| Patent application number | Description | Published |
|---|
| 20080263672 | Protecting sensitive data intended for a remote application - A method and apparatus is provided of protecting sensitive data input via an input device of a processing platform from a data logger, the sensitive data being user account data intended for a remote application. To protect the sensitive data, the data is used as a password in a secure, password-authenticated key agreement protocol executed between a security entity and the remote application, the security entity being installed in the input device or in secure communication therewith. In one preferred embodiment the input device is a keyboard and the security entity is a unit installed in the keyboard and selectively operable in a pass-through mode and a security mode. | 10-23-2008 |
| 20090019285 | Establishing a Trust Relationship Between Computing Entities - A first computing entity provides evidence to a second computing entity to demonstrate that the first computing entity has a trusted configuration specification that is one of a set of such specifications agreed between the computing entities. This evidence comprises a computed commitment, made using (but not revealing) the configuration specification of the first computing entity, and a ring signature generated using a plurality of keys where each such key is generated using the commitment and one of the trusted configuration specifications. The second computing entity verifies the ring signature in order to convince itself that the configuration specification of the first computing entity is in the set. | 01-15-2009 |
| 20090208018 | DATA TRANSFER DEVICE - A data transfer device for transferring data to a removable data storage item. The data transfer device receives content data to be stored to the removable data storage item, encrypts the content data using an encryption key, and transforms at least one of predetermined reference data and the encryption key. The data transfer device also encrypts the transformed predetermined reference data using the encryption key or encrypts the predetermined reference data using the transformed encryption key, and then stores the encrypted content data and the encrypted transformed/predetermined reference data to the removable data storage item. | 08-20-2009 |
| 20090210705 | Revocation for direct anonymous attestation - Direct Anonymous Attestation involves a Signer using a credential supplied by an Issuer to anonymously prove to a Verifier, on the basis of a public key of the Issuer, the Issuer's attestation to the Signer's membership of a particular group. To facilitate membership revocation, the Issuer updates the public key at intervals, and also effects a complementary updating to the Signer's credential unless the Signer has ceased to be a legitimate group member. A non-updated credential is inadequate to enable the Signer to prove its Issuer attested group membership to a Verifier on the basis of the updated Issuer public key. | 08-20-2009 |
| 20090210716 | Direct anonymous attestation using bilinear maps - Direct Anonymous Attestation, DAA, involves a Signer entity using a credential supplied by an Issuer to attest its possession of a particular characteristic to a Verifier without the identity of the Signer being revealed. Security and performance improvements are disclosed where DAA is performed using a non-degenerate, computable, bilinear map with the credential being a CL-LRSW signature on a secret known only to the Signer. | 08-20-2009 |
| 20100161998 | Associating a Signing key with a Software Component of a Computing Platform - A method and system is provided for operatively associating a signing key with a software component of a computing platform. The computing platform includes a trusted device and on start-up first loads a set of software components with each component being measured prior to loading and a corresponding integrity metric recorded in registers of the trusted device. The system stores a key-related item in secure persistent storage, the key-related item being either the signing key or authorisation data for its use. The trusted device is arranged to enable a component of the software-component set to obtain the key-related item, this enabling only occurring when the current register values correspond to values only present prior to loading of components additional to those of the software-component set. Certificate evidence is provided indicating that the signing key is operatively associated with a component of the software-component set. | 06-24-2010 |
| 20100287315 | Shared Secret Used Between Keyboard And Application - A system comprises a processor which executes an operating system and an application. The system also comprises a keyboard coupled to the processor. The keyboard and application share a shared secret that is used to encode keyboard data provided from the keyboard to the application. The shared secret is not known or accessible to the operating system. | 11-11-2010 |
| 20110280402 | METHODS AND SYSTEMS FOR UTILIZING CRYPTOGRAPHIC FUNCTIONS OF A CRYPTOGRAPHIC CO-PROCESSOR - A computer platform is provided that comprises a processor and a cryptographic co-processor coupled to the processor. The computer platform further comprises a platform entity coupled to the processor. The platform entity establishes a secure relationship with the cryptographic co-processor that enables the platform entity to utilize cryptographic functions provided by the cryptographic co-processor. | 11-17-2011 |
