used by the decision points. The policy information points provide context to the decision. They are also able to consider and include information that is external to the system or detected outside the system itself.
摘要翻译：用于计算设备的上下文感知和情境感知安全的基于策略的访问控制的系统和方法。本发明通过向资源集合添加上下文信息来增强先前公开的基于策略的控制系统，通过该资源集合策略决策点可以裁决执行事务的查询或访问安全资源。政策信息点能够存储在系统控制下与资源相关的信息。该系统还可以包括能够从也可以由决策点使用的现有信息推断新信息的分析处理引擎。政策信息点为决策提供了背景。他们还能够考虑并包括系统外部或系统外部检测到的信息。

4. 发明申请

WO2015095352A1 METHOD AND SYSTEM FOR DYNAMIC RUNTIME SELECTION AND MODIFICATION OF CONDITIONAL EXPRESSIONS IN COMPUTATIONS 审中-公开
标题翻译：动态行为选择与计算中条件表达的修改方法与系统
公开(公告)号：WO2015095352A1
公开(公告)日：2015-06-25
申请号：PCT/US2014/070897
申请日：2014-12-17
申请人： SEQUITUR LABS, INC.
发明人： ATTFIELD, Philip , CHENARD, Paul , CURRY, Simon
IPC分类号： G06F9/00
CPC分类号： G06F21/53 , G06F9/30072 , G06F9/30094 , G06F21/74 , G06F2221/033
摘要： Runtime selection and modification of conditional expressions in a computing system has broad applicability in application areas involving deployments of large numbers of network-connected handsets and other devices, as well as in high availability computing environments and essential computing services. The invention describes the deferred evaluation of conditional statements in a trusted execution context such that the problem of spoofing return code is eliminated. The system allows for any set of relevant attributes to be considered in the conditional evaluation. The executable statements associated with the returned evaluation of the conditional is also dynamic and is selected at runtime.
摘要翻译：计算系统中条件表达式的运行时选择和修改在涉及部署大量网络连接手机和其他设备以及高可用性计算环境和基本计算服务的应用领域具有广泛的适用性。本发明描述了在可信执行上下文中的条件语句的延迟评估，从而消除了欺骗返回码的问题。该系统允许在条件评估中考虑任何一组相关属性。与条件的返回评估相关联的可执行语句也是动态的，并在运行时选择。

5. 发明公开

EP2939347A2 UTILIZATIONS AND APPLICATIONS OF NEAR FIELD COMMUNICATIONS IN MOBILE DEVICE MANAGEMENT AND SECURITY 审中-公开
标题翻译：用途和移动设备管理近场和安全应用
公开(公告)号：EP2939347A2
公开(公告)日：2015-11-04
申请号：EP13892042.6
申请日：2013-12-27
申请人： Sequitur Labs, Inc. , Hendrick, Michael Thomas , Reed, Mark , Schaffner, Dan , Attfield, Philip , Narvaez, Julia , Chenard, Paul
发明人： HENDRICK, Michael Thomas , REED, Mark , SCHAFFNER, Dan , ATTFIELD, Philip , NARVAEZ, Julia , CHENARD, Paul
IPC分类号： H04B5/00
CPC分类号： G06F21/629 , G06F21/82 , G06F2221/2111 , G06F2221/2149 , H04L67/125 , H04M1/72577 , H04M2250/04 , H04W4/021 , H04W4/043 , H04W4/14 , H04W4/80 , H04W12/08
摘要： Systems and methods for using Near Field Communications1 (NFC) m\d other short-range wireless communications technologies in mobile device management and security. Uses of NFC devices of both passive and active types are presented herein, as “policy control points” (PCPs) within a policy-based system for mobile handset management, in situations where granular control of handset capabilities is required. Certain location-based, as well as non-location-specific variants of the invention are presented as examples.

6. 发明申请

WO2016057791A1 POLICY-BASED CONTROL OF ONLINE FINANCIAL TRANSACTIONS 审中-公开
标题翻译：在线财务交易的政策控制
公开(公告)号：WO2016057791A1
公开(公告)日：2016-04-14
申请号：PCT/US2015/054686
申请日：2015-10-08
申请人： SEQUITUR LABS, INC.
发明人： ATTFIELD, Philip
IPC分类号： G06Q40/02
CPC分类号： G06Q20/405 , G06F21/51 , G06Q20/04 , G06Q30/06 , G06Q40/02 , G06Q40/06
摘要： A policy-based control system for on-line financial transactions where transaction requests and associated contextual information is used by a policy-based transaction server to evaluate the allowance or disallowance of a requested transaction. The system is connected to one or more fund resources. A fund usage request, initiated by the requestor, is received by the policy-based transaction server where a set of policy rules that govern the allowance of all transactions associated with that fund resource are used to adjudicate the request. The resulting adjudicated response is transmitted back to the requestor where it is enforced, either allowing the transaction or disallowing the transaction. The policy-based transaction server may use contextual information about the fund usage request to determine allowance.
摘要翻译：用于在线金融交易的基于策略的控制系统，其中交易请求和相关联的上下文信息由基于策略的交易服务器用于评估所请求交易的允许或不允许。该系统连接到一个或多个基金资源。由请求者发起的资金使用请求由基于策略的交易服务器接收，其中管理与该基金资源相关联的所有交易的允许的一组策略规则被用于判定该请求。所得到的裁决响应被传送回执行的请求者，允许交易或不允许交易。基于策略的交易服务器可以使用关于资金使用请求的上下文信息来确定余额。

7. 发明申请

WO2017011051A2 SECURE DATA PROTECTION AND ENCRYPTION TECHNIQUES FOR COMPUTING DEVICES AND INFORMATION STORAGE 审中-公开
标题翻译：用于计算设备和信息存储的安全数据保护和加密技术
公开(公告)号：WO2017011051A2
公开(公告)日：2017-01-19
申请号：PCT/US2016/029144
申请日：2016-04-25
申请人： SEQUITUR LABS, INC.
发明人： ATTFIELD, Philip , DOYLE, Michael , TING, Vincent
IPC分类号： H04L9/18 , G06F21/72
CPC分类号： G06F21/602 , H04L9/0891 , H04L9/0894 , H04L9/14 , H04L9/30 , H04L9/3226 , H04L9/3247 , H04L9/3263 , H04L2209/80
摘要： A system for secure data protection and encryption for computing devices. The present invention includes a fast encryption technique for quickly ensuring that the correct binding parameters are used for an encrypted data file. The encrypted file is used in two ways. Because unsecure data could pass through a peripheral device to gain access to a secure computing environment, a dongle housing encryption and decryption subsystems is placed in between the unsecure sources and the peripheral that can encrypt and decrypt data intended for the secure computing environment. The firmware of the computing device can be updated by dividing the update file into encrypted segments that are verified on the device and placed into non-volatile memory. When all parts have been received, decrypted, and written into memory, the device reboots using the updated firmware.
摘要翻译：
用于计算设备的安全数据保护和加密的系统。本发明包括快速加密技术，用于快速确保将正确的绑定参数用于加密的数据文件。加密文件有两种使用方式。由于不安全的数据可能通过外围设备访问安全计算环境，因此加密和解密子系统的加密狗位于不安全的源和外围设备之间，可以加密和解密用于安全计算环境的数据。计算设备的固件可以通过将更新文件分成在设备上验证并被置于非易失性存储器中的加密段来更新。当所有部件都已收到，解密并写入内存时，设备将使用更新后的固件重新启动。

8. 发明申请

WO2016183504A1 SYSTEM AND METHODS FOR FACILITATING SECURE COMPUTING DEVICE CONTROL AND OPERATION 审中-公开
标题翻译：用于促进安全计算设备控制和操作的系统和方法
公开(公告)号：WO2016183504A1
公开(公告)日：2016-11-17
申请号：PCT/US2016/032502
申请日：2016-05-13
申请人： SEQUITUR LABS, INC.
发明人： ATTFIELD, Philip
IPC分类号： H04L29/06
CPC分类号： H04L63/20 , H04L63/102 , H04L63/123
摘要： A system and methods for facilitating secure computing device control and operation. The invention discloses a framework to supply security and policy-based control to computing applications as a software service. Clients running the framework make requests for services whereby they identify the service needed and its required parameters, encrypt and sign them, and send them to the service handler. The service handler decrypts, checks for policy allowance, and then, if allowed, executes the functions. The handler then encrypts and returns the response to the client. The framework allows for an aggregator that collects service requests for any number of clients and manages the distribution to service handlers and communications back to the clients.
摘要翻译：一种用于促进安全计算设备控制和操作的系统和方法。本发明公开了一种向计算应用提供安全性和基于策略的控制作为软件服务的框架。运行框架的客户端对服务进行请求，从而识别所需的服务及其所需的参数，对其进行加密和签名，并将其发送到服务处理程序。服务处理程序解密，检查策略限制，然后如果允许，执行该功能。然后处理程序对客户端进行加密并返回响应。该框架允许收集任何数量的客户端的服务请求的聚合器，并管理分发给服务处理程序和通信回到客户端。

9. 发明申请

WO2016037048A1 POLICY-MANAGED SECURE CODE EXECUTION AND MESSAGING FOR COMPUTING DEVICES AND COMPUTING DEVICE SECURITY 审中-公开
标题翻译：用于计算设备和计算设备安全的政策管理的安全代码执行和消息传递
公开(公告)号：WO2016037048A1
公开(公告)日：2016-03-10
申请号：PCT/US2015/048526
申请日：2015-09-04
申请人： SEQUITUR LABS, INC.
发明人： ATTFIELD, Philip , SCHAFFNER, Daniel , HENDRICK, Michael Thomas
IPC分类号： G06F17/00
CPC分类号： H04L63/20 , G06F21/53 , G06F21/57 , G06F2221/034 , H04L9/0894 , H04L63/0428 , H04L63/062 , H04L63/10 , H04W12/02
摘要： A system for policy-managed secure code execution and messaging for computing devices where each trusted application is managed independently of others and is not visible to unauthorized inspection or execution. If a file bundle received by the system contains metadata concerning the context of the file or its execution, the metadata is decrypted if necessary. If the file bundle containing the executable code is encrypted, its key is stored in a policy server to await adjudication of the request to execute. If the policy server allows execution of the executable code, the key stored in the policy server is used to decrypt the file bundle and the resulting executable code is stored as a trusted application in secure memory. Future requests to execute the trusted application are adjudicated by the policy server and enforced by the exclusive policy execution point associated with that trusted application in secure memory.
摘要翻译：一种用于策略管理的安全代码执行和消息传递的系统，用于计算设备，其中每个受信任的应用程序都是独立于其他应用程序进行管理，并且对于未经授权的检查或执行是不可见的。如果系统收到的文件包包含有关文件上下文或其执行的元数据，则必要时对元数据进行解密。如果包含可执行代码的文件包被加密，则其密钥存储在策略服务器中以等待执行请求的裁决。如果策略服务器允许执行可执行代码，则存储在策略服务器中的密钥用于解密文件包，并将生成的可执行代码作为可信应用程序存储在安全存储器中。执行可信应用的未来请求由策略服务器判定，并由与安全存储器中的该可信应用相关联的排他性策略执行点强制执行。

10. 发明申请

WO2015157424A1 SYSTEM FOR POLICY-MANAGED SECURE AUTHENTICATION AND SECURE AUTHORIZATION 审中-公开
标题翻译：政策性安全认证和安全授权系统
公开(公告)号：WO2015157424A1
公开(公告)日：2015-10-15
申请号：PCT/US2015/024932
申请日：2015-04-08
申请人： SEQUITUR LABS INC.
发明人： ATTFIELD, Philip , SCHAFFNER, Daniel
IPC分类号： G06F21/31 , G06Q20/20 , G06Q20/40
CPC分类号： G06F21/31 , G06F21/32 , G06F21/35 , G06F21/6245 , G06Q20/20 , G06Q20/40 , G06Q30/0251
摘要： A system for policy-managed, secure authentication and authorization for transactions. The present invention links identification and verification methods and apparatus to a policy-managed system that can control how such devices are utilized under specific scenarios as defined by the policy maker. The system then approves or denies the transaction and may also direct further action if specified in the policy rules. The user identification device and the policy-manager need not be collocated. The resulting system is advantageous because of its increased flexibility in providing secure authorizations where greater control is desired. Also, the processing of these transactions facilitates detailed records that are useful in tracking transactions or to advertisers and merchants wishing to target specific markets for their products.
摘要翻译：用于交易的策略管理，安全认证和授权的系统。本发明将识别和验证方法和装置链接到策略管理系统，该系统可以在策略制定者定义的特定场景下控制如何利用这些设备。然后，系统批准或拒绝交易，如果在策略规则中指定，还可以指导进一步的操作。用户识别装置和策略管理器不需要并置。所得到的系统是有利的，因为其在提供更好的控制的安全授权方面提高了灵活性。此外，这些交易的处理有助于详细记录，用于跟踪交易或希望针对其产品的特定市场的广告客户和商家。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式