A modular keyboard video and mouse (KVM) switching system comprises a core KVM switch module, one or more console peripheral interface modules (CPIM) and one or more host computer interface modules (HIM). The CPIM interfaces console peripheral devices to the core KVM switch module and the HIM interfaces host computer to the core KVM switch module Changing of console peripheral devices or host computer involves adapting a corresponding CPIM or HIM without changing the core KVM switch module.
A secure mediator for coupling between one or more hosts and one or more consoles comprising one or more peripheral devices. the secure mediator comprises host side ports, each host side port is configured to be connected to a corresponding host, and console side ports, each console side port is configured to be connected to a corresponding peripheral device. The secure mediator comprises: a triggering circuitry; a timing/control circuitry; a setup circuitry; a switching circuitry; and the rest of the mediator circuitries, wherein the triggering circuitry, timing/control circuitry, setup circuitry, and switching circuitry are non-programable circuitries. The mediator has at least two stages: a security setup stage and a normal operation stage. The triggering circuitry is configured to monitor events and to signal these events to the timing/control circuitry in order to trigger a transfer between the security setup stage and the normal operation stage. The timing/control circuitry controls the execution of the security setup stage and transfers the mediator between the security setup stage and the normal operation stage. The setup circuitry performs one or more security functions in the security setup stage to enhance the cyber security of mediator. The switching circuitry, conditioned upon control from the timing/control circuitry, switches between the coupling of: (1) at least one of the host side ports with at least two of any one of (a) the setup circuitry; (b) the rest of the mediator circuitries; (c) one of the console side ports; (d) a null port, and (2) at least one of the console side ports with at least two of any one of (a) the setup circuitry; (b) the rest of the mediator circuitries; (c) one of the host side ports; (d) a null port.
G06F 21/57 - Certification ou préservation de plates-formes informatiques fiables, p.ex. démarrages ou arrêts sécurisés, suivis de version, contrôles de logiciel système, mises à jour sécurisées ou évaluation de vulnérabilité
G06F 21/76 - Protection de composants spécifiques internes ou périphériques, où la protection d'un composant mène à la protection de tout le calculateur pour assurer la sécurité du calcul ou du traitement de l’information dans les circuits intégrés à application spécifique [ASIC] ou les dispositifs programmables, p.ex. les réseaux de portes programmables [FPGA] ou les circuits logiques programmables [PLD]
G06F 21/85 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’interconnexion, p.ex. les dispositifs connectés à un bus ou les dispositifs en ligne
G06F 21/74 - Protection de composants spécifiques internes ou périphériques, où la protection d'un composant mène à la protection de tout le calculateur pour assurer la sécurité du calcul ou du traitement de l’information opérant en mode dual ou compartimenté, c. à d. avec au moins un mode sécurisé
G06F 3/14 - Sortie numérique vers un dispositif de visualisation
A method for securing an off-the-shelf smartphone, a secure communication system, and a security insert is provided. The method comprises removing the battery from the off-the-shelf smartphone and inserting the security insert to the battery compartment. The security insert comprises cryptographic module. The method further comprises modifying off-the-shelf smartphone and providing a power and data connection between the security insert and the smartphone. The secure communication system wirelessly transmits outgoing cellular encrypted black data, which is encrypted by the cryptographic module, from the modified off-the-shelf smartphone to a cellular network, and decrypts, by the cryptographic module, incoming cellular black data receives from the cellular network to the modified off-the-shelf smartphone. The security insert enclosure configured to be deployed in a battery compartment.
A cyber security system for in-vehicle networks comprises a plurality of electronic control units (ECUs) communicating via a vehicle bus. The system comprises a plurality of bus security units (BSUs), wherein each BSU is configured to be connected between the vehicle bus and one of the ECUs, and the BSUs communicating via a security bus separate from the vehicle bus. Each BSU is configured to monitor the activity of the corresponding ECU, on the vehicle bus, send the monitored activity to another BSU on the security bus and detect abnormal communication on the vehicle bus.
A wireless communication system comprising a smartphone comprising antenna system, and an add-on device that is configured to be attached to the smartphone, wherein, the add-on device comprises, a wireless communication module configured to transmit and receive RF communication signals, and an antenna coupling system that couples between the wireless communication module and the smartphone's antenna system in order to at least transmit or receive the RF communication signals by the smartphone's antenna system, the antenna coupling system couples the RF communication signals by at least one of or the combination of (a) conduction with the enclosure of the smartphone, and (b) induction between the add-on device and the smartphone.
A system incorporating a smartphone and an add-on device coupled to each other via combined data/power interface, the smartphone having a rechargeable battery connected to battery protection circuitry and the add-on device optionally having a rechargeable battery connected to battery protection circuitry as well, the combined data/power interface having one or more data pins for transferring data between the smartphone and the add-on device, one or more regulated power delivery pins, and one or more protected-battery power delivery pins, wherein the regulated power delivery pins are used to charge the battery of the smartphone from an external charger coupled to the add-on device, the batteries are connected to the battery protection circuitries that is configured to protect the battery by cutoff or limit the current or voltage on the battery electrodes, and the protected-battery power delivery pins are connected to the battery protection circuitries of the smartphone or add-on device.
A system incorporating a smartphone comprising a smartphone and add-on device coupled to each other via combined data/power interface, wherein the smartphone comprises a rechargeable battery connected to battery protection circuitry and the add-on device optionally comprises a rechargeable battery connected to battery protection circuitry as well, the combined data/power interface comprises: one or more data pins for transferring data between the smartphone and the add-on device; one or more regulated power delivery pins; and one or more protected-battery power delivery pins, wherein the regulated power delivery pins are used to charge the battery of the smartphone from an external charger coupled to the add-on device, the batteries are connected to the battery protection circuitries that is configured to protect the battery by cutoff or limit the current or voltage on the battery electrodes, the protected-battery power delivery pins are connected to the battery protection circuitries of the smartphone or add-on device. The following power delivery paths are enabled: (1) the add-on device is powered by the battery of the smartphone through the protected-battery power delivery pins that are connected to the output of the battery protection circuitry of the smartphone. (2) the smartphone is powered by the battery of the add-on device through the protected-battery power delivery pins that are connected to the output of the battery protection circuitry of the add-on device, and (3) the batteries charge each other through the protected-battery power delivery pins that are connected to the output of the battery protection circuitries of smartphone and add-on devices.
A secure phone system comprising a plurality of Voice over IP (VoIP) phones, each having an enhanced security implant device, a Mutual Disabling Unit (MDU) and a method of operating the system for securing VoIP phones located in the same room by disabling a VoIP phone while a call is active in another phone in order to prevent audio eavesdropping.
A mediator and a method for securing a mediator for coupling between one or more hosts and one or more consoles comprising one or more peripheral devices. The mediator is having at least three stages: (i) a security setup stage; (ii) a neutralization stage; and (iii) a normal operation stage. In the normal operation stage, the mediator couples between at least one of the one or more peripheral devices and at least one of the one or more peripheral devices. In the neutralization stage the mediator disable coupling between at least one of the one or more peripheral devices and at least one of the one or more peripheral devices. The securing method starts with the security setup stage after at least one of (a) a power-up; (b) a reset; (c) a device connection; and (d) an unlock command. Upon entering the security setup stage, the method performs the following: (1) reading the device information of the one or more peripheral devices; (2) if the mediator is in Unlock state, waiting for a locking command and upon locking command arrival, register the information of the one or more peripheral devices to non-volatile memory, and proceed to normal operation stage, (3) if the mediator is in Lock state, compare the registered information of the one or more peripheral devices with the information read previously, and upon a match proceed to normal operation stage and upon a miss-match proceed to neutralization stage. The lock and unlock commands are provided from an authorized user or an administrator.
G06F 21/85 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’interconnexion, p.ex. les dispositifs connectés à un bus ou les dispositifs en ligne
G06F 21/84 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’affichage, p.ex. écrans ou moniteurs
G06F 21/83 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs de saisie de données, p.ex. claviers, souris ou commandes desdits claviers ou souris
A peripheral devices switch, a peripheral device, and a keyboard configured to be connected to a plurality of host computers. The peripheral devices switch configured to be coupled to at least one set of peripheral devices and to a plurality of host computers. A color is assigned to each host computer and the at least one set of peripheral devices illuminates at least one polychromatic light source with the color that is assigned to an active host computer. A peripheral device interface to interface between the peripheral device and the peripheral devices switch may be a composite interface comprises two independent interface protocols either by sharing a single connector and cable but having separate pins in the connector and corresponding wires in the cable, or by having a separate cable and separate connector to each one of said interface protocol. The composite interface comprises a primary standard peripheral device interface for the standard peripheral device functionalities, and secondary dedicated peripheral device interface configured to instructs the illumination of the polychromatic indication.
G06F 3/023 - Dispositions pour convertir sous une forme codée des éléments d'information discrets, p.ex. dispositions pour interpréter des codes générés par le clavier comme codes alphanumériques, comme codes d'opérande ou comme codes d'instruction
G06F 13/42 - Protocole de transfert pour bus, p.ex. liaison; Synchronisation
G08B 5/36 - Systèmes de signalisation optique, p.ex. systèmes d'appel de personnes, indication à distance de l'occupation de sièges utilisant une transmission électromécanique utilisant des sources de lumière visible
G06F 3/02 - Dispositions d'entrée utilisant des interrupteurs actionnés manuellement, p.ex. des claviers ou des cadrans
A secure audio switch comprising: a plurality of host computer interfaces, each for interfacing the secure audio switch with a corresponding host computer, for receiving audio signals from said corresponding host computer; a user audio interface, for interfacing the secure audio switch with at least one user audio device, wherein said at least one user audio device comprises at least one of a speaker or an earphone; an Audio Output Channel (AOC), coupled to said user audio interface comprises audio security device to reduce data leak by intentionally reducing data rate capable of flowing through said AOC to a maximum rate comparable to the minimal rate required for reproducing human speech, and forcing audio data flow only in the direction to said user audio interface by using an analog audio diode and an analog low pass filter in the audio output channel (AOC).
G10L 19/00 - Techniques d'analyse ou de synthèse de la parole ou des signaux audio pour la réduction de la redondance, p.ex. dans les vocodeurs; Codage ou décodage de la parole ou des signaux audio utilisant les modèles source-filtre ou l’analyse psychoacoustique
H04N 7/52 - Systèmes pour la transmission d'un signal vidéo modulé par impulsions codées avec d'autres signaux modulés par impulsions codées, p.ex. un signal audio ou un signal de synchronisation
G06F 3/023 - Dispositions pour convertir sous une forme codée des éléments d'information discrets, p.ex. dispositions pour interpréter des codes générés par le clavier comme codes alphanumériques, comme codes d'opérande ou comme codes d'instruction
Mediating between host and display where a mediator enforces security policy over bidirectional protocols of a Display Data Channel (DDC) of video communication protocols between host and display, where AD-EDID display emulators are coupled to DDCs of the host's video port, AD-EDID host emulators are coupled to DDCs of display's video port and security enforcing communication units couple between pairs of AD-EDID display emulator and AD-EDID host emulator, where AD-EDID display emulators emulate display operation and behavior over the DDC, AD-EDID host emulators emulate host operation and behavior over the DDC and security enforcing communication units enforce security policy such as unidirectional communication between the pairs of AD-EDID host emulators and AD-EDID display emulators.
H04N 21/647 - Signalisation de contrôle entre des éléments du réseau et serveur ou clients; Procédés réseau pour la distribution vidéo entre serveur et clients, p.ex. contrôle de la qualité du flux vidéo en éliminant des paquets, protection du contenu contre une modification non autorisée dans le réseau ou surveillance de la charge du résea
H04N 21/835 - Génération de données de protection, p.ex. certificats
13.
System and method of polychromatic identification for a KVM switch
Systems and methods of a peripheral devices switching system configured to be connected to a plurality of host computers, including at least one set of peripheral devices, a peripheral devices switch that is to be coupled to said at least one set of peripheral devices and said plurality of host computers, where the peripheral devices switch assigns a color to each host computer, and couple between said at least one set of peripheral devices and an active host computer, and one or more polychromatic light sources that are being comprised in the peripheral devices switch, the at least one of the peripheral devices of the sets of peripheral devices or both, where the peripheral devices switch indicates the active host computer by illuminating at least one polychromatic light source by the color that is assigned to the active host computer.
G06F 13/10 - Commande par programme pour dispositifs périphériques
G06F 3/023 - Dispositions pour convertir sous une forme codée des éléments d'information discrets, p.ex. dispositions pour interpréter des codes générés par le clavier comme codes alphanumériques, comme codes d'opérande ou comme codes d'instruction
A secure cellular communication system comprises a modified smartphone mated with a security pack. A Cryptographic module within the security pack encrypts all cellular outgoing data and decrypts cellular incoming data. The modified smartphone is modified to rout all cellular outgoing data and incoming data via the Cryptographic module within the security pack. The cellular MODEM may reside within the security pack while the phone's cellular MODEM is disabled, or the phone's cellular MODEM may be used.
H04L 9/32 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
H04W 12/02 - Protection de la confidentialité ou de l'anonymat, p.ex. protection des informations personnellement identifiables [PII]
H04M 1/72409 - Interfaces utilisateur spécialement adaptées aux téléphones sans fil ou mobiles avec des moyens de soutien local des applications accroissant la fonctionnalité par interfaçage avec des accessoires externes
A portable computer providing high level of security comprises of two completely logically and electrically isolated computer modules within one tamper resistant enclosure. One computer module is for Higher-Security applications (refer higher-security to as “red”) and the other is for Lower-Security applications such as email and internet (refer lower-security to as “black”). The two modules are coupled together to secure Peripheral Sharing Switch that enables intuitive user interaction while minimizing the security risk resulted from sharing same peripheral device.
G06F 21/74 - Protection de composants spécifiques internes ou périphériques, où la protection d'un composant mène à la protection de tout le calculateur pour assurer la sécurité du calcul ou du traitement de l’information opérant en mode dual ou compartimenté, c. à d. avec au moins un mode sécurisé
G06F 1/16 - TRAITEMENT ÉLECTRIQUE DE DONNÉES NUMÉRIQUES - Détails non couverts par les groupes et - Détails ou dispositions de structure
G06F 1/18 - Installation ou distribution d'énergie
G06F 13/42 - Protocole de transfert pour bus, p.ex. liaison; Synchronisation
G06F 21/32 - Authentification de l’utilisateur par données biométriques, p.ex. empreintes digitales, balayages de l’iris ou empreintes vocales
G06F 21/34 - Authentification de l’utilisateur impliquant l’utilisation de dispositifs externes supplémentaires, p.ex. clés électroniques ou cartes à puce intelligentes
A method for securing a KVM Matrix system by inserting a plurality of input security isolators, each of the input security isolators is placed between a host computer and matrix host adapter of the KVM matrix system to enforce security data flow policy that is applicable for the corresponding host computer. Additionally, a security filter is placed between peripheral devices and a matrix console adapter to enforce security data flow policy that is applicable for the corresponding peripheral devices.
G06F 21/83 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs de saisie de données, p.ex. claviers, souris ou commandes desdits claviers ou souris
G06F 21/84 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’affichage, p.ex. écrans ou moniteurs
G06F 21/85 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’interconnexion, p.ex. les dispositifs connectés à un bus ou les dispositifs en ligne
A security implant device and a method of operation of the security implant, for securing Voice over IP (VoIP) phone, the implant device disables audio input and output components of the VoIP phone in order to prevent audio eavesdropping.
A method for securing a KVM Matrix system by inserting a plurality of input security isolators, each of the input security isolators is placed between a host computer and matrix host adapter of the KVM matrix system to enforce security data flow policy that is applicable for the corresponding host computer. Additionally, a security filter is placed between peripheral devices and a matrix console adapter to enforce security data flow policy that is applicable for the corresponding peripheral devices.
G06F 21/83 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs de saisie de données, p.ex. claviers, souris ou commandes desdits claviers ou souris
G06F 13/10 - Commande par programme pour dispositifs périphériques
A self-locking USB filter device is disclosed that comprises at least one permanently attachable self-locking USB plug having at least one locking tooth to permanently connect the permanently attachable self-locking USB plug to a USB jack of a protected computing apparatus. The self-locking USB filter protects the protected computing apparatus by blocking unauthorized data transfer and blocks all communication unless the authenticator is authenticated by software installed in the protected computing apparatus. A method of protecting USB jacks of a computing device is also disclosed.
G06F 21/44 - Authentification de programme ou de dispositif
G06F 21/85 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’interconnexion, p.ex. les dispositifs connectés à un bus ou les dispositifs en ligne
A USB security gateway device is integrated within a host computer. The USB security gateway device is used for protecting a USB port of a host computer against interaction with unauthorized USB device. The USB security gateway device qualifies any USB peripheral device before it allows it to interact with the host device. Qualification parameters are stored in the USB security gateway device and are reprogrammable.
H04L 9/32 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
G06F 21/85 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’interconnexion, p.ex. les dispositifs connectés à un bus ou les dispositifs en ligne
G06F 13/10 - Commande par programme pour dispositifs périphériques
G06F 21/82 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion
21.
Method and apparatus for securing voice over IP telephone device
A security implant device and a method of operation of the security implant, for securing Voice over IP (VoIP) phone, the implant device disables audio input and output components of the VoIP phone in order to prevent audio eavesdropping.
A self-locking USB filter device is disclosed that comprises at least one permanently attachable self-locking USB plug having at least one locking tooth to permanently connect the permanently attachable self-locking USB plug to a USB jack of a protected computing apparatus. The self-locking USB filter protects the protected computing apparatus by blocking unauthorized data transfer and blocks all communication unless the authenticator is authenticated by software installed in the protected computing apparatus. A method of protecting USB jacks of a computing device is also disclosed.
H01R 4/48 - Connexions par serrage; Connexions par ressort utilisant un ressort, un clip, ou un autre organe élastique
G06F 21/44 - Authentification de programme ou de dispositif
H01R 13/66 - Association structurelle avec des composants électriques incorporés
H01R 13/717 - Association structurelle avec des composants électriques incorporés avec une source lumineuse intégrée
G06F 21/85 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’interconnexion, p.ex. les dispositifs connectés à un bus ou les dispositifs en ligne
23.
KVM having blue screen of death detection and warning functions
A device, apparatus, system and method for determining failure of a computer host among a plurality of hosts. The host failure detection device may be integrated in a KVM apparatus. The device monitors the video output of the plurality of hosts and if identifies a Blue Screen of Death or BIOS failure Black Screen, it issues a warning and logs the details of the discovered failure. The device may attempt to recover the failed host by transmitting emulated keyboard and mouse commands to the failed host.
G06F 21/50 - Contrôle des usagers, programmes ou dispositifs de préservation de l’intégrité des plates-formes, p.ex. des processeurs, des micrologiciels ou des systèmes d’exploitation
G06F 3/14 - Sortie numérique vers un dispositif de visualisation
G06F 3/02 - Dispositions d'entrée utilisant des interrupteurs actionnés manuellement, p.ex. des claviers ou des cadrans
G06F 3/023 - Dispositions pour convertir sous une forme codée des éléments d'information discrets, p.ex. dispositions pour interpréter des codes générés par le clavier comme codes alphanumériques, comme codes d'opérande ou comme codes d'instruction
G06F 11/34 - Enregistrement ou évaluation statistique de l'activité du calculateur, p.ex. des interruptions ou des opérations d'entrée–sortie
24.
Secured KVM system having remote controller-indicator
A secure peripheral switching system comprises a secure peripheral switch remotely coupled to a secure remote controller-indicator, wherein the secure peripheral switch is capable of interfacing with at least two coupled host computers while ensuring data isolation among said at least two coupled host computers, said secure peripheral switch comprising a first interface circuitry to securely link the secure peripheral switch with said secure remote controller-indicator; and a secure remote controller-indicator. The secure remote controller-indicator comprises a second interface circuitry to securely link said secure remote controller-indicator with said secure peripheral switch; a control function capable of enabling a remote user control of said coupled secure peripheral switch; an indication function capable of providing a remote user indications of coupled secure peripheral switch; and an anti-tampering circuitry to detect physical tampering event and report such event to said secure peripheral switch.
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06F 3/023 - Dispositions pour convertir sous une forme codée des éléments d'information discrets, p.ex. dispositions pour interpréter des codes générés par le clavier comme codes alphanumériques, comme codes d'opérande ou comme codes d'instruction
G06F 13/10 - Commande par programme pour dispositifs périphériques
G06F 21/55 - Détection d’intrusion locale ou mise en œuvre de contre-mesures
G06F 21/74 - Protection de composants spécifiques internes ou périphériques, où la protection d'un composant mène à la protection de tout le calculateur pour assurer la sécurité du calcul ou du traitement de l’information opérant en mode dual ou compartimenté, c. à d. avec au moins un mode sécurisé
G06F 21/82 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion
G06F 21/83 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs de saisie de données, p.ex. claviers, souris ou commandes desdits claviers ou souris
G06F 21/85 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’interconnexion, p.ex. les dispositifs connectés à un bus ou les dispositifs en ligne
25.
Self-locking USB protection pug device having LED to securely protect USB jack
Methods, devices and system for enhancing computer information security by physically blocking unused USB ports with self-locking devices, or by providing USB port self-locking device with internal circuitry that qualifies and secures user peripheral device attached to the computer, and by continuously communicating with a management software application that provides real-time monitoring and warnings when any USB self-locking device is being removed or tampered. The self-locking devices use a spring loaded teeth in the USB plug that lock into tab spaces in the USB jack. Visual indicator provides positive assurance when all ports are secure. Each self-locking devices include a security circuit which is uniquely paired with the protected port. Some self-locking devices include data filters that only enable connecting authorized peripheral devices.
G06F 21/44 - Authentification de programme ou de dispositif
G06F 21/85 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’interconnexion, p.ex. les dispositifs connectés à un bus ou les dispositifs en ligne
A meeting room power and multi-media center device having one or more wired or wirelessly connected displays or projectors selectively connected to one or more plurality of connected computers. The device provides user indications of qualified input video signals and enables remote control through wirelessly connected remote controller device. The device also provides AC power jacks and USB power jacks to power and charge various portable devices. Another embodiment of the current invention provides similar device further having video processing function to display multiple video sources simultaneously on one or more displays or projectors.
A serial protocol based Docking device having a single set of user peripherals supports multiple removable host computers having different video output types and different operating systems. The device provides mouse tracking function that switches the keyboard and mouse to the different host computers when the cursor is moved by the user across the respective display boundary. The docking device provides file-sharing and cut-and-paste functions across the different docked host computers. Laptops, tabletops as well as Smartphones, tablets and other forms of portable platforms are supported. Dragging an item from a display designated to a first host computer to a display designated to a second host computer performs moving or copying the item from the first host to the second host.
The present invention presents apparatuses and systems for operating multiple computers from a single keyboard and a single mouse and view composite videos generated from video output of the multiple computers on a single display, while preventing any possible information leakage between the computers. Keyboard and mouse commands detected by a host controller are used to control a video processor and a peripheral switch. The peripheral switch directs keyboard and mouse signals to one selected host and at the same time, the video processor creates an active display window showing video information from the selected host. Physical unidirectional isolators in the video, keyboard and mouse channels prevent any potential data leakages between hosts.
G06F 13/12 - Commande par programme pour dispositifs périphériques utilisant des matériels indépendants du processeur central, p.ex. canal ou processeur périphérique
G06F 13/10 - Commande par programme pour dispositifs périphériques
G06F 3/023 - Dispositions pour convertir sous une forme codée des éléments d'information discrets, p.ex. dispositions pour interpréter des codes générés par le clavier comme codes alphanumériques, comme codes d'opérande ou comme codes d'instruction
G06F 21/83 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs de saisie de données, p.ex. claviers, souris ou commandes desdits claviers ou souris
G06F 21/84 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’affichage, p.ex. écrans ou moniteurs
G06F 13/00 - Interconnexion ou transfert d'information ou d'autres signaux entre mémoires, dispositifs d'entrée/sortie ou unités de traitement
G06F 21/82 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion
Single Optical Fiber KVM (Keyboard Video Mouse) systems are provided that comprises of two subsystems: an electro-optical transmitter subsystem and an electro-optical receiver subsystem. The single optical fiber KVM is configured to support all required bi-directional communications.
G06F 13/12 - Commande par programme pour dispositifs périphériques utilisant des matériels indépendants du processeur central, p.ex. canal ou processeur périphérique
H04B 10/00 - Systèmes de transmission utilisant des ondes électromagnétiques autres que les ondes hertziennes, p.ex. les infrarouges, la lumière visible ou ultraviolette, ou utilisant des radiations corpusculaires, p.ex. les communications quantiques
G06F 3/02 - Dispositions d'entrée utilisant des interrupteurs actionnés manuellement, p.ex. des claviers ou des cadrans
G06F 3/023 - Dispositions pour convertir sous une forme codée des éléments d'information discrets, p.ex. dispositions pour interpréter des codes générés par le clavier comme codes alphanumériques, comme codes d'opérande ou comme codes d'instruction
H04L 5/00 - Dispositions destinées à permettre l'usage multiple de la voie de transmission
H04L 5/14 - Fonctionnement à double voie utilisant le même type de signal, c. à d. duplex
A security device for hindering data theft and data leaks via audio channel of a computer system is based on passing the audio signals through a coding vocoder that receives input audio signal from a computer and compressing the signal to a low bit-rate digital data indicative of human speech; and a decoding vocoder that decompress the digital data back to a secure audio signal. The data transfer of the protected audio channel is intentionally limited not to exceed the bit-rate needed to carry vocoder-compressed human speech which is well below the capabilities of unprotected audio channel. Both analog and digital audio ports may be protected. Hardware bit-rate limiter protect the system from software hacking.
G10L 19/00 - Techniques d'analyse ou de synthèse de la parole ou des signaux audio pour la réduction de la redondance, p.ex. dans les vocodeurs; Codage ou décodage de la parole ou des signaux audio utilisant les modèles source-filtre ou l’analyse psychoacoustique
G10L 15/26 - Systèmes de synthèse de texte à partir de la parole
A streaming video security device is provided that comprises an input LAN interface, at least one streaming video decoder, an output LAN interface, at least one streaming video encoder coupled at one side to said LAN interface for streaming video output and coupled at the other side to a raw video display-compatible output interface; and unidirectional data flow element coupled at the transmitting side to the streaming video decoder through the raw video display-compatible output interface and coupled at the receiving side to one or more video encoder through the raw video display-compatible input interface.
G06F 9/00 - Dispositions pour la commande par programme, p.ex. unités de commande
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06F 15/16 - Associations de plusieurs calculateurs numériques comportant chacun au moins une unité arithmétique, une unité programme et un registre, p.ex. pour le traitement simultané de plusieurs programmes
32.
User authentication device having multiple isolated host interfaces
Devices and methods provide for enabling a user to use a single user authentication device such as smart-card reader, such that the user is capable of securely interfacing with two or more isolated computers and enabling the user to authenticate and remain authenticated at multiple computers at the same time. Once the user removes the smart-card from the smart-card reader, the authentication session on all coupled computers is terminated at once. The user authentication device comprises: an authentication module connected via a channel selection switch to one of a plurality of channels, each interfacing with a respective coupled computer.
G06F 7/04 - Contrôle d'égalité, c. à d. pour valeurs égales ou non
G06F 15/16 - Associations de plusieurs calculateurs numériques comportant chacun au moins une unité arithmétique, une unité programme et un registre, p.ex. pour le traitement simultané de plusieurs programmes
G06F 17/30 - Recherche documentaire; Structures de bases de données à cet effet
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06F 21/34 - Authentification de l’utilisateur impliquant l’utilisation de dispositifs externes supplémentaires, p.ex. clés électroniques ou cartes à puce intelligentes
G06F 21/41 - Authentification de l’utilisateur par une seule ouverture de session qui donne accès à plusieurs ordinateurs
G06F 21/32 - Authentification de l’utilisateur par données biométriques, p.ex. empreintes digitales, balayages de l’iris ou empreintes vocales
G06F 21/85 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’interconnexion, p.ex. les dispositifs connectés à un bus ou les dispositifs en ligne
G07F 7/10 - Mécanismes actionnés par des objets autres que des pièces de monnaie pour déclencher ou actionner des appareils de vente, de location, de distribution de pièces de monnaie ou de papier-monnaie, ou de remboursement par carte d'identité codée ou carte de crédit codée utilisée simultanément avec un signal codé
G06F 13/10 - Commande par programme pour dispositifs périphériques
G06Q 20/34 - Architectures, schémas ou protocoles de paiement caractérisés par l'emploi de dispositifs spécifiques utilisant des cartes, p.ex. cartes à puces ou cartes magnétiques
A system enabling a computer user to securely share a single set of keyboard and mouse (KM) among multiple isolated computers. The system enables one set of peripheral devices to independently interact with multiple coupled isolated computers through mouse position analysis on a virtual display area corresponding to multiple physical user displays of the particular installation. The system may be used to enable computer user having multiple isolated computers each with one or more coupled display to automatically switch a single set of keyboard mouse and other peripheral devices between the different computers. As isolated computers may have different security levels, the method and apparatus of the present invention prevents and potential data leakages between computers and coupled networks.
G06F 13/12 - Commande par programme pour dispositifs périphériques utilisant des matériels indépendants du processeur central, p.ex. canal ou processeur périphérique
G06F 3/02 - Dispositions d'entrée utilisant des interrupteurs actionnés manuellement, p.ex. des claviers ou des cadrans
G06F 21/83 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs de saisie de données, p.ex. claviers, souris ou commandes desdits claviers ou souris
G06F 21/84 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’affichage, p.ex. écrans ou moniteurs
G06F 3/023 - Dispositions pour convertir sous une forme codée des éléments d'information discrets, p.ex. dispositions pour interpréter des codes générés par le clavier comme codes alphanumériques, comme codes d'opérande ou comme codes d'instruction
G06F 1/16 - TRAITEMENT ÉLECTRIQUE DE DONNÉES NUMÉRIQUES - Détails non couverts par les groupes et - Détails ou dispositions de structure
G06F 13/38 - Transfert d'informations, p.ex. sur un bus
A secure peripheral device, coupled to a computer, capable of enabling a user to use a peripheral device such as a microphone, speakers, headset or video camera when the device is in operational state, while giving to the user a clear visual indication that the device is enabled. The device simultaneously disables the user peripheral device; and turns off the visual indication when the secure peripheral device is in secure state. The operational state is activated by the user by pressing a momentary push-button switch. A timer resets the device to a secure state after a short preset time. The device has anti-tempering functionality and becomes permanently disabled if tempered with. Optionally the device is coupled to the computer via a USB port that powers it.
A secure video camera device for reducing the risk of visual and audio eavesdropping has a video camera and an electromechanical shutter behind a transparent cover in a secured enclosure. The shutter optically obscures the camera lens when the device is in secure state. A visual indicator indicates when the device is in operational state. A switch controllable by the user, select the state of the device by concurrently disabling the camera turning off the visual indicator in a secure state; and setting said device in an operational state by concurrently enabling the camera and turning on said lighted indicator. The device has a built in, or auxiliary microphone, and audio outputs which are disabled in secure state of the device. The device is tempered proof by an anti-tempering circuitry.
A secure audio peripheral device, coupled to a computer, capable of enabling a user to use audio devices such as a microphone, speakers or headset when the device is in operational state, while giving to the user a clear visual indication that the audio devices are enabled. The device simultaneously disables the microphone; and turns off the visual indication when the device is in secure state. The operational state is activated by the user by pressing a momentary push-button switch. A timer resets the device to a secure state after a short preset time. The device has anti-tempering functionality and becomes permanently disabled if tempered with. Optionally the device is coupled to the computer via a USB port that powers a USB CODEC chip and a LED used as the visual indicator.
G06F 21/83 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs de saisie de données, p.ex. claviers, souris ou commandes desdits claviers ou souris
37.
Computer motherboard having peripheral security functions
A secure motherboard for a computer, wherein each user accessible peripheral port is protected by hardware based peripheral protection circuitry soldered to the motherboard. The protection circuitry provides security functions decreasing the vulnerability of the computer to data theft. User input ports such as keyboard and mouse peripheral ports are coupled to the computer through a security function that enforce unidirectional data flow only from the user input devices to the computer. Display port uses a security function which isolates the EDID in the display from the computer. Authentication device such as smart card reader is coupled to the computer via a port having a security function which enumerates the authentication device before coupling it to the computer.
G06F 21/04 - par protection de périphériques spécifiques, p.ex. de claviers ou de dispositifs d'affichage
G06F 3/02 - Dispositions d'entrée utilisant des interrupteurs actionnés manuellement, p.ex. des claviers ou des cadrans
G06F 21/85 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’interconnexion, p.ex. les dispositifs connectés à un bus ou les dispositifs en ligne
G06F 21/83 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs de saisie de données, p.ex. claviers, souris ou commandes desdits claviers ou souris
G06F 21/84 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’affichage, p.ex. écrans ou moniteurs
G06F 21/34 - Authentification de l’utilisateur impliquant l’utilisation de dispositifs externes supplémentaires, p.ex. clés électroniques ou cartes à puce intelligentes
38.
Secure KVM system having multiple emulated EDID functions
The present invention discloses a KVM (Keyboard Video Mouse) device for operation in high security environments. More specifically, this invention discloses a secure KVM built to prevent data leakages between two or more coupled computer hosts. The invention also discloses methods of operation of the secure KVM. Further more particularly, the invention presents a special secure KVM device for interacting with computers using a single user console, while preventing data leakage between the connected computers and attached networks.
G06F 9/455 - Dispositions pour exécuter des programmes spécifiques Émulation; Interprétation; Simulation de logiciel, p.ex. virtualisation ou émulation des moteurs d’exécution d’applications ou de systèmes d’exploitation
G06F 3/023 - Dispositions pour convertir sous une forme codée des éléments d'information discrets, p.ex. dispositions pour interpréter des codes générés par le clavier comme codes alphanumériques, comme codes d'opérande ou comme codes d'instruction
G06F 3/14 - Sortie numérique vers un dispositif de visualisation
G06F 21/83 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs de saisie de données, p.ex. claviers, souris ou commandes desdits claviers ou souris
G06F 21/85 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs d’interconnexion, p.ex. les dispositifs connectés à un bus ou les dispositifs en ligne
G06F 21/32 - Authentification de l’utilisateur par données biométriques, p.ex. empreintes digitales, balayages de l’iris ou empreintes vocales
G06F 21/34 - Authentification de l’utilisateur impliquant l’utilisation de dispositifs externes supplémentaires, p.ex. clés électroniques ou cartes à puce intelligentes
39.
Secure KVM device ensuring isolation of host computers
The present invention presents apparatuses and systems for operating multiple computers from a single console using a secured KVM device, while preventing information leakage between the computers. The system comprises several hosts connected through a secured KVM device to keyboard and mouse and one or more user displays. Secured KVM enables standard bi-directional communication between Secured KVM and user keyboard and mouse and between hosts peripheral ports and Secured KVM. Secured KVM physically enforces unidirectional data flow from attached keyboard and mouse to attached hosts peripheral ports to avoid potential leakages between hosts.
G06F 13/12 - Commande par programme pour dispositifs périphériques utilisant des matériels indépendants du processeur central, p.ex. canal ou processeur périphérique
G06F 21/83 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion dispositifs de saisie de données, p.ex. claviers, souris ou commandes desdits claviers ou souris
G06F 21/82 - Protection des dispositifs de saisie, d’affichage de données ou d’interconnexion
G06F 13/00 - Interconnexion ou transfert d'information ou d'autres signaux entre mémoires, dispositifs d'entrée/sortie ou unités de traitement