ABSTRACT
“A computing system for a secure and reliable firmware update through a verification process, dynamic validation and continuous monitoring for error or failure and speedy correction of Internet of Things (IoT) device operability. The invention uses a Trusted Execution Environment (TEE) for hardware-based isolation of the firmware update, validation and continuous monitoring services. The isolation is performed by hardware System on a Chip (SoC) Security Extensions such as ARM TrustZone or similar technologies on other hardware platforms. The invention therefore comprises Firmware Update Service (FUS), System Validation Service (SMS) and Continuous Monitoring Service (CMS) running in the TEE with dedicated memory and storage, thus providing a trusted configuration management functionality for the operating system (OS) code and applications on IoT devices.”
Patent No. 10,108,800
Awarded October 23, 2018
Patent No. 10,360,386
Awarded July 23, 2019
ABSTRACT
“Using an ARM processor, a method is provided for endpoint computing systems such as mobile devices or laptops to provide a hardware isolated runtime environment for multiple operating systems (OS’s). OS isolation is performed by hardware ARM Security Extensions added to ARMv6 processors (or higher) and controlled by a software Secure Monitor Module (SMM). The invention therefore comprises hardware enforcement mechanisms configured by the SMM to confine each OS to its own respective resources (kernel, RAM, drivers, storage). The invention is applicable to systems with different OS switching mechanisms, such as full computer system reboot to switch OS’s, suspension of one OS and resuming another, or using a virtual machine hypervisor to execute several OS’s in parallel.”
ABSTRACT
“Using a single processor, separate and independent hardware-enforced operating systems (OS’s) are created in a computer, each OS inaccessible by another OS so that malware introduced in one OS cannot access and contaminate another. With a trusted switching mechanism, only one OS is active at any time yet switching between OS’s occurs quickly by user action, without need to save open data and/or close the active OS, and/or reboot the inactive OS, yet on activation, the previously inactive OS resumes back where it was left off and no OS rebooting is required.”
Patent No. 10,250,595
Awarded April 2, 2019
ABSTRACT
“The invention relates to a method for computer systems based on the ARM processor, for example mobile devices, wherein the ARM processor provides fully hardware isolated runtime environments for an operating system (OS) and Trusted Execution Environment (TEE) including an embedded trusted network security perimeter. The isolation is performed by hardware ARM Security Extensions added to ARMv6 processors and greater and controlled by TrustWall software. The invention therefore comprises an embedded network security perimeter running in TEE on one or more processor cores with dedicated memory and storage and used to secure all external network communications of the host device. The invention addresses network communications control and protection for Rich OS Execution Environments and describes minimal necessary and sufficient actions to prevent unauthorized access to or from external networks.”
ABSTRACT
“The invention comprises a mobile device with two circuit boards and certain shared resources, in order to provide the security of physically separate devices, yet do so in a single device using shared resources that do not affect security. Specifically, the invention has two boards connected via input/output switch, each having its own System-on-a-Chip (SoC), Memory (RAM), Storage and Radio Module (SIM(s)/Bluetooth/Wi-Fi) and may include one or more SIM cards. Touchscreen, battery, physical buttons and other peripherals are shared between boards. Each shared peripheral hardware module will be used by a single board only (the active in-use board being the “Foreground Board”); another board (the inactive “Background Board”) uses an emulated version of the same hardware module. At any moment, a user can switch between Boards and the Background Board becomes the active Foreground Board and vice versa.”
Patent No. 10,503,237
Awarded December 10, 2019
Patent No. 10,948,967
Awarded March 16, 2021
ABSTRACT
“The invention provides multiple secure virtualized environments operating in parallel with optimal resource usage, power consumption and performance. The invention provides a method whereby virtual machines (VMs) have direct access to the computing system’s hardware without adding traditional virtualization layers while the hypervisor maintains hardware-enforced isolation between VMs, preventing risks of cross-contamination. Additionally, some of the VMs can be deactivated and reactivated dynamically when needed, which saves the computing system resources. As a result, the invention provides bare-metal hypervisor use and security but without the limitations that make such hypervisors impractical, inefficient and inconvenient for use in mobile devices due to the device’s limited CPU and battery power capacity.”
ABSTRACT
“The present teachings disclose a file Content Disarm and Reconstruction (CDR) system and method. The system includes: a disarm environment comprising disarm sandboxes to transform a file; a separate reconstruct environment; and a controller to classify a file content of a file as a filetype, to provide the file and the filetype to a selected disarm sandbox of the disarm sandboxes for transformation, to receive one or more disarmed files from the selected disarm sandbox, to provide the one or more disarmed files to the reconstruct environment, and to receive a reconstructed file from the reconstruct environment, wherein the disarm environment, the reconstruct environment, and the controller are isolated and separated from one another by hardware. Isolated and separate Virtual Machines (VMs) may host the controller, the disarm environment and the reconstruct environment. The VMs may be disposable VMs that include an application sandbox environment. The VMs may be provided by a cloud service.”
InZero is dedicated to overcoming known cybersecurity vulnerabilities, creating demonstrable solutions that are user-friendly and compatible with existing commercial cybersecurity methods and products.
©️ 2023 InZero Technologies, LLC. All rights reserved. Trademarks are the property of their respective owners.
©️ 2023 InZero Technologies, LLC. All rights reserved