Patent application number | Description | Published |
20080313489 | FLASH MEMORY-HOSTED LOCAL AND REMOTE OUT-OF-SERVICE PLATFORM MANAGEABILITY - A method, apparatus, and system are disclosed. In one embodiment, the method determines whether one or more manageability conditions are present in a computer system, and then invokes an out-of-service manageability remediation environment stored within a portion of a flash device in the computer system when one or more manageability conditions are present. | 12-18-2008 |
20090089887 | Theft-deterrence method and apparatus for processor based devices - A manageability engine of a processor based device and a host theft-deterrence agent of the processor based device, jointly implement a theft-deterrence protocol with a theft-deterrence service, remotely disposed from the processor based device, to deter theft of the processor based device. The host theft-deterrence agent is configured to operate in a processor operated application execution environment of the processor based device, and the manageability engine is configured to operate outside the application execution environment. | 04-02-2009 |
20090164377 | SECURED AND SELECTIVE RUNTIME AUDITING SERVICES USING A TRUSTED COMPUTING DEVICE - In an embodiment, an apparatus includes a control logic to selectively audit transactions between the apparatus and a separate entity based on a type for the transactions. The apparatus also includes an encryption logic to encrypt an audit log that includes at least one attribute of one of the selectively audited transactions. | 06-25-2009 |
20090248827 | METHOD AND APPARATUS FOR CONNECTION - AND NETWORK - NETWORK-INDEPENDENT ON-LINE AND OFF-LINE THEFT-MANAGEMENT PROTOCOL AND SERVICE FOR PROCESSOR BASED DEVICES - A theft-deterrence process enabling a theft-deterrence server, remotely disposed from the processor based device, to deter or thwart theft of the processor based device, is disclosed herein. In various embodiments, the theft-deterrence process employs connection and network independent communication for at least one direction between the theft deterrence server and the processor based device. | 10-01-2009 |
20090282265 | METHOD AND APPARATUS FOR PREVENTING ACCESS TO ENCRYPTED DATA IN A NODE - A method of preventing access of data in a node quickly and securely when the node is lost or stolen. The data is first encrypted using an encryption algorithm with a cryptographic key-material. Heuristic methods of detecting un-authorized access to the node are implemented to generate a theft-trigger. The theft-trigger is received and sent to a central authority. The validity of the trigger is verified and the central authority sends an acknowledgement of the trigger. When approval is given from the central authority, access to the data is prevented by deleting or concealing some cryptographic key-material. | 11-12-2009 |
20090287938 | METHOD AND APPARATUS WITH CHIPSET-BASED PROTECTION FOR LOCAL AND REMOTE AUTHENTICATION OF BOOTING FROM PERIPHERAL DEVICES - Method and apparatus enabling a computing system to deter or thwart unauthorized boot-up from peripheral devices are disclosed herein. In various embodiments, a monitoring module and a managing module are employed cooperating with each other to authorize users in booting up the computing system from peripheral devices. | 11-19-2009 |
20100023782 | CRYPTOGRAPHIC KEY-TO-POLICY ASSOCIATION AND ENFORCEMENT FOR SECURE KEY-MANAGEMENT AND POLICY EXECUTION - Key-to-policy association and hardware-based policy enforcement for file/folder encryption (FFE) and/or full-disk encryption (FDE) are provided. A CPU independent microprocessor (CIM) is coupled to a platform and provides a secure storage service, secure non-volatile storage, secure policy enforcement engine, and system interface for communication with platform components independent of the CPU. The CIM stores a key and its associated policies by generating a hardware-derived key to wrap the key prior to securely storing it in non-volatile storage on the CIM. Upon receiving a request for key-access by an application, policy status and credentials are verified before the key is returned. | 01-28-2010 |
20100162368 | Method, apparatus and system for remote management of mobile devices - An apparatus and system for enabling users to remotely manage their devices. Specifically, in one embodiment, in the event of a theft of a device or other such occurrence, a user may send a command to the device to execute a specified command. The command may include actions such as locking the device, shutting down the device, disabling logon's to the device and other such actions that may secure the device and the data on the device from unauthorized access. Upon receipt of an authorized unlock credential, the device may once again be made accessible. | 06-24-2010 |
20100332833 | LINK KEY INJECTION MECHANISM FOR PERSONAL AREA NETWORKS - According to one embodiment, a method is disclosed. The method includes generating a link key at a secure component within a first personal area network device and injecting the link key into a protocol stack component database within the first device. The link key may further be transmitted to a second device. Other embodiments are described and claimed. | 12-30-2010 |
20110029769 | METHOD FOR USING TRUSTED, HARDWARE IDENTITY CREDENTIALS IN RUNTIME PACKAGE SIGNATURE TO SECURE MOBILE COMMUNICATIONS AND HIGH VALUE TRANSACTION EXECUTION - A method for trusted package digital signature based on secure, platform-bound identity credentials. The selection of a document to be electronically signed by a user via a computing device is made. A hash for the document is determined. The hash is encrypted with a private key of the user to create a digital signature. The document, an identification credential, and the digital signature are sent to a recipient computing device residing on a network. The identification credential comprises a digital file used to cryptographically bind a public key to specific trusted hardware attributes attesting to the identity and integrity of the trusted computing device. The trusted computing device includes a cryptographic processor. | 02-03-2011 |
20110078758 | METHOD AND DEVICE FOR CONTROLLING USE OF CONTEXT INFORMATION OF A USER - A method and device for controlling use of context information of a user includes establishing a context policy enforcement engine on a mobile computing device. The context policy enforcement engine may be embodied as software and/or hardware components. The context policy enforcement engine retrieves context policy data in response to receiving a request for context information related to a user. The context policy data defines a set of context rules for responding to context requests. The context policy enforcement engine responds to the request based on the set of context rules. | 03-31-2011 |
20110125485 | METHODS AND SYSTEMS FOR REAL TIME LANGUAGE TRANSLATION USING SOCIAL NETWORKING - Methods and systems with which a language translation may be obtained. An originator may request a translation by sending the passage to be translated to a server. The server may then broadcast the passage to prospective translators. In an embodiment, the translators may be connected to the originator and/or each other through a social network. Some or all of the prospective translators then return translations of the passage to the originator, via the server. The originator may then select the most desirable translation and inform the server. In an embodiment, the provision of the translation service may be part of an exchange or barter transaction. The server may apply a credit to the translator of the chosen translation. The translator may then use the credit in a subsequent trade or other transaction. | 05-26-2011 |
20110129077 | METHODS AND SYSTEMS FOR REAL TIME DISPLAY OF CALLER LOCATION, PROFILE, AND TRUST RELATIONSHIP - Methods and systems to display, in real time, detailed attribute information regarding a calling party. This information may be presented to a user in conjunction with an incoming voice-call or message on the user's smartphone/mobile internet device (MID) or other mobile device. Such information can help him/her in real-time to decide whether to respond to the communication. Attribute information is collected at a caller attributes processing server and communicated to a receiver device of the called party. | 06-02-2011 |
20110131447 | Automated modular and secure boot firmware update - A method, apparatus, system, and computer program product for an automated modular and secure boot firmware update. An updated boot firmware code module is received in a secure partition of a system, the updated boot firmware code module to replace one original boot firmware code module for the system. Only the one original boot firmware code module is automatically replaced with the updated boot firmware code module. The updated boot firmware code module is automatically executed with the plurality of boot firmware code modules for the system and without user intervention when the system is next booted. The updated boot firmware code module may be written to an update partition of a firmware volume, wherein the update partition of the firmware volume is read along with another partition of the firmware volume containing the plurality of boot firmware code modules when the system is booted. | 06-02-2011 |
20110151854 | REMOTE MANAGEMENT OVER A WIRELESS WIDE-AREA NETWORK USING SHORT MESSAGE SERVICE - A method and device for remote management over a wireless wide-area network includes receiving a short message over a wireless wide-area network (WWAN) using an out-of-band (OOB) processor of a computing device. The OOB processor is capable of communicating over the WWAN irrespective of an operational state of an in-band processor of the computing device. The computing device executes at least one operation with the OOB processor in response to receiving the short message. | 06-23-2011 |
20110161452 | COLLABORATIVE MALWARE DETECTION AND PREVENTION ON MOBILE DEVICES - The present disclosure describes a method and apparatus for collaborative threat detection on mobile devices. A mobile device may comprise a processor, secure memory, and secure circuitry. The processor may be coupled to host memory and may be configured to execute a security threat detection application to detect a malicious program attacking the mobile device. The secure memory may be configured to host a collaborator database comprising data corresponding to at least one collaborating device. The secure circuitry may be configured to determine if the security threat detection application running on the processor is properly operating. If an abnormality in the operation of the security threat detection application is detected, the secure circuitry may be further configured to cause a security threat notification to be transmitted to the collaborating device based on the data in the collaborator database. | 06-30-2011 |
20110161667 | TRUSTED GRAPHICS RENDERING FOR SAFER BROWSING ON MOBILE DEVICES - The present disclosure describes a method and apparatus for determining a safety level of a requested uniform resource locator (URL) on a mobile device. Secure memory may be configured to host at least one database comprising a plurality of uniform resource locators (URLs) and to also host information representing at least one logo indicative of a safety level of the URLs in the database. Secure circuitry may be configured to compare a requested URL with the database to determine if the requested URL corresponds to one of the URLs of the database and to select an appropriate logo stored in the secure memory. The secure circuitry may be further configured to direct overlay circuitry to blend the appropriate logo onto rendered data from a frame buffer video memory for display to a user. | 06-30-2011 |
20110161848 | METHOD AND DEVICE FOR MANAGING SECURITY EVENTS - A method and device for managing security events includes establishing a security event manager on a mobile computing device. The security event manager may be embodied as software and/or hardware components. The security event manager receives security event data from a plurality of security event sources of the mobile computing device and correlates the security event data based on a security policy to determine whether a security event has occurred. The security event manager responds to the security event based on the security policy. | 06-30-2011 |
20110237221 | METHOD AND APPARATUS FOR BEARER AND SERVER INDEPENDENT PARENTAL CONTROL ON SMARTPHONE, MANAGED BY THE SMARTPHONE - In some embodiments, the invention involves parental or master control of a child or subordinate mobile phone without service provider intervention. An embodiment of the invention is a system and method relating to master control of the subordinate smart phone using features on the smart phones, and independent of features provided by the phone service providers. Communication between the master and subordinate phones may be initiated using SMS messaging, near field communication, Bluetooth, direct connect to a PC, or by other secure wireless or wired connections. Once initiated, desired communication events are captured by the parental control application to effect control policies on the subordinate phone. Communication between the phones may be encrypted to prevent malicious intervention of message traffic Other embodiments are described and claimed. | 09-29-2011 |
20110246373 | PAYMENT MANAGEMENT ON MOBILE DEVICES - Embodiments of techniques and systems for asynchronous offline bill review and payment are described. A bill payment management module, operated on a manageability engine on a mobile device, communicates with an online bill payment service. The bill payment management module may receive information about bill payments, including bills which are due, and presents selective information to a bill payment client application. A bill payer can then access the information on the mobile device through the bill payment client application and review or change the payment amounts. The review and the modifications may be performed when the mobile device is offline and the modifications may be stored until a later time when the mobile device can connect to a network. Once a network is available, the bill payment management module may send payment instructions to the online bill payment service. Other embodiments may be described and claimed. | 10-06-2011 |
20110289004 | METHOD AND DEVICE FOR CONDUCTING TRUSTED REMOTE PAYMENT TRANSACTIONS - A method, device, and system for conducting trusted payment transactions including establishing a trust relationship between a first mobile computing device and a second mobile computing device. The first mobile computing device may initiate a payment transaction with a point-of-sale device, communicate with the second mobile communication device to retrieve payment information from the second mobile communication device, and complete the payment transaction with the point-of-sale device using the payment information. The second mobile computing device is configured to verify the user and identity of the first mobile computing device prior to providing the payment information. Communications between the mobile computing devices may be encrypted using pre-determined encryption techniques. | 11-24-2011 |
20120027209 | USING A TRUSTED-PLATFORM-BASED SHARED-SECRET DERIVATION AND WWAN INFRASTRUCTURE-BASED ENROLLMENT TO ESTABLISH A SECURE LOCAL CHANNEL - A system and method for establishing a connection on a mobile computing device includes generating a secret on a trusted platform of the mobile computing device. The secret is transported to a subscriber identity module (SIM)/Smartcard on the mobile computing device. A secure local communication channel is established between the trusted platform and the SIM/Smartcard using the secret. | 02-02-2012 |
20120030110 | DEVICE, SYSTEM, AND METHOD FOR LOCATION-BASED PAYMENT AUTHORIZATION - A device, system, and method for location-based payment authorization includes receiving a payment request for an order submitted from a mobile computing device via an e-commerce vendor website. A location of the mobile computing device is determined based on location data. In one embodiment, the payment request is authorized or denied based on whether the e-commerce vendor website has been authorized for the determined location of the mobile computing device. | 02-02-2012 |
20120099479 | TECHNIQUES TO MANAGE WIRELESS CONNECTIONS - A system, apparatus, method and article to manage wireless connections are described. The apparatus may include a connection management module to automatically form a first connection between a first mobile device and a second mobile device, and a second connection between the second mobile device and a fixed device, wherein the first mobile device is to communicate information with the fixed device using the first and second connections. Other embodiments are described and claimed. | 04-26-2012 |
20120131345 | SECURE SOFTWARE LICENSING AND PROVISIONING USING HARDWARE BASED SECURITY ENGINE - Provisioning a license and an application program from a first server to a computing platform over a network. The host application derives a symmetric key at least in part from a user password, and sends the license to a license management firmware component of a security engine, in a message signed by the symmetric key. The license management firmware component derives the symmetric key at least in part from the user password stored in a secure storage of the security engine, verifies the signature on the message using the symmetric key, verifies the first server's signature on the license, decrypts the license using a first private key of the license management firmware component corresponding to the first public key to obtain the second key, and sends the second key to the host application, which decrypts the application program using the second key. | 05-24-2012 |
20120166304 | REAL-TIME MOBILE PAYMENT PROCESSING SYSTEM - A method, system, and device are disclosed. In one embodiment the method includes receiving a recipient phone number into an electronic gift phone module (EGPM). The EGPM also receives a set of gift data that includes a gift identification. The EGPM sends the recipient phone number and at least some gift data to an electronic gift processing server module (EGPSM). The EGPSM purchases a recipient gift by utilizing the gift identification. The EGPSM also sends notification of the recipient gift purchase to the recipient phone number. | 06-28-2012 |
20120167188 | USER IDENTITY ATTESTATION IN MOBILE COMMERCE - A method, apparatus, system, and computer program product for user identity attestation in mobile commerce. The method may include obtaining a photograph of a user of a mobile device via a camera integrated with the mobile device; identifying a first set of fiducial points from the photograph; causing the first set of fiducial points from the photograph to be compared to a second set of fiducial points associated with an authorized user of the mobile device; and determining that the user is the authorized user if the first set of fiducial points matches the second set of fiducial points. | 06-28-2012 |
20120167218 | SIGNATURE-INDEPENDENT, SYSTEM BEHAVIOR-BASED MALWARE DETECTION - A method, system, and computer program product for detecting malware based upon system behavior. At least one process expected to be active is identified for a current mode of operation of a processing system comprising one or more resources. An expected activity level of the one or more resources of the processing system is calculated based upon the current mode of operation and the at least one process expected to be active. An actual activity level of the plurality of resources is determined. If a deviation is detected between the expected activity level and the actual activity level, a source of unexpected activity is identified as a potential cause of the deviation. Policy guidelines are used to determine whether the unexpected activity is legitimate. If the unexpected activity is not legitimate, the source of the unexpected activity is classified as malware. | 06-28-2012 |
20120178481 | REMOTE MANAGEMENT OVER A WIRELESS WIDE-AREA NETWORK USING SHORT MESSAGE SERVICE - Illustrative embodiments of systems and methods providing remote management over a wireless wide-area network (WWAN) using short messages are disclosed. In one embodiment, a computing device may include an in-band processor, a wireless transceiver configured for communications over a WWAN, and an out-of-band (OOB) processor capable of communicating over the WWAN using the wireless transceiver irrespective of an operational state of the in-band processor. The OOB processor may be configured to receive a short message via the wireless transceiver, determine whether the short message originated from a trusted remote computing device, and execute at least one operation indicated by the short message in response to determining that the short message originated from a trusted remote computing device. | 07-12-2012 |
20120255026 | METHOD AND DEVICE FOR MANAGING DIGITAL USAGE RIGHTS OF DOCUMENTS - A method, device, and system for managing digital usage rights of documents includes a mobile computing device having a digital rights management (DRM) enforcement engine included therein. The mobile computing device may communicate with a server, such as an enterprise digital rights management (EDRM) server, to retrieve a secured document and an associated document usage rights policy. The document and usage rights policy are stored in a secured storage of the mobile computing device. The DRM enforcement engine of the mobile computing device provides access to the requested document while locally enforcing the associated document usage rights policy. In some embodiments, the mobile computing device may act as a proxy for other computing devices communicatively coupled to the mobile computing device and/or act as a local EDRM to such computing devices. | 10-04-2012 |
20120270505 | HEADLESS EXTERNAL SENSOR DISCOVERY AND DATA ACCESS USING MOBILE DEVICE - A device, system, and machine readable medium for headless sensor measurements are disclosed. In one embodiment, the device is exclusive of a display. The device includes a sensor head to retrieve an amount of measurement data from an environment. The device also includes an I/O interface, a memory, a non-volatile storage, processing logic, and sensor data access protocol (SDAP) manageability code. The SDAP manageability code may cause the processing logic to provide a sensor type and a measurement data payload type to a mobile communication device. The SDAP manageability code additionally may cause the sensor head to take a measurement, receive measurement data from the sensor head, packetize the measurement data, and transfer the measurement data payload to the mobile communication device. | 10-25-2012 |
20120284499 | METHOD AND APPARATUS WITH CHIPSET-BASED PROTECTION FOR LOCAL AND REMOTE AUTHENTICATION OF BOOTING FROM PERIPHERAL DEVICES - Method and apparatus enabling a computing system to deter or thwart unauthorized boot-up from peripheral devices are disclosed herein. In various embodiments, a monitoring module and a managing module are employed cooperating with each other to authorize users in booting up the computing system from peripheral devices. | 11-08-2012 |
20130003963 | Thwarting Unauthorized Content Copying Using Media Tracking Code - Embodiments of techniques and systems for content protection and detection of protected media content are described. Visual tracking patterns may be displayed during rendering of protected media content that would be visible to a camcorder during recording. The visual tracking pattern may be placed in a background area or other less-active portion of the video in order to reduce perceptibility by a viewer. Audio tracking patterns may be inserted during rendering outside of the range of normal human hearing for reduced viewer perceptibility. The tracking patterns may encode media tracking codes that are included in to-be-rendered media during provision from a media server. Other embodiments may be described and claimed. | 01-03-2013 |
20130007873 | SYSTEMS AND METHODS FOR POWER-ON USER AUTHENTICATION - Embodiments of systems and methods for power-on user authentication are disclosed. A method for power-on user authentication may comprise receiving an authentication input with a security controller of a computing device prior to supplying power to a primary processor of the computing device, comparing the authentication input to an authentication code using the security controller, and supplying power to the primary processor in response to the authentication input matching the authentication code. | 01-03-2013 |
20130297424 | METHODS AND APPARATUS TO AUTOMATE HAGGLING BEFORE PHYSICAL POINT-OF-SALE COMMERCE - In one example embodiment of a method for automating business negotiations, a vendor offers a product for sale at an original price. Subsequently, an automated haggling system receives a counteroffer to buy the product from a mobile device controlled by a shopper. The counteroffer proposes a second price for the product. In response to the counteroffer, the automated haggling system automatically determines whether the second price is acceptable. This determination may be based on data from a negotiation database with data identifying acceptable reduced prices. If the counteroffer proposes an acceptable price, the automated haggling system sends a message to the mobile device of the shopper to signify acceptance the counteroffer. In response to a determination that the shopper is purchasing the product at a point-of-sale (POS) station, the POS station automatically charges the shopper the negotiated price tier the product. Other embodiments are described and claimed. | 11-07-2013 |
20130340034 | APPLICATION AUTHENTICATION POLICY FOR A PLURALITY OF COMPUTING DEVICES - In one embodiment, the present invention includes a method for launching an application authentication policy (AAP) application on a computing device, enabling the device for use as a personal device of a user if the user is authenticated by the AAP application, and otherwise enabling the device for use as a non-personal device that provides only basic functionality but protects other users' personal data and applications. Other embodiments are described and claimed. | 12-19-2013 |
20140012917 | SHARING USER INFORMATION WITH PROXIMATE DEVICES - Embodiments of techniques and systems for sharing user information between proximate devices are described. In embodiments, a first device may identify a physically-proximate device that may receive user information. Upon receiving an indication that a user of the first device may desire to share user information with a user of the second device, a determination may be made as to whether the two users have matching interests. In embodiments, the interest match determination may be made by a separate interest match evaluator. Upon determination of an interest match, the first device may then send a request to share user information to the second device. If a user of the second device approves the request, user information for the user of the first device may be shared with the user of the second device. Other embodiments may be described and claimed. | 01-09-2014 |
20140067570 | SYSTEM AND METHOD FOR MOBILE POINT OF SALE - In some embodiments, an electronic device comprises an input interface, a communication interface, a processor, and logic to launch, in the electronic device, a shopping application associated with one or more specific vendors, establish, via the communication interface, a communication connection between the electronic device and a shopping server, and receive, via the input interface, an identifier associated with one or more products sold by the one or more specific vendors, receive, via the communication interface, point of sale information associated with the one or more products associated with the identifier, receive, via the communication interface, a transaction authorization to purchase the one or more products associated with the identifier, and execute the purchase transaction on the electronic device. Other embodiments may be described. | 03-06-2014 |
20140188719 | MULTI USER ELECTRONIC WALLET AND MANAGEMENT THEREOF - Systems and methods for sharing an e-wallet are disclosed. In some embodiments, the systems and methods may share an e-wallet among multiple users on a single device. In other embodiments, the systems and method may share an e-wallet among multiple devices and/or multiple users on multiple devices. In some instances, an remotely stored e-wallet may be used or leveraged by an e-wallet uncertified device. | 07-03-2014 |
20140289789 | CLOUD BASED REAL TIME APP PRIVACY DASHBOARD - A method of operating an electronic device comprises detecting access to private information stored in memory of the electronic device. The detecting is performed by a privacy management module downloadable to the electronic device as object code for execution on the electronic device and the access is performed by a client application program. The method further comprises tracking, using the privacy management module, the private information being accessed by the client application program, and reconfiguring the electronic device, using the privacy management module, to change the access to the private information by the client application program according to at least one privacy access policy stored in the electronic device. | 09-25-2014 |