Perrig
Adrian Perrig US
Patent application number | Description | Published |
---|---|---|
20100205430 | Network Reputation System And Its Controlling Method Thereof - A network reputation system and its controlling method are provided. A credentials and exchange component permits a user to generate credentials and exchange matching keys with those persons having a social relationship with the user. A reputation evaluation component enables other users to make evaluations about an estimatee via the sharing of social network information. A query and response component receives a query from a person having a social relationship with the user for requesting an evaluation about the estimatee, and responds an associated evaluation result to the person having a social relationship with the user, via the sharing of social network information and the evaluations made by the other users about the estimatee. | 08-12-2010 |
Adrian Perrig, Pittsburgh, PA US
Patent application number | Description | Published |
---|---|---|
20080298587 | Apparatus and method for secure, user-friendly deployment of information - A method of securely deploying information to a device includes placing a device into a shielded structure and exchanging timing messages between a keying device located inside the shielded structure and a beacon located outside of the shielded structure. The shielded structure is closed. The exchange of timing messages is terminated, and upon termination, the keying device transfers the information via one or more shielded messages to the device, and the beacon jams the frequency at which the shielded messages are transferred. The shielded structure is opened, and the keying device and beacon exchange messages to verify the secure deployment of the information. | 12-04-2008 |
20100031360 | Systems and methods for preventing unauthorized modification of an operating system - Systems and methods are provided for preventing unauthorized modification of an operating system. The system includes an operating system comprised of kernel code for controlling access to operation of a processing unit. The system further includes an enforcement agent executing at a higher privilege than the kernel code such that any changes to the kernel code are approved by the enforcement agent prior to execution. | 02-04-2010 |
20100049975 | Method and apparatus for secure online transactions - Phishing attacks succeed by exploiting a user's inability to distinguish legitimate websites from spoofed websites. Most prior work focuses on assisting the user in making this distinction; however, users must make the right security decision every time. Unfortunately, humans are ill-suited for performing the security checks necessary for secure site identification, and a single mistake may result in a total compromise of the user's online account. Fundamentally, users should be authenticated using information that they cannot readily reveal to malicious parties. Placing less reliance on the user during the authentication process enhances security and eliminates many forms of fraud. We disclose using a trusted device to perform mutual authentication that eliminates reliance on perfect user behavior, thwarts Man-in-the-Middle attacks after setup, and protects a user's account even in the presence of keyloggers and most forms of spyware. | 02-25-2010 |
20130024693 | Network Reputation System And Its Controlling Method Thereof - A network reputation system and its controlling method are provided. A credential and exchange component permits a user to generate credentials and exchange matching items with those persons having a social relationship with the user. A reputation evaluation component enables other users to make evaluations about an estimatee via the sharing of social network information. A query and response component receives a query from a person having a social relationship with the user for requesting an evaluation about the estimatee, and responds with an associated evaluation result to the person having a social relationship with the user, via the sharing of social network information and the evaluations made by the other users about the estimatee. | 01-24-2013 |
Adrian Perrig, Berkeley, CA US
Patent application number | Description | Published |
---|---|---|
20120203872 | MULTI-OUTPUT PACKET SERVER WITH INDEPENDENT STREAMS - A method of serving content to multiple clients via a network is provided. Independent sessions with each of a plurality of clients are maintained, wherein the number of clients in the plurality of clients can vary over time, and wherein the start of each session and the end of each session can be independent of the start and end of other sessions. A stream of packet payloads is received, each packet payload of the stream of packet payloads including data generated from the content, wherein each packet payload in at least a subset of the stream of packet payloads includes a different set of data. Each packet payload in the stream of packet payloads is transmitted to each client of the plurality of clients in corresponding packets, wherein the packet payload transmitted to a client at any particular time is independent of the state of the corresponding session. | 08-09-2012 |
Adrian Perrig, Zurich CH
Patent application number | Description | Published |
---|---|---|
20140258736 | Systems and Methods for Maintaining Integrity and Secrecy in Untrusted Computing Platforms - A method for operating a computing system with a trusted processor include generating a secret cryptographic key based on a physically unclonable function in at least one hardware component in the trusted processor, generating a first public key and first private key using first secret cryptographic key, and executing instruction code corresponding to a first software program. The method further includes generating output data with the trusted processor during execution of the first software program, generating encrypted data corresponding to the output data using the first public key for at least a portion of the encryption, generating a signature of the encrypted data, and transmitting with an input/output (I/O) interface operatively connected to the trusted processor the encrypted data and the signature for storage in an untrusted memory. | 09-11-2014 |
Adrian M. Perrig, Pittsburgh, PA US
Patent application number | Description | Published |
---|---|---|
20120198514 | Methods and Apparatuses for User-Verifiable Trusted Path in the Presence of Malware - An apparatus and method for establishing a trusted path between a user interface and a trusted executable, wherein the trusted path includes a hypervisor and a driver shim. The method includes measuring an identity of the hypervisor; comparing the measurement of the identity of the hypervisor with a policy for the hypervisor; measuring an identity of the driver shim; comparing the measurement of the identity of the driver shim with a policy for the driver shim; measuring an identity of the user interface; comparing the measurement of the identity of the user interface with a policy for the user interface; and providing a human-perceptible indication of whether the identity of the hypervisor, the identity of the driver shim, and the identity of the user interface correspond with the policy for the hypervisor, the policy for the driver shim, and the policy for the user interface, respectively. | 08-02-2012 |