公开(公告)号：MY188014A

公开(公告)日：2021-11-09

申请号：MYPI2014001413

申请日：2014-05-15

Applicant: MIMOS BERHAD

Inventor： RAJA MOHAMAD FAIRUZ R MOHAMAD YUSOFF ,  NORAZAH ABD AZIZ

IPC: G01C21/34 ,  G08G1/01 ,  G08G1/0968

Abstract: A system (10) and method (20) for extracting route and traffic density employ analysis of Geographical Information, GI to define route and traffic density. The present invention comprising a geolocation recorder module (101) adapted to gather traffic information from at least one source; an analysis server (110) adapted to receive the traffic information and process the information to provide route density information; a display module (106) adapted to display the route density information; and a decision maker module (107) to facilitate route planning. The analysis server preferably comprises a map extractor module, a route Extract, Transform, Load, ETL module, a route frequency module, a route colour conversion module and at least one relational database. The approach of the present invention involves producing valuable density and quality Geographical Information, GI data to simulate route planning by extracting route and traffic density, for example for urban safety research and planning.

公开(公告)号：MY193599A

公开(公告)日：2022-10-19

申请号：MYPI2017000336

申请日：2017-03-03

Applicant: MIMOS BERHAD

Inventor： GAI CHEW KAI ,  NORAZAH ABD AZIZ

IPC: H04L9/00

Abstract: The present invention relates to a system and method to build application communication protocol. In particular, the invention relates to an application communication protocol named as Application Layer Encryption Engine (ALEE) implemented in the network to solve data loss in a huge data size and providing manageable security mechanism. The present invention comprising a network protocol stack (202); at least one transmitting device (204) connected to the network (202); at least one receiving device (206) connected to the multi-layered network; and a plurality of data packets at each end of the transmitting device and the receiving device. The network protocol stack (202) is a generic data packet comprises an Application Layer Encryption Engine (ALEE) at each data packet. The ALEE protocol of the present invention comprising fragment which includes start of text fragments; header elements fragments; data fragments; block check character checksum fragments; and end of text fragments. (FIG. 2.0)

公开(公告)号：MY179122A

公开(公告)日：2020-10-28

申请号：MYPI2015701445

申请日：2015-05-07

Applicant: MIMOS BERHAD

Inventor： RAJA MOHAMAD FAIRUL R MOHAMAD YUSOFF ,  NORAZAH ABD AZIZ

IPC: G06F15/00

Abstract: The present invention relates to an improved system and method for monitoring usage of an electronic document. The present invention preferably tracks the usage history of the electronic document after the document has been finalized by collecting real-time document information while preserving its confidentiality and originality and being independent of network or Internet connection. The system comprises an activity monitoring agent (100) that continuously runs in kernel mode configured for detecting changes in location of the electronic document, a programmable document injector agent (101) configured for embedding a tracking code in the electronic document once finalized to collect real-time document information thereof and a server (102) configured for retrieving the real-time document information from the electronic document through a secured channel, for storing and displaying. Figure 1

公开(公告)号：MY177609A

公开(公告)日：2020-09-22

申请号：MYPI2013004370

申请日：2013-12-04

Applicant: MIMOS BERHAD

Inventor： AAKULA BHAGYALAXMI ,  NORAZAH ABD AZIZ

Abstract: The system (100) of the present invention to secure Virtual Machine images in cloud computing comprising at least one hypervisor with Integrity Measurement Architecture (IMA) (122) embedded with at least one Trusted Platform Module (TPM) Key Manager (TkM) module (150) associated with at least one Trusted Platform Module (160); at least one Cloud Manager (CM) module (120) configured with serial communication function; at least one trusted storage server (170) storing modified Virtual Machine images with sealed key indexed by Virtual Machine Universally Unique Identifier (UUID); and at least one Serial Guest Control interface (130) embedded in kernel module configured with serial communication function and interface to said Cloud Manager (CM) module (120). The general methodology of the present invention comprises steps of configuring a server with at least one Cloud Manager (CM) module and at least one Trusted Platform Module (TPM) Key Manager (TkM) module (150) associated with at least one Trusted Platform Module (160) by creating new Virtual Machines in the cloud (202); generating Trusted Platform Module (TPM) Key for Virtual Machine (206); installing and compiling Virtual Machines with new module containing encrypted static object of kernel module with said symmetric key (208); sealing said symmetric key of the Virtual Machine associated with Trusted Platform Module (TPM) with Virtual Machine Universally Unique Identifier (UUID) (210, 212); storing said sealed key and modified Virtual Machine images indexed with Virtual Machine Universally Unique Identifier (UUID) into a trusted storage server (214); and accessing said Virtual Machines by decrypting said static object of kernel module using stored unseal symmetric key during booting process (216). The distinctiveness lies in the utilization of embedded new module comprising static object encryption module and built-in serial communication in the kernel of Virtual Machine (VM) images to provide a system and method to protect Virtual Machine (VM) images from running in different cloud providers.

公开(公告)号：MY162207A

公开(公告)日：2017-05-31

申请号：MYPI2011004163

申请日：2011-09-06

Applicant: MIMOS BERHAD

Inventor： MOHD ANUAR MAT ISA ,  KILAUSURIA ABDULLAH ,  AZHAR ABU TALIB ,  MOHD AZUDDIN PARMAN ,  NORAZAH ABD AZIZ

IPC: G06F21/00

Abstract: THE PRESENT INVENTION PROVIDES A SYSTEM AND METHOD FOR ESTABLISHING A TRUSTED BOOT LOADER USING A SELF-SUBSTANTIATED BOOT LOADER IN A COMPUTING PLATFORM. THE SYSTEM AND METHOD CAPTURES ALL PLATFORM EVIDENCES FROM A CLIENT MACHINE (101) AND A SERVER MACHINE (102), PERFORMS MEASUREMENT ON THE INTERGRITY OF THE PLATFORM EVIDENCES AND PLATFORM CONFIGURATIONS TO THE SERVER MACHINE (102) FOR VALIDATION. THEREAFTER, THE PLATFORM EVIDENCES ARE UPDATED IN THE CLIENT MACHINE (101) BY DOWNLOADING A PLURALITY OF INSTRUCTIONS FROM THE SERVE MACHINE (102). THE SYSTEM AND METHOD THEN EXECUTES THE SERVER MACHINE'S INSTRUCTION FOR A NEXT STAGE BOOTING IN THE CLIENT MACHINE'S PLATFORM. A MINIMAL REAL-TIME OPERATING SYSTEM (RTOS) THEN LOADS AND EXECUTES A TRUSTED BOOT FILES AND KERNEL MODULES.

公开(公告)号：MY166563A

公开(公告)日：2018-07-16

申请号：MYPI2012003999

申请日：2012-09-07

Applicant: MIMOS BERHAD

Inventor： NORAZAH ABD AZIZ ,  AAKULA BHAGYALAXMI ,  KILAUSURIA ABDULLAH

IPC: G06F21/57 ,  H04L9/30

Abstract: MUTUAL TRUSTED AUTHENTICATION AND IDENTITY ENCRYPTION IS PROVIDED BY UTILIZING TRANSPORT LAYER SECURITY EXTENSION WITH PROPERTIES BASED ATTESTATION MECHANISM. THE SYSTEM OF THE PRESENT INVENTION COMPRISING A SERVER PLATFORM (104) INSTALLED WITH AN INTEGRITY MEASUREMENT ARCHITECTURE (IMA) MODULE (104B); A TRUSTED AUTHORITY MODULE (TA) (104D) ASSOCIATED WITH A SERVER PLATFORM)104); AN INTEGRITY PROPERTIES COLLECTION MODULE (IPCM) (104E) IN COMMUNICATION WITH THE TRUSTED AUTHORITY MODULE (TA) (104D); A CLIENT PLATFORM (102) THAT IS IN COMMUNICATION WITH AND REGISTRABLE TO THE SERVER PLATFORM (104); A TRANSPORT LAYER SECURITY EXTENSION MODULE (TLS EXTENSION MODULE) (104A, 102C) ASSOCIATED WITH THE SERVER PLATFORM (104) AND THE CLIENT PLATFORM (102); AND A TRUSTED PLATFORM MODULE (TPM) (102B, 104C) ASSOCIATED WITH THE SERVER PLATFORM (104) AND SAID CLIENT PLATFORM (102). THE GENERAL PROCESS OF THE PRESENT INVENTION COMPRISES THREE MAIN COMPONENTS, WHEREIN THE FIRST STAGE (402) ESTABLISHES THE SECURITY AND INTEGRITY OF THE SERVER PLATFORM. AFTER THE ESTABLISHMENT OF PROCESS (402), THE NEXT STEP IS TO ESTABLISH IDENTITY ENCRYPTION IN THE SSL/TLS EXTENSION AND ESTABLISH PROPERTY-BASED ATTESTATION INTEGRATED WITH THE TRUSTED AUTHORITY (TA) IN THE SERVER PLATFORM (404). UPON COMPLETION OF THE PROCESSES OF ESTABLISHMENT, COMMUNICATION IS PERFORMED WITH SECURE DATA TRANSMISSION USING MUTUAL TRUSTED IDENTITY ENCRYPTION BETWEEN CLIENT AND SERVER (406) WHEREIN A HANDSHAKE PROTOCOL IS ESTABLISHED TO PRIORITISE EXCHANGE OF THE CERTIFICATES AND KEYS TO ENSURE THE AUTHENTICATION AND ENCRYPTION OF DATA (704). THE MOST ILLUSTRATIVE DRAWING IS

公开(公告)号：MY164422A

公开(公告)日：2017-12-15

申请号：MYPI2012701184

申请日：2012-12-14

Applicant: MIMOS BERHAD

Inventor： RAJA MOHAMAD FAIRUZ R MOHAMAD YUSOFF ,  MOHD AZUDDIN PARMAN ,  NORAZAH ABD AZIZ ,  AZHAR ABU TALIB

IPC: H04N21/2347 ,  H04N5/913 ,  H04N9/804 ,  H04N21/4405 ,  H04N21/4627

Abstract: THE PRESENT INVENTION DISCLOSES A METHOD FOR RESTRICTING ACCESS INCLUDING PARTIAL ENCRYPTING A MEDIA CONTENT, A METHOD FOR TRANSFORMING OR MODIFYING ATTRIBUTE DATA (13) AND A METHOD FOR DE-RESTRICTING ACCESS INCLUDING PARTIAL DECRYPTING THE MEDIA CONTENT. THE METHOD FOR ENCRYPTING MEDIA CONTENT ACCORDING TO THE PRESENT INVENTION COMPRISES THE STEPS OF REPLACING AND ENCRYPTING AN ATTRIBUTE DATA (13) AND REPLACING IT WITH A MODIFIED ATTRIBUTE DATA (27). IN ANOTHER EMBODIMENT OF THE PRESENT INVENTION, THE METHOD FOR DECRYPTING THE MEDIA CONTENT COMPRISES THE STEPS OF REPLACING THE MODIFIED ATTRIBUTE DATA (27) WITH THE DECRYPTED ATTRIBUTE DATA (45) AND LOADING THE FULL MEDIA CONTENT IF THE PASSWORD (23) KEYED IN BY THE USER IS CORRECT AND THE LIMITATION PARAMETER (21) IS STILL WITHIN ALLOWABLE RANGE, WHEREAS IF THE PASSWORD (23) IS NOT CORRECT OR THE LIMITATION PARAMETER (21) IS NOT WITHIN THE ALLOWABLE RANGE, THE MEDIA CONTENT WILL NOT BE DISPLAYED IN FULL. A FURTHER EMBODIMENT OF THE PRESENT INVENTION DESCRIBES A METHOD WHICH INVOLVES MODIFYING THE ATTRIBUTE DATA (13) ACCORDING TO A SELECTED MODIFICATION TYPE. MOST ILLUSTRATIVE