公开(公告)号：US20230297679A1

公开(公告)日：2023-09-21

申请号：US18324330

申请日：2023-05-26

Applicant: Analog Devices, Inc.

Inventor： Patrick RIEHL ,  Tze Lei Poo

IPC: G06F21/57 ,  G06F21/62 ,  G06F21/83

CPC classification number: G06F21/57 ,  G06F21/6209 ,  G06F21/6245 ,  G06F21/83 ,  G06F2221/031 ,  G06F2221/0735 ,  G06F2221/0751 ,  G06F2221/2149

Abstract: Herein disclosed are approaches for protecting sensitive information within a fingerprint authentication system that can be snooped and utilized to access the device, secured information, or a secured application. The approaches can utilize encryption keys and hash functions that are unique to the device in which the fingerprint authentication is being performed to protect the sensitive information that can be snooped.

公开(公告)号：US11755747B2

公开(公告)日：2023-09-12

申请号：US17248886

申请日：2021-02-11

Applicant: Meta Platforms Technologies, LLC

Inventor： Sudhir Satpathy ,  Wojciech Stefan Powiertowski ,  Nagendra Gupta Modadugu ,  Neeraj Upasani

IPC: G06F21/60 ,  G06F21/64 ,  G06F21/79 ,  G06F13/28 ,  G06F3/01 ,  G06F15/78

CPC classification number: G06F21/602 ,  G06F3/012 ,  G06F13/28 ,  G06F15/7807 ,  G06F21/64 ,  G06F21/79 ,  G06F2221/0751

Abstract: An example system on a chip (SoC) includes a security processor configured to store a plurality of key-pairs associated with subsystems of the SoC to a key vault; and an encryption engine configured to: determine a first tweak value based on a first sector address of a storage device; encrypt the first tweak value according to the second key of the key-pair associated with a subsystem; encrypt a first portion of the source data according to a first key of the key-pair and the encrypted first tweak value; determine a second tweak value based on a second sector address of the storage device and encrypt the second tweak value according to the second key prior to completing the encryption of the first portion of the source data; and encrypt a second portion of the source data according to the first key and the encrypted second tweak value.

公开(公告)号：US20230252113A1

公开(公告)日：2023-08-10

申请号：US18302262

申请日：2023-04-18

Applicant: Capital One Services, LLC

Inventor： Austin Walters ,  Reza Farivar ,  Galen Rafferty ,  Anh Truong ,  Jeremy Edward Goodsitt ,  Vincent Pham

IPC: G06F21/12 ,  G06F11/10 ,  H03M7/30

CPC classification number: G06F21/125 ,  G06F11/1004 ,  H03M7/3059 ,  G06F2221/0722 ,  G06F2221/0751

Abstract: Systems and methods for redeeming digital files are disclosed. In particular, the systems and methods relate to localized sharing of digital files such that the digital file is degraded when the file is redeemed. The digital file can include a plurality of bits, and bits of the digital file can be removed upon each transfer and/or access of the digital file. When a quantity of bits in the digital file falls below a predetermined threshold, the digital file can be deactivated. The systems can include an application that degrade the digital file. The degradation can include file compression, bitrate reduction, and/or removal of parity bits from the digital file. Security measures, such as private/public encryption keys, are also disclosed herein.

公开(公告)号：US20230237199A1

公开(公告)日：2023-07-27

申请号：US17648630

申请日：2022-01-21

Applicant: Dell Products L.P.

Inventor： Jehuda Shemer ,  Stav Sapir ,  Naor Radami ,  Amihai Savir

IPC: G06F21/64 ,  G06F21/31 ,  G06F21/54 ,  G06F21/60

CPC classification number: G06F21/64 ,  G06F21/31 ,  G06F21/54 ,  G06F21/602 ,  G06F2221/0751

Abstract: One example method includes reading, at an air-gapped system, a code provided by a control system, and the code includes a message containing instructions from the control system to the air-gapped system, checking, by the air-gapped system, the message to determine if the message includes a command executable by the air-gapped system, and when the message identifies a command executable by the air-gapped system, and the command is included in a list of authorized commands, executing, by the air-gapped system, the command.

公开(公告)号：US20230205895A1

公开(公告)日：2023-06-29

申请号：US17565079

申请日：2021-12-29

Applicant: Arm Limited

Inventor： Brendan James MORAN ,  Hanno BECKER

IPC: G06F21/60 ,  G06F21/64 ,  G06F21/57

CPC classification number: G06F21/602 ,  G06F21/64 ,  G06F21/572 ,  G06F2221/0751

Abstract: Aspects of the present disclosure relate to an apparatus comprising interface circuitry to interface with a device that is to be provisioned by the apparatus; and secure enclave circuitry. The secure enclave circuitry is configured to: maintain provisioning data with which the device is to be provisioned; establish a secure connection with the device; perform, with the device and via the secure connection, an attestation process in respect of said provisioning data; and subsequent to successfully completing said attestation process, provisioning the device with the provisioning data, via the secure connection.

公开(公告)号：US20230177181A1

公开(公告)日：2023-06-08

申请号：US17540747

申请日：2021-12-02

Applicant: International Business Machines Corporation

Inventor： Iyengar Sridhar Narayanan ,  AHAMED JALALDEEN SHAHUL HAMID

IPC: G06F21/62 ,  G06F21/60 ,  G06F21/78

CPC classification number: G06F21/6209 ,  G06F21/6263 ,  G06F21/6254 ,  G06F21/602 ,  G06F21/78 ,  G06F2221/0751

Abstract: A system, platform, program product, and/or method for protecting sensitive data including decrypting an incoming message comprising a base message and the sensitive electronic data; removing the sensitive electronic data from the incoming message to create a stripped message; encrypting the sensitive electronic data; storing the encrypted sensitive electronic data in In-Memory Cache; and permitting the stripped message to be further processed without the sensitive electronic data. The system, platform, program product and/or method in an embodiment further includes: retrieving from the In-Memory Cache the encrypted sensitive electronic data; decrypting the encrypted sensitive electronic data retrieved from the In-Memory Cache; and injecting the sensitive electronic data into the stripped message. In a further aspect the system, platform, program product and/or method further includes encrypting the outbound message with the sensitive electronic data and permitting the encrypted outbound message with the sensitive electronic data to reach an external computing system.

公开(公告)号：US20230169190A1

公开(公告)日：2023-06-01

申请号：US18102046

申请日：2023-01-26

Applicant: BANK OF AMERICA CORPORATION

Inventor： Praveen Chakravarthy Yedluri ,  Shyam Acharya

IPC: G06F21/60 ,  G06F21/62 ,  G06F21/31

CPC classification number: G06F21/602 ,  G06F21/6227 ,  G06F21/31 ,  G06F21/604 ,  G06F2221/0751

Abstract: Systems, computer program products, and methods are described herein for implementing enhanced file encryption technique. The present invention is configured to receive a request from a computing device of a user to encrypt a file; encrypt the file using a local file encryption key to generate an encrypted file; transmit, via an encryption engine, a first encryption request to an encryption server to encrypt a first portion of the encrypted file; receive, from the encryption server, an encrypted first portion of the encrypted file based on at least the first encryption request, wherein the first portion of the encrypted file is encrypted by the encryption server using a first file encryption key; append the encrypted first portion of the encryption file with a remaining portion of the encrypted file to generate a final encrypted file; and store the final encrypted file in a data repository.

公开(公告)号：US20230325535A1

公开(公告)日：2023-10-12

申请号：US17717820

申请日：2022-04-11

Applicant: Dell Products L.P.

Inventor： Anurag Sharma ,  Daniel E. Cummins ,  Jason Matthew Young ,  Muzhar S. Khokhar

IPC: G06F21/73 ,  G06F21/60 ,  G06F21/33

CPC classification number: G06F21/73 ,  G06F21/602 ,  G06F21/33 ,  G06F2221/0751

Abstract: A voucher management system receives, from a computing device manufacturer system, an ownership voucher that transfers ownership of a computing device from the computing device manufacturer system to the voucher management system, and a hardware attestation certificate for the computing device, and associates them with the computing device in a voucher management database. When the voucher management system determines that the ownership of the computing device should be transferred to an end user system, it automatically generates second ownership transfer data by signing an end user system public key with a voucher management system private key, provides the second ownership transfer data in the ownership voucher in order to transfer ownership of the computing device from the voucher management system to the end user system, and provides the ownership voucher and the hardware attestation certificate to the end user system.

公开(公告)号：US11775658B2

公开(公告)日：2023-10-03

申请号：US17860003

申请日：2022-07-07

Applicant: Duality Technologies, Inc.

Inventor： Marcelo Blatt ,  Yuriy Polyakov ,  Vinod Vaikuntanathan

IPC: G06F21/60 ,  G06F21/62 ,  H04L9/08 ,  H04L9/00 ,  G06F21/79

CPC classification number: G06F21/602 ,  G06F21/6218 ,  G06F21/79 ,  H04L9/008 ,  H04L9/085 ,  G06F2221/0751

Abstract: A device, system and method for linking encrypted data sets using common encrypted identifiers in encrypted space. A first and second parties' encrypted data sets may include first and second respective encrypted data and associated first and second respective encrypted identifiers. The first and second encrypted identifiers may be converted into a first and second respective sets of a plurality of elemental identifier components. Each of the plurality of elemental identifier components in each component set characterizes a distinct numeric property of the corresponding converted encrypted identifier. The first and second sets of the plurality of elemental identifier components may be composed, component-by-component, to generate a plurality of component-specific results. If the plurality of component-specific results are determined to satisfy a matching criterion indicating that the first and second encrypted identifiers match, the first and second encrypted data associated with the first and second matching encrypted identifiers may be linked.

公开(公告)号：US20230297724A1

公开(公告)日：2023-09-21

申请号：US17828876

申请日：2022-05-31

Applicant: Microsoft Technology Licensing, LLC

Inventor： Brian Stuart PERLMAN ,  Daniel Chavez ZAYAS ,  Eric Phuoc HUANG ,  Marilyn Lai SUN ,  Hung Minh DANG ,  Juanita Jestina BAPTISTE ,  Zakariyah Toyer

IPC: G06F21/73 ,  G06F21/60 ,  H04L9/08

CPC classification number: G06F21/73 ,  G06F21/602 ,  H04L9/0869 ,  G06F2221/0751

Abstract: Embodiments described herein involve building upon a hardware identity of a device and using it to match and detect hardware changes on the device and to identify potential identity mismatches. At initialization, the device also generates a globally-unique identification (GUID) marker that persists across operating system (OS) reinstallations. On the device, there is a periodic routine that detects hardware mismatches by comparing the current identity of the device with a cached version, along with the GUID. Once a change is detected, the device sends a request to a service that stores a hint (e.g., the GUID) for a later secure restoration attempt. A remote service (e.g., a cloud-based service) then attempts to restore the hardware identity of the device upon next check-in via a secure transmission of the updated identity, as well as resolving conflicts in a device record maintained by the remote service.