专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

11. 发明授权

US09495544B2 Secure data transmission and verification with untrusted computing devices 有权
标题翻译：使用不受信任的计算设备进行安全的数据传输和验证
公开(公告)号：US09495544B2
公开(公告)日：2016-11-15
申请号：US14318266
申请日：2014-06-27
申请人： Visa International Service Association
发明人： Selim Aissi , Taeho Kgil , Gyan Prakash
IPC分类号： G06F7/04 , G06F15/16 , G06F17/30 , H04L29/06 , G06F21/60 , H04L9/08 , H04W12/04 , H04L9/32 , G06F7/58
CPC分类号： H04L63/0428 , G06F7/58 , G06F21/60 , G06F21/602 , H04L9/0866 , H04L9/0869 , H04L9/3278 , H04L63/08 , H04L63/123 , H04L2209/56 , H04W12/04
摘要： Techniques from the proposed invention relate to providing enhanced security. For example, techniques described herein allow a computer system, such as a mobile device, to support a wide variety of security functions and security sensitive applications on a mobile device by providing enhanced security via secure input and output data transmission and verification through a secure module. The secure module may cause user interfaces to be provided to users by providing obfuscated user interface data to the operating system that do not reveal elements that are part of the user interfaces. The secure module may receive obfuscated user input values representing user input values, and de-obfuscate these user input values, whereby the actual input values are not exposed to the underlying operating system. The secure module may track the flow of user input/output data through the computing device to ensure the integrity and authenticity of this data.
摘要翻译：来自所提出的发明的技术涉及提供增强的安全性。例如，本文描述的技术允许诸如移动设备的计算机系统通过经由安全输入和输出数据传输和验证通过安全模块提供增强的安全性来支持移动设备上的各种安全功能和安全敏感应用。安全模块可以通过向操作系统提供模糊的用户界面数据而不向用户提供不显示作为用户界面的元素的用户界面。安全模块可以接收表示用户输入值的混淆的用户输入值，并且对这些用户输入值进行去模糊化，由此实际输入值不暴露给底层操作系统。安全模块可以通过计算设备跟踪用户输入/输出数据的流程，以确保该数据的完整性和真实性。

12. 发明授权

US09424421B2 Security engine for a secure operating environment 有权
标题翻译：安全引擎，用于安全的操作环境
公开(公告)号：US09424421B2
公开(公告)日：2016-08-23
申请号：US14269999
申请日：2014-05-05
申请人： Visa International Service Association
发明人： Selim Aissi , Taeho Kgil , Gyan Prakash
IPC分类号： G06F21/00 , G06F21/53 , G06F21/57 , G06F21/60
CPC分类号： G06F21/604 , G06F21/53 , G06F21/57 , G06F21/6218 , G06F2221/2113
摘要： The presenting invention relates to techniques for implementing a secure operating environment for the execution of applications on a computing devices (e.g., a mobile phone). In The secure operating environment may provide a trusted environment with dedicated computing resources to manage security and integrity of processing and data for the applications. The applications may be provided with a variety of security services and/or functions to meet different levels of security demanded by an application. The secure operating environment may include a security engine that enumerates and/or determines the security capabilities of the secure operating environment and the computing device, e.g., the hardware, the software, and/or the firmware of the computing device. The security engine may provide security services desired by applications by choosing from the security capabilities that are supported by the secure operating environment and the computing device.
摘要翻译：本发明涉及用于实现用于在计算设备（例如，移动电话）上执行应用的安全操作环境的技术。在安全的操作环境中，可以为受信任的环境提供专用的计算资源来管理应用程序的处理和数据的安全性和完整性。应用可以被提供有各种安全服务和/或功能以满足应用所要求的不同级别的安全性。安全操作环境可以包括枚举和/或确定安全操作环境和计算设备（例如计算设备的硬件，软件和/或固件）的安全能力的安全引擎。安全引擎可以通过从由安全操作环境和计算设备支持的安全功能中进行选择来提供应用所期望的安全服务。

13. 发明申请

US20150006390A1 USING STEGANOGRAPHY TO PERFORM PAYMENT TRANSACTIONS THROUGH INSECURE CHANNELS 审中-公开
标题翻译：使用STEGANOGRAPHY通过渠道进行付款交易
公开(公告)号：US20150006390A1
公开(公告)日：2015-01-01
申请号：US14312258
申请日：2014-06-23
申请人： Visa International Service Association
发明人： Selim Aissi , Taeho Kgil , Ajit Gaddam , Robert Rutherford
IPC分类号： G06Q20/40 , H04N19/80 , H04N19/46
摘要： Steganographic techniques are used to embed financial information or authentication information within an image, audio, or video file using a quantization table and/or other filter. The file is then transmitted over an insecure network, such as a GSM cell phone network, and a server extracts the information from the image, audio, or video using the same quantization table and/or filter. Multiple sets of information, such as telephone numbers and/or payment account numbers, are extracted from the same image by those entities possessing the appropriate keys. The filters and tables used to embed financial information can be updated periodically or according to events. A video of images, some with embedded information, some with ‘dummy’ data, can be used to hide information over insecure networks for payment transactions.
摘要翻译：隐写技术用于使用量化表和/或其他过滤器将财务信息或认证信息嵌入到图像，音频或视频文件中。该文件然后通过诸如GSM蜂窝电话网络的不安全网络传输，并且服务器使用相同的量化表和/或过滤器从图像，音频或视频中提取信息。通过拥有适当键的实体，从相同的图像中提取多组信息，如电话号码和/或支付帐号。用于嵌入财务信息的过滤器和表可以定期更新或根据事件更新。图像的视频，一些具有嵌入信息，一些具有“虚拟”数据的视频可以用于隐藏不安全网络上的用于支付交易的信息。

14. 发明授权

US09870477B2 Security engine for a secure operating environment 有权
公开(公告)号：US09870477B2
公开(公告)日：2018-01-16
申请号：US15220290
申请日：2016-07-26
申请人： VISA INTERNATIONAL SERVICE ASSOCIATION
发明人： Selim Aissi , Taeho Kgil , Gyan Prakash
IPC分类号： H04L29/00 , G06F21/60 , G06F21/53 , G06F21/57 , G06F21/62
CPC分类号： G06F21/604 , G06F21/53 , G06F21/57 , G06F21/6218 , G06F2221/2113
摘要： The presenting invention relates to techniques for implementing a secure operating environment for the execution of applications on a computing devices (e.g., a mobile phone). In The secure operating environment may provide a trusted environment with dedicated computing resources to manage security and integrity of processing and data for the applications. The applications may be provided with a variety of security services and/or functions to meet different levels of security demanded by an application. The secure operating environment may include a security engine that enumerates and/or determines the security capabilities of the secure operating environment and the computing device, e.g., the hardware, the software, and/or the firmware of the computing device. The security engine may provide security services desired by applications by choosing from the security capabilities that are supported by the secure operating environment and the computing device.

15. 发明授权

US09530009B2 Secure execution and update of application module code 有权
标题翻译：安全执行和更新应用程序模块代码
公开(公告)号：US09530009B2
公开(公告)日：2016-12-27
申请号：US14318070
申请日：2014-06-27
申请人： Visa International Service Association
发明人： Selim Aissi , Taeho Kgil , Gyan Prakash
IPC分类号： G06F7/04 , G06F17/30 , G06F21/60 , H04L9/08 , H04L29/06 , H04W12/04 , H04L9/32 , G06F7/58
CPC分类号： H04L63/0428 , G06F7/58 , G06F21/60 , G06F21/602 , H04L9/0866 , H04L9/0869 , H04L9/3278 , H04L63/08 , H04L63/123 , H04L2209/56 , H04W12/04
摘要： A dynamic root of trust can be injected in an application module on a client device using a backend server and can be continuously monitored to ensure authenticity, integrity and confidentiality at load time, run time and update time of the application module. The dynamic root of trust can be updated directly from the backend server and can be used to establish a time bound trust chain for the other software modules loaded and executed as part of the application module.
摘要翻译：信任的动态根源可以使用后端服务器注入到客户端设备上的应用程序模块中，并可以连续监视，以确保在加载时间，运行时间和应用程序模块的更新时间的真实性，完整性和机密性。可以直接从后端服务器更新信任的动态根，并且可以用于为作为应用程序模块的一部分加载和执行的其他软件模块建立时间限制的信任链。

16. 发明授权

US09386045B2 Device communication based on device trustworthiness 有权
标题翻译：基于设备可信赖的设备通信
公开(公告)号：US09386045B2
公开(公告)日：2016-07-05
申请号：US14134959
申请日：2013-12-19
申请人： Visa International Service Association
发明人： Taeho Kgil , Selim Aissi
IPC分类号： H04L29/06
CPC分类号： H04L63/205
摘要： Techniques for assessing the trustworthiness of a target device that a user device is attempting to communicate with are described. A user device may request one or more trustworthiness attributes of a target device before exchanging data with the target device. The user device may receive the one or more trustworthiness attributes of the target device, and determine, based on the received one or more trustworthiness attributes of the target device, a set of one or more security policies to enforce on a communication channel used for exchanging data between the user device and the target device. A communication channel between the user device and the target device can then be established according to the set of one or more security policies.
摘要翻译：描述用于评估用户设备尝试与之通信的目标设备的可信度的技术。在与目标设备交换数据之前，用户设备可以请求目标设备的一个或多个可信属性。用户设备可以接收目标设备的一个或多个可信任属性，并且基于所接收到的目标设备的一个或多个可信属性来确定要在用于交换的通信信道上强制执行的一个或多个安全策略的集合用户设备和目标设备之间的数据。然后可以根据一个或多个安全策略的集合来建立用户设备和目标设备之间的通信信道。

17. 发明授权

US09807066B2 Secure data transmission and verification with untrusted computing devices 有权
公开(公告)号：US09807066B2
公开(公告)日：2017-10-31
申请号：US15291926
申请日：2016-10-12
申请人： VISA INTERNATIONAL SERVICE ASSOCIATION
发明人： Selim Aissi , Taeho Kgil , Gyan Prakash
IPC分类号： G06F7/04 , G06F17/30 , H04N7/16 , H04L29/06 , H04L9/08 , G06F21/60 , H04W12/04 , H04L9/32 , G06F7/58
CPC分类号： H04L63/0428 , G06F7/58 , G06F21/60 , G06F21/602 , H04L9/0866 , H04L9/0869 , H04L9/3278 , H04L63/08 , H04L63/123 , H04L2209/56 , H04W12/04
摘要： Techniques from the proposed invention relate to providing enhanced security. For example, techniques described herein allow a computer system, such as a mobile device, to support a wide variety of security functions and security sensitive applications on a mobile device by providing enhanced security via secure input and output data transmission and verification through a secure module. The secure module may cause user interfaces to be provided to users by providing obfuscated user interface data to the operating system that do not reveal elements that are part of the user interfaces. The secure module may receive obfuscated user input values representing user input values, and de-obfuscate these user input values, whereby the actual input values are not exposed to the underlying operating system. The secure module may track the flow of user input/output data through the computing device to ensure the integrity and authenticity of this data.

18. 发明授权

US09769156B2 Image based key derivation function 有权
公开(公告)号：US09769156B2
公开(公告)日：2017-09-19
申请号：US15359554
申请日：2016-11-22
申请人： Visa International Service Association
发明人： Selim Aissi , Taeho Kgil , Ajit Gaddam
IPC分类号： G06F7/04 , H04L29/06 , G06F21/36 , G09C5/00 , H04L9/08
CPC分类号： H04L63/083 , G06F21/36 , G06F2221/2107 , G09C5/00 , H04L9/0861 , H04L63/0428 , H04L63/06 , H04L63/08 , H04L2463/061 , H04L2463/062
摘要： Embodiments of the invention relate to methods of generating and using an image-based derived key. In various embodiments, the image-based derived key may be used to facilitate user authentication and data encryption. For some embodiments, a method is disclosed comprising determining an image-based derived key, wherein the image-based derived key is generated from a selection of authentication images chosen by a user, encrypting data using the image-based derived key, and transmitting the encrypted data.

19. 发明授权

US09633098B2 System and method for maintaining device state coherency 有权
公开(公告)号：US09633098B2
公开(公告)日：2017-04-25
申请号：US14036938
申请日：2013-09-25
申请人： Visa International Service Association
发明人： Selim Aissi , Taeho Kgil
IPC分类号： G06F17/30
CPC分类号： G06F17/30578 , G06F11/1461 , G06F11/1464 , G06F17/30082 , G06F17/30117 , G06F17/30368 , G06F17/30575 , G06F21/602 , G06F21/6209 , G06F2201/80 , G06F2201/82 , G06Q20/3223 , G06Q20/36 , G06Q50/01
摘要： Embodiments of the invention are directed to systems and methods for maintaining coherency between different entities in a distributed system. A coherency module automatically detects a change in state in a first entity, wherein the change in state relates to a change in functional code in the first entity. A synchronization message is transmitted to a second entity to synchronize data in the second entity with data in the first entity as a result of the change in state. The second entity is configured to synchronize the data in the second entity with the data in the first entity after receiving the synchronization message.

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式