| Class / Patent application number | Description | Number of patent applications / Date published |
|---|
| 713194000 | Tamper resistant | 43 |
| 20130036314 | Security perimeter - Embodiments of memory devices, computer systems, security apparatus, data handling systems, and the like, and associated methods facilitate security in a system incorporating the concept of a security perimeter which combines cryptographic and physical security. The memory device can comprise a memory operable to store information communicated with a processor, and a logic operable to create at least one cryptographic security perimeter enclosing at least one selected region of the memory and operable to manage information communication between the processor and the at least one selected region of the memory. | 02-07-2013 |
| 20090125729 | Original data circulation method, system, apparatus, and computer readable medium - An original data circulation system for storing or circulating original data which is digital information is provided. The original data circulation system includes an issuer apparatus, a user apparatus and a collector apparatus. The issuer apparatus generates originality information including first information corresponding to the issuer apparatus and second information corresponding to data and sends the originality information. The user apparatus verifies the validity of the source apparatus of the originality information and stores the originality information when the validity is verified. The collector apparatus verifies the validity of the source apparatus of the originality information and processes data corresponding to the second information when the validity is verified. | 05-14-2009 |
| 20090037749 | System and method of tamper-resistant control - A method of tamper-resistant control comprising reading a flag of an electronic device with firmware, the flag indicating a provision enable/disable state of the electronic device and provisioning a management processor of the electronic device to facilitate communications between the management processor and a server in response to reading the flag indicating a provision enable/disable state | 02-05-2009 |
| 20090013197 | Method and Apparatus for Trusted Branded Email - A trusted branded email method and apparatus in one aspect detects branded electronic messages and performs validation before it is sent to a recipient. In another aspect, an electronic messages is branded by embedding branding assets and validation signatures. Algorithms that generate validation signatures are dynamically selected to further strengthen the security aspects. Branding assets are presented to a user using a distinct indicia that represents to the user that the branding assets are secure. | 01-08-2009 |
| 20090150685 | PROGRAM EXECUTION DEVICE - A program execution device capable of protecting a program against unauthorized analysis and alteration is provided. The program execution device includes an execution unit, a first protection unit, and a second protection unit. The execution unit executes a first program and a second program, and is connected with an external device that is capable of controlling the execution. The first protection unit disconnects the execution unit from the external device while the execution unit is executing the first program. The second protection unit protects the first program while the execution unit is executing the second program. | 06-11-2009 |
| 20090282269 | METHODS, SYSTEMS AND COMPUTER PROGRAM PRODUCTS FOR DETECTING TAMPERING OF ELECTRONIC EQUIPMENT BASED ON CONSTRAINED TIME TO OBTAIN COMPUTATIONAL RESULT - Tampering of electronic equipment may be detected by instructing the electronic equipment to perform at least one computational operation at the electronic equipment, such as hashing of at least some of the memory of the electronic equipment, to produce a result. The result is received from the electronic equipment. Tampering of the electronic equipment is detected if the result is not received within a constrained time of the instructing, even if the result is correct. Tampering also may be detected if the result is not correct. | 11-12-2009 |
| 20110010565 | APPARATUS AND METHOD FOR STORING KEY DATA, LIBRARY UNIT, AND STORAGE DEVICE - A key data recording device includes a key data recording medium section which stores key data of the encrypted data; and a reading/writing section which reads and writes the key data from and into the key data recording medium section, which sections are contained in a cartridge casing accommodatable in a library unit. When the cartridge casing is irregularly ejected from the library unit, the key data recorded in the key data recording medium section is deleted. This configuration can enhance the confidentiality of encrypted data because the key data is not leaked even when the recording medium in which key data of the encrypted data is recorded is carried away. | 01-13-2011 |
| 20080288790 | Means and Method of Using Cryptographic Device to Combat Online Institution Identity Theft - Whereas smartcards and similar cryptographic devices may customarily be used to protect against personal identity theft, this invention stores Public Keys of an institution in cryptographic devices issued by the institution to its customers, in order to protect the institution's identity from being stolen. The invention improves the security of electronic business applications using Secure Sockets Layer, Secure E-mail, Object Signing and similar low level electronic business security functions by storing various Public Keys of the institution within the cryptographic device. The invention thereby helps to reduce the likelihood of “ghosting” an institution's web site (where an illegitimate web site seeks to mimic a genuine web site in order to defraud customers), and provides a means to overcome the problem of “phishing” (where illegitimate e-mails purporting to be from the institution are sent to customers in order to elicit personal information). | 11-20-2008 |
| 20080313475 | METHODS AND SYSTEMS FOR TAMPER RESISTANT FILES - Embodiments of the present invention provide a tamper proof file system. In particular, the present invention utilizes a virtual block device that is coupled with a real block device and a private/public key pair. The virtual block device receives the original data and then digitally signs it with the private key. The virtual block device then passes the digitally signed data to the real block device for storage. In order to retrieve or verify the data, the virtual block device may provide the public key and an acknowledgment. The acknowledgment may include a hash of the public key. The virtual block device is configured to discard the private key and to be removed from the system based on a finite lifespan. | 12-18-2008 |
| 20100146304 | EXECUTION DEVICE - A program execution device is a device for executing an application program having at least one class including an execution code created by an object directivity language. The program execution device includes a first execution device having a memory and a processor and a tamper-resistant second execution device having a memory and a processor. When a class is executed, a loader loads an execution code of the class in the memory of the second execution device and loads a portion of the class other than the execution code loaded in the memory of the second execution device, in the memory of the first execution device. | 06-10-2010 |
| 20100138674 | COMPUTER NETWORK - A distributed computer system is disclosed in which computers co-operate with one another by sending messages over a network such as the Internet in order to perform a distributed application. In order to improve the security of such system, each web service involved in the distributed application runs in a separate virtual machine. Furthermore, the virtual machines on a web server dedicated to respective web service instances utilise the same policy enforcement point—running in another virtual machine on the web-server—in order to handle messages for or from the web server. To increase security still further, each virtual machine provides virtual cryptoprocessor functionality which is used in the processing of messages sent in the performance of the distributed application. | 06-03-2010 |
| 20090138731 | Tamper-Resistant Trusted JAVA Virtual Machine And Method Of Using The Same - A trusted Java virtual machine provides a method for supporting tamper-resistant applications, ensuring the integrity of an application and its secrets such as keys. The trusted Java virtual machine verifies the integrity of the Java application, prevents debugging of the Java application, and allows the Java application to securely store and retrieve secrets. The trusted Java virtual machine environment comprises a TrustedDictionary, a TrustedBundle, an optional encryption method for encrypting and decrypting byte codes, and an underlying trusted Java virtual machine. The encrypted TrustedDictionary protects data while the TrustedBundle protects programming code, allowing applications to store secret data and secure counters. The application designer can restrict TrustedBundle access to only those interfaces that the application designer explicitly exports. The open source code may optionally be encrypted. Secrets required by the open source programming code of the application are encrypted in TrustedDictionary. | 05-28-2009 |
| 20090177895 | CONTROLLER FOR CONTROLLING LOGICAL VOLUME-RELATED SETTINGS - A controller carries out a first determination as to whether or not data to be stored in a target logical volume can be used by a plurality of access devices. The controller carries out a second determination as to whether or not the access devices comprise data encryption units respectively when the result of the first determination is affirmative. The controller controls a setting related to the target logical volume for one access device of the plurality of access devices, based on the result of the second determination. | 07-09-2009 |
| 20090199018 | One time settable tamper resistant software repository - An individualized per device initialization of a computing device is unique relative to the initialization of other computing devices. A common initialization program, common to all computing devices of a particular type such as a game console, may be modified to be unique for each computing device. Modification may comprise the application of at least one individualized per device secret, e.g., key, to at least a portion of the common initialization program such as at least one initialization stage. Initialization is tied to one or more device specific identities. In this way, initialization vulnerabilities discovered on a particular device cannot be exploited en masse on other computing devices because each initialization program stored in each computing device is unique. The device specific nature of the initialization program may be extended to other information input to the computing device in order to prevent unauthorized sharing of information with other computing devices. | 08-06-2009 |
| 20090199017 | ONE TIME SETTABLE TAMPER RESISTANT SOFTWARE REPOSITORY - A one-time-settable tamper resistant software repository may be used in any computing system to store system information such as security violations and policies for responding to them. A one-time-settable tamper resistant software repository may be cryptographically signed, encrypted with a per device key and accessible by only the most privileged software executed by a computing device, e.g., hypervisor or operating system kernel. A one-time-settable tamper resistant software repository may be mirrored in RAM for performance. Recordable event fields in a software repository may be one-time-settable without the ability to reset them in a field operation mode whereas they may be resettable in a different mode such as a manufacturing mode. Memory allocated to a one-time-settable tamper resistant software repository may be reset, reclaimed, reassigned, scaled and otherwise flexibly adapted to changing conditions and priorities in the lifespan of a computing device, which may be particularly useful for service-backed consumer devices. | 08-06-2009 |
| 20100275040 | Systems and Methods for Secure Transaction Management and Electronic Rights Protection - The present invention provides systems and methods for secure transaction management and electronic rights protection. Electronic appliances such as computers equipped in accordance with the present invention help to ensure that information is accessed and used only in authorized ways, and maintain the integrity, availability, and/or confidentiality of the information. Such electronic appliances provide a distributed virtual distribution environment (VDE) that may enforce a secure chain of handling and control, for example, to control and/or meter or otherwise monitor use of electronically stored or disseminated information. Such a virtual distribution environment may be used to protect rights of various participants in electronic commerce and other electronic or electronic-facilitated transactions. Distributed and other operating systems, environments and architectures, such as, for example, those using tamper-resistant hardware-based processors, may establish security at each node. These techniques may be used to support an all-electronic information distribution, for example, utilizing the “electronic highway.” | 10-28-2010 |
| 20090259858 | METHOD AND APPARATUS FOR THE SECURE STORAGE OF AUDIO SIGNALS - In one embodiment, a method, system and apparatus for recording audio is provided so that the recording can be authenticated. The system may be implemented as a central server that is accessed via one or more lines for audio communication, or as a stand-alone unit. The system operates by encrypting communicated data (e.g., audio signals), storing the encrypted information, and providing at least one user with a key that can be used to decrypt the stored information. | 10-15-2009 |
| 20100218002 | SECURING COMPUTER LOG FILES - A log file is secured. One implementation involves maintaining a log file including one or more log entries in a storage device connected to a computer, and entering a new log entry by generating a new message authentication code based on a preceding log entry including a preceding message authentication code, and applying the message authentication code to the new log entry. | 08-26-2010 |
| 20100250971 | PRINTER CONSUMABLE COMPRISING INTEGRATED CIRCUIT PROTECTED FROM POWER SUPPLY ATTACKS - A printer consumable includes an integrated circuit for authentication of the consumable. The integrated circuit has a non-volatile memory for storing secret information and an indicator, as well as a detection unit for preventing a power supply attack on the secret information. The detection unit includes a comparator having reference voltage and power supply line inputs; and an output connected into a reset line of the integrated circuit. The output provides a reset signal to first delete, overwrite, or otherwise render unreadable the indicator and then delete, overwrite, or otherwise render unreadable the secret information in the memory when a detection signal is output by the comparator. The reset signal is provided when the power supply voltage drops below a predetermined limit due to a power-down of the integrated circuit. | 09-30-2010 |
| 20100199109 | ABSTRACTING PROGRAMMATIC REPRESENTION OF DATA STORAGE SYSTEMS - Providing for a paradigm shift in block-level abstraction for storage devices is described herein. At a block-level, storage is characterized as a variable size data record, rather than a fixed size sector. In some aspects, the variable size data record can comprise a variable binary key-data pair, for addressing and identifying a variable size block of data, and for dynamically specifying the size of such block in terms of data storage. By changing the key or data values, the location, identity or size of block-level storage can be modified. Data records can be passed to and from the storage device to facilitate operational commands over ranges of such records. Block-level data compression, space management and transactional operations are provided, mitigating a need of higher level systems to characterize underlying data storage for implementation of such operations. | 08-05-2010 |
| 20090287942 | CLOCK ROLL FORWARD DETECTION - Method and apparatus to detect clock roll-forward attacks in a computing device or similar system. This protects against hackers who tamper with the system clock of, for instance, a digital media playback device in order to access a content item which has been rented for a limited time. By detecting clock roll-forward tampering, the present method and system prevent such hackers from accessing the content item outside its authorized rental time period. | 11-19-2009 |
| 20090327763 | Method for Using a Compact Disk as a Smart Key Device - A data processing method accepts a removable storage media, which becomes electrically engaged with a system unit within the data processing system, after which the removable storage media and the hardware security unit mutually authenticate themselves. The removable storage media stores a private key of a first asymmetric cryptographic key pair and a public key of a second asymmetric cryptographic key pair that is associated with the hardware security unit, and the hardware security unit stores a private key of the second asymmetric cryptographic key pair and a public key of the first asymmetric cryptographic key pair that is associated with the removable storage media. In response to successfully performing the mutual authentication operation between the removable storage media and the hardware security unit, the system unit is enabled to invoke cryptographic functions on the hardware security unit while the removable storage media remains engaged with the system unit. | 12-31-2009 |
| 20090327762 | Methods and Systems for Secure Encryption of Data - Provided is a data acquisition module. The data acquisition module includes a memory and a controller. The controller includes an encryption module configured to encrypt information written to the memory using a key included in the controller. The key is unique to the controller. | 12-31-2009 |
| 20090249085 | Security module and personalization method for such a security module - This invention relates to a security module comprising a microprocessor, a program memory containing at least one operating program and unique identification means of said module. This security module is characterized in that the identification means are constituted by a set of unique and artificial computer codes, compatible with their execution by said microprocessor of the module and stored in the program memory. | 10-01-2009 |
| 20090106563 | TAMPER REACTIVE MEMORY DEVICE TO SECURE DATA FROM TAMPER ATTACKS - Systems and methods that can facilitate securing data associated with a memory from tampering are presented. A counter tamper component can detect tamper attacks or tamper attempts associated with a memory and/or data stored therein or associated therewith and reacts to such tamper attacks/attempts, as the counter tamper component can provide evidence of, provide a response to, and/or resist tamper attacks/attempts. The counter tamper component can be associated with a memory module that includes a memory device(s) module and is contained in an electronic device and the memory module can change a color state to provide evidence of tampering. A window component is positioned on the casing of the electronic device so that the memory module is visible to the user so the user can perceive that a tamper attack associated with the module has occurred. | 04-23-2009 |
| 20100332855 | Method and Memory Device for Performing an Operation on Data - A method and memory device for implementing long operations and supporting multiple streams are provided. In one embodiment, a memory device receives data and a command from a host to perform an operation on the data, wherein a time required for the memory device to complete the operation exceeds a maximum response time for the memory device to respond to the command. The memory device begins performing the operation on the data and, before exceeding the maximum response time and before completing the operation, sends the context of the operation to the host. At a later time, the memory device receives from the host: (i) a command to resume performing the operation and (ii) the context. The memory device then resumes performing the operation on the data based on the context received from the host. | 12-30-2010 |
| 20110113261 | TAMPER RESISTANT APPARATUS FOR A STORAGE DEVICE - In various embodiments, an apparatus includes a processor, a read only memory communicatively coupled to the processor, and a visibility port associated with the apparatus. The visibility port provides information about the processor and the read only memory to the port, with the read only memory including at least a portion of cryptographic information. A visibility port disabler masks the visibility port during cryptographic operations of the processor. | 05-12-2011 |
| 20100131776 | SCALABLE AND EXTENSIBLE SECURE RENDERING OF DIGITAL CONTENT - A number of digital content rendering modules are equipped such that selective subsets of the modules may be employed to render digital content of different media, and of different format types. The modules are organized into a hierarchy, with a selected one occupying a root position of the hierarchy, to exclusively receive the digital contents to be rendered, and that each module is further responsible for verifying the integrity of its immediate downstream modules, to collectively protect the digital contents being rendered. Additionally, in accordance with another aspect, a tamper resistant module is employed to recover digital contents provided in a protected state, obfuscating the recovery. Further, the modules may be of different application domains. | 05-27-2010 |
| 20100058077 | CONFIDENTIAL INFORMATION MEMORY APPARATUS, ERASING METHOD OF CONFIDENTIAL INFORMATION, AND ERASING PROGRAM OF CONFIDENTIAL INFORMATION - A tamper resistant apparatus | 03-04-2010 |
| 20110072279 | DEVICE AND METHOD FOR SECURELY STORING DATA - Devices and methods for securely storing data are provided. A device for constructing an encryption key comprising a tamper-protection barrier that encloses one or more memory devices is provided. The memory stores data for constructing the encryption key. The memory may include a single memory device or a plurality of memory devices. The tamper-protection barrier also encloses a security processor configured to combine the data stored in the memory based in part on a function, such as a logical exclusive-or (XOR) function, to construct the encryption key. The stored data in the memory may include partial keys. These partial keys may be created based in part on applying the XOR function to an encryption key. | 03-24-2011 |
| 20110060922 | LICENSE MANAGEMENT SYSTEM - A history file that an IC card received from a receiver is confirmed to be a proper history file, so that a repeat input of a license can be prevented. A server ( | 03-10-2011 |
| 20100318813 | NETWORK SECURITY DEVICE AND METHOD - The invention describes a method for hardening a security mechanism against physical intrusion and substitution attacks. A user establishes a connection between a network peripheral device and a network via a security mechanism. The security mechanism includes read only memory (ROM) that contains code that initiates operation of the mechanism and performs authentication functions. A persistent memory contains configuration information. A volatile memory stores user and device identification information that remains valid only for a given session and is erased thereafter to prevent a future security breach. A tamper-evident enclosure surrounds the memory elements, which if breached, becomes readily apparent to the user. | 12-16-2010 |
| 20100031065 | INFORMATION SECURITY APPARATUS - Provided is an information security apparatus ( | 02-04-2010 |
| 20100031064 | Tamper Detection Line Circuitry For An Authentication Integrated Circuit - The invention provides for tamper detection line circuitry for an authentication integrated circuit for use in authenticating an integrated circuit. The tamper detection line circuitry includes a source of pseudo-random bits, and an XOR gate with two inputs and an output in signal communication with flash memory erase and reset circuits, where a complete erasure is triggered by a 0 from the XOR gate. The circuitry also includes first and second paths arranging the source and XOR gate in signal communication with each other, the first path connected to one input of the XOR gate and the second path having an inverter and connected to a second input of the XOR gate. Also included are a number of triggers connected to the respective paths, each trigger configured to detect a physical attack on the authentication integrated circuit. | 02-04-2010 |
| 20090172420 | TAMPER RESISTANT METHOD AND APPARATUS FOR A STORAGE DEVICE - A method for authenticating software for use in a device includes encrypting software to be input to a device with a private key, and decrypting the software presented to the device with a public key retrieved from a memory accessible by the device. | 07-02-2009 |
| 20120210141 | INFORMATION PROCESSING APPARATUS, PROGRAM EXECUTION METHOD, AND COMPUTER PROGRAM - An information processing apparatus includes: a program executing unit which interprets and executes codes of a computer program created in a procedural language in an environment with a tamper resistant performance, wherein a security attribute and an authentication key are provided in units of functions in the computer program executed by the program executing unit, and wherein the program executing unit executes authentication processing with the authentication key for executing the function, which makes it possible to execute the function based on the security attribute. | 08-16-2012 |
| 20110185193 | DE-SEQUENCING ENCODED DATA SLICES - A method begins by a processing module obtaining at least an ordering threshold number of encoded data slices to produce obtained encoded data slices. The method continues with the processing module ordering the obtained encoded data slices based on a pseudo-random de-sequencing order to produce a plurality of sets of encoded data slices. The method continues with the processing module dispersed storage error decoding the plurality of sets of encoded data slices to produce a plurality of encrypted data segments. The method continues with the processing module decrypting the plurality of encrypted data segments to produce a plurality of data segments. The method continues with the processing module aggregating the plurality of data segments to produce a data stream. | 07-28-2011 |
| 20100199110 | INTEGRATED CIRCUIT HAVING OBSCURED STATE CHANGE CIRCUITRY - An integrated circuit is provided having first and second circuitry which are configured to emit light when undergoing changes in state. The first and second circuitry being operated to change state at the same time so as to hinder optical detection of the light emitted by the first circuitry. | 08-05-2010 |
| 20120179921 | END TO END ENCRYPTION FOR INTRUSION DETECTION SYSTEM - An intrusion detection module includes an enclosure and a sensor to detect a predetermined type of intrusion. The module further includes a tamper sensor to detect a tampering attempt. An encryption mechanism is coupled to receive signals from the sensor and tamper sensor and encrypt such signals for transmission to a control panel. | 07-12-2012 |
| 20110047389 | Trusted Infrastructure Support Systems, Methods and Techniques for Secure Electronic Commerce Electronic Transactions and Rights Management - An integrated, modular array of administrative and support services are provided for electronic commerce and electronic rights and transaction management. These administrative and support services supply a secure foundation for conducting transaction-related capabilities over electronic networks, and can also be adapted to the specific needs of electronic commerce value chains. In one embodiment a Distributed Commerce Utility having a secure, programmable, distributed architecture provides these administrative and support services. The Distributed Commerce Utility may comprise a number of Commerce Utility Systems. These Commerce Utility Systems provide a web of infrastructure support available to, and reusable by, the entire electronic community and/or many of its participants. Different support functions can be collected together in hierarchical and/or networked relationships to suit various business models or other objectives. Modular support functions can be combined in different arrays to form different Commerce Utility Systems for different design implementations and purposes. | 02-24-2011 |
| 20120331309 | USING BUILT-IN SELF TEST FOR PREVENTING SIDE CHANNEL SECURITY ATTACKS ON MULTI-PROCESSOR SYSTEMS - A data processing system having a first processor, a second processor, a local memory of the second processor, and a built-in self-test (BIST) controller of the second processor which performs BIST memory accesses on the local memory of the second processor and which includes a random value generator is provided. The system can perform a method including executing a secure code sequence by the first processor and performing, by the BIST controller of the second processor, BIST memory accesses to the local memory of the second processor in response to the random value generator. Performing the BIST memory accesses is performed concurrently with executing the secure code sequence. | 12-27-2012 |
| 20080222430 | Protection of Secure Electronic Modules Against Attacks - A method and apparatus is disclosed for preventing the unintended retention of secret data caused by preferred state/burn in secure electronic modules. Sequentially storing the data, and its inverse on alternating clock cycles, and by actively overwriting it to destroy it, prevents SRAM devices from developing a preferred state. By encrypting a relatively large amount of secret data with a master encryption key, and storing said master key in this non-preferred state storage, the electronic module conveniently extends this protection scheme to a large amount of data, without the overhead of investing or actively erasing the larger storage area. | 09-11-2008 |
| 20090183011 | MODULAR TAMPER RESISTANT ENCLOSURE FOR SECURE SYSTEMS - An active membrane creates a secure area around one or more devices. The active membrane forms a physical barrier between the encased secure area and an external environment. Linked to the membrane and acting as the sole interface between the secure area and the outside environment is a boundary interface. The boundary interface tunnels data to the secure area in a secure fashion. According to one embodiment of the present invention, the boundary interface utilizes symmetric and/or asymmetric cryptographic techniques to secure the data path. The boundary interface is also coupled to the active membrane, and upon the membrane sensing a breach of the membrane (thus signifying an intrusion of the secure area), the boundary interface can be configured to sever the data paths linking the secure area with the unsecured area as well as take other active steps to ensure that data within the secure area is not compromised. | 07-16-2009 |
