Mediating between host and display where a mediator enforces security policy over bidirectional protocols of a Display Data Channel (DDC) of video communication protocols between host and display, where AD-EDID display emulators are coupled to DDCs of the host's video port, AD-EDID host emulators are coupled to DDCs of display's video port and security enforcing communication units couple between pairs of AD-EDID display emulator and AD-EDID host emulator, where AD-EDID display emulators emulate display operation and behavior over the DDC, AD-EDID host emulators emulate host operation and behavior over the DDC and security enforcing communication units enforce security policy such as unidirectional communication between the pairs of AD-EDID host emulators and AD-EDID display emulators.
H04N 21/40 - Dispositifs clients spécialement adaptés à la réception de contenu ou à l'interaction avec le contenu, p.ex. boîtier décodeur [STB]; Leurs opérations
H04N 21/60 - Distribution sélective de contenu, p.ex. télévision interactive ou vidéo à la demande [VOD] - Détails de la communication entre serveur et client
H04L 43/00 - Dispositions pour la surveillance ou le test de réseaux de commutation de données
H04L 9/00 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité
A modular keyboard video and mouse (KVM) switching system comprises a core KVM switch module, one or more console peripheral interface modules (CPIM) and one or more host computer interface modules (HIM). The CPIM interfaces console peripheral devices to the core KVM switch module and the HIM interfaces host computer to the core KVM switch module. Changing of console peripheral devices or host computer involves adapting a corresponding CPIM or HIM without changing the core KVM switch module.
G06F 3/023 - Dispositions pour convertir sous une forme codée des éléments d'information discrets, p.ex. dispositions pour interpréter des codes générés par le clavier comme codes alphanumériques, comme codes d'opérande ou comme codes d'instruction
G06F 3/038 - Dispositions de commande et d'interface à cet effet, p.ex. circuits d'attaque ou circuits de contrôle incorporés dans le dispositif
A method for securing an off-the-shelf smartphone, a secure communication system, and a security insert is provided. The method comprises removing the battery from the off-the-shelf smartphone and inserting the security insert to the battery compartment. The security insert comprises cryptographic module. The method further comprises modifying off-the-shelf smartphone and providing a power and data connection between the security insert and the smartphone. The secure communication system wirelessly transmits outgoing cellular encrypted black data, which is encrypted by the cryptographic module, from the modified off-the-shelf smartphone to a cellular network, and decrypts, by the cryptographic module, incoming cellular black data receives from the cellular network to the modified off-the-shelf smartphone. The security insert enclosure configured to be deployed in a battery compartment.
H04M 1/72409 - Interfaces utilisateur spécialement adaptées aux téléphones sans fil ou mobiles avec des moyens de soutien local des applications accroissant la fonctionnalité par interfaçage avec des accessoires externes
A system incorporating a smartphone and an add-on device coupled to each other via combined data/power interface, wherein the smartphone has a re-chargeable battery connected to battery protection circuitry. The combined data/power interface includes: one or more data pins for transferring data between the smartphone and the add-on device; one or more regulated power delivery pins; and one or more protected-battery power delivery pins. The smartphone is chargeable by an external charger when the add-on device is coupled to the smartphone and the external charger is coupled to the add-on device, and when the add-on device is coupled to the smartphone the add-on device is continuously powerable by the smartphone battery whether or not the external charger is coupled to the add-on device. The rechargeable battery is protected by battery protection circuitry that is configured to protect the battery by cutting off or limiting the current or voltage on the battery electrodes, and where both include an interface controller tonegotiate a power delivery mode between the smartphone and the add-on device. A method of negotiating between the interface controller of the smartphone and the interface controller of the add-on device to agree on performing at least one of a protected-battery power delivery mode and a regulated power delivery mode.
A system incorporating a smartphone comprising a smartphone and add-on device coupled to each other via combined data/power interface, wherein the smartphone has a chargeable battery connected to battery protecrion circuitry. The combined data/power interface includes: one or more data pins for transferring data between the smartphone and the add-on device; one or more regulated power delivery pins; and one or more protected-battery power delivery pins. The smartphone is chargeable by an external charger when the add-on device is coupled to the smartphone and the external charger is coupled to the add-on device, and when the add-on device is coupled to the smartphone the add-on device is continuously powerable by the smartphone battery whether or not the external charger is coupled to the add-on device."
A peripheral devices switch is configured to be coupled to at least one set of peripheral devices and to a plurality of host computers. A color is assigned to each host computer. The at least one set of peripheral devices illuminates at least one polychromatic light source with the color assigned to an active hast computer. A peripheral device interface to interface between the peripheral device and the peripheral devices switch may be a composite interface comprises two independent interface protocols either by sharing a single connector and cable but having separate pins in the connector and corresponding wires in the cable, or by having a separate cable and separate connector to each one of said inte1face protocol. The composite interface comprises a primary standard peripheral device interface for the standard peripheral device functionalities, and secondary dedicated peripheral device interface configured to instructs the illumination of the polychromatic indication.
G06F 3/00 - Dispositions d'entrée pour le transfert de données destinées à être traitées sous une forme maniable par le calculateur; Dispositions de sortie pour le transfert de données de l'unité de traitement à l'unité de sortie, p.ex. dispositions d'interface
G06F 1/16 - TRAITEMENT ÉLECTRIQUE DE DONNÉES NUMÉRIQUES - Détails non couverts par les groupes et - Détails ou dispositions de structure
A method for securing a KVM Matrix system by inserting a plurality of input security isolators, each of the input security isolators is placed between a host computer and matrix host adapter of the KVM matrix system to enforce security data flow policy that is applicable for the corresponding host computer. Additionally, a security isolator is placed between peripheral devices and a matrix console adapter to enforce security data flow policy that is applicable for the corresponding peripheral devices.
G06F 13/00 - Interconnexion ou transfert d'information ou d'autres signaux entre mémoires, dispositifs d'entrée/sortie ou unités de traitement
G06F 21/50 - Contrôle des usagers, programmes ou dispositifs de préservation de l’intégrité des plates-formes, p.ex. des processeurs, des micrologiciels ou des systèmes d’exploitation
G06F 21/70 - Protection de composants spécifiques internes ou périphériques, où la protection d'un composant mène à la protection de tout le calculateur
G06F 21/71 - Protection de composants spécifiques internes ou périphériques, où la protection d'un composant mène à la protection de tout le calculateur pour assurer la sécurité du calcul ou du traitement de l’information
G06F 21/82 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion
G06F 21/85 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’interconnexion, p.ex. les dispositifs connectés à un bus ou les dispositifs en ligne
G06F 3/00 - Dispositions d'entrée pour le transfert de données destinées à être traitées sous une forme maniable par le calculateur; Dispositions de sortie pour le transfert de données de l'unité de traitement à l'unité de sortie, p.ex. dispositions d'interface
G06F 3/023 - Dispositions pour convertir sous une forme codée des éléments d'information discrets, p.ex. dispositions pour interpréter des codes générés par le clavier comme codes alphanumériques, comme codes d'opérande ou comme codes d'instruction
G06F 13/10 - Commande par programme pour dispositifs périphériques
G06F 13/38 - Transfert d'informations, p.ex. sur un bus
8.
METHOD AND APPARATUS FOR SECURING VOICE OVER IP TELEPHONE DEVICE
A security implant device and a method of operation of the security implant, for securing Voice over IP (Vo IP) phone, the implant device disables audio input and output components of the Vo IP phone in order to prevent audio eavesdropping.
Doc. No. 352-18 CA/PCT DIV ABSTRACT A security implant device and a method of operation of the security implant, for securing Voice over IP (VolP) phone, the implant device disables audio input and output components of the VolP phone in order to prevent audio eavesdropping. Date Recue/Date Received 2022-08-25
A device, apparatus, system and method for determining failure of a computer host among a plurality of hosts. The host failure detection device may be integrated in a KVM apparatus. The device monitors the video output of the plurality of hosts and if identifies a Blue Screen of Death or BIOS failure Black Screen, it issues a warning and logs the details of the discovered failure. The device may attempt to recover the failed host by transmitting emulated keyboard and mouse commands to the failed host.
G06F 11/32 - Surveillance du fonctionnement avec indication visuelle du fonctionnement de la machine
G06F 3/00 - Dispositions d'entrée pour le transfert de données destinées à être traitées sous une forme maniable par le calculateur; Dispositions de sortie pour le transfert de données de l'unité de traitement à l'unité de sortie, p.ex. dispositions d'interface
Methods, devices and system for enhancing computer information security by physically blocking unused USB ports with self-locking devices, or by providing USB port self-locking device with internal circuitry that qualifies and secures user peripheral device attached to the computer, and by continuously communicating with a management software application that provides real-time monitoring and warnings when any USB self-locking device is being removed or tampered. The self-locking devices use a spring loaded teeth in the USB plug that lock into tab spaces in the USB jack. Visual indicator provides positive assurance when all ports are secure. Each self-locking devices include a security circuit which is uniquely paired with the protected port. Some self-locking devices include data filters that only enable connecting authorized peripheral devices.
A meeting room power and multi-media center device having one or more wired or wirelessly connected displays or projectors selectively connected to one or more plurality of connected computers. The device provides user indications of qualified input video signals and enables remote control through wirelessly connected remote controller device. The device also provides AC power jacks and USB power jacks to power and charge various portable devices. Another embodiment of the current invention provides similar device further having video processing function to display multiple video sources simultaneously on one or more displays or projectors.
A serial protocol based Docking device having a single set of user peripherals supports multiple removable host computers having different video output types and different operating systems. The device provides mouse tracking function that switches the keyboard and mouse to the different host computers when the cursor is moved by the user across the respective display boundary. The docking device provides file-sharing and cut- and-paste functions across the different docked host computers. Laptops, tabletops as well as Smartphones, tablets and other forms of portable platforms are supported. Dragging an item from a display designated to a first host computer to a display designated to a second host computer performs moving or copying the item from the first host to the second host.
USB ports present risk of data leak from computers. The invention provides an electromechanical USB port protection device capable of mechanically block unused USB port, thus preventing the connection of any USB device to that port. Removal of the device requires electrically energizing the lock using security code. Security software provides scalable and secure centralized keys management. The device provides clear and continuous user visual indications when device is secure. Device derivative secures USB cable to the computer USB port. Another device derivative filters and secures a connected user peripheral device, for example a USB locking device that only allows a connection of USB mouse or keyboard.
G06F 21/85 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’interconnexion, p.ex. les dispositifs connectés à un bus ou les dispositifs en ligne
A streaming video security device is provided that comprises an input LAN interface, at least one streaming video decoder, an output LAN interface, at least one streaming video encoder coupled at one side to said LAN interface for streaming video output and coupled at the other side to a raw video display-compatible output interface; and unidirectional data flow element coupled at the transmitting side to the streaming video decoder through the raw video display-compatible output interface and coupled at the receiving side to one or more video encoder through the raw video display- compatible input interface.
Devices and methods provide for enabling a user to use a single user authentication device such as smart-card reader, such that the user is capable of securely interfacing with two or more isolated computers and enabling the user to authenticate and remain authenticated at multiple computers at the same time. Once the user removes the smart-card from the smart-card reader, the authentication session on all coupled computers is terminated at once. The user authentication device comprises: an authentication module connected via a channel selection switch to one of a plurality of channels, each interfacing with a respective coupled computer.
G06F 21/34 - Authentification de l’utilisateur impliquant l’utilisation de dispositifs externes supplémentaires, p.ex. clés électroniques ou cartes à puce intelligentes
G06F 21/32 - Authentification de l’utilisateur par données biométriques, p.ex. empreintes digitales, balayages de l’iris ou empreintes vocales
A secure peripheral device, coupled to a computer, capable of enabling a user to use a peripheral device such as a microphone, speakers, headset or video camera when the device is in operational state, while giving to the user a clear visual indication that the device is enabled. The device simultaneously disables the user peripheral device; and turns off the visual indication when the secure peripheral device is in secure state. The operational state is activated by the user by pressing a momentary push-button switch. A timer resets the device to a secure state after a short preset time. The device has anti-tempering functionality and becomes permanently disabled if tempered with. Optionally the device is coupled to the computer via a USB port that powers it.
G06F 21/82 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion
G06F 21/85 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’interconnexion, p.ex. les dispositifs connectés à un bus ou les dispositifs en ligne
G06F 3/00 - Dispositions d'entrée pour le transfert de données destinées à être traitées sous une forme maniable par le calculateur; Dispositions de sortie pour le transfert de données de l'unité de traitement à l'unité de sortie, p.ex. dispositions d'interface
G06F 13/38 - Transfert d'informations, p.ex. sur un bus
A secure audio peripheral device, coupled to a computer, capable of enabling a user to use audio devices such as a microphone, speakers or headset when the device is in operational state, while giving to the user a clear visual indication that the audio devices are enabled. The device simultaneously disables the microphone; and turns off the visual indication when the device is in secure state. The operational state is activated by the user by pressing a momentary push-button switch. A timer resets the device to a secure state after a short preset time. The device has anti-tempering functionality and becomes permanently disabled if tempered with. Optionally the device is coupled to the computer via a USB port that powers a USB CODEC chip and a LED used as the visual indicator.
G06F 21/83 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs de saisie de données, p.ex. claviers, souris ou commandes desdits claviers ou souris
F21K 9/00 - Sources lumineuses utilisant des dispositifs à semi-conducteurs en tant qu’éléments générateurs de lumière, p.ex. utilisant des diodes électroluminescentes [LED] ou des lasers
Single Optical Fiber KVM (Keyboard Video Mouse) systems are provided that comprises of two subsystems: an electro-optical transmitter subsystem and an electro-optical receiver subsystem. The single optical fiber KVM is configured to support all required bi- directional communications.
A system enabling a computer user to securely share a single set of keyboard and mouse (KM) among multiple isolated computers. The system enables one set of peripheral devices to independently interact with multiple coupled isolated computers through mouse position analysis on a virtual display area corresponding to multiple physical user displays of the particular installation. The system may be used to enable computer user having multiple isolated computers each with one or more coupled display to automatically switch a single set of keyboard mouse and other peripheral devices between the different computers. As isolated computers may have different security levels, the method and apparatus of the present invention prevents and potential data leakages between computers and coupled networks.
G06F 21/83 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs de saisie de données, p.ex. claviers, souris ou commandes desdits claviers ou souris
G06F 21/84 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’affichage, p.ex. écrans ou moniteurs
G06F 3/00 - Dispositions d'entrée pour le transfert de données destinées à être traitées sous une forme maniable par le calculateur; Dispositions de sortie pour le transfert de données de l'unité de traitement à l'unité de sortie, p.ex. dispositions d'interface
21.
COMPUTER MOTHERBOARD HAVING PERIPHERAL SECURITY FUNCTIONS
A secure motherboard for a computer, wherein each user accessible peripheral port is protected by hardware based peripheral protection circuitry soldered to the motherboard. The protection circuitry provides security functions decreasing the vulnerability of the computer to data theft. User input ports such as keyboard and mouse peripheral ports are coupled to the computer through a security function that enforce unidirectional data flow only from the user input devices to the computer. Display port uses a security function which isolates the EDID in the display from the computer. Authentication device such as smart card reader is coupled to the computer via a port having a security function which enumerates the authentication device before coupling it to the computer.
G06F 21/00 - Dispositions de sécurité pour protéger les calculateurs, leurs composants, les programmes ou les données contre une activité non autorisée
G06F 3/038 - Dispositions de commande et d'interface à cet effet, p.ex. circuits d'attaque ou circuits de contrôle incorporés dans le dispositif
G06F 3/14 - Sortie numérique vers un dispositif de visualisation
22.
SECURE KVM SYSTEM HAVING REMOTE CONTROLLER-INDICATOR
As KVMs (Keyboard Video Mouse) may be abused by attackers to bridge or leak between isolated networks, Secure KVM typically used having isolated circuitry for each computer channel to reduce its vulnerability to leakages between channels. To enable remote installation of a KVM with isolated computers a remote Controller-Indicator is needed in order to present to the user the KVM front panel indications and to enable certain control functions. The current invention provides a KVM switch capable of providing secure remote extension of KVM control and indication functions. Another object of the present invention is to provide a KVM switch having secure remote extension of the complete user console with support of: remote keyboard, mouse, one or more displays, smart-card reader, audio devices, KVM control and KVM monitoring.
The present invention discloses a KVM (Keyboard Video Mouse) device for operation in high security environments. More specifically, this invention discloses a secure KVM built to prevent data leakages between two or more coupled computer hosts. The invention also discloses methods of operation of the secure KVM. Further more particularly, the invention presents a special secure KVM device for interacting with computers using a single user console, while preventing data leakage between the connected computers and attached networks.
brevets
