-
公开(公告)号:US20220191010A1
公开(公告)日:2022-06-16
申请号:US17432153
申请日:2020-02-14
发明人: Hans Aschauer , Rainer Falk , Christian Peter Feist , Steffen Fries , Aliza Maftun , Hermann Seuschek , Thomas Zeschg
IPC分类号: H04L9/08
摘要: A method for key management in a field-programmable integrated part of an integrated circuit is disclosed herein. According to the method, a hardware configuration for the field-programmable integrated part is loaded into the field-programmable integrated part. The hardware configuration includes a key derivation functionality. Further, using the key derivation functionality, a cryptographic key is derived based on information provided in the field-programmable integrated part.
-
公开(公告)号:US20220150056A1
公开(公告)日:2022-05-12
申请号:US17599780
申请日:2020-03-16
摘要: Provided a method for configuring a security module with at least one derived key, having the following steps: providing a key; deriving a further key from the provided key or from a key previously derived from the provided key, wherein the further key is derived by using an alterable digital fingerprint as key derivation parameter, which is formed on the basis of a measurable current runtime configuration of a runtime environment communicating with the security module.
-
公开(公告)号:US20200233834A1
公开(公告)日:2020-07-23
申请号:US16740562
申请日:2020-01-13
发明人: Rainer Falk , Christian Peter Feist
IPC分类号: G06F15/78 , G06F30/331 , H04L9/32
摘要: Provided is a computer-implemented apparatus for processing data, having a digital chip having at least one part that is reconfigurable by a number N of configuration descriptions, with N≥1, a determined configuration description from the number N for reconfiguring the reconfigurable part, and a providing unit for providing an identifier specific to the determined configuration description by using a number A of derivation parameters comprising the determined configuration description, with A≥1, is proposed, wherein the part reconfigured with the determined configuration description) is set up to perform a cryptographic function on determined data by using the provided specific identifier to generate cryptographically processed data. This allows security-relevant functions to be implemented as configuration descriptions. This has the advantage that the security when processing data in digital chips is increased.
-
公开(公告)号:US11662702B2
公开(公告)日:2023-05-30
申请号:US16954109
申请日:2018-11-15
发明人: Omar Belhachemi , Rainer Falk , Christian Peter Feist , Kai Fischer , Daniela Friedrich , Steffen Fries , Markus Heintel
IPC分类号: G05B19/042 , G05B9/02 , H04L9/00 , H04L9/30
CPC分类号: G05B19/0428 , G05B9/02 , H04L9/002 , H04L9/3066 , G05B2219/36542
摘要: Provided is a method for producing a product by a machine tool, wherein the control information and/or production data of a machine tool, such as a milling machine, injection molding machine, welding robot, laser cutter or 3D printer, is protected or cryptographically encrypted such that unauthorized copying or modifying is prevented, including the steps: producing product by the machine tool taking into consideration control information which controls the production of the product; generating production data by the machine tool during production of the product, wherein the production data describes the production of the product; providing protection information to the machine tool, which indicates which of the production data is to be protected, and defines a protection method for the production data which is protected; and protecting that production data which, according to the protection information, is to be protected, by the protection method defined by the protection information.
-
公开(公告)号:US20220188418A1
公开(公告)日:2022-06-16
申请号:US17438618
申请日:2020-02-25
发明人: Hans Aschauer , Rainer Falk , Christian Peter Feist , Steffen Fries , Aliza Maftun , Hermann Seuschek , Thomas Zeschg
摘要: A method for verifying an execution environment provided by a configurable hardware module, where the execution environment is used for execution of at least one hardware-application, includes receiving a hardware-application 16. The hardware-application includes configuration data describing an instantiation as a hardware-application component on the configurable hardware module. A received hardware-application is instantiated as the hardware-application component in the execution environment. The execution environment of the configurable hardware module that executes the hardware-application component in the respective execution environment is analyzed by an instantiated hardware-application component. The hardware application component communicates with a characterizing unit providing characterizing parameters for the execution environment of the configurable hardware module. The analyzed execution environment of the configurable hardware module is verified as admissible for execution of the hardware-application component if the analyzed execution environment matches the characterizing parameters provided by the characterizing unit.
-
公开(公告)号:US20220159004A1
公开(公告)日:2022-05-19
申请号:US17432562
申请日:2020-02-18
IPC分类号: H04L9/40
摘要: A method for granting access to objects by entities in a computerized system includes: providing an access control list (ACL) specifying for each object access rights to the objects of the computerized system; assigning a capability requirement information to at least one of the objects in the ACL; assigning a capability information to at least one entity of the entities in the computerized system; requesting access to an object by an entity; checking if the requesting entity has an access right in accordance with the ACL; and granting access to the requested object by the requesting entity only when the capability information assigned to the requesting entity matches with the capability requirement information assigned to the requested object. The combination of an ACL based access to files with capabilities improves the security of the system.
-
公开(公告)号:US20210406127A1
公开(公告)日:2021-12-30
申请号:US17352439
申请日:2021-06-21
摘要: Provided is a method for orchestrating a container-based application that is executed on a terminal device, in which implementation information is received in an orchestration slave unit on the terminal device via a communication connection from an orchestration master unit, and the application is configured and/or controlled by the orchestration slave unit based on the implementation information, wherein the received implementation information is additionally saved persistently in a memory unit in the terminal device, and if the communication connection to the orchestration master unit is interrupted, the most recently saved implementation information is retrieved from the orchestration slave unit and the application is configured and/or controlled based on the most recently saved implementation information.
-
公开(公告)号:US12111733B2
公开(公告)日:2024-10-08
申请号:US17352439
申请日:2021-06-21
CPC分类号: G06F11/142 , G06F9/45558 , G06F9/5005 , G06F11/1471 , G06F11/1482 , G06F2009/4557
摘要: Provided is a method for orchestrating a container-based application that is executed on a terminal device, in which implementation information is received in an orchestration slave unit on the terminal device via a communication connection from an orchestration master unit, and the application is configured and/or controlled by the orchestration slave unit based on the implementation information, wherein the received implementation information is additionally saved persistently in a memory unit in the terminal device, and if the communication connection to the orchestration master unit is interrupted, the most recently saved implementation information is retrieved from the orchestration slave unit and the application is configured and/or controlled based on the most recently saved implementation information.
-
公开(公告)号:US11755719B2
公开(公告)日:2023-09-12
申请号:US16956270
申请日:2018-11-14
CPC分类号: G06F21/53 , G06F21/74 , G06F2221/032 , G06F2221/2149
摘要: The following relates to a hardware security module for usage with manufacturing devices and a method for operating the same is provided. The security module includes: a secure element, which is adapted to detect an operating mode of the hardware security module; a first interface which is adapted to receive commands for controlling the hardware security module; a central processing unit for processing application program code in a secure environment; a second interface which is adapted for receiving configuration data, wherein the second interface is activated and deactivated in dependence of the detected operating mode.
-
公开(公告)号:US20230014846A1
公开(公告)日:2023-01-19
申请号:US17786404
申请日:2020-10-22
发明人: Rainer Falk , Christian Peter Feist , Steffen Fries , Axel Pfau , Stefan Pyka , Daniel Schneider , Franz Sperl
IPC分类号: G05B23/02
摘要: Various embodiments of the teachings herein include an integrity monitoring system for runtime integrity monitoring of a control device connected to sensors and/or actuators and comprising an automation device for collecting operating state data of the control device. The system may include an integrity monitoring unit detachably connectable directly to the control device to monitor the integrity status of the control device on the basis of operating state data transferred from the automation device to the integrity monitoring unit.
-
-
-
-
-
-
-
-
-
搜索结果
24 条记录 (耗时 0.016 秒)
