ד"ר יעקב מנדל

סגל אקדמי בכיר בהפקולטה לניהול ע"ש קולר
הפקולטה לניהול ע"ש קולר סגל אקדמי בכיר

מידע כללי

ד״ר יעקב מנדל, מרצה בכיר וראש המסלול ללימודי סייבר בפקולטה לניהול באוניברסיטת תל אביב. ד״ר מנדל הוא יזם סייבר סידרתי, אשר שימש כמנכ״ל מרכז הסייבר והמצוינות בחברת אינטל. ד״ר מנדל היה מנכ״ל ואחד היזמים של חברת SCsquare אשר נמכרה לחברת ברודקום. הוא נחשב לממציא מוכשר מאוד ובעל 23 פטנטים רשומים בתחום הסייבר, בלוקצ׳יין ובינה מלאכותית. הוא בעל ניסיון עשיר ומגוון בתחומי הסייבר ההגנתי וההתקפי, ניהול והגנה על זכויות יוצרים, בדיקות חדירות ופתרונות סייבר לרשתות חכמות. בעל דוקטורט (PhD) בכלכלה מאוניברסיטת פוזנן לכלכלה ועסקים ובעל תואר MBA של אוניברסיטת בן-גוריון בנגב.

תחומי מחקר

ההיבטים הכלכליים של מתקפות סייבר, טכנולוגיית בלוקצ׳יין, היבטי פרטיות, המשכיות פעילות עיסקית תוך כדי מתקפות סייבר על האירגון.

פרסומים


SYSTEMS AND METHODS FOR MIXED PRECISION MACHINE LEARNING WITH FULLY HOMOMORPHIC ENCRYPTION
US 20230126672 · Issued Apr 27, 2023


SYSTEMS AND METHODS FOR COMBINING GRAPH EMBEDDING AND RANDOM FOREST CLASSIFICATION FOR IMPROVING CLASSIFICATION OF DISTRIBUTED LEDGER ACTIVITIES
US 20220398233 · Issued Dec 15, 2022


SYSTEMS AND METHODS FOR MANAGEMENT OF FINANCIAL TRANSACTIONSASSOCIATED WITH A FUNDING AGREEMENT
US 11514513 · Issued Nov 29, 2022


Systems and methods for graphical programming and deployment of distributed ledger applications
US 20220066746 · Issued Mar 3, 2022US 20220066746 · Issued Mar 3, 2022

Shaltiel Eloul, Sean J Moran, Jacob Mendel : 6-12-2021, Improving Streaming Cryptocurrency Transaction Classification via Biased Sampling and Graph Feedback,  https://dl.acm.org/doi/10.1145/3485832.3485913

Jacob Mendel, Moshe Zviran, "BoardTech – Information Technologies and Technological Innovation in the Boardroom", Issue 9, July 2021 https://coller.tau.ac.il/sites/coller.tau.ac.il/files/media_server/Recanati/management/newsletter/august2021/Zviran.pdf

 

Jacob Mendel, Moshe Zviran, Seen Neuman, "Information Security: The Enemy From Within", Innovations in Management, Issue 7, October 2020  (p22-29) https://coller.tau.ac.il/sites/coller.tau.ac.il/files/media_server/Recanati/management/newsletter/zviran.pdf

 

Jacob Mendel, "Smart Grid Cyber Security Challenges: Overview and Classification", e-mentor, 2017 (p55-66), ISSN 1731-6758. DOI: 10.15219/em68.1282

 

Lis, Piotr, and Jacob Mendel. "Cyberattacks on critical infrastructure: An economic perspective." Economics and Business Review EBR 19.2 (2019): 24-47. DOI: 10.18559/ebr.2019.2.2

 

Jacob Mendel "Blockchain as a Solution to Cyber Threats in the Smart Grid of the Future", Coller Venture Review, (2019): p.50-55, ISSN 1241-5542

 

Hardware isolated secure processing system within a secure element

Patent number: 10552604

Abstract: Systems and methods are provided that allow a secure processing system (SPS) to be implemented as a hard macro, thereby isolating the SPS from a peripheral processing system (PPS). The SPS and the PPS, combination, may form a secure element that can be used in conjunction with a host device and a connectivity device to allow the host device to engage in secure transactions, such as mobile payment over a near field communications (NFC) connection. As a result of the SPS being implemented as a hard macro isolated from the PPS, the SPS may be certified once, and re-used in other host devices without necessitating re-certification.

Type: Grant

Filed: May 16, 2018

Date of Patent: February 4, 2020

Assignee: NXP B.V.

Inventors: Mark Buer, Theodore Trost, Jacob Mendel

 

MOVEMENT-BASED EVENT DETECTION IN A MOBILE DEVICE

Publication number: 20190104133

Abstract: Systems and methods are provided for enhancing security by providing additional authentication factors. Prior to authentication, a user may enroll a device from which access to a service or application is authorized. During authentication, the authentication system may retrieve the location of the enrolled device and generate one or more questions that only a user in that location can answer. The user may additionally or alternatively enroll a movement signature with an authentication server as an authentication factor. The user may set a pattern for device movement. During authentication, the user moves the device in the pattern. The device then transmits the movement signature for authentication.

Type: Application

Filed: December 3, 2018

Publication date: April 4, 2019

Applicant: Avago Technologies International Sales Pte. Limited

Inventors: Shlomo MARKEL, Jacob MENDEL

 

Movement-based event detection in a mobile device

Patent number: 10148670

Abstract: Systems and methods are provided for enhancing security by providing additional authentication factors. Prior to authentication, a user may enroll a device from which access to a service or application is authorized. During authentication, the authentication system may retrieve the location of the enrolled device and generate one or more questions that only a user in that location can answer. The user may additionally or alternatively enroll a movement signature with an authentication server as an authentication factor. The user may set a pattern for device movement. During authentication, the user moves the device in the pattern. The device then transmits the movement signature for authentication.

Type: Grant

Filed: December 28, 2012

Date of Patent: December 4, 2018

Assignee: Avago Technologies International Sales Pte. Limited.

Inventors: Shlomo Markel, Jacob Mendel

 

HARDWARE ISOLATED SECURE PROCESSING SYSTEM WITHIN A SECURE ELEMENT

Publication number: 20180268132

Abstract: Systems and methods are provided that allow a secure processing system (SPS) to be implemented as a hard macro, thereby isolating the SPS from a peripheral processing system (PPS). The SPS and the PPS, combination, may form a secure element that can be used in conjunction with a host device and a connectivity device to allow the host device to engage in secure transactions, such as mobile payment over a near field communications (NFC) connection. As a result of the SPS being implemented as a hard macro isolated from the PPS, the SPS may be certified once, and reused in other host devices without necessitating re-certification.

Type: Application

Filed: May 16, 2018

Publication date: September 20, 2018

Inventors: Mark Buer, Theodore Trost, Jacob Mendel

 

Methods and systems for secured authentication of applications on a network

Patent number: 10079836

Abstract: A secured communication network can include a server including an authentication backend, the authentication backend configured to communicate with an authentication front end of a communication device. A server applet can be associated with the authentication backend. The server applet can authenticate an access right associated with the communication device and establish a security level for the communication with the communication device based on information received from the authentication front end.

Type: Grant

Filed: February 8, 2016

Date of Patent: September 18, 2018

Assignee: AVAGO TECHNOLOGIES GENERAL IP (SINGAPORE) PTE. LTD.

Inventors: Philippe Klein, Jacob Mendel, Shlomo Markel

 

 

 

 

Hardware isolated secure processing system within a secure element

Patent number: 10002246

Abstract: Systems and methods are provided that allow a secure processing system (SPS) to be implemented as a hard macro, thereby isolating the SPS from a peripheral processing system (PPS). The SPS and the PPS, combination, may form a secure element that can be used in conjunction with a host device and a connectivity device to allow the host device to engage in secure transactions, such as mobile payment over a near field communications (NFC) connection. As a result of the SPS being implemented as a hard macro isolated from the PPS, the SPS may be certified once, and re-used in other host devices without necessitating re-certification.

Type: Grant

Filed: November 23, 2015

Date of Patent: June 19, 2018

Assignee: NXP B.V.

Inventors: Mark Buer, Theodore Trost, Jacob Mendel

 

 

 

Security controlled multi-processor system

Patent number: 9910990

Abstract: Embodiments of the present disclosure provide systems and methods for implementing a secure processing system having a first processor that is certified as a secure processor. The first processor only executes certified and/or secure code. An isolated second processor executes non-secure (e.g., non-certified) code within a sandbox. The boundaries of the sandbox are enforced (e.g., using a hardware boundary and/or encryption techniques) such that code executing within the sandbox cannot access secure elements of the secure processing system located outside the sandbox. The first processor manages the memory space and the applications that are permitted to run on the second processor.

Type: Grant

Filed: December 31, 2015

Date of Patent: March 6, 2018

Assignee: NXP B.V.

Inventors: Mark L. Buer, Jacob Mendel

 

 

 

System, method and computer program product for detecting tampering in a product

Patent number: 9798294

Abstract: A system for detecting tampering in a product having a tamper-detector seal, including a secure element configured to store a digital signature and a data associated with the digital signature, transmit the digital signature and the data associated with the digital signature in response to a request, detect tampering of the tamper-detector seal, and modify the data associated with the digital signature if tampering is detected. The system further includes a seal validation device configured to receive a public key associated with the product, request the digital signature and the data associated with the digital signature from the secure element, and validate the digital signature utilizing the data associated with the digital signature and the public key associated with the product.

Type: Grant

Filed: December 26, 2012

Date of Patent: October 24, 2017

Assignee: NXP B.V.

Inventors: Shlomo Markel, Jacob Mendel

 

 

 

System utilizing a secure element

Patent number: 9674196

Abstract: A device includes a receiver configured to receive a request to perform a function. A secure element connected with the receiver, the secure element to verify the request to perform the function, where the secure element is configured to operate in either a report mode or a silent mode. Details about a status of the performance of the function are displayed when the device operates in the report mode, and no details about the status of the performance of the function are displayed when the device operates in the silent mode.

Type: Grant

Filed: June 5, 2015

Date of Patent: June 6, 2017

Assignee: NXP B.V.

Inventors: Jacob Mendel, Alexander Potievsky, Eyal Webber-Zvik

 

 

 

Apparatus and method to secure an electronic storage using a secure element

Patent number: 9400892

Abstract: A secure integrated circuit (IC) to provide access to an electronic storage, the secure IC including a memory and a processor. The processor may generate a first key and a second key, and enable storing the first key in the memory and storing the second key in a device memory of a device. The processor may then receive the second key from the device when the device wants to access the electronic storage, and grant the device access to the electronic storage by using the first key and the second key received from the device.

Type: Grant

Filed: June 28, 2013

Date of Patent: July 26, 2016

Assignee: Broadcom Corporation

Inventors: Yasantha Rajakarunanayake, William Bunch, Jacob Mendel

 

Methods and Systems for Secured Authentication of Applications on a Network

Publication number: 20160156637

Abstract: A secured communication network can include a server including an authentication backend, the authentication backend configured to communicate with an authentication front end of a communication device. A server applet can be associated with the authentication backend. The server applet can authenticate an access right associated with the communication device and establish a security level for the communication with the communication device based on information received from the authentication front end.

Type: Application

Filed: February 8, 2016

Publication date: June 2, 2016

Inventors: Philippe Klein, Jacob Mendel, Shlomo Markel

 

 

 

Mobile payTV DRM architecture

Patent number: 9344747

Abstract: A secure element operating in conjunction with a secure partition of a system-on-a-chip (SoC) having set top box (STB) functionality allows for digital rights management (DRM) key handling in a mobile platform. The secure element can include a secure processing system (SPS) to be implemented as a hard macro, thereby isolating the SPS from a peripheral processing system (PPS). The secure element and the secure partition of the SoC may be operatively connected by a secure cryptographic channel.

Type: Grant

Filed: April 9, 2013

Date of Patent: May 17, 2016

Assignee: Broadcom Corporation

Inventors: Mark Leonard Buer, Andrew Dellow, Jacob Mendel

 

 

 

Secure data transfer using random ordering and random block sizing

Patent number: 9344278

Abstract: Encrypted information is conventionally broken into blocks which are transmitted sequentially. Because the order and the size of such blocks can be easily determined, an eavesdropper can gain valuable information regarding the content of the communication. More specifically, if known types of information exist within a block, the encryption key may be determined allowing the content of other encrypted blocks to be obtained. Embodiments of a system, method and computer program product described herein can overcome this deficiency by securely transferring information through random ordering and random block sizing. An original data set to be transferred is divided into a plurality of blocks, where at least two blocks have different sizes. The blocks are encrypted and inserted into a sequence of data transfer slots. The blocks are then selected for transfer in random order by selecting a slot to transfer based on a generated random number.

Type: Grant

Filed: May 14, 2012

Date of Patent: May 17, 2016

Assignee: Broadcom Corporation

Inventor: Jacob Mendel

 

Security Controlled Multi-Processor System

Publication number: 20160117506

Abstract: Embodiments of the present disclosure provide systems and methods for implementing a secure processing system having a first processor that is certified as a secure processor. The first processor only executes certified and/or secure code. An isolated second processor executes non-secure (e.g., non-certified) code within a sandbox. The boundaries of the sandbox are enforced (e.g., using a hardware boundary and/or encryption techniques) such that code executing within the sandbox cannot access secure elements of the secure processing system located outside the sandbox. The first processor manages the memory space and the applications that are permitted to run on the second processor.

Type: Application

Filed: December 31, 2015

Publication date: April 28, 2016

Applicant: Broadcom Corporation

Inventors: Mark L. BUER, Jacob MENDEL

 

 

 

 

Hardware Isolated Secure Processing System Within A Secure Element

Publication number: 20160078223

Abstract: Systems and methods are provided that allow a secure processing system (SPS) to be implemented as a hard macro, thereby isolating the SPS from a peripheral processing system (PPS). The SPS and the PPS, combination, may form a secure element that can be used in conjunction with a host device and a connectivity device to allow the host device to engage in secure transactions, such as mobile payment over a near field communications (NFC) connection. As a result of the SPS being implemented as a hard macro isolated from the PPS, the SPS may be certified once, and re-used in other host devices without necessitating re-certification.

Type: Application

Filed: November 23, 2015

Publication date: March 17, 2016

Applicant: Broadcom Corporation

Inventors: Mark BUER, Theodore Trost, Jacob Mendel

 

 

 

Methods and systems for secured authentication of applications on a network

Patent number: 9282086

Abstract: A secured communication network can include a server including an authentication backend, the authentication backend configured to communicate with an authentication front end of a communication device. A server applet can be associated with the authentication backend. The server applet can authenticate an access right associated with the communication device and establish a security level for the communication with the communication device based on information received from the authentication front end.

Type: Grant

Filed: May 29, 2013

Date of Patent: March 8, 2016

Assignee: Broadcom Corporation

Inventors: Philippe Klein, Jacob Mendel, Shlomo Markel

 

 

 

 

Secure electronic element network

Patent number: 9276830

Abstract: A secure network of electronic elements (“network”) ensures the electronic elements that implement an electronic device are functioning properly. The network selects at least one master electronic element to consistently check that each of the electronic elements are functioning properly. When the master electronic element identifies that an electronic element is not functioning properly, the network executes a predefined response, such as a counter measure that limits the functional capability of the improperly functioning electronic element or other electronic elements. Electronic elements can identify when a master electronic element is improperly functioning by observing that the master electronic element has ceased checking on the electronic elements. The secure network can then execute a response that includes the counter measure of limiting the functional capability of the improperly functioning master electronic element and assigning a new master electronic element.

Type: Grant

Filed: May 23, 2012

Date of Patent: March 1, 2016

Assignee: Broadcom Corporation

Inventors: Jacob Mendel, Alexander Potievsky

 

 

 

Security controlled multi-processor system

Patent number: 9256734

Abstract: Embodiments of the present disclosure provide systems and methods for implementing a secure processing system having a first processor that is certified as a secure processor. The first processor only executes certified and/or secure code. An isolated second processor executes non-secure (e.g., non-certified) code within a sandbox. The boundaries of the sandbox are enforced (e.g., using a hardware boundary and/or encryption techniques) such that code executing within the sandbox cannot access secure elements of the secure processing system located outside the sandbox. The first processor manages the memory space and the applications that are permitted to run on the second processor.

Type: Grant

Filed: June 7, 2012

Date of Patent: February 9, 2016

Assignee: Broadcom Corporation

Inventors: Mark L. Buer, Jacob Mendel

 

 

Secure active networks

Patent number: 9258287

Abstract: A secure active network includes a plurality of secure elements which communicate with one another to share and log information such as identification, location, and user activity associated with each secure element. Secure elements exchange data with one another, and log data received. The periodicity of communication between secure elements, encryption of the information, and the operating frequency in which the information is transmitted and received may be changed if communication is lost between any of the secure elements or if a determination is made that a secure element has traveled outside a predetermined zone. The integrity of the secure network may be verified at any time by comparing the logged information to a reference network.

Type: Grant

Filed: December 20, 2012

Date of Patent: February 9, 2016

Assignee: Broadcom Corporation

Inventors: Shlomo Markel, Jacob Mendel

 

 

Secure processing sub-system that is hardware isolated from a peripheral processing sub-system

Patent number: 9224013

Abstract: Systems and methods are provided that allow a secure processing system (SPS) to be implemented as a hard macro, thereby isolating the SPS from a peripheral processing system (PPS). The SPS and the PPS, combination, may form a secure element that can be used in conjunction with a host device and a connectivity device to allow the host device to engage in secure transactions, such as mobile payment over a near field communications (NFC) connection. As a result of the SPS being implemented as a hard macro isolated from the PPS, the SPS may be certified once, and re-used in other host devices without necessitating re-certification.

Type: Grant

Filed: December 27, 2012

Date of Patent: December 29, 2015

Assignee: BROADCOM CORPORATION

Inventors: Mark Buer, Theodore Trost, Jacob Mendel

 

 

 

 

Input/output gatekeeping

Patent number: 9202070

Abstract: Disclosed are various embodiments providing a portable wireless communication device that includes a secure element configured to route a set of input/output (I/O) channels to host processing circuitry of a mobile communication device. The secure element includes an application executable by the secure element, the application being configured to obtain a policy via an I/O channel of the set of I/O channels. The application is further configured to prevent the host processing circuitry from accessing data corresponding to at least a portion of the set of I/O channels according to the policy.

Type: Grant

Filed: December 7, 2012

Date of Patent: December 1, 2015

Assignee: BROADCOM CORPORATION

Inventors: Yasantha Rajakarunanayake, William Bunch, Jacob Mendel

 

 

 

Secure delivery of processing code

Patent number: 9165163

Abstract: An apparatus may comprise a secure portion of a chip and an external memory device. The secure portion of the chip may be configured to receive an encryption key, and the memory device may be configured to receive an encrypted processing code. The secure portion of the chip may be configured to verify the encrypted processing code by decrypting the encrypted processing code using the encryption key. A non-secure portion of the chip may be configured to write the encrypted processing code on the memory device while the memory device is coupled to the chip. The encryption key may be associated with an identifier of the chip.

Type: Grant

Filed: December 28, 2012

Date of Patent: October 20, 2015

Assignee: Broadcom Corporation

Inventors: Mark Buer, Jacob Mendel

 

 

System Utilizing a Secure Element

Publication number: 20150271181

Abstract: A device includes a receiver configured to receive a request to perform a function. A secure element connected with the receiver, the secure element to verify the request to perform the function, where the secure element is configured to operate in either a report mode or a silent mode. Details about a status of the performance of the function are displayed when the device operates in the report mode, and no details about the status of the performance of the function are displayed when the device operates in the silent mode.

Type: Application

Filed: June 5, 2015

Publication date: September 24, 2015

Inventors: Jacob Mendel, Alexander Potievsky, Eyal Webber-Zvik

 

 

 

 

Method and system for authentication of device using hardware DNA

Patent number: 9069946

Abstract: Methods and systems for authentication of a device are disclosed. An exemplary method includes transmitting an energy towards the device including a material, monitoring a response of the device to the transmitted energy, generating a signature of the device based on the response of the device to the transmitted energy, comparing the device signature to an enrolled signature for the device, and indicating that authentication of the device is successful when the generated signature matches the enrolled signature. An exemplary system includes a transmitter configured to transmit an energy towards the device, a receiver configured to monitor a response of the device, and a processor configured to generate a signature of the device based on the response of the device, compare the device signature to an enrolled signature for the device, and indicate that authentication of the device is successful when the generated signature matches the enrolled signature.

Type: Grant

Filed: April 17, 2013

Date of Patent: June 30, 2015

Assignee: Broadcom Corporation

Inventors: Shlomo Markel, Jacob Mendel

 

 

 

System utilizing a secure element

Patent number: 9059994

Abstract: A device includes a receiver configured to receive a request to perform a function. A secure element connected with the receiver, the secure element to verify the request to perform the function, where the secure element is configured to operate in either a report mode or a silent mode. Details about a status of the performance of the function are displayed when the device operates in the report mode, and no details about the status of the performance of the function are displayed when the device operates in the silent mode.

Type: Grant

Filed: August 20, 2013

Date of Patent: June 16, 2015

Assignee: Broadcom Corporation

Inventors: Jacob Mendel, Alexander Potievsky, Eyal Webber-Zvik

 

 

 

System for monitoring an operation of a device

Patent number: 9027124

Abstract: A system monitors an application. The system includes a state table with state table nodes corresponding to application checkpoints. The state table nodes include an authorized time interval and application path. The system also includes a time counter that tracks an operation time between successive application checkpoints, and a program counter that tracks and stores an operation path for the application. A checkpoint module verifies an operation of the application at a checkpoint by comparing the authorized time interval for the checkpoint state table node and the operation time tracked by the time counter, as well as the authorized application path for the checkpoint state table node and the operation path tracked by the program counter. A security action is performed when the tracked operation time is not within the authorized time interval, or when the tracked operation path does not match the authorized application path.

Type: Grant

Filed: May 14, 2012

Date of Patent: May 5, 2015

Assignee: Broadcom Corporation

Inventors: Jacob Mendel, Alexander Potievsky

 

 

 

Apparatus and Method to Secure an Electronic Storage Using a Secure Element

Publication number: 20150007347

Abstract: A secure integrated circuit (IC) to provide access to an electronic storage, the secure IC including a memory and a processor. The processor may generate a first key and a second key, and enable storing the first key in the memory and storing the second key in a device memory of a device. The processor may then receive the second key from the device when the device wants to access the electronic storage, and grant the device access to the electronic storage by using the first key and the second key received from the device.

Type: Application

Filed: June 28, 2013

Publication date: January 1, 2015

Applicant: Broadcom Corporation

Inventors: Yasantha Rajakarunanayake, William Bunch, Jacob Mendel

 

 

 

Apparatus and Method to Obtain Electronic Authentication

Publication number: 20150006897

Abstract: A host apparatus to obtain electronic authentication of a request associated with a group, the host apparatus including a processor to receive the request from an external device external to the group, to generate a digital document based on information associated with the request, to transmit the digital document to a trusted entity device for electronic authentication of the request, to receive the digital document from the trusted entity device, to determine whether the electronic authentication of the request was successful, and to process the request when it is determined that the electronic authentication of the request was successful.

Type: Application

Filed: June 28, 2013

Publication date: January 1, 2015

Inventors: Yasantha Rajakarunanayake, William Bunch, Jacob Mendel

 

 

 

 

Methods and Systems for Secured Authentication of Applications on a Network

Publication number: 20140325594

Abstract: A secured communication network can include a server including an authentication backend, the authentication backend configured to communicate with an authentication front end of a communication device. A server applet can be associated with the authentication backend. The server applet can authenticate an access right associated with the communication device and establish a security level for the communication with the communication device based on information received from the authentication front end.

Type: Application

Filed: May 29, 2013

Publication date: October 30, 2014

Inventors: Philippe Klein, Jacob Mendel, Shlomo Markel

 

 

 

MOBILE PAYTV DRM ARCHITECTURE

Publication number: 20140233732

Abstract: A secure element operating in conjunction with a secure partition of a system-on-a-chip (SoC) having set top box (STB) functionality allows for digital rights management (DRM) key handling in a mobile platform. The secure element can include a secure processing system (SPS) to be implemented as a hard macro, thereby isolating the SPS from a peripheral processing system (PPS). The secure element and the secure partition of the SoC may be operatively connected by a secure cryptographic channel.

Type: Application

Filed: April 9, 2013

Publication date: August 21, 2014

Applicant: Broadcom Corporation

Inventors: Mark Leonard Buer, Andrew Dellow, Jacob Mendel

 

 

 

Secure Active Networks

Publication number: 20140181901

Abstract: A secure active network includes a plurality of secure elements which communicate with one another to share and log information such as identification, location, and user activity associated with each secure element. Secure elements exchange data with one another, and log data received. The periodicity of communication between secure elements, encryption of the information, and the operating frequency in which the information is transmitted and received may be changed if communication is lost between any of the secure elements or if a determination is made that a secure element has travelled outside a predetermined zone. The integrity of the secure network may be verified at any time by comparing the logged information to a reference network.

Type: Application

Filed: December 20, 2012

Publication date: June 26, 2014

Applicant: Broadcom Corporation

Inventors: Shlomo MARKEL, Jacob MENDEL

 

 

 

 

 

 

SECURE DELIVERY OF PROCESSING CODE

Publication number: 20140157000

Abstract: An apparatus may comprise a secure portion of a chip and an external memory device. The secure portion of the chip may be configured to receive an encryption key, and the memory device may be configured to receive an encrypted processing code. The secure portion of the chip may be configured to verify the encrypted processing code by decrypting the encrypted processing code using the encryption key. A non-secure portion of the chip may be configured to write the encrypted processing code on the memory device while the memory device is coupled to the chip. The encryption key may be associated with an identifier of the chip.

Type: Application

Filed: December 28, 2012

Publication date: June 5, 2014

Applicant: BROADCOM CORPORATION

Inventors: Mark Buer, Jacob Mendel

 

 

 

SECURE ELEMENT SYSTEM INTEGRATED HARD MACRO

Publication number: 20140156872

Abstract: Systems and methods are provided that allow a secure processing system (SPS) to be implemented as a hard macro, thereby isolating the SPS from a peripheral processing system (PPS). The SPS and the PPS, combination, may form a secure element that can be used in conjunction with a host device and a connectivity device to allow the host device to engage in secure transactions, such as mobile payment over a near field communications (NFC) connection. As a result of the SPS being implemented as a hard macro isolated from the PPS, the SPS may be certified once, and re-used in other host devices without necessitating re-certification.

Type: Application

Filed: December 27, 2012

Publication date: June 5, 2014

Applicant: BROADCOM CORPORATION

Inventors: Mark Buer, Theodore Trost, Jacob Mendel

 

 

 

Host based content security and protection

Publication number: 20140122342

Abstract: Host based content security and protection. Security is achieved via a third-party device serving as an intermediary or host (e.g., certificate authority (CA)) between two or more user device is associated with two or more users. Any number of security measures may be employed to ensure that the content and/or identity associated with a given user is protected, including on a per communication or content basis. Various authentication, authorization, and accounting (AAA) protocols may be employed to govern the respective sharing of content and/or identity between respective users within the system, and such AAA protocols may be dynamically allocated differently with respect to different pairings of users at different respective times. In addition, with respect to digital rights management (DRM) employed to govern the security of content and/or identity between users, a third-party device (e.g.

Type: Application

Filed: October 31, 2012

Publication date: May 1, 2014

Applicant: BROADCOM CORPORATION

Inventors: Yasantha N. Rajakarunanayake, William S. Bunch, Jacob Mendel

 

 

INPUT/OUTPUT GATEKEEPING

Publication number: 20140123209

Abstract: Disclosed are various embodiments providing a portable wireless communication device that includes a secure element configured to route a set of input/output (I/O) channels to host processing circuitry of a mobile communication device. The secure element includes an application executable by the secure element, the application being configured to obtain a policy via an I/O channel of the set of I/O channels. The application is further configured to prevent the host processing circuitry from accessing data corresponding to at least a portion of the set of I/O channels according to the policy.

Type: Application

Filed: December 7, 2012

Publication date: May 1, 2014

Applicant: BROADCOM CORPORATION

Inventors: Yasantha Rajakarunanayake, William Bunch, Jacob Mendel

 

 

 

 

System, Method and Computer Program Product for Detecting Tampering in a Product

Publication number: 20140077928

Abstract: A system for detecting tampering in a product having a tamper-detector seal, including a secure element configured to store a digital signature and a data associated with the digital signature, transmit the digital signature and the data associated with the digital signature in response to a request, detect tampering of the tamper-detector seal, and modify the data associated with the digital signature if tampering is detected. The system further includes a seal validation device configured to receive a public key associated with the product, request the digital signature and the data associated with the digital signature from the secure element, and validate the digital signature utilizing the data associated with the digital signature and the public key associated with the product.

Type: Application

Filed: December 26, 2012

Publication date: March 20, 2014

Applicant: Broadcom Corporation

Inventors: Shlomo Markel, Jacob Mendel

 

 

Method and System for Authentication of Device Using Hardware DNA

Publication number: 20140082720

Abstract: Methods and systems for authentication of a device are disclosed. An exemplary method includes transmitting an energy towards the device including a material, monitoring a response of the device to the transmitted energy, generating a signature of the device based on the response of the device to the transmitted energy, comparing the device signature to an enrolled signature for the device, and indicating that authentication of the device is successful when the generated signature matches the enrolled signature. An exemplary system includes a transmitter configured to transmit an energy towards the device, a receiver configured to monitor a response of the device, and a processor configured to generate a signature of the device based on the response of the device, compare the device signature to an enrolled signature for the device, and indicate that authentication of the device is successful when the generated signature matches the enrolled signature.

Type: Application

Filed: April 17, 2013

Publication date: March 20, 2014

Applicant: Broadcom Corporation

Inventors: Shlomo MARKEL, Jacob Mendel

System and Method for Location-Based Authentication

Publication number: 20140082713

Abstract: Systems and methods are provided for enhancing security by providing additional authentication factors. Prior to authentication, a user may enroll a device from which access to a service or application is authorized. During authentication, the authentication system may retrieve the location of the enrolled device and generate one or more questions that only a user in that location can answer. The user may additionally or alternatively enroll a movement signature with an authentication server as an authentication factor. The user may set a pattern for device movement. During authentication, the user moves the device in the pattern. The device then transmits the movement signature for authentication.

Type: Application

Filed: December 28, 2012

Publication date: March 20, 2014

Applicant: Broadcom Corporation

Inventors: Shlomo Markel, Jacob Mendel

 

 

 

 

System Utilizing A Secure Element

Publication number: 20130340090

Abstract: A device includes a receiver configured to receive a request to perform a function. A secure element connected with the receiver, the secure element to verify the request to perform the function, where the secure element is configured to operate in either a report mode or a silent mode. Details about a status of the performance of the function are displayed when the device operates in the report mode, and no details about the status of the performance of the function are displayed when the device operates in the silent mode.

Type: Application

Filed: August 20, 2013

Publication date: December 19, 2013

Applicant: Broadcom Corporation

Inventors: Jacob Mendel, Alexander Potievsky, Eyal Webber-Zvik

 

 

 

 

Security Controlled Multi-Processor System

Publication number: 20130291053

Abstract: Embodiments of the present disclosure provide systems and methods for implementing a secure processing system having a first processor that is certified as a secure processor. The first processor only executes certified and/or secure code. An isolated second processor executes non-secure (e.g., non-certified) code within a sandbox. The boundaries of the sandbox are enforced (e.g., using a hardware boundary and/or encryption techniques) such that code executing within the sandbox cannot access secure elements of the secure processing system located outside the sandbox. The first processor manages the memory space and the applications that are permitted to run on the second processor.

Type: Application

Filed: June 7, 2012

Publication date: October 31, 2013

Applicant: Broadcom Corporation

Inventors: Mark L. BUER, Jacob Mendel

 

 

System utilizing a secure element

Patent number: 8549586

Abstract: An electronic device includes a receiver configured to receive, from an entity, a request to perform a function. The electronic device also includes a secure element to verify the request to perform the function. The secure element includes hardware programmed with instructions to verify that a security of the secure element has not been breached. The secure element also includes software including instructions to determine an access right for the entity requesting performance of the function, and to perform the function when the hardware verifies that the security of the secure element has not been breached and the access right indicates that the entity is authorized to request performance of the secure function.

Type: Grant

Filed: December 6, 2011

Date of Patent: October 1, 2013

Assignee: Broadcom Corporation

Inventors: Jacob Mendel, Alexander Potievsky, Eyal Webber-Zvik

 

 

 

System Utilizing a Secure Element

Publication number: 20130145429

Abstract: An electronic device includes a receiver configured to receive, from an entity, a request to perform a function. The electronic device also includes a secure element to verify the request to perform the function. The secure element includes hardware programmed with instructions to verify that a security of the secure element has not been breached. The secure element also includes software including instructions to determine an access right for the entity requesting performance of the function, and to perform the function when the hardware verifies that the security of the secure element has not been breached and the access right indicates that the entity is authorized to request performance of the secure function.

Type: Application

Filed: December 6, 2011

Publication date: June 6, 2013

Applicant: Broadcom Corporation

Inventors: Jacob Mendel, Alexander Potievsky, Eyal Webber-Zvik

 

 

SECURE DATA TRANSFER USING RANDOM ORDERING AND RANDOM BLOCK SIZING

Publication number: 20130094650

Abstract: Encrypted information is conventionally broken into blocks which are transmitted sequentially. Because the order and the size of such blocks can be easily determined, an eavesdropper can gain valuable information regarding the content of the communication. More specifically, if known types of information exist within a block, the encryption key may be determined allowing the content of other encrypted blocks to be obtained. Embodiments of a system, method and computer program product described herein can overcome this deficiency by securely transferring information through random ordering and random block sizing. An original data set to be transferred is divided into a plurality of blocks, where at least two blocks have different sizes. The blocks are encrypted and inserted into a sequence of data transfer slots. The blocks are then selected for transfer in random order by selecting a slot to transfer based on a generated random number.

Type: Application

Filed: May 14, 2012

Publication date: April 18, 2013

Applicant: Broadcom Corporation

Inventor: Jacob Mendel

 

 

SYSTEM FOR SECURELY PERFORMING A TRANSACTION

Publication number: 20130061290

Abstract: A system and method for performing a transaction are described. A transaction request to perform a transaction is received. Authorization information necessary to perform the transaction is gathered and stored in a secure memory. The gathered authorization information is verified. A final command to perform the transaction is received. When the final command is received, the transaction is performed and the stored authorization information in the secure memory is erased.

Type: Application

Filed: May 14, 2012

Publication date: March 7, 2013

Inventors: Jacob Mendel, Alexander Potievsky

 

 

 

 

SECURE ELECTRONIC ELEMENT NETWORK

Publication number: 20130060934

Abstract: A secure network of electronic elements (“network”) ensures the electronic elements that implement an electronic device are functioning properly. The network selects at least one master electronic element to consistently check that each of the electronic elements are functioning properly. When the master electronic element identifies that an electronic element is not functioning properly, the network executes a predefined response, such as a counter measure that limits the functional capability of the improperly functioning electronic element or other electronic elements. Electronic elements can identify when a master electronic element is improperly functioning by observing that the master electronic element has ceased checking on the electronic elements. The secure network can then execute a response that includes the counter measure of limiting the functional capability of the improperly functioning master electronic element and assigning a new master electronic element.

Type: Application

Filed: May 23, 2012

Publication date: March 7, 2013

Applicant: Broadcom Corporation

Inventors: Jacob Mendel, Alexander Potievsky

 

 

INTEGRITY CHECKING SYSTEM

Publication number: 20130061328

Abstract: An integrity checking system provides improved monitoring of an electronic device for unauthorized access and modification. The integrity checking system includes a controller with a secure memory. The secure memory stores test profile information, such as test type, test subject, test action, expected test response, test frequency, and result action. The controller reads the test profile information and executes the defined tests to monitor the integrity of the device, and either permit normal operation, or execute the result action (e.g., terminate program execution) depending on the test results.

Type: Application

Filed: May 24, 2012

Publication date: March 7, 2013

Applicant: Broadcom Corporation

Inventors: Jacob Mendel, Alexander Potievsky, Eyal Webber-Zvik

 

 

SYSTEM FOR MONITORING AN OPERATION OF A DEVICE

Publication number: 20130061097

Abstract: A system monitors an application. The system includes a state table with state table nodes corresponding to application checkpoints. The state table nodes include an authorized time interval and application path. The system also includes a time counter that tracks an operation time between successive application checkpoints, and a program counter that tracks and stores an operation path for the application. A checkpoint module verifies an operation of the application at a checkpoint by comparing the authorized time interval for the checkpoint state table node and the operation time tracked by the time counter, as well as the authorized application path for the checkpoint state table node and the operation path tracked by the program counter. A security action is performed when the tracked operation time is not within the authorized time interval, or when the tracked operation path does not match the authorized application path.

Type: Application

Filed: May 14, 2012

Publication date: March 7, 2013

Inventors: Jacob Mendel, Alexander Potievsky

אוניברסיטת תל אביב עושה כל מאמץ לכבד זכויות יוצרים. אם בבעלותך זכויות יוצרים בתכנים שנמצאים פה ו/או השימוש
שנעשה בתכנים אלה לדעתך מפר זכויות, נא לפנות בהקדם לכתובת שכאן >>