Encryption and security solutions
2014-09 Partial (Selective) Data Encryption - PATENT FAMILY GRANTEDThe encryption method described in this invention is a very fast and a considerably efficient way of protecting information when compared with current prior art methods, because only the essential information is encrypted. For example, when images or video are coded with the progressive Gurulogic Multi-Variate Codec (GMVC®), then only 1/1000 of the entire data size of the data stream is protected with encryption . Using encryption in this way has hardly any effect at all in transfer rate of real time video, nor does it increase the consumption of CPU computing resources in any significant manner.
The encryption method described in this invention makes it possible to use a very fast, yet efficient encryption algorithm. Moreover, the additional advantage provided is that one does not necessarily have to protect one’s data in data transfer networks with a protected, secure network connection such as VPN tunneling, SSH (Secure Shell) or SSL/TLS (HTTPS) protocols. Therefore, this invented method offers a novel model for transmitting text, binary, audio, image, video information or even medical data for example in public internet networks or in web services and cloud services.
The method provides a more efficient and security increasing encoding/encryption mechanism for partial encryption techniques of e.g. image/movie streams.
2014-08 Integration of encoding and encryption - PATENT FAMILY GRANTEDThe encryption method pursuant to this invention can be integrated into an encoder or into another, corresponding pre-processor. Therefore, this invention makes it possible to gain considerably better protection when compared with encryption implemented with prior art methods using conventional encryption algorithms. The invented technology can be integrated with almost any coding solution, irrespective of the used encryption algorithm. In other words, even the currently used methods can be refactored to work more efficiently if the integration mechanism of this invention is utilized.
The integration of encryption and encoding also offers an efficient model for multiprocessing, or running several processes in parallel manner, because this invented technology enables the implementation of optimal processing structure for the CPU and the GPU, according to the available computing capacity. However, the methods described in this invention do not alter the behavior of the integrated encryption algorithm, which means that the protection will not be compromised. The invented methods can be implemented in connection with common, well-known open source or proprietary data compression software applications such as 7-Zip or Win-Zip, etc. The invented technology can be efficiently utilized especially in medical or military purposes, to strengthen the prior art data compression and data processing algorithms in use, the purpose of which is to protect vital information that is confidential or classified.
The encryption method described in this invention makes it possible to use a very fast, yet efficient encryption algorithm. Moreover, the additional advantage provided by this method is that one does not necessarily have to protect one’s data in data transfer networks with a protected, secure network connection such as VPN tunneling, SSH (Secure Shell) or SSL/TLS (HTTPS) protocols. Therefore, this invented method offers a novel model for transmitting text, binary, audio, image, video information, medical data and so forth, for example in public internet networks or in web services and cloud services.
2014-12 Secure Media Player - GB PATENT FOR SALEThe invention provides an integrated secure media player system that does not store or allow others to store critical sections of data in an unencrypted form. This is achieved by integrating encryption into an encoder, and by integrating decryption into a decoder, wherein rendering of media content information is also integrated into the decoder. As a result, the critical sections of data are not required to be stored (or transferred between different components) in an unencrypted form.
This invention prevents unauthorized copying of the data, thereby discouraging pirating of media data content by unscrupulous third parties. Moreover, the invention enables malware to be resisted by recipient computing devices, where the malware is potentially capable of extracting media content information from e.g. cache memory and communicating content to pirate media content distribution website. Preventing such copying of media content data from cache memory is ensured by as little of the media data content being decrypted at any given moment in time.
2015-04 Encryption system, encryption key wallet and methodThis invention provides an encryption system that is operable to produce and process encryption keys more efficiently than known conventional encryption systems. The encryption key wallet enables creating a truly reliable information system, improving data security.
Gurulogic (R) Encryption Key Wallets are designed to be used between two communicating parties, but if required, can be used between more than two parties.
The provided encryption system is highly desirable for situations wherein data of a confidential or sensitive nature is to be exchanged securely between parties to the encryption system.
2016-04 Real-time transactions - PATENT FAMILY AVAILABLEA method providing the buyer an automatic way to pay purchases in real-time for example via bank account, without revealing details to the supplier and without any card payment that would necessiate some kind of registration of the buyer being involved.
The invention provides an easy and secure way for real-time transactions, such as mobile retail payments. The technical solution enables universal application with help of parsers adapting its function to the respective payment interface, such as banking interface.
Technical effect is to diminish processing delay of a transaction in a way that prevents unauthorized usage of credentials required by a secure transaction processing.
2016-09 Data Security System enabling Passwordless User Authentication and Sign-inThis data security invention provides user-friendly, yet secure solution for authentication and sign-in procedures by omitting the need to input a password. The invention is suitable for Digital Identity.
The parties in communication are provided with identical or mutually compatible key stores in their devices, comprising keys and indices referencing the keys. In operation, only an index of a key to be used in authentication, together with some additional (encrypted) information needed for verifying the user is delivered. When data communication is performed between the parties, they are operable to use the derived key to decrypt the additional information verifying the sender, and the actual message. The keys are disposable, adding one more security layer to the solution.
This invention provides protection against an attack of illegally acquiring authentication details, by never distributing the key itself while encrypting the additional information with the property to contribute to the authentication, thus resulting to better security.
2016-12 Protecting usage of key store contentThis patented method enables importing all the key materials of a key store to a user device at one go, yet limitless number of keys can be used for future communications and transactions.
The key store content is created by, and received from, a key service provider in a format which is compatible with the user device. The key store contents are imported, and the key materials of the key store content are stored at the key store of the user device in an encrypted form.
All the key materials to the key store are imported at one go and no additional keys need to be delivered thereafter. This is enabled by the innovative method wherein keys are generated from the key materials using key offsets, bit offsets and/or byte offsets.
Importantly, the key materials are never exposed outside the key store in an unencrypted form. After importation at one go, the key materials are used via references only.
2016-12 Remote (bio-)authenticationA method of facilitating a secure log-in procedure or a transaction procedure with the help of a server arrangement, to enable a user or a person under custody of the user to log-in or perform transaction securely. When attempting to log in or perform transaction, such as payment, the server sends to the mobile device of the user an authorization-request message using real-time push signalling for activating the device. It is not until authorization has been verified that the log in or transaction is succesful. The method efficiently prevents trying to log-in with another user's credentials or paying with a stolen bank card, as the authorization needs to be done via mobile phone, probably in possession of the real owner.
08-2017 - Data Transfer MethodSecure way of communicating data from a source device to a destination device, when either or both of them have no direct access or have only restricted access to any data communication network.
The system enables and facilitates data communication between the devices in real-time or near real-time by relaying the data through the network node service provided by the system.
In operation the system isolates the source device from the data communication network, providing additional security as the source device is less vulnerable to virus attacks and other kind of security threats.
Creating dynamic Group NetworksThis method provides easy way for the users to create their own device groups between network devices belonging to one or more local networks. The dynamically installed group network device automatically performs network configurations for the network devices and enables the member devices of the group to communicate and interoperate with each other in their native protocols. The group network device supports different types of transmission paths and transmission protocols.
Method for providing Protected Data Storage in Data memoryThis invention provides more robust protected data storage against different kinds of memory attacks, and is not prone to vulnerabilities of operating systems, target platforms and hardware. The system is suitable for protecting sensitive variables stored in, for example, a RAM or a CPU register of the computing device during runtime execution of various services or software applications. Such protected sensitive variables are to be used in a manner that is similar to how unprotected variables are used in conventional techniques. As a result, it is not necessary to make changes to a logical development syntax and paradigm of a given program (e.g. a software application).