公开(公告)号：EP3304316A1

公开(公告)日：2018-04-11

申请号：EP16721600.1

申请日：2016-04-28

Applicant: Qualcomm Incorporated

Inventor： GUPTA, Rajarshi ,  PATNE, Satyajit Prabhakar ,  BOLLAPRAGADA, Suresh

IPC: G06F11/36

CPC classification number: G06N5/04 ,  G06F11/3604

Abstract: Systems, methods, and devices of the various aspects enable method of cross-module behavioral validation. A plurality of observer modules of a system may observe behavior or behaviors of a observed module of the system. Each of the observer modules may generate a behavior representation based on the behavior or behaviors of the observed module. Each observer module may apply the behavior representation to a behavior classifier model suitable for each observer module. The observer modules may aggregate classifications of behaviors of the observed module determined by each of the observer modules. The observer modules may determine, based on the aggregated classification, whether the observed module is behaving anomalously.

公开(公告)号：WO2016195860A1

公开(公告)日：2016-12-08

申请号：PCT/US2016/029710

申请日：2016-04-28

Applicant: QUALCOMM INCORPORATED

Inventor： GUPTA, Rajarshi ,  PATNE, Satyajit Prabhakar ,  BOLLAPRAGADA, Suresh

IPC: G06F11/36

CPC classification number: G06N5/04 ,  G06F11/3604

Abstract: Systems, methods, and devices of the various aspects enable method of cross-module behavioral validation. A plurality of observer modules of a system may observe behavior or behaviors of a observed module of the system. Each of the observer modules may generate a behavior representation based on the behavior or behaviors of the observed module. Each observer module may apply the behavior representation to a behavior classifier model suitable for each observer module. The observer modules may aggregate classifications of behaviors of the observed module determined by each of the observer modules. The observer modules may determine, based on the aggregated classification, whether the observed module is behaving anomalously.

Abstract translation: 各个方面的系统，方法和设备都支持跨模块行为验证的方法。 系统的多个观察者模块可以观察系统的观察模块的行为或行为。 每个观察者模块可以基于所观察模块的行为或行为来生成行为表示。 每个观察者模块可以将行为表示应用于适合于每个观察者模块的行为分类器模型。 观察者模块可以聚合由每个观察者模块确定的观察模块的行为的分类。 观察者模块可以基于聚合分类来确定观察到的模块是否是异常行为。

公开(公告)号：WO2015116410A1

公开(公告)日：2015-08-06

申请号：PCT/US2015/011838

申请日：2015-01-16

Applicant: QUALCOMM INCORPORATED

Inventor： MIRANDA, Maria L. ,  BASHIR, Qazi Y. ,  BOLLAPRAGADA, Suresh

IPC: G06F21/51 ,  G06F21/57 ,  G06F21/44

CPC classification number: G06F21/44 ,  G06F21/51 ,  G06F21/575

Abstract: Disclosed is an apparatus and method to authorize an application for use. A computing device may utilize an application and may include a secure memory and a processor. The processor may: create a unique digest for the application upon a first boot-up; store the unique digest in the secure memory; calculate an application digest for the application upon a subsequent boot-up; and if the calculated application digest matches the stored unique digest, authorize the application for use.

Abstract translation: 公开了授权应用使用的装置和方法。 计算设备可以利用应用并且可以包括安全存储器和处理器。 处理器可以：在首次启动时为应用程序创建唯一的摘要; 将独特的摘要存储在安全的内存中; 在随后启动时计算应用程序的应用程序摘要; 如果计算的应用程序摘要与存储的唯一摘要匹配，则授权应用程序使用。

公开(公告)号：WO2016160532A1

公开(公告)日：2016-10-06

申请号：PCT/US2016/024114

申请日：2016-03-24

Applicant: QUALCOMM INCORPORATED

Inventor： XIAO, Lu ,  BOLLAPRAGADA, Suresh

IPC: G06F21/64 ,  G06F21/78

CPC classification number: H04W12/10 ,  G06F21/64 ,  G06F21/78 ,  H04L9/0643 ,  H04L9/32

Abstract: Disclosed is a method for performing a message integrity check. In the method, a processor reads a message from a storage device. The message comprises a plurality of first level sections. The processor determines one or more second level sections from the plurality of first level sections. Each second level section comprises a fixed number of first level sections. A crypto engine calculates a hash value for each second level section to generate a respective calculated hash value, and a hash value for each first level section not included in a second level section to generate a respective calculated hash value. The processor compares each of the respective calculated hash values with a corresponding stored hash value. The processor provides an integrity check indication if each respective calculated hash value is equal to the corresponding stored hash value.

Abstract translation: 公开了一种执行消息完整性检查的方法。 在该方法中，处理器从存储设备读取消息。 消息包括多个第一级部分。 处理器从多个第一级部分确定一个或多个第二级部分。 每个第二级部分包括固定数量的第一级部分。 密码引擎计算每个第二级部分的散列值以产生相应的计算的散列值，以及不包括在第二级部分中的每个第一级部分的散列值，以生成相应的计算的散列值。 处理器将各个计算的散列值中的每一个与对应的存储的散列值进行比较。 如果每个相应的计算的散列值等于相应的所存储的散列值，则处理器提供完整性检查指示。

公开(公告)号：WO2016122999A1

公开(公告)日：2016-08-04

申请号：PCT/US2016/014674

申请日：2016-01-25

Applicant: QUALCOMM INCORPORATED

Inventor： MEHTA, Shital ,  BOLLAPRAGADA, Suresh ,  MANOHAR, Bollapragada V.J.

IPC: G06F21/57 ,  G06F21/64

CPC classification number: G06F11/0793 ,  G06F21/575 ,  G06F21/64 ,  G06F2221/2113

Abstract: Techniques for protecting the contents of a computing device are provided. The techniques include associating security level information with each of a plurality of content items to be protected, the security level information including an integrity check action and a resultant behavior to be performed for each respective content item. The security level information can be built into an image comprising the content items to be protected and the image can be installed on a computing device. The techniques include accessing security level information associated with a content item responsive to a request to perform an action on the content, performing the integrity check action associated with the content item, and performing the resultant behavior associated with the content item responsive to the integrity check action indicating that the action requested cannot be performed.

Abstract translation: 提供了用于保护计算设备的内容的技术。 这些技术包括将安全级别信息与要保护的多个内容项目中的每一个相关联，所述安全级别信息包括完整性检查动作和针对每个相应内容项目执行的结果行为。 安全级别信息可以被内置到包括要保护的内容项目并且图像可以安装在计算设备上的图像中。 这些技术包括响应于对内容执行动作的请求访问与内容项相关联的安全级别信息，执行与内容项相关联的完整性检查动作，以及响应于完整性检查执行与内容项相关联的结果行为 指示所请求的动作无法执行的动作。

公开(公告)号：EP3251045A1

公开(公告)日：2017-12-06

申请号：EP16704737.2

申请日：2016-01-25

Applicant: Qualcomm Incorporated

Inventor： MEHTA, Shital ,  BOLLAPRAGADA, Suresh ,  MANOHAR, Bollapragada V.J.

IPC: G06F21/57 ,  G06F21/64

CPC classification number: G06F11/0793 ,  G06F21/575 ,  G06F21/64 ,  G06F2221/2113

Abstract: Techniques for protecting the contents of a computing device are provided. The techniques include associating security level information with each of a plurality of content items to be protected, the security level information including an integrity check action and a resultant behavior to be performed for each respective content item. The security level information can be built into an image comprising the content items to be protected and the image can be installed on a computing device. The techniques include accessing security level information associated with a content item responsive to a request to perform an action on the content, performing the integrity check action associated with the content item, and performing the resultant behavior associated with the content item responsive to the integrity check action indicating that the action requested cannot be performed.

公开(公告)号：EP3278264A1

公开(公告)日：2018-02-07

申请号：EP16714709.9

申请日：2016-03-24

Applicant: Qualcomm Incorporated

Inventor： XIAO, Lu ,  BOLLAPRAGADA, Suresh

IPC: G06F21/64 ,  G06F21/78

CPC classification number: H04W12/10 ,  G06F21/64 ,  G06F21/78 ,  H04L9/0643 ,  H04L9/32

Abstract: Disclosed is a method for performing a message integrity check. In the method, a processor reads a message from a storage device. The message comprises a plurality of first level sections. The processor determines one or more second level sections from the plurality of first level sections. Each second level section comprises a fixed number of first level sections. A crypto engine calculates a hash value for each second level section to generate a respective calculated hash value, and a hash value for each first level section not included in a second level section to generate a respective calculated hash value. The processor compares each of the respective calculated hash values with a corresponding stored hash value. The processor provides an integrity check indication if each respective calculated hash value is equal to the corresponding stored hash value.

公开(公告)号：EP3100199A1

公开(公告)日：2016-12-07

申请号：EP15702903.4

申请日：2015-01-16

Applicant: Qualcomm Incorporated

Inventor： MIRANDA, Maria L. ,  BASHIR, Qazi Y. ,  BOLLAPRAGADA, Suresh

IPC: G06F21/51 ,  G06F21/57 ,  G06F21/44

CPC classification number: G06F21/44 ,  G06F21/51 ,  G06F21/575

Abstract: Disclosed is an apparatus and method to authorize an application for use. A computing device may utilize an application and may include a secure memory and a processor. The processor may: create a unique digest for the application upon a first boot-up; store the unique digest in the secure memory; calculate an application digest for the application upon a subsequent boot-up; and if the calculated application digest matches the stored unique digest, authorize the application for use.