| Patent application number | Description | Published |
|---|
| 20130339740 | MULTI-FACTOR CERTIFICATE AUTHORITY - Disclosed herein is a certificate authority server configured to provide multi-factor digital certificates. A processor readable medium may include a plurality of instructions configured to enable a certificate authority server of a certificate authority, in response to execution of the instructions by a processor, to receive a request to provide a multi-factor digital security certificate by digitally signing a certificate request having a plurality of factors and a cryptographic key, wherein a first of the plurality of factors is an identifier of a device and a second of the plurality of factors is an identifier of a user of the device. The instructions are also configured to enable the certificate authority server to associate the cryptographic key with the plurality of factors and issue the digital security certificate based on the certificate request. Also disclosed is a method of using a multi-factor digital certificate as part of the authorization process to implicitly bind the plurality of factors. Other embodiments may be described and claimed. | 12-19-2013 |
| 20140094121 | INTEGRATING WIRELESS INPUT FUNCTIONALITY INTO SECURE ELEMENTS - Systems and methods may provide for establishing an out-of-band (OOB) channel between a local wireless interface and a remote backend receiver, and receiving information from a peripheral device via the local wireless interface. Additionally, the information may be sent to the backend receiver via the OOB channel, wherein the OOB channel bypasses a local operating system. In one example, a secure Bluetooth stack is used to receive the information from the peripheral device. | 04-03-2014 |
| 20140095887 | METHOD AND APPARATUS FOR MAINTAINING TRUSTED TIME AT A CLIENT COMPUTING DEVICE - In accordance with disclosed embodiments, there are provided methods, systems, and apparatuses for maintaining trusted time at a client computing device including, for example, executing a computer program within a client device; initiating a call from the computer program to a secure time service of the client device requesting a trusted time stamp; retrieving, via the secure time service of the client device, a protected time from protected clock hardware of the client device; generating, at the secure time service of the client device, the trusted time stamp by signing the protected time retrieved from the protected clock hardware of the client device; and returning the trusted time stamp to the computer program. Other related embodiments are disclosed. | 04-03-2014 |
| 20140096179 | SYSTEM AND METHOD FOR PERFORMING SECURE COMMUNICATIONS - A system establishes secure communications between first and second electronic devices. The first device stores secured content to be accessed by second device based on identification information of the first device. The identification information of the first device may be manually input into the second device, and the second device may perform an initial pairing operation with the first device based on this manually entered information. The identification information stored from initial pairing may allow secure automatic pairing. | 04-03-2014 |
| 20140281477 | Secure Cloud Storage and Encryption Management System - An embodiment of the invention allows a user to back-up/store data to a cloud-based storage system and synchronize that data on the user's devices coupled to the storage system. The devices have secure out-of-band cryptoprocessors that conceal a private key. The private key corresponds to a public key that is used to encrypt a session key and information, both of which are passed to and through cloud based storage, all while remaining encrypted. The encrypted material is communicated from the cloud to another of the user's devices where the encrypted material is decrypted within a secure out-of-band cryptoprocessor (using the private key that corresponds to the aforementioned public key) located within the device. The embodiment allows for secure provisioning of the private key to the devices. The private key is only decrypted within the cryptoprocessor so the private key is not “in the open”. Other embodiments are described herein. | 09-18-2014 |
| 20140281486 | COMMUNITY-BASED DE-DUPLICATION FOR ENCRYPTED DATA - Technologies for de-duplicating encrypted content include fragmenting a file into blocks on a computing device, encrypting each block, and storing each encrypted block on a content data server with associated keyed hashes and member identifications. The computing device additionally transmits each encrypted block with an associated member encryption key and member identification to a key server. As part of the de-duplication process, the content data server stores only one copy of the encrypted data for a particular associated keyed hash, and the key server similarly associates a single member encryption key with the keyed hash. To retrieve the file, the computing device receives the encrypted blocks with their associated keyed hashes and member identifications from the content data server and receives the corresponding member decryption key from the key server. The computing device decrypts each block using the member decryption keys and combines to blocks to generate the file. | 09-18-2014 |
| 20150113631 | TECHNIQUES FOR IDENTIFYING A CHANGE IN USERS - Various embodiments are generally directed to an apparatus, method and other techniques for detecting an input comprising an object contacting a surface of an apparatus, determining object characteristics based on the detected input and selecting a user profile based on the determined object characteristics. | 04-23-2015 |
| 20150222667 | PROTECTION SYSTEM INCLUDING SECURITY RULE EVALUATION - This disclosure is directed to a protection system including security rule evaluation. A device may comprise a protection module to identify threats to at least one of the device or to a network including the device. The protection module may include, for example, a rule evaluator (RE) module to evaluate proposed security rules for identifying the threats based on at least one ground truth scenario and to determine whether to promote the proposed security rules to new security rules. The proposed security rules may be generated by the protection module or received from other devices in the network or other networks. New security rules may be shared with the other devices and/or networks. The RE module may further trigger an independent evaluation of the proposed security rules, which may also be considered when determining whether to add the proposed security rules to the set of active rules in the device. | 08-06-2015 |
