Patent application number | Description | Published |
20120166335 | TRANSACTION INTEGRITY - In one embodiment a secure controller comprises a memory module, and logic to receive one or more information components pertaining to a transaction initiated by a user on a controller separate from the secure controller, present, on a display device, a Turing test in combination with one or more information components associated with the transaction, receive a user input in response to the Turing test, authenticate the transaction when the user input corresponds to the answer to the Turing test and the personal identifier matches a personal identifier associated with the user. Other embodiments may be described. | 06-28-2012 |
20130340091 | METHOD OF CREATING UI LAYOUTS WITH DESIRED LEVEL OF ENTROPY - A machine-controlled method can include visually presenting to a first user a first user interface for a first transaction involving user-sensitive information, the first user interface having a first user interface layout, and performing processing based on user-sensitive information received by way of user interaction by the first user with the first user interface. The method can also include visually presenting to a second user a second user interface for receiving a second transaction involving user-sensitive information, the second user interface having a second user interface layout that is visually distinct from the first user interface layout and has a desired level of entropy. | 12-19-2013 |
20140181888 | SECURE LOCAL WEB APPLICATION DATA MANAGER - Apparatus, systems and methods may provide a browser interface to detect an attempt by web content to manipulate data in a local data store. In addition, the data may be classified into a category if the data is remotely accessible. Additionally, a security policy may be applied to the data based on the category. In one example, a separator may separate the data from other data based on the category, the data may be encrypted/decrypted based on the category, and/or context information and user input may be determined to apply the security policy further based on the context information and the user input. | 06-26-2014 |
20140189356 | METHOD OF RESTRICTING CORPORATE DIGITAL INFORMATION WITHIN CORPORATE BOUNDARY - A method of enforcing a virtual corporate boundary may include a client device requesting sensitive content from a network site on a server device responsive to a user's interaction with the client device. The server device can determine whether the user and/or client device are permitted to access the sensitive content. A secure element on the client device can establish a session key between the server device and the client device. The server device can render the sensitive content and send it to the client device, which can display the content to the user. | 07-03-2014 |
20140189807 | METHODS, SYSTEMS AND APPARATUS TO FACILITATE CLIENT-BASED AUTHENTICATION - Methods, systems and apparatus are disclosed to facilitate client-based authentication. An example method includes associating an identity authority with a client platform in an isolated execution environment, associating a user identity with the identity authority, generating a first key pair associated with a first service provider, generating an attestation based on a first authorization sequence of the client platform, and signing the attestation with a portion of the key pair and sending the signed attestation to the first service provider to authorize communication between the client platform and the first service provider. | 07-03-2014 |
20140281531 | TRUSTED DATA PROCESSING IN THE PUBLIC CLOUD - Generally, this disclosure describes a system and method for trusted data processing in the public cloud. A system may include a cloud server including a trusted execution environment, the cloud server one of a plurality of cloud servers, a cloud storage device coupled to the cloud server, and a RKM server including a key server module, the RKM server configured to sign the key server module using a private key and a gateway server configured to provide the signed key server module to the cloud server, the trusted execution environment configured to verify the key server module using a public key related to the private key and to launch the key server module, the key server module configured to establish a secure communication channel between the gateway server and the key server module, and the gateway server configured to provide a cryptographic key to the key server module via the secure communication channel. | 09-18-2014 |
20140283098 | MUTUALLY ASSURED DATA SHARING BETWEEN DISTRUSTING PARTIES IN A NETWORK ENVIRONMENT - An apparatus for sharing information between entities includes a processor and a trusted execution module executing on the processor. The trusted execution module is configured to receive first confidential information from a first client device associated with a first entity, seal the first confidential information within a trusted execution environment, receive second confidential information from a second client device associated with a second entity, seal the second confidential information within the trusted execution environment, and execute code within the trusted execution environment. The code is configured to compute a confidential result based upon the first confidential information and the second confidential information. | 09-18-2014 |
20140304649 | TRUSTED USER INTERACTION - In one embodiment a controller comprises a memory module, and logic configured to receive a request for trusted input from a user, define, on a region of a display device coupled to the secure controller, a dialog box, lock the dialog box such that input/output operations conducted in the dialog box are visible only to the secure controller, present, in the dialog box, one or more anti-spoof indicators and at least one input mechanism, receive a user input from the at least one input mechanism and process the user input in the secure controller. Other embodiments may be described. | 10-09-2014 |
20140337960 | TRUSTED SERVICE INTERACTION - In one embodiment a controller comprises logic configured to receive, from an application executing on an untrusted execution complex of the electronic device, a request for a secure communication session with a remote service, verify a security credential received from the remote service, establish a secure communication connection between the secure controller and the remote service, establish a secure user interface, collect one or more authentication credentials from a user via the secure user interface, forward the one or more authentication credentials to the remote service, and conduct a secure communication session with the remote service. Other embodiments may be described. | 11-13-2014 |