39 results about "Secure copy" patented technology

A mechanism is provided in which a secure chip for performing cryptographic and / or other functions is able to securely access a separate random access memory externally disposed with respect to a secure chip boundary. Addressing of the external memory is controlled so as to define certain regions therein which receive and store only encrypted information from the chip. Other regions of the external memory are set aside for the receipt and storage of unencrypted information. Access to the external memory is provided through a controlled interface which communicates with internal chip hardware which operates to control the flow of communication between various internal components such as cryptographic engines, data processors, internal memory of both the volatile and the nonvolatile variety and an external interface which provides the only other access to the chip. The internal chip hardware with which the external memory interface communicates is implemented as a combined ASIC and programmable hardware circuit, wherein the programmable hardware circuit is also securely configurable.

A user's possession of synchronized data is used as an authentication factor. When the user requests an authentication configuration change, an authentication server requests the user to prove possession of synchronized data for that user. The user launches an authentication module on a client device hosting a local copy of the synchronized data. The authentication module creates a hash of the local copy and transmits the hash to the authorization server. Upon successfully verifying the received hash using a server copy of the synchronized data, the authentication server considers the user authorized and thus allows the user to make the authorization configuration change.

Protocol is provided for safe transfer of files from between nodes of a communication system. The protocol includes a handshake operation between a source (local or initiating) node sending one or more files and a remote (responding) node receiving the files to ensure that control of the file remains with the source node until the file is successfully transferred. The protocol is provided by a file transfer manager that controls the transfer process through a series of file moves that include moving the file into a directory associated with the file transfer manager, from which the file is sent and moving the file out of that directory after the remote node acknowledges a safe copy operation of the file. Files are maintained in the sending directory and under control of the source node at least for a configurable amount of time until the file is safely transferred. Files can be retrieved by the remote node after they have been transmitted for a configurable amount of time, after which they will be deleted from the local node.

An apparatus providing for a secure execution environment including a microprocessor and a secure non-volatile memory. The microprocessor is configured to execute non-secure application programs and a secure application program, where the non-secure application programs are accessed from a system memory via a system bus. The microprocessor has secure execution mode logic that is configured to detect execution of a secure execution mode return event, and that is configured to terminate a secure execution mode within the microprocessor, where the secure execution mode exclusively supports execution of the secure application program. The secure non-volatile memory is coupled to the microprocessor via a private bus and is configured to store the secure application program prior to termination of the secure execution mode, where transactions over the private bus between the microprocessor and the secure non-volatile memory are isolated from the system bus and corresponding system bus resources within the microprocessor.

A security copy method of an image forming apparatus includes generating scan data by scanning a document including predetermined additional information, determining whether to security-print the document by using the additional information of the generated scan data, determining whether the scan data include color information corresponding to the security area, and printing the scan data excluding a security area corresponding to the color information from the scan data according to the determination result. With this, the image forming apparatus minimizes the amount of the security information included in a bar code or mark and enables a simple print process.

A method and apparatus for using security agents to perform security-related functions in an agent community is described. More particularly, security agents are used to monitor and police an agent community for abnormal actions of agents within an agent community and to detect and police non-approved agents within the community. The security agents include a configuration, a distribution, a secure copy, and a patrol agent.

A system and method is disclosed for recovering a boot image from a secure location. Hardware instructions initiate a sequence of boot cycles to launch a computer operating system on a computer-enabled device. During the boot cycles, multiple levels of boot code are verified and a determination is made whether each level is usable by the device. If a level of boot code is determined to be unusable, a secure copy of the boot code is loaded from a secure read-only location to repair the unusable code to launch the computer operating system.

An electronic device comprising a semiconductor chip which comprises a plurality of structures formed in the semiconductor chip, wherein the semiconductor chip is a member of a set of semiconductor chips, the set of semiconductor chips comprises a plurality of subsets of semiconductor chips, and the semiconductor chip is a member of only one of the subsets. The plurality of structures of the semiconductor chip includes a set of common structures which is the same for all of the semiconductor chips of the set, and a set of non-common structures, wherein the non-common structures of the semiconductor chip of the subset is different from a non-common circuit of the semiconductor chips in every other subset. At least a first portion of the non-common structures and a first portion of the common structures form a first non-common circuit, wherein the first non-common circuit of the semiconductor chips of each subset is different from a non-common circuit of the semiconductor chips in every other subset. At least a second portion of the non-common structures is adapted to store or generate a first predetermined value which uniquely identifies the first non-common circuit, wherein the first predetermined value is readable from outside the semiconductor chip by automated reading means.

An embodiment of the present invention provides a mobile terminal. The mobile terminal is configured with a processor and a secure chip. The processor is provided with a virtual secure kernel and a virtual non-secure kernel; a secure domain is run in the secure kernel, a non-secure domain is run in the non-secure kernel, and the secure domain is accessed to the secure chip; and a first fingerprint template fragment is stored in the secure domain, a second fingerprint template fragment is stored in the secure chip, and the first fingerprint template segment and the second fingerprint template segment belong to the same fingerprint template data. According to the mobile terminal disclosed by the embodiment of the present invention, the deep security architecture of the non-secure domain, the secure domain, and the secure chip is constructed in the mobile terminal, if the hacker wants to crack the mobile terminal and obtains the fingerprint template data, the secure domain and the secure chip need to be cracked at the same time, and the security level of the secure chip can reach the EAL5+ security level, so that the program crack and physical attacks can be effectively resisted; and the self-destruction mechanism can be configured, so that the crack behavior by the hacker can be effectively prevented.

Systems and methods for encrypting an unencrypted data set within a file are provided. The disclosed systems and methods can be configured to create a ciphertext object within the existing data structures of a native file format. The systems and methods enable the secure copying data between multiple applications while displaying a revealed form of the data to a user.

A portable authentication system includes a security module, that may be a smart card, SIM (Subscriber Identity Module), USB controller with a secure chip, or similar module capable of storing one or more credentials, and an interface module such as a digital badge holder that is able to communicate with the security module, for instance by providing a smart card communication interface. The portable authentication system may be either a single integrated system or a dual system where the security module can be removed or disconnected from the interface system.

A method and system of controlling access to a programmable memory including: allowing code to be written to the programmable memory in a first access mode; preventing execution of the code stored in the programmable memory in the first access mode; verifying the integrity of the code stored in the programmable memory; if the integrity of the code stored in the programmable memory is verified, setting a second access mode, wherein in the second access mode, further code is prevented from being written to the programmable memory, and execution of the code stored in the programmable memory is allowed.

The invention provides a secure chip key issuing system and a secure chip key issuing method. The system comprises a chip key issuer, a chip key issuing mainframe, a key management server and a cipher machine. A certain improvement is made to the chip key issuer and the cipher machine, namely, in the chip key issuer, a chip key reading-writing mechanism is directly fixed on the chip key issuer, and a chip fixing device is embedded in the chip reading-writing mechanism to enable the chip fixing device to be directly in physical connection with a pin of an issued chip so as to effectively prevent information monitoring and key interception of the chip key issuer from the outside. In the system and the method, a secure chip and the cipher machine of the chip key issuer are supportive of the symmetric encryption technology and the asymmetric encryption technology and have a data encryption and decryption operation function, an SSL (safety session link) is established between the chip key issuer and a server cipher machine by performing session key negotiation through the symmetric encryption technology and the asymmetric encryption technology, and safety of a chip key issuing system is effectively improved.

Secure transfer of mobile application content is disclosed. A state-related event associated with a managed application in a managed set of applications may be detected. It may be determined that content from the managed application is stored at a public storage location on a mobile device. At least a portion of the content may be transferred to a secure storage location accessible to the managed set.

An apparatus including a microprocessor and a secure non-volatile memory. The microprocessor executes non-secure application programs and a secure application program. The microprocessor has secure execution mode initialization logic and an authorized public key. The secure execution mode initialization logic provides for initialization of a secure execution mode within the microprocessor. The secure execution mode initialization logic employs an asymmetric key algorithm to decrypt an enable parameter directing entry into the secure execution mode. The authorized public key is used to decrypt the enable parameter, the enable parameter having been encrypted according to the asymmetric key algorithm using an authorized private key that corresponds to the authorized public key. The secure non-volatile memory stores the secure application program, where transactions over the private bus between the microprocessor and the secure non-volatile memory are isolated from the system bus and corresponding system bus resources within the microprocessor.

In order to allow a display of the latest transactions, a smart card 100c for secure transactions comprises at least one secure chip 101c, for example of the EMV type, with at least one communication interface to communicate with a card reader in order to carry out a transaction, an electronic display 103, an independent battery 104, a card reader circuit 150c connected to a communication interface of the secure chip in order to access the information contained in the secure chip to be able to display it on the display.

The present invention relates to a secure channel indication lamp operation state certification mechanism. The mechanism comprises: a secure channel indication lamp arranged above a secure channel ofa stage and configured to display a secure icon corresponding to the secure channel by employing a green background to indicate the position of the secure channel to audiences; a control switch connected with the secure channel indication lamp and arranged above the secure channel of the stage and configured to control the on or off of the secure channel indication lamp; a scene video mechanism configured to perform video operation facing the secure channel of the stage to obtain and output a corresponding secure channel entrance image; and a brightness extraction device connected with the scene video mechanism and configured to emit scene transfer signals when the difference of the whole brightness value of the secure channel entrance image and the whole brightness value of the standard scene image exceeds a preset brightness difference threshold value. The efficiency of stage device certification is improved.

A method of verifying the integrity of code in a programmable memory, the method including: receiving the code from an insecure memory; generating error detection bits for the code as it is received from the insecure memory; storing the code and the error detection bits in the programmable memory; and verifying the integrity of the code stored in the programmable memory by performing an authentication check on the code and the error detection bits stored in the programmable memory.

The invention discloses a secure card communication method based on a credible environment. The method is applied to a mobile terminal with a secure chip and a secure communication element, and comprises the steps as follows: in response to wireless communication information sent by a physical card, the secure chip encrypts the received wireless communication information; the encrypted wireless communication information is sent to the secure communication element; and the secure communication element forwards the wireless communication information to a public application. The secure card communication method based on the credible environment provided by the invention is applied to the field of secure accesses.

The embodiment of the invention discloses a data processing method for the USB equipment. The USB equipment is connected with an upper computer through a USB interface and comprises a main control chip and a plurality of security chips. The method comprises the following steps: after receiving an instruction from the upper computer, the main control chip determines one of the security chips to be a secure chip for executing the instruction and transmits the instruction to the security chip executing the instruction; and after receiving the instruction, the security chip used for executing the instruction executes the instruction. The concurrent operation is implemented through the plurality of security chips, the arithmetic speed of a cryptographic algorithm is increased, and meanwhile, the additional problems of high cost or high calorific value are also avoided.

The invention relates to the technical field of digital content safety protection, in particular to a quickly generating method of a user copy based on a video GOP (Group of Picture), which is based on a cascade fingerprint code technology. The user-copy generating process comprises the following steps of: generating female copy video source files according to an internal code sequence of a fingerprint code; according to an external code of a user, sequentially extracting corresponding image block groups from the corresponding female copy video source files; and generating an only user copy by combining and splitting the GOP image block groups. The invention reduces time for generating a user video copy to time for copying a video resource from time for coding a video resource, can quickly generate large numbers of video copies in short time and is suitable for a real-time on-line publication system of audio-video works which face to large-scale users. The provided algorithm of the invention has good universality and good practicability and can be suitable for common video coding standards, such as H.264, MPEG(Motion Picture Experts Group)-2, MPEG-4, AVS (Advanced Visual System), and the like.

A body of a memory card reader, which has an overall rectangular parallelepiped shape including a slot for inserting a memory card. The reader body includes, on a rear surface thereof, a recess for receiving a memory card connector, the receiving recess being of a predetermined volume shape and including at least one conductive track.

A system and method of secure copy and / or playback control of a usage protected frame-based work is disclosed. The method includes accessing serial copy management system information for the usage protected frame-based work. In addition, the method validates the serial copy management system information. Copy management information of the usage protected frame-based work is also accessed. In so doing, the copy management information is utilized to determine if a secure copy / playback application is authorized to generate a copy of the usage protected frame-based work. Thus the copy management information acts as a technological measure which "effectively controls access to a work" by requiring the application of information, with the authority of the copyright owner, to gain access to the work.

The invention discloses a secure chip. The secure chip comprises a processor, a programmable circuit module and a nonvolatile memory. The programmable circuit module and the nonvolatile memory are connected with the processor through a bus, the programmable circuit module is used for realizing a hardware safety circuit of the secure chip according to a preset configuration file, and the nonvolatile memory is used for storing the preset configuration file. The secure chip is high in safety, and the personable safety circuit of a customer is convenient to update.