Inventors list |
Assignees list |
Classification tree browser |
Top 100 Inventors |
Top 100 Assignees |
Biffle
Cliff L. Biffle, Berkeley, CA US
| Patent application number | Description | Published |
|---|---|---|
| 20110138473 | DYNAMIC CODE INSERTION AND REMOVAL FOR STATIC ANALYSIS BASED SANDBOXES - Methods and apparatus for dynamically adding and deleting new code to previously validated application executing in a secured runtime. New code is written to a portion of secured memory not executable by application. New code is validated to ensure it cannot directly call operating system, address memory outside of secured memory, or modify secured memory state. Indirect branch instructions may only target addresses aligned on fixed size boundaries within the secured memory. Validated code is copied to portion of secured memory executable by application in two stage process that ensures partially copied segments cannot be executed. Validated new code can be deleted once all threads reach safe execution point, provided code was previously inserted as unit or contains no internal targets that can be called by code not also being deleted. | 06-09-2011 |
| 20110138474 | DYNAMIC CODE INSERTION AND REMOVAL FOR STATIC ANALYSIS BASED SANDBOXES - Methods and apparatus for dynamically adding and deleting new code to previously validated application executing in a secured runtime. New code is written to a portion of secured memory not executable by application. New code is validated to ensure it cannot directly call operating system, address memory outside of secured memory, or modify secured memory state. Indirect branch instructions may only target addresses aligned on fixed size boundaries within the secured memory. Validated code is copied to portion of secured memory executable by application in two stage process that ensures partially copied segments cannot be executed. Validated new code can be deleted once all threads reach safe execution point, provided code was previously inserted as unit or contains no internal targets that can be called by code not also being deleted. | 06-09-2011 |
Clifford L. Biffle, Sunnyvale, CA US
| Patent application number | Description | Published |
|---|---|---|
| 20110029961 | NATIVE CODE MODULE SECURITY FOR ARM INSTRUCTION SET ARCHITECTURES - Some embodiments provide a system that executes a native code module. During operation, the system obtains the native code module. Next, the system loads the native code module into a secure runtime environment. Finally, the system safely executes the native code module in the secure runtime environment by using a set of software fault isolation (SFI) mechanisms that constrain store instructions in the native code module. The SFI mechanisms also maintain control flow integrity for the native code module by dividing a code region associated with the native code module into equally sized code blocks and data blocks and starting each of the data blocks with an illegal instruction. | 02-03-2011 |
Janet L. Biffle, Cave Creek, AZ US
| Patent application number | Description | Published |
|---|---|---|
| 20080314977 | Method, System, and Computer Program Product for Customer-Level Data Verification - A system, method, and computer program to reduce incorrectly declined transactions and improve risk calculation accuracy by reducing error probability during fraud detection. The tool first receives at least one postal address as well as transaction account data and/or financial transaction instrument data. Then a customer is determined from a first customer record associated with the transaction account data and/or financial transaction instrument data. A record search is performed to identify at least one additional customer record associated with the customer. Finally, the postal address is compared to the information contained in the additional record to create a comparison result that verifies the submitted postal address. The comparison result may be used as an input to transaction risk calculations. The comparison result may also be provided to a merchant system and/or merchant for use in a decision-making process, for example, to verify customer identity. | 12-25-2008 |
Janet Leslee Biffle, Cave Creek, AZ US
| Patent application number | Description | Published |
|---|---|---|
| 20090157555 | BILL PAYMENT SYSTEM AND METHOD - Automated authorization and processing of an interim payment is disclosed. When a merchant requests payment prior to a recurring payment process being enabled, the system handles the payment request without customer intervention. The system requests and receives a transaction coordination code for an interim payment from a financial processor. The system passes the interim payment transaction coordination code to the merchant so the merchant may obtain an authorized payment. | 06-18-2009 |