A peripheral sharing device for supporting secure copy-paste operations between hosts comprising: a plurality of copy-emulators and a plurality of paste emulators, configured cach to be connected to a copy-paste driver, wherein cach copy-paste driver is running on one of a plurality of hosts that are connected to the peripheral sharing device, and the copy-paste driver is configured to fetch or store clipboard objects from the clipboard of the corresponding host, a security bridge that is configured to securely pass clipboard objects between pairs of copy emulator and paste emulator. The security bridge performs security operations, such as, enforce unidirectional data transfer of the clipboard object, monitor the clipboard object and enable or disable the copy-paste operation according to a set of security rules; enable or disable the copy-paste operation according to security policy, analyze clipboard object traffic to detect cybersecurity events, locking suspicious peripheral sharing devices, and preventing clipboard object transfer between pairs of copy-paste controllers according to security rules. The copy emulator receives the clipboard object from the copy-paste driver of a first host, transfer the clipboard object to the security bridge and conditioned upon passing the security conditions the security bridge transfer the clipboard object to the paste emulator that further pass the clipboard object to a second computer's copy-paste driver.
A computing system, a secure peripheral sharing device, a remote console subsystem and a method for operating a remote console over a secure peripheral sharing device is disclosed. The computing system comprising a plurality of hosts; a console comprising at least a keyboard, a mouse and a display; a secure peripheral sharing device; and a remote console subsystem comprising at least another keyboard, another mouse and another display. The secure peripheral sharing device is configured to be connected to the console and the plurality of hosts, the peripheral sharing device is configured to be coupled to the remote console subsystem that is located away from the peripheral sharing device, and the secure peripheral sharing device is configured to connect or couple between either the console or the remote console subsystem and an active host of the plurality of hosts. The peripheral sharing device is configured to switch any one of the plurality of hosts to become the active host. The method receiving requests for open new remote console sessions and upon such request open a remote console session in both the side of the secure peripheral sharing device and the remote console subsystem, and as long as the remote session is active the method performs continuously: receiving video stream from the active host and transferring the video stream to the second display; receiving a keyboard and mouse data from the second keyboard and the second mouse and transferring the keyboard and mouse data to the active host; and upon receiving active host switching commands from a user, switching the active host. The method is receiving requests for close remote console sessions and upon such request close the remote console session and resume working of active host with the console.
A computing system, a secure peripheral sharing device, a remote console subsystem and a method for operating a remote console over a secure peripheral sharing device is disclosed. The computing system comprising a plurality of hosts; a console comprising at least a keyboard, a mouse and a display; a secure peripheral sharing device; and a remote console subsystem comprising at least another keyboard, another mouse and another display. The secure peripheral sharing device is configured to be connected to the console and the plurality of hosts, the peripheral sharing device is configured to be coupled to the remote console subsystem that is located away from the peripheral sharing device, and the secure peripheral sharing device is configured to connect or couple between either the console or the remote console subsystem and an active host of the plurality of hosts.
G06F 3/02 - Dispositions d'entrée utilisant des interrupteurs actionnés manuellement, p. ex. des claviers ou des cadrans
G06F 13/10 - Commande par programme pour dispositifs périphériques
G06F 21/83 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs de saisie de données, p. ex. claviers, souris ou commandes desdits claviers ou souris
A modular keyboard video and mouse (KVM) switching system comprises a core KVM switch module, one or more console peripheral interface modules (CPIM) and one or more host computer interface modules (HIM). The CPIM interfaces console peripheral devices to the core KVM switch module and the HIM interfaces host computer to the core KVM switch module Changing of console peripheral devices or host computer involves adapting a corresponding CPIM or HIM without changing the core KVM switch module.
A method, security agents, devices and medium for securing devices using combined power data (CPD) protocols that support power delivery side channels. The method/devices/medium comprise one or more security agents that perform at least one of or any combination of: monitoring the signaling and power on the power delivery pins; analyzing the power delivery protocol traffic to detect cyber-security events; detecting malicious activity on the power delivery protocol; filtering or blocking specific type of packets or messages with specific data payload; enforcing unidirectional data flow on the power delivery protocol; logging, auditing and archiving events on the power delivery protocol; locking or disconnecting suspicious devices; preventing activation of some power delivery modes; disabling firmware updates through power delivery protocol; enabling firmware updates through power delivery protocol only in the presence or with a confirmation of a setup device; and allowing passage of only specific type of packets or messages with specific data payloads.
G06F 21/00 - Dispositions de sécurité pour protéger les calculateurs, leurs composants, les programmes ou les données contre une activité non autorisée
G06F 11/00 - Détection d'erreursCorrection d'erreursContrôle de fonctionnement
G06F 12/14 - Protection contre l'utilisation non autorisée de mémoire
G06F 21/34 - Authentification de l’utilisateur impliquant l’utilisation de dispositifs externes supplémentaires, p. ex. clés électroniques ou cartes à puce intelligentes
6.
SYSTEM AND METHOD FOR SECURE COPY-AND-PASTE OPERTIONS BETWEEN HOSTS THROUGH A PERIPHERAL SHARING DEVICE
A peripheral sharing device for supporting secure copy-paste operations between hosts comprising: a plurality of copy-emulators and a plurality of paste emulators, configured each to be connected to a copy-paste driver, wherein each copy-paste driver is running on one of a plurality of hosts that are connected to the peripheral sharing device, and the copy-paste driver is configured to fetch or store clipboard objects from the clipboard of the corresponding host, a security bridge that is configured to securely pass clipboard objects between pairs of copy emulator and paste emulator. The security bridge performs security operations, such as, enforce unidirectional data transfer of the clipboard object, monitor the clipboard object and enable or disable the copy- paste operation according to a set of security rules; enable or disable the copy-paste operation according to security policy, analyze clipboard object traffic to detect cybersecurity events, locking suspicious peripheral sharing devices, and preventing clipboard object transfer between pairs of copy-paste controllers according to security rules. The copy emulator receives the clipboard object from the copy-paste driver of a first host, transfer the clipboard object to the security bridge and conditioned upon passing the security conditions the security bridge transfer the clipboard object to the paste emulator that further pass the clipboard object to a second computer's copy-paste driver.
G06F 21/57 - Certification ou préservation de plates-formes informatiques fiables, p. ex. démarrages ou arrêts sécurisés, suivis de version, contrôles de logiciel système, mises à jour sécurisées ou évaluation de vulnérabilité
G06F 21/00 - Dispositions de sécurité pour protéger les calculateurs, leurs composants, les programmes ou les données contre une activité non autorisée
7.
Enhanced security apparatus for mediation between console peripheral devices and hosts
A secure mediator for coupling between one or more hosts and one or more consoles comprising one or more peripheral devices. the secure mediator comprises host side ports, each host side port is configured to be connected to a corresponding host, and console side ports, each console side port is configured to be connected to a corresponding peripheral device. The secure mediator comprises: a triggering circuitry; a timing/control circuitry; a setup circuitry; a switching circuitry; and the rest of the mediator circuitries, wherein the triggering circuitry, timing/control circuitry, setup circuitry, and switching circuitry are non-programable circuitries. The mediator has at least two stages: a security setup stage and a normal operation stage. The triggering circuitry is configured to monitor events and to signal these events to the timing/control circuitry in order to trigger a transfer between the security setup stage and the normal operation stage. The timing/control circuitry controls the execution of the security setup stage and transfers the mediator between the security setup stage and the normal operation stage. The setup circuitry performs one or more security functions in the security setup stage to enhance the cyber security of mediator. The switching circuitry, conditioned upon control from the timing/control circuitry, switches between the coupling of: (1) at least one of the host side ports with at least two of any one of (a) the setup circuitry; (b) the rest of the mediator circuitries; (c) one of the console side ports; (d) a null port, and (2) at least one of the console side ports with at least two of any one of (a) the setup circuitry; (b) the rest of the mediator circuitries; (c) one of the host side ports; (d) a null port.
G06F 21/57 - Certification ou préservation de plates-formes informatiques fiables, p. ex. démarrages ou arrêts sécurisés, suivis de version, contrôles de logiciel système, mises à jour sécurisées ou évaluation de vulnérabilité
G06F 21/76 - Protection de composants spécifiques internes ou périphériques, où la protection d'un composant mène à la protection de tout le calculateur pour assurer la sécurité du calcul ou du traitement de l’information dans les circuits intégrés à application spécifique [ASIC] ou les dispositifs programmables, p. ex. les réseaux de portes programmables [FPGA] ou les circuits logiques programmables [PLD]
G06F 21/85 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’interconnexion, p. ex. les dispositifs connectés à un bus ou les dispositifs en ligne
G06F 21/74 - Protection de composants spécifiques internes ou périphériques, où la protection d'un composant mène à la protection de tout le calculateur pour assurer la sécurité du calcul ou du traitement de l’information opérant en mode dual ou compartimenté, c.-à-d. avec au moins un mode sécurisé
G06F 3/14 - Sortie numérique vers un dispositif de visualisation
A method for securing an off-the-shelf smartphone, a secure communication system, and a security insert is provided. The method comprises removing the battery from the off-the-shelf smartphone and inserting the security insert to the battery compartment. The security insert comprises cryptographic module. The method further comprises modifying off-the-shelf smartphone and providing a power and data connection between the security insert and the smartphone. The secure communication system wirelessly transmits outgoing cellular encrypted black data, which is encrypted by the cryptographic module, from the modified off-the-shelf smartphone to a cellular network, and decrypts, by the cryptographic module, incoming cellular black data receives from the cellular network to the modified off-the-shelf smartphone. The security insert enclosure configured to be deployed in a battery compartment.
H04M 1/72409 - Interfaces utilisateur spécialement adaptées aux téléphones sans fil ou mobiles avec des moyens de soutien local des applications accroissant la fonctionnalité par interfaçage avec des accessoires externes
H04M 1/02 - Caractéristiques de structure des appareils téléphoniques
H04M 1/19 - Dispositions de microphones, écouteurs, ou appareils complets pour empêcher l'écoute indiscrète, pour atténuer le bruit ou pour empêcher la transmission indésirableEmbouchures ou écouteurs spécialement adaptés à cet effet
H04M 1/675 - Dispositions pour empêcher les appels non autorisés provenant d'un appareil téléphonique par des moyens électroniques l'utilisateur devant insérer une carte codée, p. ex. une carte intelligente comportant une puce à circuit intégré
H04M 1/72412 - Interfaces utilisateur spécialement adaptées aux téléphones sans fil ou mobiles avec des moyens de soutien local des applications accroissant la fonctionnalité par interfaçage avec des accessoires externes utilisant des interfaces sans fil bidirectionnelles à courte portée
H04W 4/80 - Services utilisant la communication de courte portée, p. ex. la communication en champ proche, l'identification par radiofréquence ou la communication à faible consommation d’énergie
H04W 12/03 - Protection de la confidentialité, p. ex. par chiffrement
H04W 12/43 - Dispositions de sécurité utilisant des modules d’identité utilisant des modules partagés d’identité, p. ex. partage de SIM
9.
System and method for detection and prevention of cyber attacks at in-vehicle networks
A cyber security system for in-vehicle networks comprises a plurality of electronic control units (ECUs) communicating via a vehicle bus. The system comprises a plurality of bus security units (BSUs), wherein each BSU is configured to be connected between the vehicle bus and one of the ECUs, and the BSUs communicating via a security bus separate from the vehicle bus. Each BSU is configured to monitor the activity of the corresponding ECU, on the vehicle bus, send the monitored activity to another BSU on the security bus and detect abnormal communication on the vehicle bus.
A wireless communication system comprising a smartphone comprising antenna system, and an add-on device that is configured to be attached to the smartphone, wherein, the add-on device comprises, a wireless communication module configured to transmit and receive RF communication signals, and an antenna coupling system that couples between the wireless communication module and the smartphone's antenna system in order to at least transmit or receive the RF communication signals by the smartphone's antenna system, the antenna coupling system couples the RF communication signals by at least one of or the combination of (a) conduction with the enclosure of the smartphone, and (b) induction between the add-on device and the smartphone.
A system incorporating a smartphone and an add-on device coupled to each other via combined data/power interface, the smartphone having a rechargeable battery connected to battery protection circuitry and the add-on device optionally having a rechargeable battery connected to battery protection circuitry as well, the combined data/power interface having one or more data pins for transferring data between the smartphone and the add-on device, one or more regulated power delivery pins, and one or more protected-battery power delivery pins, wherein the regulated power delivery pins are used to charge the battery of the smartphone from an external charger coupled to the add-on device, the batteries are connected to the battery protection circuitries that is configured to protect the battery by cutoff or limit the current or voltage on the battery electrodes, and the protected-battery power delivery pins are connected to the battery protection circuitries of the smartphone or add-on device.
A system incorporating a smartphone comprising a smartphone and add-on device coupled to each other via combined data/power interface, wherein the smartphone comprises a rechargeable battery connected to battery protection circuitry and the add-on device optionally comprises a rechargeable battery connected to battery protection circuitry as well, the combined data/power interface comprises: one or more data pins for transferring data between the smartphone and the add-on device; one or more regulated power delivery pins; and one or more protected-battery power delivery pins, wherein the regulated power delivery pins are used to charge the battery of the smartphone from an external charger coupled to the add-on device, the batteries are connected to the battery protection circuitries that is configured to protect the battery by cutoff or limit the current or voltage on the battery electrodes, the protected-battery power delivery pins are connected to the battery protection circuitries of the smartphone or add-on device. The following power delivery paths are enabled: (1) the add-on device is powered by the battery of the smartphone through the protected-battery power delivery pins that are connected to the output of the battery protection circuitry of the smartphone. (2) the smartphone is powered by the battery of the add-on device through the protected-battery power delivery pins that are connected to the output of the battery protection circuitry of the add-on device, and (3) the batteries charge each other through the protected-battery power delivery pins that are connected to the output of the battery protection circuitries of smartphone and add-on devices.
A secure phone system comprising a plurality of Voice over IP (VoIP) phones, each having an enhanced security implant device, a Mutual Disabling Unit (MDU) and a method of operating the system for securing VoIP phones located in the same room by disabling a VoIP phone while a call is active in another phone in order to prevent audio eavesdropping.
H04M 3/20 - Centraux automatiques ou semi-automatiques avec des moyens pour couper les liaisons existantesCentraux automatiques ou semi-automatiques avec des moyens pour intervenir dans les conversations
H04M 7/00 - Dispositions d'interconnexion entre centres de commutation
14.
Security method and apparatus for locking of mediators between console peripheral devices and hosts
A mediator and a method for securing a mediator for coupling between one or more hosts and one or more consoles comprising one or more peripheral devices. The mediator is having at least three stages: (i) a security setup stage; (ii) a neutralization stage; and (iii) a normal operation stage. In the normal operation stage, the mediator couples between at least one of the one or more peripheral devices and at least one of the one or more peripheral devices. In the neutralization stage the mediator disable coupling between at least one of the one or more peripheral devices and at least one of the one or more peripheral devices. The securing method starts with the security setup stage after at least one of (a) a power-up; (b) a reset; (c) a device connection; and (d) an unlock command. Upon entering the security setup stage, the method performs the following: (1) reading the device information of the one or more peripheral devices; (2) if the mediator is in Unlock state, waiting for a locking command and upon locking command arrival, register the information of the one or more peripheral devices to non-volatile memory, and proceed to normal operation stage, (3) if the mediator is in Lock state, compare the registered information of the one or more peripheral devices with the information read previously, and upon a match proceed to normal operation stage and upon a miss-match proceed to neutralization stage. The lock and unlock commands are provided from an authorized user or an administrator.
G06F 21/85 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’interconnexion, p. ex. les dispositifs connectés à un bus ou les dispositifs en ligne
G06F 21/84 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’affichage, p. ex. écrans ou moniteurs
G06F 21/83 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs de saisie de données, p. ex. claviers, souris ou commandes desdits claviers ou souris
Mediating between host and display where a mediator enforces security policy over bidirectional protocols of a Display Data Channel (DDC) of video communication protocols between host and display, where AD-EDID display emulators are coupled to DDCs of the host's video port, AD-EDID host emulators are coupled to DDCs of display's video port and security enforcing communication units couple between pairs of AD-EDID display emulator and AD-EDID host emulator, where AD-EDID display emulators emulate display operation and behavior over the DDC, AD-EDID host emulators emulate host operation and behavior over the DDC and security enforcing communication units enforce security policy such as unidirectional communication between the pairs of AD-EDID host emulators and AD-EDID display emulators.
H04N 21/40 - Dispositifs clients spécialement adaptés à la réception de contenu ou à l'interaction avec le contenu, p. ex. boîtier décodeur [STB]Leurs opérations
H04N 21/60 - Structure du réseau ou procédés pour la distribution de vidéo entre le serveur et le client ou entre des clients distantsSignalisation de contrôle entre clients, serveur et éléments du réseauTransmission de données de gestion entre serveur et clientDétails de la communication entre serveur et client
H04L 43/00 - Dispositions pour la surveillance ou le test de réseaux de commutation de données
H04L 9/00 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité
16.
System and method of polychromatic identification for a KVM switch
A peripheral devices switch, a peripheral device, and a keyboard configured to be connected to a plurality of host computers. The peripheral devices switch configured to be coupled to at least one set of peripheral devices and to a plurality of host computers. A color is assigned to each host computer and the at least one set of peripheral devices illuminates at least one polychromatic light source with the color that is assigned to an active host computer. A peripheral device interface to interface between the peripheral device and the peripheral devices switch may be a composite interface comprises two independent interface protocols either by sharing a single connector and cable but having separate pins in the connector and corresponding wires in the cable, or by having a separate cable and separate connector to each one of said interface protocol. The composite interface comprises a primary standard peripheral device interface for the standard peripheral device functionalities, and secondary dedicated peripheral device interface configured to instructs the illumination of the polychromatic indication.
G06F 3/023 - Dispositions pour convertir sous une forme codée des éléments d'information discrets, p. ex. dispositions pour interpréter des codes générés par le clavier comme codes alphanumériques, comme codes d'opérande ou comme codes d'instruction
G06F 13/42 - Protocole de transfert pour bus, p. ex. liaisonSynchronisation
G08B 5/36 - Systèmes de signalisation optique, p. ex. systèmes d'appel de personnes, indication à distance de l'occupation de sièges utilisant une transmission électriqueSystèmes de signalisation optique, p. ex. systèmes d'appel de personnes, indication à distance de l'occupation de sièges utilisant une transmission électromécanique utilisant des sources de lumière visible
G06F 3/02 - Dispositions d'entrée utilisant des interrupteurs actionnés manuellement, p. ex. des claviers ou des cadrans
A modular keyboard video and mouse (KVM) switching system comprises a core KVM switch module, one or more console peripheral interface modules (CPIM) and one or more host computer interface modules (HIM). The CPIM interfaces console peripheral devices to the core KVM switch module and the HIM interfaces host computer to the core KVM switch module. Changing of console peripheral devices or host computer involves adapting a corresponding CPIM or HIM without changing the core KVM switch module.
G06F 3/023 - Dispositions pour convertir sous une forme codée des éléments d'information discrets, p. ex. dispositions pour interpréter des codes générés par le clavier comme codes alphanumériques, comme codes d'opérande ou comme codes d'instruction
G06F 3/038 - Dispositions de commande et d'interface à cet effet, p. ex. circuits d'attaque ou circuits de contrôle incorporés dans le dispositif
A modular keyboard video and mouse (KVM) switching system comprises a core KVM switch module, one or more console peripheral interface modules (CPIM) and one or more host computer interface modules (HIM). The CPIM interfaces console peripheral devices to the core KVM switch module and the HIM interfaces host computer to the core KVM switch module. Changing of console peripheral devices or host computer involves adapting a corresponding CPIM or HIM without changing the core KVM switch module.
G06F 3/023 - Dispositions pour convertir sous une forme codée des éléments d'information discrets, p. ex. dispositions pour interpréter des codes générés par le clavier comme codes alphanumériques, comme codes d'opérande ou comme codes d'instruction
G06F 3/038 - Dispositions de commande et d'interface à cet effet, p. ex. circuits d'attaque ou circuits de contrôle incorporés dans le dispositif
19.
SYSTEM AND METHOD FOR DETECTION AND PREVENTION OF CYBER ATTACKS AT IN-VEHICLE NETWORKS
A cyber security system for in-vehicle networks comprises a plurality of electronic control units (ECUs) communicating via a vehicle bus. The system comprises a plurality of bus security units (BSUs), wherein each BSU is configured to be connected between the vehicle bus and one of the ECUs, and the BSUs communicating via a security bus separate from the vehicle bus. Each BSU is configured to monitor the activity of the corresponding ECU, on the vehicle bus, send the monitored activity to another BSU on the security bus and detect abnormal communication on the vehicle bus.
G06F 21/00 - Dispositions de sécurité pour protéger les calculateurs, leurs composants, les programmes ou les données contre une activité non autorisée
A method for securing an off-the-shelf smartphone, a secure communication system, and a security insert is provided. The method comprises removing the battery from the off-the-shelf smartphone and inserting the security insert to the battery compartment. The security insert comprises cryptographic module. The method further comprises modifying off-the-shelf smartphone and providing a power and data connection between the security insert and the smartphone. The secure communication system wirelessly transmits outgoing cellular encrypted black data, which is encrypted by the cryptographic module, from the modified off-the-shelf smartphone to a cellular network, and decrypts, by the cryptographic module, incoming cellular black data receives from the cellular network to the modified off-the-shelf smartphone. The security insert enclosure configured to be deployed in a battery compartment.
H04M 1/72409 - Interfaces utilisateur spécialement adaptées aux téléphones sans fil ou mobiles avec des moyens de soutien local des applications accroissant la fonctionnalité par interfaçage avec des accessoires externes
A method for securing an off-the-shelf smartphone, a secure communication system, and a security insert is provided. The method comprises removing the battery from the off-the-shelf smartphone and inserting the security insert to the battery compartment. The security insert comprises cryptographic module. The method further comprises modifying off-the-shelf smartphone and providing a power and data connection between the security insert and the smartphone. The secure communication system wirelessly transmits outgoing cellular encrypted black data, which is encrypted by the cryptographic module, from the modified off-the-shelf smartphone to a cellular network, and decrypts, by the cryptographic module, incoming cellular black data receives from the cellular network to the modified off-the-shelf smartphone. The security insert enclosure configured to be deployed in a battery compartment.
H04M 1/72409 - Interfaces utilisateur spécialement adaptées aux téléphones sans fil ou mobiles avec des moyens de soutien local des applications accroissant la fonctionnalité par interfaçage avec des accessoires externes
A system incorporating a smartphone and an add-on device coupled to each other via combined data/power interface, wherein the smartphone has a re-chargeable battery connected to battery protection circuitry. The combined data/power interface includes: one or more data pins for transferring data between the smartphone and the add-on device; one or more regulated power delivery pins; and one or more protected-battery power delivery pins. The smartphone is chargeable by an external charger when the add-on device is coupled to the smartphone and the external charger is coupled to the add-on device, and when the add-on device is coupled to the smartphone the add-on device is continuously powerable by the smartphone battery whether or not the external charger is coupled to the add-on device. The rechargeable battery is protected by battery protection circuitry that is configured to protect the battery by cutting off or limiting the current or voltage on the battery electrodes, and where both include an interface controller tonegotiate a power delivery mode between the smartphone and the add-on device. A method of negotiating between the interface controller of the smartphone and the interface controller of the add-on device to agree on performing at least one of a protected-battery power delivery mode and a regulated power delivery mode.
A system incorporating a smartphone comprising a smartphone and add-on device coupled to each other via combined data/power interface, wherein the smartphone comprises a rechargeable battery connected to battery protection circuitry and the add-on device optionally comprises a rechargeable battery connected to battery protection circuitry as well, the combined data/power interface comprises: one or more data pins for transferring data between the smartphone and the add-on device; one or more regulated power delivery pins; and one or more protected-battery power delivery pins, wherein the regulated power delivery pins are used to charge the battery of the smartphone from an external charger coupled to the add-on device, the batteries are connected to the battery protection circuitries that is configured to protect the battery by cutoff or limit the current or voltage on the battery electrodes, the protected-battery power delivery pins are connected to the battery protection circuitries of the smartphone or add-on device. The following power delivery paths are enabled: (1) the add-on device is powered by the battery of the smartphone through the protected- battery power delivery pins that are connected to the output of the battery protection circuitry of the smartphone. (2) the smartphone is powered by the battery of the add-on device through the protected-battery power delivery pins that are connected to the output of the battery protection circuitry of the add-on device, and (3) the batteries charge each other through the protected-battery power delivery pins that are connected to the output of the battery protection circuitries of smartphone and add-on devices.
A system incorporating a smartphone comprising a smartphone and add-on device coupled to each other via combined data/power interface, wherein the smartphone has a chargeable battery connected to battery protecrion circuitry. The combined data/power interface includes: one or more data pins for transferring data between the smartphone and the add-on device; one or more regulated power delivery pins; and one or more protected-battery power delivery pins. The smartphone is chargeable by an external charger when the add-on device is coupled to the smartphone and the external charger is coupled to the add-on device, and when the add-on device is coupled to the smartphone the add-on device is continuously powerable by the smartphone battery whether or not the external charger is coupled to the add-on device."
A peripheral devices switch is configured to be coupled to at least one set of peripheral devices and to a plurality of host computers. A color is assigned to each host computer. The at least one set of peripheral devices illuminates at least one polychromatic light source with the color assigned to an active hast computer. A peripheral device interface to interface between the peripheral device and the peripheral devices switch may be a composite interface comprises two independent interface protocols either by sharing a single connector and cable but having separate pins in the connector and corresponding wires in the cable, or by having a separate cable and separate connector to each one of said inte1face protocol. The composite interface comprises a primary standard peripheral device interface for the standard peripheral device functionalities, and secondary dedicated peripheral device interface configured to instructs the illumination of the polychromatic indication.
G06F 3/00 - Dispositions d'entrée pour le transfert de données destinées à être traitées sous une forme maniable par le calculateurDispositions de sortie pour le transfert de données de l'unité de traitement à l'unité de sortie, p. ex. dispositions d'interface
A secure audio switch comprising: a plurality of host computer interfaces, each for interfacing the secure audio switch with a corresponding host computer, for receiving audio signals from said corresponding host computer; a user audio interface, for interfacing the secure audio switch with at least one user audio device, wherein said at least one user audio device comprises at least one of a speaker or an earphone; an Audio Output Channel (AOC), coupled to said user audio interface comprises audio security device to reduce data leak by intentionally reducing data rate capable of flowing through said AOC to a maximum rate comparable to the minimal rate required for reproducing human speech, and forcing audio data flow only in the direction to said user audio interface by using an analog audio diode and an analog low pass filter in the audio output channel (AOC).
G10L 19/00 - Techniques d'analyse ou de synthèse de la parole ou des signaux audio pour la réduction de la redondance, p. ex. dans les vocodeursCodage ou décodage de la parole ou des signaux audio utilisant les modèles source-filtre ou l’analyse psychoacoustique
H04N 7/52 - Systèmes pour la transmission d'un signal vidéo modulé par impulsions codées avec d'autres signaux modulés par impulsions codées, p. ex. un signal audio ou un signal de synchronisation
G06F 3/023 - Dispositions pour convertir sous une forme codée des éléments d'information discrets, p. ex. dispositions pour interpréter des codes générés par le clavier comme codes alphanumériques, comme codes d'opérande ou comme codes d'instruction
Mediating between host and display where a mediator enforces security policy over bidirectional protocols of a Display Data Channel (DDC) of video communication protocols between host and display, where AD-EDID display emulators are coupled to DDCs of the host's video port, AD-EDID host emulators are coupled to DDCs of display's video port and security enforcing communication units couple between pairs of AD-EDID display emulator and AD-EDID host emulator, where AD-EDID display emulators emulate display operation and behavior over the DDC, AD-EDID host emulators emulate host operation and behavior over the DDC and security enforcing communication units enforce security policy such as unidirectional communication between the pairs of AD-EDID host emulators and AD-EDID display emulators.
H04N 21/647 - Signalisation de contrôle entre des éléments du réseau et serveur ou clientsProcédés réseau pour la distribution vidéo entre serveur et clients, p. ex. contrôle de la qualité du flux vidéo en éliminant des paquets, protection du contenu contre une modification non autorisée dans le réseau ou surveillance de la charge du réseau ou réalisation d'une passerelle entre deux réseaux différents, p. ex. entre réseau IP et réseau sans fil
H04N 21/835 - Génération de données de protection, p. ex. certificats
28.
System and method of polychromatic identification for a KVM switch
Systems and methods of a peripheral devices switching system configured to be connected to a plurality of host computers, including at least one set of peripheral devices, a peripheral devices switch that is to be coupled to said at least one set of peripheral devices and said plurality of host computers, where the peripheral devices switch assigns a color to each host computer, and couple between said at least one set of peripheral devices and an active host computer, and one or more polychromatic light sources that are being comprised in the peripheral devices switch, the at least one of the peripheral devices of the sets of peripheral devices or both, where the peripheral devices switch indicates the active host computer by illuminating at least one polychromatic light source by the color that is assigned to the active host computer.
G06F 13/10 - Commande par programme pour dispositifs périphériques
G06F 3/023 - Dispositions pour convertir sous une forme codée des éléments d'information discrets, p. ex. dispositions pour interpréter des codes générés par le clavier comme codes alphanumériques, comme codes d'opérande ou comme codes d'instruction
A secure cellular communication system comprises a modified smartphone mated with a security pack. A Cryptographic module within the security pack encrypts all cellular outgoing data and decrypts cellular incoming data. The modified smartphone is modified to rout all cellular outgoing data and incoming data via the Cryptographic module within the security pack. The cellular MODEM may reside within the security pack while the phone's cellular MODEM is disabled, or the phone's cellular MODEM may be used.
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
H04W 12/02 - Protection de la confidentialité ou de l'anonymat, p. ex. protection des informations personnellement identifiables [PII]
H04M 1/72409 - Interfaces utilisateur spécialement adaptées aux téléphones sans fil ou mobiles avec des moyens de soutien local des applications accroissant la fonctionnalité par interfaçage avec des accessoires externes
A portable computer providing high level of security comprises of two completely logically and electrically isolated computer modules within one tamper resistant enclosure. One computer module is for Higher-Security applications (refer higher-security to as “red”) and the other is for Lower-Security applications such as email and internet (refer lower-security to as “black”). The two modules are coupled together to secure Peripheral Sharing Switch that enables intuitive user interaction while minimizing the security risk resulted from sharing same peripheral device.
G06F 21/74 - Protection de composants spécifiques internes ou périphériques, où la protection d'un composant mène à la protection de tout le calculateur pour assurer la sécurité du calcul ou du traitement de l’information opérant en mode dual ou compartimenté, c.-à-d. avec au moins un mode sécurisé
G06F 13/42 - Protocole de transfert pour bus, p. ex. liaisonSynchronisation
G06F 21/32 - Authentification de l’utilisateur par données biométriques, p. ex. empreintes digitales, balayages de l’iris ou empreintes vocales
G06F 21/34 - Authentification de l’utilisateur impliquant l’utilisation de dispositifs externes supplémentaires, p. ex. clés électroniques ou cartes à puce intelligentes
A method for securing a KVM Matrix system by inserting a plurality of input security isolators, each of the input security isolators is placed between a host computer and matrix host adapter of the KVM matrix system to enforce security data flow policy that is applicable for the corresponding host computer. Additionally, a security filter is placed between peripheral devices and a matrix console adapter to enforce security data flow policy that is applicable for the corresponding peripheral devices.
G06F 21/83 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs de saisie de données, p. ex. claviers, souris ou commandes desdits claviers ou souris
G06F 21/84 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’affichage, p. ex. écrans ou moniteurs
G06F 21/85 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’interconnexion, p. ex. les dispositifs connectés à un bus ou les dispositifs en ligne
A secure audio switch comprising: a plurality of host computer interfaces, each for interfacing the secure audio switch with a corresponding host computer, for receiving audio signals from said corresponding host computer; a user audio interface, for interfacing the secure audio switch with at least one user audio device, wherein said at least one user audio device comprises at least one of a speaker or an earphone; an Audio Output Channel (AOC), coupled to said user audio interface comprises audio security device to reduce data leak by intentionally reducing data rate capable of flowing through said AOC to a maximum rate comparable to the minimal rate required for reproducing human speech, and forcing audio data flow only in the direction to said user audio interface; a monitor and control unit, for receiving user's selection of a selected one of said plurality of host computer to be interfaced with said user audio interface, and indicating to the user which of said hosts is currently selected to be interfaced with said user audio interface; and an audio MUX, receiving user selection of the host selected to be interfaced with said user audio interface from said monitor and control unit, and in response, coupling only said selected host computer interface to said AOC.
G10L 19/02 - Techniques d'analyse ou de synthèse de la parole ou des signaux audio pour la réduction de la redondance, p. ex. dans les vocodeursCodage ou décodage de la parole ou des signaux audio utilisant les modèles source-filtre ou l’analyse psychoacoustique utilisant l'analyse spectrale, p. ex. vocodeurs à transformée ou vocodeurs à sous-bandes
33.
Method and apparatus for securing voice over IP telephone device
A security implant device and a method of operation of the security implant, for securing Voice over IP (VoIP) phone, the implant device disables audio input and output components of the VoIP phone in order to prevent audio eavesdropping.
A secure cellular communication system comprises a modified smartphone mated with a security pack. A Cryptographic module within the security pack encrypts all cellular outgoing data and decrypts cellular incoming data. The modified smartphone is modified to rout all cellular outgoing data and incoming data via the Cryptographic module within the security pack. The cellular MODEM may reside within the security pack while the phone's cellular MODEM is disabled, or the phone's cellular MODEM may be used.
H04B 1/3888 - Dispositions pour le transport ou la protection d’émetteurs-récepteurs
H04W 4/80 - Services utilisant la communication de courte portée, p. ex. la communication en champ proche, l'identification par radiofréquence ou la communication à faible consommation d’énergie
H04M 1/19 - Dispositions de microphones, écouteurs, ou appareils complets pour empêcher l'écoute indiscrète, pour atténuer le bruit ou pour empêcher la transmission indésirableEmbouchures ou écouteurs spécialement adaptés à cet effet
H04B 1/38 - Émetteurs-récepteurs, c.-à-d. dispositifs dans lesquels l'émetteur et le récepteur forment un ensemble structural et dans lesquels au moins une partie est utilisée pour des fonctions d'émission et de réception
H04M 1/02 - Caractéristiques de structure des appareils téléphoniques
G06F 21/45 - Structures ou outils d’administration de l’authentification
A portable computer providing high level of security comprises of two completely logically and electrically isolated computer modules within one tamper resistant enclosure. One computer module is for Higher-Security applications (refer higher-security to as "red ") and the other is for Lower-Security applications such as email and internet (refer lower-security to as "black" ). The two modules are coupled together to secure Peripheral Sharing Switch that enables intuitive user interaction while minimizing the security risk resulted from sharing same peripheral device.
G06F 21/70 - Protection de composants spécifiques internes ou périphériques, où la protection d'un composant mène à la protection de tout le calculateur
G06F 21/71 - Protection de composants spécifiques internes ou périphériques, où la protection d'un composant mène à la protection de tout le calculateur pour assurer la sécurité du calcul ou du traitement de l’information
G06F 21/82 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion
G06F 21/84 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’affichage, p. ex. écrans ou moniteurs
G06F 21/74 - Protection de composants spécifiques internes ou périphériques, où la protection d'un composant mène à la protection de tout le calculateur pour assurer la sécurité du calcul ou du traitement de l’information opérant en mode dual ou compartimenté, c.-à-d. avec au moins un mode sécurisé
G06F 13/00 - Interconnexion ou transfert d'information ou d'autres signaux entre mémoires, dispositifs d'entrée/sortie ou unités de traitement
G06F 13/10 - Commande par programme pour dispositifs périphériques
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
A method for securing a KVM Matrix system by inserting a plurality of input security isolators, each of the input security isolators is placed between a host computer and matrix host adapter of the KVM matrix system to enforce security data flow policy that is applicable for the corresponding host computer. Additionally, a security isolator is placed between peripheral devices and a matrix console adapter to enforce security data flow policy that is applicable for the corresponding peripheral devices.
G06F 13/00 - Interconnexion ou transfert d'information ou d'autres signaux entre mémoires, dispositifs d'entrée/sortie ou unités de traitement
G06F 21/50 - Contrôle des utilisateurs, des programmes ou des dispositifs de préservation de l’intégrité des plates-formes, p. ex. des processeurs, des micrologiciels ou des systèmes d’exploitation
G06F 21/70 - Protection de composants spécifiques internes ou périphériques, où la protection d'un composant mène à la protection de tout le calculateur
G06F 21/71 - Protection de composants spécifiques internes ou périphériques, où la protection d'un composant mène à la protection de tout le calculateur pour assurer la sécurité du calcul ou du traitement de l’information
G06F 21/82 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion
G06F 21/85 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’interconnexion, p. ex. les dispositifs connectés à un bus ou les dispositifs en ligne
G06F 3/00 - Dispositions d'entrée pour le transfert de données destinées à être traitées sous une forme maniable par le calculateurDispositions de sortie pour le transfert de données de l'unité de traitement à l'unité de sortie, p. ex. dispositions d'interface
G06F 3/023 - Dispositions pour convertir sous une forme codée des éléments d'information discrets, p. ex. dispositions pour interpréter des codes générés par le clavier comme codes alphanumériques, comme codes d'opérande ou comme codes d'instruction
G06F 13/10 - Commande par programme pour dispositifs périphériques
G06F 13/38 - Transfert d'informations, p. ex. sur un bus
A method for securing a KVM Matrix system by inserting a plurality of input security isolators, each of the input security isolators is placed between a host computer and matrix host adapter of the KVM matrix system to enforce security data flow policy that is applicable for the corresponding host computer. Additionally, a security isolator is placed between peripheral devices and a matrix console adapter to enforce security data flow policy that is applicable for the corresponding peripheral devices.
G06F 13/00 - Interconnexion ou transfert d'information ou d'autres signaux entre mémoires, dispositifs d'entrée/sortie ou unités de traitement
G06F 13/10 - Commande par programme pour dispositifs périphériques
G06F 13/38 - Transfert d'informations, p. ex. sur un bus
G06F 3/00 - Dispositions d'entrée pour le transfert de données destinées à être traitées sous une forme maniable par le calculateurDispositions de sortie pour le transfert de données de l'unité de traitement à l'unité de sortie, p. ex. dispositions d'interface
G06F 3/023 - Dispositions pour convertir sous une forme codée des éléments d'information discrets, p. ex. dispositions pour interpréter des codes générés par le clavier comme codes alphanumériques, comme codes d'opérande ou comme codes d'instruction
G06F 21/82 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion
G06F 21/85 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’interconnexion, p. ex. les dispositifs connectés à un bus ou les dispositifs en ligne
G06F 21/70 - Protection de composants spécifiques internes ou périphériques, où la protection d'un composant mène à la protection de tout le calculateur
G06F 21/71 - Protection de composants spécifiques internes ou périphériques, où la protection d'un composant mène à la protection de tout le calculateur pour assurer la sécurité du calcul ou du traitement de l’information
G06F 21/50 - Contrôle des utilisateurs, des programmes ou des dispositifs de préservation de l’intégrité des plates-formes, p. ex. des processeurs, des micrologiciels ou des systèmes d’exploitation
A method for securing a KVM Matrix system by inserting a plurality of input security isolators, each of the input security isolators is placed between a host computer and matrix host adapter of the KVM matrix system to enforce security data flow policy that is applicable for the corresponding host computer. Additionally, a security filter is placed between peripheral devices and a matrix console adapter to enforce security data flow policy that is applicable for the corresponding peripheral devices.
G06F 21/83 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs de saisie de données, p. ex. claviers, souris ou commandes desdits claviers ou souris
G06F 13/10 - Commande par programme pour dispositifs périphériques
A self-locking USB filter device is disclosed that comprises at least one permanently attachable self-locking USB plug having at least one locking tooth to permanently connect the permanently attachable self-locking USB plug to a USB jack of a protected computing apparatus. The self-locking USB filter protects the protected computing apparatus by blocking unauthorized data transfer and blocks all communication unless the authenticator is authenticated by software installed in the protected computing apparatus. A method of protecting USB jacks of a computing device is also disclosed.
G06F 21/44 - Authentification de programme ou de dispositif
G06F 21/85 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’interconnexion, p. ex. les dispositifs connectés à un bus ou les dispositifs en ligne
A security implant device and a method of operation of the security implant, for securing Voice over IP (Vo IP) phone, the implant device disables audio input and output components of the Vo IP phone in order to prevent audio eavesdropping.
A security implant device and a method of operation of the security implant, for securing Voice over IP (Vo IP) phone, the implant device disables audio input and output components of the Vo IP phone in order to prevent audio eavesdropping.
Doc. No. 352-18 CA/PCT DIV ABSTRACT A security implant device and a method of operation of the security implant, for securing Voice over IP (VolP) phone, the implant device disables audio input and output components of the VolP phone in order to prevent audio eavesdropping. Date Recue/Date Received 2022-08-25
A USB security gateway device is integrated within a host computer. The USB security gateway device is used for protecting a USB port of a host computer against interaction with unauthorized USB device. The USB security gateway device qualifies any USB peripheral device before it allows it to interact with the host device. Qualification parameters are stored in the USB security gateway device and are reprogrammable.
H04L 9/32 - Dispositions pour les communications secrètes ou protégéesProtocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
G06F 21/85 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’interconnexion, p. ex. les dispositifs connectés à un bus ou les dispositifs en ligne
G06F 13/10 - Commande par programme pour dispositifs périphériques
G06F 21/82 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion
44.
Method and apparatus for securing voice over IP telephone device
A security implant device and a method of operation of the security implant, for securing Voice over IP (VoIP) phone, the implant device disables audio input and output components of the VoIP phone in order to prevent audio eavesdropping.
A self-locking USB filter device is disclosed that comprises at least one permanently attachable self-locking USB plug having at least one locking tooth to permanently connect the permanently attachable self-locking USB plug to a USB jack of a protected computing apparatus. The self-locking USB filter protects the protected computing apparatus by blocking unauthorized data transfer and blocks all communication unless the authenticator is authenticated by software installed in the protected computing apparatus. A method of protecting USB jacks of a computing device is also disclosed.
H01R 4/48 - Connexions par serrageConnexions par ressort utilisant un ressort, un clip, ou un autre organe élastique
G06F 21/44 - Authentification de programme ou de dispositif
H01R 13/66 - Association structurelle avec des composants électriques incorporés
H01R 13/717 - Association structurelle avec des composants électriques incorporés avec une source lumineuse intégrée
G06F 21/85 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’interconnexion, p. ex. les dispositifs connectés à un bus ou les dispositifs en ligne
46.
KVM having blue screen of death detection and warning functions
A device, apparatus, system and method for determining failure of a computer host among a plurality of hosts. The host failure detection device may be integrated in a KVM apparatus. The device monitors the video output of the plurality of hosts and if identifies a Blue Screen of Death or BIOS failure Black Screen, it issues a warning and logs the details of the discovered failure. The device may attempt to recover the failed host by transmitting emulated keyboard and mouse commands to the failed host.
G06F 21/50 - Contrôle des utilisateurs, des programmes ou des dispositifs de préservation de l’intégrité des plates-formes, p. ex. des processeurs, des micrologiciels ou des systèmes d’exploitation
G06F 3/14 - Sortie numérique vers un dispositif de visualisation
G06F 3/02 - Dispositions d'entrée utilisant des interrupteurs actionnés manuellement, p. ex. des claviers ou des cadrans
G06F 3/023 - Dispositions pour convertir sous une forme codée des éléments d'information discrets, p. ex. dispositions pour interpréter des codes générés par le clavier comme codes alphanumériques, comme codes d'opérande ou comme codes d'instruction
G06F 11/34 - Enregistrement ou évaluation statistique de l'activité du calculateur, p. ex. des interruptions ou des opérations d'entrée–sortie
47.
KVM HAVING BLUE SCREEN OF DEATH DETECTION AND WARNING FUNCTIONS
A device, apparatus, system and method for determining failure of a computer host among a plurality of hosts. The host failure detection device may be integrated in a KVM apparatus. The device monitors the video output of the plurality of hosts and if identifies a Blue Screen of Death or BIOS failure Black Screen, it issues a warning and logs the details of the discovered failure. The device may attempt to recover the failed host by transmitting emulated keyboard and mouse commands to the failed host.
G06F 11/32 - Surveillance du fonctionnement avec indication visuelle du fonctionnement de la machine
G06F 3/00 - Dispositions d'entrée pour le transfert de données destinées à être traitées sous une forme maniable par le calculateurDispositions de sortie pour le transfert de données de l'unité de traitement à l'unité de sortie, p. ex. dispositions d'interface
48.
Secured KVM system having remote controller-indicator
A secure peripheral switching system comprises a secure peripheral switch remotely coupled to a secure remote controller-indicator, wherein the secure peripheral switch is capable of interfacing with at least two coupled host computers while ensuring data isolation among said at least two coupled host computers, said secure peripheral switch comprising a first interface circuitry to securely link the secure peripheral switch with said secure remote controller-indicator; and a secure remote controller-indicator. The secure remote controller-indicator comprises a second interface circuitry to securely link said secure remote controller-indicator with said secure peripheral switch; a control function capable of enabling a remote user control of said coupled secure peripheral switch; an indication function capable of providing a remote user indications of coupled secure peripheral switch; and an anti-tampering circuitry to detect physical tampering event and report such event to said secure peripheral switch.
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06F 3/023 - Dispositions pour convertir sous une forme codée des éléments d'information discrets, p. ex. dispositions pour interpréter des codes générés par le clavier comme codes alphanumériques, comme codes d'opérande ou comme codes d'instruction
G06F 13/10 - Commande par programme pour dispositifs périphériques
G06F 21/55 - Détection d’intrusion locale ou mise en œuvre de contre-mesures
G06F 21/74 - Protection de composants spécifiques internes ou périphériques, où la protection d'un composant mène à la protection de tout le calculateur pour assurer la sécurité du calcul ou du traitement de l’information opérant en mode dual ou compartimenté, c.-à-d. avec au moins un mode sécurisé
G06F 21/82 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion
G06F 21/83 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs de saisie de données, p. ex. claviers, souris ou commandes desdits claviers ou souris
G06F 21/85 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’interconnexion, p. ex. les dispositifs connectés à un bus ou les dispositifs en ligne
49.
Self-locking USB protection pug device having LED to securely protect USB jack
Methods, devices and system for enhancing computer information security by physically blocking unused USB ports with self-locking devices, or by providing USB port self-locking device with internal circuitry that qualifies and secures user peripheral device attached to the computer, and by continuously communicating with a management software application that provides real-time monitoring and warnings when any USB self-locking device is being removed or tampered. The self-locking devices use a spring loaded teeth in the USB plug that lock into tab spaces in the USB jack. Visual indicator provides positive assurance when all ports are secure. Each self-locking devices include a security circuit which is uniquely paired with the protected port. Some self-locking devices include data filters that only enable connecting authorized peripheral devices.
G06F 21/44 - Authentification de programme ou de dispositif
G06F 21/85 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’interconnexion, p. ex. les dispositifs connectés à un bus ou les dispositifs en ligne
Methods, devices and system for enhancing computer information security by physically blocking unused USB ports with self-locking devices, or by providing USB port self-locking device with internal circuitry that qualifies and secures user peripheral device attached to the computer, and by continuously communicating with a management software application that provides real-time monitoring and warnings when any USB self-locking device is being removed or tampered. The self-locking devices use a spring loaded teeth in the USB plug that lock into tab spaces in the USB jack. Visual indicator provides positive assurance when all ports are secure. Each self-locking devices include a security circuit which is uniquely paired with the protected port. Some self-locking devices include data filters that only enable connecting authorized peripheral devices.
A meeting room power and multi-media center device having one or more wired or wirelessly connected displays or projectors selectively connected to one or more plurality of connected computers. The device provides user indications of qualified input video signals and enables remote control through wirelessly connected remote controller device. The device also provides AC power jacks and USB power jacks to power and charge various portable devices. Another embodiment of the current invention provides similar device further having video processing function to display multiple video sources simultaneously on one or more displays or projectors.
A meeting room power and multi-media center device having one or more wired or wirelessly connected displays or projectors selectively connected to one or more plurality of connected computers. The device provides user indications of qualified input video signals and enables remote control through wirelessly connected remote controller device. The device also provides AC power jacks and USB power jacks to power and charge various portable devices. Another embodiment of the current invention provides similar device further having video processing function to display multiple video sources simultaneously on one or more displays or projectors.
A meeting room power and multi-media center device having one or more wired or wirelessly connected displays or projectors selectively connected to one or more plurality of connected computers. The device provides user indications of qualified input video signals and enables remote control through wirelessly connected remote controller device. The device also provides AC power jacks and USB power jacks to power and charge various portable devices. Another embodiment of the current invention provides similar device further having video processing function to display multiple video sources simultaneously on one or more displays or projectors.
A serial protocol based Docking device having a single set of user peripherals supports multiple removable host computers having different video output types and different operating systems. The device provides mouse tracking function that switches the keyboard and mouse to the different host computers when the cursor is moved by the user across the respective display boundary. The docking device provides file-sharing and cut- and-paste functions across the different docked host computers. Laptops, tabletops as well as Smartphones, tablets and other forms of portable platforms are supported. Dragging an item from a display designated to a first host computer to a display designated to a second host computer performs moving or copying the item from the first host to the second host.
A serial protocol based Docking device having a single set of user peripherals supports multiple removable host computers having different video output types and different operating systems. The device provides mouse tracking function that switches the keyboard and mouse to the different host computers when the cursor is moved by the user across the respective display boundary. The docking device provides file-sharing and cut- and-paste functions across the different docked host computers. Laptops, tabletops as well as Smartphones, tablets and other forms of portable platforms are supported. Dragging an item from a display designated to a first host computer to a display designated to a second host computer performs moving or copying the item from the first host to the second host.
A serial protocol based Docking device having a single set of user peripherals supports multiple removable host computers having different video output types and different operating systems. The device provides mouse tracking function that switches the keyboard and mouse to the different host computers when the cursor is moved by the user across the respective display boundary. The docking device provides file-sharing and cut-and-paste functions across the different docked host computers. Laptops, tabletops as well as Smartphones, tablets and other forms of portable platforms are supported. Dragging an item from a display designated to a first host computer to a display designated to a second host computer performs moving or copying the item from the first host to the second host.
USB ports present risk of data leak from computers. The invention provides an electromechanical USB port protection device capable of mechanically block unused USB port, thus preventing the connection of any USB device to that port. Removal of the device requires electrically energizing the lock using security code. Security software provides scalable and secure centralized keys management. The device provides clear and continuous user visual indications when device is secure. Device derivative secures USB cable to the computer USB port. Another device derivative filters and secures a connected user peripheral device, for example a USB locking device that only allows a connection of USB mouse or keyboard.
G06F 21/85 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’interconnexion, p. ex. les dispositifs connectés à un bus ou les dispositifs en ligne
The present invention presents apparatuses and systems for operating multiple computers from a single keyboard and a single mouse and view composite videos generated from video output of the multiple computers on a single display, while preventing any possible information leakage between the computers. Keyboard and mouse commands detected by a host controller are used to control a video processor and a peripheral switch. The peripheral switch directs keyboard and mouse signals to one selected host and at the same time, the video processor creates an active display window showing video information from the selected host. Physical unidirectional isolators in the video, keyboard and mouse channels prevent any potential data leakages between hosts.
G06F 13/12 - Commande par programme pour dispositifs périphériques utilisant des matériels indépendants du processeur central, p. ex. canal ou processeur périphérique
G06F 13/10 - Commande par programme pour dispositifs périphériques
G06F 3/023 - Dispositions pour convertir sous une forme codée des éléments d'information discrets, p. ex. dispositions pour interpréter des codes générés par le clavier comme codes alphanumériques, comme codes d'opérande ou comme codes d'instruction
G06F 21/83 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs de saisie de données, p. ex. claviers, souris ou commandes desdits claviers ou souris
G06F 21/84 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’affichage, p. ex. écrans ou moniteurs
G06F 13/00 - Interconnexion ou transfert d'information ou d'autres signaux entre mémoires, dispositifs d'entrée/sortie ou unités de traitement
G06F 21/82 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion
Single Optical Fiber KVM (Keyboard Video Mouse) systems are provided that comprises of two subsystems: an electro-optical transmitter subsystem and an electro-optical receiver subsystem. The single optical fiber KVM is configured to support all required bi-directional communications.
G06F 13/12 - Commande par programme pour dispositifs périphériques utilisant des matériels indépendants du processeur central, p. ex. canal ou processeur périphérique
H04B 10/00 - Systèmes de transmission utilisant des ondes électromagnétiques autres que les ondes hertziennes, p. ex. les infrarouges, la lumière visible ou ultraviolette, ou utilisant des radiations corpusculaires, p. ex. les communications quantiques
G06F 3/02 - Dispositions d'entrée utilisant des interrupteurs actionnés manuellement, p. ex. des claviers ou des cadrans
G06F 3/023 - Dispositions pour convertir sous une forme codée des éléments d'information discrets, p. ex. dispositions pour interpréter des codes générés par le clavier comme codes alphanumériques, comme codes d'opérande ou comme codes d'instruction
H04L 5/00 - Dispositions destinées à permettre l'usage multiple de la voie de transmission
H04L 5/14 - Fonctionnement à double voie utilisant le même type de signal, c.-à-d. duplex
A security device for hindering data theft and data leaks via audio channel of a computer system is based on passing the audio signals through a coding vocoder that receives input audio signal from a computer and compressing the signal to a low bit-rate digital data indicative of human speech; and a decoding vocoder that decompress the digital data back to a secure audio signal. The data transfer of the protected audio channel is intentionally limited not to exceed the bit-rate needed to carry vocoder-compressed human speech which is well below the capabilities of unprotected audio channel. Both analog and digital audio ports may be protected. Hardware bit-rate limiter protect the system from software hacking.
G10L 19/00 - Techniques d'analyse ou de synthèse de la parole ou des signaux audio pour la réduction de la redondance, p. ex. dans les vocodeursCodage ou décodage de la parole ou des signaux audio utilisant les modèles source-filtre ou l’analyse psychoacoustique
G10L 15/26 - Systèmes de synthèse de texte à partir de la parole
A streaming video security device is provided that comprises an input LAN interface, at least one streaming video decoder, an output LAN interface, at least one streaming video encoder coupled at one side to said LAN interface for streaming video output and coupled at the other side to a raw video display-compatible output interface; and unidirectional data flow element coupled at the transmitting side to the streaming video decoder through the raw video display-compatible output interface and coupled at the receiving side to one or more video encoder through the raw video display-compatible input interface.
G06F 9/00 - Dispositions pour la commande par programme, p. ex. unités de commande
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06F 15/16 - Associations de plusieurs calculateurs numériques comportant chacun au moins une unité arithmétique, une unité programme et un registre, p. ex. pour le traitement simultané de plusieurs programmes
62.
METHOD SYSTEM AND APPARATUS FOR STREAMING VIDEO SECURITY
A streaming video security device is provided that comprises an input LAN interface, at least one streaming video decoder, an output LAN interface, at least one streaming video encoder coupled at one side to said LAN interface for streaming video output and coupled at the other side to a raw video display-compatible output interface; and unidirectional data flow element coupled at the transmitting side to the streaming video decoder through the raw video display-compatible output interface and coupled at the receiving side to one or more video encoder through the raw video display- compatible input interface.
Devices and methods provide for enabling a user to use a single user authentication device such as smart-card reader, such that the user is capable of securely interfacing with two or more isolated computers and enabling the user to authenticate and remain authenticated at multiple computers at the same time. Once the user removes the smart-card from the smart-card reader, the authentication session on all coupled computers is terminated at once. The user authentication device comprises: an authentication module connected via a channel selection switch to one of a plurality of channels, each interfacing with a respective coupled computer.
G06F 7/04 - Contrôle d'égalité, c.-à-d. pour valeurs égales ou non
G06F 15/16 - Associations de plusieurs calculateurs numériques comportant chacun au moins une unité arithmétique, une unité programme et un registre, p. ex. pour le traitement simultané de plusieurs programmes
G06F 17/30 - Recherche documentaire; Structures de bases de données à cet effet
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06F 21/34 - Authentification de l’utilisateur impliquant l’utilisation de dispositifs externes supplémentaires, p. ex. clés électroniques ou cartes à puce intelligentes
G06F 21/41 - Authentification de l’utilisateur par une seule ouverture de session qui donne accès à plusieurs ordinateurs
G06F 21/32 - Authentification de l’utilisateur par données biométriques, p. ex. empreintes digitales, balayages de l’iris ou empreintes vocales
G06F 21/85 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’interconnexion, p. ex. les dispositifs connectés à un bus ou les dispositifs en ligne
G07F 7/10 - Mécanismes actionnés par des objets autres que des pièces de monnaie pour déclencher ou actionner des appareils de vente, de location, de distribution de pièces de monnaie ou de papier-monnaie, ou de remboursement par carte d'identité codée ou carte de crédit codée utilisée simultanément avec un signal codé
G06F 13/10 - Commande par programme pour dispositifs périphériques
G06Q 20/34 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des cartes, p. ex. cartes à puces ou cartes magnétiques
64.
USER AUTHENTICATION DEVICE HAVING MULTIPLE ISOLATED HOST INTERFACES
Devices and methods provide for enabling a user to use a single user authentication device such as smart-card reader, such that the user is capable of securely interfacing with two or more isolated computers and enabling the user to authenticate and remain authenticated at multiple computers at the same time. Once the user removes the smart-card from the smart-card reader, the authentication session on all coupled computers is terminated at once. The user authentication device comprises: an authentication module connected via a channel selection switch to one of a plurality of channels, each interfacing with a respective coupled computer.
G06F 21/34 - Authentification de l’utilisateur impliquant l’utilisation de dispositifs externes supplémentaires, p. ex. clés électroniques ou cartes à puce intelligentes
G06F 21/32 - Authentification de l’utilisateur par données biométriques, p. ex. empreintes digitales, balayages de l’iris ou empreintes vocales
A system enabling a computer user to securely share a single set of keyboard and mouse (KM) among multiple isolated computers. The system enables one set of peripheral devices to independently interact with multiple coupled isolated computers through mouse position analysis on a virtual display area corresponding to multiple physical user displays of the particular installation. The system may be used to enable computer user having multiple isolated computers each with one or more coupled display to automatically switch a single set of keyboard mouse and other peripheral devices between the different computers. As isolated computers may have different security levels, the method and apparatus of the present invention prevents and potential data leakages between computers and coupled networks.
G06F 13/12 - Commande par programme pour dispositifs périphériques utilisant des matériels indépendants du processeur central, p. ex. canal ou processeur périphérique
G06F 3/02 - Dispositions d'entrée utilisant des interrupteurs actionnés manuellement, p. ex. des claviers ou des cadrans
G06F 21/83 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs de saisie de données, p. ex. claviers, souris ou commandes desdits claviers ou souris
G06F 21/84 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’affichage, p. ex. écrans ou moniteurs
G06F 3/023 - Dispositions pour convertir sous une forme codée des éléments d'information discrets, p. ex. dispositions pour interpréter des codes générés par le clavier comme codes alphanumériques, comme codes d'opérande ou comme codes d'instruction
A secure peripheral device, coupled to a computer, capable of enabling a user to use a peripheral device such as a microphone, speakers, headset or video camera when the device is in operational state, while giving to the user a clear visual indication that the device is enabled. The device simultaneously disables the user peripheral device; and turns off the visual indication when the secure peripheral device is in secure state. The operational state is activated by the user by pressing a momentary push-button switch. A timer resets the device to a secure state after a short preset time. The device has anti-tempering functionality and becomes permanently disabled if tempered with. Optionally the device is coupled to the computer via a USB port that powers it.
A secure peripheral device, coupled to a computer, capable of enabling a user to use a peripheral device such as a microphone, speakers, headset or video camera when the device is in operational state, while giving to the user a clear visual indication that the device is enabled. The device simultaneously disables the user peripheral device; and turns off the visual indication when the secure peripheral device is in secure state. The operational state is activated by the user by pressing a momentary push-button switch. A timer resets the device to a secure state after a short preset time. The device has anti-tempering functionality and becomes permanently disabled if tempered with. Optionally the device is coupled to the computer via a USB port that powers it.
G06F 21/82 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion
G06F 21/85 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’interconnexion, p. ex. les dispositifs connectés à un bus ou les dispositifs en ligne
G06F 3/00 - Dispositions d'entrée pour le transfert de données destinées à être traitées sous une forme maniable par le calculateurDispositions de sortie pour le transfert de données de l'unité de traitement à l'unité de sortie, p. ex. dispositions d'interface
G06F 13/38 - Transfert d'informations, p. ex. sur un bus
A secure video camera device for reducing the risk of visual and audio eavesdropping has a video camera and an electromechanical shutter behind a transparent cover in a secured enclosure. The shutter optically obscures the camera lens when the device is in secure state. A visual indicator indicates when the device is in operational state. A switch controllable by the user, select the state of the device by concurrently disabling the camera turning off the visual indicator in a secure state; and setting said device in an operational state by concurrently enabling the camera and turning on said lighted indicator. The device has a built in, or auxiliary microphone, and audio outputs which are disabled in secure state of the device. The device is tempered proof by an anti-tempering circuitry.
A secure audio peripheral device, coupled to a computer, capable of enabling a user to use audio devices such as a microphone, speakers or headset when the device is in operational state, while giving to the user a clear visual indication that the audio devices are enabled. The device simultaneously disables the microphone; and turns off the visual indication when the device is in secure state. The operational state is activated by the user by pressing a momentary push-button switch. A timer resets the device to a secure state after a short preset time. The device has anti-tempering functionality and becomes permanently disabled if tempered with. Optionally the device is coupled to the computer via a USB port that powers a USB CODEC chip and a LED used as the visual indicator.
G06F 21/83 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs de saisie de données, p. ex. claviers, souris ou commandes desdits claviers ou souris
A secure audio peripheral device, coupled to a computer, capable of enabling a user to use audio devices such as a microphone, speakers or headset when the device is in operational state, while giving to the user a clear visual indication that the audio devices are enabled. The device simultaneously disables the microphone; and turns off the visual indication when the device is in secure state. The operational state is activated by the user by pressing a momentary push-button switch. A timer resets the device to a secure state after a short preset time. The device has anti-tempering functionality and becomes permanently disabled if tempered with. Optionally the device is coupled to the computer via a USB port that powers a USB CODEC chip and a LED used as the visual indicator.
G06F 21/83 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs de saisie de données, p. ex. claviers, souris ou commandes desdits claviers ou souris
F21K 9/00 - Sources lumineuses utilisant des dispositifs à semi-conducteurs en tant qu’éléments générateurs de lumière, p. ex. utilisant des diodes électroluminescentes [LED] ou des lasers
Single Optical Fiber KVM (Keyboard Video Mouse) systems are provided that comprises of two subsystems: an electro-optical transmitter subsystem and an electro-optical receiver subsystem. The single optical fiber KVM is configured to support all required bi- directional communications.
A secure motherboard for a computer, wherein each user accessible peripheral port is protected by hardware based peripheral protection circuitry soldered to the motherboard. The protection circuitry provides security functions decreasing the vulnerability of the computer to data theft. User input ports such as keyboard and mouse peripheral ports are coupled to the computer through a security function that enforce unidirectional data flow only from the user input devices to the computer. Display port uses a security function which isolates the EDID in the display from the computer. Authentication device such as smart card reader is coupled to the computer via a port having a security function which enumerates the authentication device before coupling it to the computer.
G06F 21/04 - par protection de périphériques spécifiques, p.ex. de claviers ou de dispositifs d'affichage
G06F 3/02 - Dispositions d'entrée utilisant des interrupteurs actionnés manuellement, p. ex. des claviers ou des cadrans
G06F 21/85 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’interconnexion, p. ex. les dispositifs connectés à un bus ou les dispositifs en ligne
G06F 21/83 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs de saisie de données, p. ex. claviers, souris ou commandes desdits claviers ou souris
G06F 21/84 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’affichage, p. ex. écrans ou moniteurs
G06F 21/34 - Authentification de l’utilisateur impliquant l’utilisation de dispositifs externes supplémentaires, p. ex. clés électroniques ou cartes à puce intelligentes
Single Optical Fiber KVM (Keyboard Video Mouse) systems are provided that comprises of two subsystems: an electro-optical transmitter subsystem and an electro-optical receiver subsystem. The single optical fiber KVM is configured to support all required bi- directional communications.
The present invention discloses a KVM (Keyboard Video Mouse) device for operation in high security environments. More specifically, this invention discloses a secure KVM built to prevent data leakages between two or more coupled computer hosts. The invention also discloses methods of operation of the secure KVM. Further more particularly, the invention presents a special secure KVM device for interacting with computers using a single user console, while preventing data leakage between the connected computers and attached networks.
G06F 9/455 - ÉmulationInterprétationSimulation de logiciel, p. ex. virtualisation ou émulation des moteurs d’exécution d’applications ou de systèmes d’exploitation
G06F 3/023 - Dispositions pour convertir sous une forme codée des éléments d'information discrets, p. ex. dispositions pour interpréter des codes générés par le clavier comme codes alphanumériques, comme codes d'opérande ou comme codes d'instruction
G06F 3/14 - Sortie numérique vers un dispositif de visualisation
G06F 21/83 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs de saisie de données, p. ex. claviers, souris ou commandes desdits claviers ou souris
G06F 21/85 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’interconnexion, p. ex. les dispositifs connectés à un bus ou les dispositifs en ligne
G06F 21/32 - Authentification de l’utilisateur par données biométriques, p. ex. empreintes digitales, balayages de l’iris ou empreintes vocales
G06F 21/34 - Authentification de l’utilisateur impliquant l’utilisation de dispositifs externes supplémentaires, p. ex. clés électroniques ou cartes à puce intelligentes
A system enabling a computer user to securely share a single set of keyboard and mouse (KM) among multiple isolated computers. The system enables one set of peripheral devices to independently interact with multiple coupled isolated computers through mouse position analysis on a virtual display area corresponding to multiple physical user displays of the particular installation. The system may be used to enable computer user having multiple isolated computers each with one or more coupled display to automatically switch a single set of keyboard mouse and other peripheral devices between the different computers. As isolated computers may have different security levels, the method and apparatus of the present invention prevents and potential data leakages between computers and coupled networks.
A system enabling a computer user to securely share a single set of keyboard and mouse (KM) among multiple isolated computers. The system enables one set of peripheral devices to independently interact with multiple coupled isolated computers through mouse position analysis on a virtual display area corresponding to multiple physical user displays of the particular installation. The system may be used to enable computer user having multiple isolated computers each with one or more coupled display to automatically switch a single set of keyboard mouse and other peripheral devices between the different computers. As isolated computers may have different security levels, the method and apparatus of the present invention prevents and potential data leakages between computers and coupled networks.
G06F 21/83 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs de saisie de données, p. ex. claviers, souris ou commandes desdits claviers ou souris
G06F 21/84 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’affichage, p. ex. écrans ou moniteurs
G06F 3/00 - Dispositions d'entrée pour le transfert de données destinées à être traitées sous une forme maniable par le calculateurDispositions de sortie pour le transfert de données de l'unité de traitement à l'unité de sortie, p. ex. dispositions d'interface
77.
COMPUTER MOTHERBOARD HAVING PERIPHERAL SECURITY FUNCTIONS
A secure motherboard for a computer, wherein each user accessible peripheral port is protected by hardware based peripheral protection circuitry soldered to the motherboard. The protection circuitry provides security functions decreasing the vulnerability of the computer to data theft. User input ports such as keyboard and mouse peripheral ports are coupled to the computer through a security function that enforce unidirectional data flow only from the user input devices to the computer. Display port uses a security function which isolates the EDID in the display from the computer. Authentication device such as smart card reader is coupled to the computer via a port having a security function which enumerates the authentication device before coupling it to the computer.
G06F 21/34 - Authentification de l’utilisateur impliquant l’utilisation de dispositifs externes supplémentaires, p. ex. clés électroniques ou cartes à puce intelligentes
G06F 21/83 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs de saisie de données, p. ex. claviers, souris ou commandes desdits claviers ou souris
G06F 21/84 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’affichage, p. ex. écrans ou moniteurs
G06F 21/85 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’interconnexion, p. ex. les dispositifs connectés à un bus ou les dispositifs en ligne
G06F 3/14 - Sortie numérique vers un dispositif de visualisation
78.
COMPUTER MOTHERBOARD HAVING PERIPHERAL SECURITY FUNCTIONS
A secure motherboard for a computer, wherein each user accessible peripheral port is protected by hardware based peripheral protection circuitry soldered to the motherboard. The protection circuitry provides security functions decreasing the vulnerability of the computer to data theft. User input ports such as keyboard and mouse peripheral ports are coupled to the computer through a security function that enforce unidirectional data flow only from the user input devices to the computer. Display port uses a security function which isolates the EDID in the display from the computer. Authentication device such as smart card reader is coupled to the computer via a port having a security function which enumerates the authentication device before coupling it to the computer.
G06F 21/00 - Dispositions de sécurité pour protéger les calculateurs, leurs composants, les programmes ou les données contre une activité non autorisée
G06F 3/038 - Dispositions de commande et d'interface à cet effet, p. ex. circuits d'attaque ou circuits de contrôle incorporés dans le dispositif
G06F 3/14 - Sortie numérique vers un dispositif de visualisation
79.
SECURE KVM SYSTEM HAVING REMOTE CONTROLLER-INDICATOR
As KVMs (Keyboard Video Mouse) may be abused by attackers to bridge or leak between isolated networks, Secure KVM typically used having isolated circuitry for each computer channel to reduce its vulnerability to leakages between channels. To enable remote installation of a KVM with isolated computers a remote Controller-Indicator is needed in order to present to the user the KVM front panel indications and to enable certain control functions. The current invention provides a KVM switch capable of providing secure remote extension of KVM control and indication functions. Another object of the present invention is to provide a KVM switch having secure remote extension of the complete user console with support of: remote keyboard, mouse, one or more displays, smart-card reader, audio devices, KVM control and KVM monitoring.
As KVMs (Keyboard Video Mouse) may be abused by attackers to bridge or leak between isolated networks, Secure KVM typically used having isolated circuitry for each computer channel to reduce its vulnerability to leakages between channels. To enable remote installation of a KVM with isolated computers a remote Controller-Indicator is needed in order to present to the user the KVM front panel indications and to enable certain control functions. The current invention provides a KVM switch capable of providing secure remote extension of KVM control and indication functions. Another object of the present invention is to provide a KVM switch having secure remote extension of the complete user console with support of: remote keyboard, mouse, one or more displays, smart-card reader, audio devices, KVM control and KVM monitoring.
G06F 21/04 - par protection de périphériques spécifiques, p.ex. de claviers ou de dispositifs d'affichage
G06F 3/023 - Dispositions pour convertir sous une forme codée des éléments d'information discrets, p. ex. dispositions pour interpréter des codes générés par le clavier comme codes alphanumériques, comme codes d'opérande ou comme codes d'instruction
81.
Secure KVM device ensuring isolation of host computers
The present invention presents apparatuses and systems for operating multiple computers from a single console using a secured KVM device, while preventing information leakage between the computers. The system comprises several hosts connected through a secured KVM device to keyboard and mouse and one or more user displays. Secured KVM enables standard bi-directional communication between Secured KVM and user keyboard and mouse and between hosts peripheral ports and Secured KVM. Secured KVM physically enforces unidirectional data flow from attached keyboard and mouse to attached hosts peripheral ports to avoid potential leakages between hosts.
G06F 13/12 - Commande par programme pour dispositifs périphériques utilisant des matériels indépendants du processeur central, p. ex. canal ou processeur périphérique
G06F 21/83 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs de saisie de données, p. ex. claviers, souris ou commandes desdits claviers ou souris
G06F 21/82 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion
G06F 13/00 - Interconnexion ou transfert d'information ou d'autres signaux entre mémoires, dispositifs d'entrée/sortie ou unités de traitement
82.
SECURE KVM SYSTEM HAVING MULTIPLE EMULATED EDID FUNCTIONS
The present invention discloses a KVM (Keyboard Video Mouse) device for operation in high security environments. More specifically, this invention discloses a secure KVM built to prevent data leakages between two or more coupled computer hosts. The invention also discloses methods of operation of the secure KVM. Further more particularly, the invention presents a special secure KVM device for interacting with computers using a single user console, while preventing data leakage between the connected computers and attached networks.
G06F 21/83 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs de saisie de données, p. ex. claviers, souris ou commandes desdits claviers ou souris
G06F 21/85 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’interconnexion, p. ex. les dispositifs connectés à un bus ou les dispositifs en ligne
83.
SECURE KVM SYSTEM HAVING MULTIPLE EMULATED EDID FUNCTIONS
The present invention discloses a KVM (Keyboard Video Mouse) device for operation in high security environments. More specifically, this invention discloses a secure KVM built to prevent data leakages between two or more coupled computer hosts. The invention also discloses methods of operation of the secure KVM. Further more particularly, the invention presents a special secure KVM device for interacting with computers using a single user console, while preventing data leakage between the connected computers and attached networks.
brevets
