1461181389-ed3ab89a-64ee-4d48-9b64-e08f3c6ba1b8

1. A client device, comprising:
a processor;
communications circuitry; a memory; and
a client attestation module having computer readable trusted task initiation module (TTIM) instructions stored therein, wherein said TTIM instructions when executed by said processor cause said client device to perform the following operations comprising:
output a trusted task initiation signal (TTIS) with said communications circuitry, said TTIS comprising a policy that includes at least one criterion that defines an acceptable environment for the execution of trusted task;
determine whether a trusted execution environment (TEE) of at least one service provider device is capable of meeting said criterion;
if said TEE of said at least one service provider device is capable of meeting said at least one criterion, transmitting a second signal containing at least one of data and code associated with said trusted task to at least one service provider device for execution; and
retrieve results produced by the execution of said trusted task on at least one of said data and code.
2. The client device of claim 1, wherein said policy further comprises at least one of security context and compartmentalization context associated with at least one of said data and said code.
3. The client device of claim 1, wherein said TTIM instructions when executed by said processor cause said client device to perform the following additional operations comprising:
encrypt at least one of said data and code prior to sending said second signal to said service provider device, thereby producing at least one of encrypted data and encrypted code;
wherein said second signal contains at least one of said encrypted data and said encrypted code.
4. The client device of claim 3, wherein:
said policy further comprises at least one of security context and compartmentalization context associated with at least one of said data and code; and
said encrypting comprises:
deriving data encryption keys for each of a plurality of compartments defined by at least one of said security context and compartmentalization context for at least one of said data and said code; and
encrypting each compartment of said plurality of compartments with a respective one of said data encryption keys.
5. The client device of claim 4, wherein said TTIS instructions when executed by said processor cause said client device to perform the following additional operations comprising:
derive a client key exchange key (CKEK) from a user specific distributed task key that is private to said client device;
establish a key exchange session with said service provider device;
share said CKEK with said service provider device during said key exchange session;
wrap said data encryption keys with said CKEK, thereby producing wrapped data encryption keys; and
transmit said wrapped data encryption keys to said service provider device with said second signal.
6. The client device of claim 4, wherein said TTIS instructions when executed by said processor cause said client device to perform the following additional operations comprising:
seal said data encryption keys to secure compartments within said TEE of said service provider device, based on information provided in an attestation signal received from said service provider device.
7. The client device of claim 5, wherein said TTIS instructions when executed by said processor cause said client device to perform the following additional operations comprising:
seal said data encryption keys to secure compartments within said TEE of said service provider device, based on information provided in an attestation signal received from said service provider device;
wherein said processor seals said data encryption keys by wrapping said data encryption keys with a service provider key exchange key (SKEK) obtained by said client device during said key exchange session, thereby producing sealed data encryption keys.
8. A service provider device, comprising:
a processor;
communications circuitry;
a memory; and
a service provider attestation module having computer readable trusted task execution module (TTEM) instructions stored therein, wherein said TTEM instructions when executed by said processor cause said service provider device to perform the following operations comprising:
in response to a policy contained in a trusted task initiation signal (TTIS) received from a client device, output an attestation signal to said client device with said communications circuitry, said attestation signal comprising information attesting to said service provider device’s capability to execute a trusted task in a trusted execution environment (TEE);
in response to receiving a second signal from a client device that contains at least one of data and code associated with said trusted task, instantiate at least one secure data compartment in said TEE that is populated with at least one of said data and code;
execute said trusted task on at least one of said data and code within said at least one secure data compartment; and
output the results of said trusted task within said at least one secure data compartment.
9. The service provider device of claim 8, wherein said TEE is provided using at least one of virtualization technology, hardware security module technology, and secure enclave technology.
10. The service provider device of claim 8, wherein said TTEM instructions when executed by said processor further cause said service provider device to instantiate a plurality of secure data compartments in said TEE in accordance with at least one of security context and compartmentalization context included in said policy.
11. The service provider device of claim 8, wherein said TTEM instructions when executed by said processor cause said service provider device to perform the following additional operations comprising:
transmit a service provider key exchange key (SKEK) to said client device in a key exchange session; and
receive a client key exchange key (CKEK) from said client device in said key exchange session.
12. The service provider device of claim 11, wherein:
said second signal comprises data encryption keys for each of a plurality of data compartments specified by at least one of security context and compartmentalization context included in said policy, said data encryption keys being sealed with said SKEK; and
said TTEM instructions when executed cause said service provider device to unseal said data encryption keys using said SKEK, thereby producing unsealed data encryption keys.
13. The service provider device of claim 12, wherein:
said data and code in said second signal are apportioned into respective compartments in accordance with at least one of said security context and said compartmentalization context, each compartment being encrypted with a respective data encryption key; and
said TTEM instructions when executed by said processor cause said service provider device to decrypt at least one of said data and said code with at least one of said unsealed data encryption keys.
14. The service provider device of claim 13, wherein during said outputting, said processor performs the following operations comprising:
encrypt said results with said unsealed data encryption keys, thereby producing encrypted results;
wrap said encrypted results with at least one of timestamp metadata and said SKEK, thereby producing wrapped encrypted results; and
communicate said wrapped encrypted results to said client device.
15. At least one computer readable medium comprising trusted task initiation module (TTIM) instruction stored therein, wherein said TTIM instructions when executed by a processor cause the processor to perform the following operations comprising:
output a trusted task initiation signal (TTIS), said TTIS comprising a policy that includes at least one criterion that defines an acceptable environment for the execution of a trusted task;
in response to receiving an attestation signal from a service provider device, determine whether a trusted execution environment (TEE) of the service provider device is capable of meeting said at least one criterion;
if said TEE is capable of meeting said criterion, transmit a second signal containing at least one of data and code associated with said trusted task to said service provider device; and
retrieve results produced by the execution of said trusted task on at least one of said data and code.
16. The at least one computer readable medium of claim 15, wherein said policy further comprises at least one of security context and compartmentalization context associated with at least one of said data and said code.
17. The at least one computer readable medium of claim 15, wherein said TTIM instructions when executed by a processor cause the processor to perform the following additional operations comprising:
encrypt at least one of said data and code prior to sending said second signal to said service provider, thereby producing at least one of encrypted data and encrypted code; and
transmit at least one of said encrypted data and said encrypted code in said second signal.
18. The at least one computer readable medium of claim 17, wherein:
said policy further comprises at least one of security context and compartmentalization context associated with at least one of said data and said code; and
said encrypting comprises:
deriving data encryption keys for each of a plurality of compartments defined by at least one of said security context and compartmentalization context for at least one of said data and said code; and
encrypting each compartment of said plurality of compartments with a respective one of said data encryption keys.
19. The at least one computer readable medium of claim 18, wherein said TTIM instructions when executed by said processor further cause said processor to:
derive a client key exchange key (CKEK) from a user specific distributed task key;
transmit said CKEK to said service provider device and receive a service provider key exchange key (SKEK) in a key exchange session;
wrap said data encryption keys with said CKEK, thereby producing wrapped data encryption keys; and
transmit said wrapped data encryption keys to said service provider device with said second signal.
20. The at least one computer readable medium of claim 18, wherein said TTIM instructions when executed by said processor further cause said processor to seal said data encryption keys to secure compartments within said TEE of said service provider device, based on information in said attestation signal, thereby producing sealed data encryption keys.
21. The at least one computer readable medium of claim 20, wherein said processor seals said data encryption keys by wrapping said data encryption keys with a service provider key exchange key (SKEK) obtained by said client device during a key exchange session.
22. The at least one computer readable medium of claim 21, wherein said TTIM instructions when executed by said processor further cause said processor to transmit said sealed data encryption keys to said service provider device with said second signal.
23. At least one computer readable medium comprising trusted task execution module (TTEM) instructions stored therein, wherein said TTEM instructions when executed by a processor cause the processor to perform the following operations comprising:
in response to a policy contained in a trusted task initiation signal (TTIS) received from a client device, output an attestation signal to said client device, said attestation signal comprising information attesting to said service provider device’s capability to execute a trusted task in a trusted execution environment (TEE);
in response to receiving a second signal from said client device that contains at least one of data and code associated with said trusted task:
instantiate at least one secure data compartment in said TEE that is populated with at least one of said data and code;
execute said trusted task on at least one of said data and code within said at least one secure data compartment; and
output the results of said trusted task within said at least one secure data compartment.
24. The at least one computer readable medium of claim 23, wherein said at least one secure data compartment is instantiated in said TEE in accordance with at least one of security context and compartmentalization context included in said policy.
25. The at least one computer readable medium of claim 24, wherein said TTEM instructions when executed by said processor cause said service provider device to perform the following additional operations comprising:
transmit a service provider key exchange key (SKEK) to said client device in a key exchange session; and
receive a client key exchange key (CKEK) from said client device in said key exchange session.
26. The at least one computer readable medium of claim 25, wherein:
said second signal comprises data encryption keys for each of a plurality of data compartments specified by at least one of security context and compartmentalization context included in said policy, said data encryption keys being sealed with said SKEK; and
said TTEM instructions when executed cause said processor to unseal said data encryption keys using said SKEK, thereby producing unsealed data encryption keys.
27. The at least one computer readable medium of claim 26, wherein:
at least one of said data and code in said second signal are apportioned into respective compartments in accordance with at least one of said security context and said compartmentalization context, each compartment being encrypted with a respective data encryption key; and
said TTEM instructions when executed by said processor cause said service provider device to decrypt at least one of said data and said code with at least one of said unsealed data encryption keys.
28. The at least one computer readable medium of claim 27, wherein during said output said processor performs the following operations comprising:
encrypting said results with said unsealed data compartment encryption keys, thereby producing encrypted results;
wrapping said encrypted results with at least one of timestamp metadata and said SKEK, thereby producing wrapped encrypted results; and
communicating said wrapped encrypted results to said client device.

The claims below are in addition to those above.
All refrences to claim(s) which appear below refer to the numbering after this setence.

1. A multifunctional printer, comprising:
a body;
a cover pivoted to the body adapted for opening relative to the body and exposing a plurality of elements in the body;
a print head disposed inside the body;
an ink delivery module disposed in the body and adjacent to the cover, wherein the ink delivery module has a plurality of color cases;
an ink delivery pipe connected between the print head and the ink delivery module; a driving module, comprising:
a first driving element disposed on the ink delivery module; and
a second driving element disposed on at least one of the body and the cover and engaging with the first driving element.
2. The multifunctional printer according to claim 1, wherein the cover is made of light-transmissive materials.
3. The multifunctional printer according to claim 1, wherein the ink delivery module comprises a yellow case, a red case, a blue case and a black case.
4. The multifunctional printer according to claim 1, wherein each of the cases of the ink delivery module has a case body, and the case body is made of light-transmissive materials.
5. The multifunctional printer according to claim 1, wherein both the first driving element and the second driving element are gears, and the second driving element is disposed in the body.
6. The multifunctional printer according to claim 5, wherein the second driving element has a guide groove, the ink delivery module has a protruding axis, and the protruding axis penetrates into the guide groove to be guided and limited in position by the guide groove.
7. The multifunctional printer according to claim 5, wherein the second driving element has a protruding axis, the ink delivery module has a guide groove, and the protruding axis penetrates into the guide groove to be guided and limited in position by the guide groove.
8. The multifunctional printer according to claim 5, further comprising a damping element disposed on a side of the ink delivery module without the first driving element disposed thereon, the damping element contacting against the body and the cover.
9. The multifunctional printer according to claim 8, wherein the damping element is a torsional spring.
10. The multifunctional printer according to claim 5, wherein each of the cases of the ink delivery module comprises a case body, the case body has a side wall and an ink injection opening, and the side wall of the case body has the ink injection opening facing the print head.
11. The multifunctional printer according to claim 1, wherein the first driving element is a gear, the second driving element is a gear rack, a portion of the gear rack is disposed in the body, and the other portion of the gear rack is disposed on the cover.
12. The multifunctional printer according to claim 11, wherein each of the cases of the ink delivery module has a case body, the case body has a top wall and an ink injection opening, and the top wall has the ink injection opening.
13. The multifunctional printer according to claim 11, further comprising a pair of slide rails, a portion of the slide rails is disposed in the body, and the other portion of the slide rails is disposed on a surface of the cover, wherein the surface faces the print head when the cover is closed relative to the body.
14. The multifunctional printer according to claim 13, further comprising a power source disposed inside the body, wherein when the cover is open relative to the body, the power source drives the ink delivery module to move from inside the body to on the cover.
15. The multifunctional printer according to claim 14, wherein the power source is a motor or an electromagnetic valve.

1461181378-abcd70a2-c814-477d-93d1-ae05aaacddd4

1. A navigation signal transmitting apparatus, provided on ground, for transmitting a navigation signal to a receiver capable of positioning by receiving a spread spectrum satellite positioning signal from a satellite, comprising:
first and second transmission antennas;
a message generating unit configured to generate a message signal of positional information included in said navigation signal; and
a modulating unit configured to modulate said message signal by a modulation process including spectrum spreading, based on spread codes of the same sequence as said satellite positioning signal allotted in advance to said navigation signal transmitting apparatus, for generating first and second navigation signals; wherein
said modulating unit is configured to execute said modulating process using either one of said first and second navigation signals as an object of demodulation at each time of reception by said receiver,
said navigation signal transmitting apparatus further comprising:
a transmitting unit configured to transmit said first and second navigation signals from said first and second transmission antennas, respectively.
2. The navigation signal transmitting apparatus according to claim 1, wherein said modulating unit includes:
a first code generating unit configured to generate a first code of said spread codes of the same sequence;
a first spreading unit configured to perform spectrum spreading on said message signal with said first code, to generate said first navigation signal;
a second code generating unit configured to generate a second code of said spread codes of the same sequence, different from said first code; and
a second spreading unit configured to perform spectrum spreading on said message signal with said second code, to generate said second navigation signal.
3. The navigation signal transmitting apparatus according to claim 1, wherein said modulating unit includes:
a spread code generating unit configured to generate a specific code of said spread codes of the same sequence;
a first spreading unit configured to perform spectrum spreading on said message signal with said specific code, to generate said first navigation signal;
a delay unit configured to delay said message signal by a prescribed time period; and
a second spreading unit configured to perform spectrum spreading on an output from said delay unit with said specific code, to generate said second navigation signal.
4. The navigation signal transmitting apparatus according to claim 1, wherein said modulating unit includes:
a spread code generating unit configured to generate a specific code of said spread codes of the same sequence; and
a spreading unit configured to perform spectrum spreading on said message signal with said specific code, and
wherein said transmitting unit is configured to transmit outputs of said spreading unit as said first and second navigation signals, successively and exclusively from either one of said first and second transmission antennas.
5. The navigation signal transmitting apparatus according to claim 1, wherein said positional information includes data representing at least latitude, longitude and altitude.
6. A method of transmitting a navigation signal of a transmitter provided on the ground, for transmitting a navigation signal to a receiver capable of positioning by receiving a spread spectrum satellite positioning signal from a satellite, comprising:
generating a message signal of positional information included in said navigation signal; and
modulating said message signal by a modulation process including spectrum spreading, based on spread codes of the same sequence as said satellite positioning signal allotted in advance to said transmitter, for generating first and second navigation signals;
wherein in said modulation process, either one of said first and second navigation signals is used as an object of demodulation at each time of reception by said receiver;
said method of transmitting a navigation signal further comprising
transmitting said first and second navigation signals from first and second transmission antennas, respectively.
7. The method of transmitting a navigation signal according to claim 6, wherein said generating said first and second navigation signals includes:
generating a first code of said spread codes of the same sequence;
performing spectrum spreading on said message signal with said first code, to generate said first navigation signal;
generating a second code of said spread codes of the same sequence, different from said first code; and
performing spectrum spreading on said message signal with said second code, to generate said second navigation signal.
8. The method of transmitting a navigation signal according to claim 6, wherein said generating said first and second navigation signals includes:
generating a specific code of said spread codes of the same sequence;
performing spectrum spreading on said message signal with said specific code, to generate said first navigation signal;
delaying said message signal by a prescribed time period; and
performing spectrum spreading on said delayed message signal with said specific code, to generate said second navigation signal.
9. The method of transmitting a navigation signal according to claim 6, wherein said generating said first and second navigation signals includes:
generating a specific code of said spread codes of the same sequence;
generating a sequence of pseudo random numbers;
performing spectrum spreading on said message signal with said specific code, to generate said first navigation signal; and
performing spectrum spreading on said message signal with said specific code, to generate said second navigation signal; wherein
said transmitting includes transmitting said first and second navigation signals successively and exclusively from either one of said first and second transmission antennas, based on said pseudo random numbers.
10. The method of transmitting a navigation signal according to claim 6, wherein said positional information includes data representing at least latitude, longitude and altitude.
11. A positional information providing apparatus capable of positioning by receiving a spread spectrum satellite positioning signal from a satellite, providing positional information using a plurality of positioning signals as spread spectrum signals from a navigation signal transmitting apparatus provided on the ground, transmitted using diversity transmission, comprising:
a receiving unit configured to receive said spread spectrum signals;
a storage unit configured to store patterns of a plurality of spread codes of the same sequence as said satellite positioning signal, for said positioning signal;
demodulating units provided in parallel with each other, configured to perform correlation processes commonly and in parallel on said patterns of a plurality of spread codes, for identifying and demodulating said plurality of positioning signals transmitted using diversity transmission; and
a determining unit configured to calculate, if a plurality of said positioning signals are identified and demodulated, said positional information from any of said identified plurality of positioning signals.
12. The positional information providing apparatus according to claim 11, wherein said demodulating unit includes:
a first correlator unit configured to execute a correlation process with a first code of the spread codes of said same sequence;
a second correlator unit configured to execute a correlation process with a second code, different from the first code, of the spread codes of said same sequence; and
a control unit configured to realize control such that using synchronization timing of that one of the first and second correlator units which established synchronization loop earlier, synchronizing process for the other one is executed.
13. The positional information providing apparatus according to claim 11, wherein said demodulating unit includes:
a delay unit configured to delay said received spread spectrum signal by a designated time period;
a first correlator unit configured to execute a correlation process with a first code of the spread codes of the same sequence;
a second correlator unit configured to execute a correlation process with a second code of the spread codes of the same sequence; and
a control unit configured to realize control such that using a spread code of that one of the first and second correlator units which established synchronization loop earlier, synchronizing process for the other one is executed on a signal delayed by a prescribed time period by said delay unit.
14. The positional information providing apparatus according to claim 13, wherein said positional information includes data representing at least latitude, longitude and altitude.

The claims below are in addition to those above.
All refrences to claim(s) which appear below refer to the numbering after this setence.

1. A child carrier comprising a harness and a pouch, the harness being designed to be worn by a person wishing to carry a child and the pouch being designed to receive a child that the person wishes to carry, the harness including a hip belt, a frame mounted on the hip belt and a load-transmitting fastener formation carried on or forming part of the frame, and the pouch having a load-transmitting fastener formation that is engageable with the load-transmitting fastener formation on the harness whereby, in use, the two load-transmitting fastener formations can be interengaged such that the majority of the weight of the pouch and its contents are transferred via the frame to the hip belt and thus to the hips of the person wearing the harness.
2. A child carrier as claimed in claim 1, in which the pouch has front and back surfaces on each of which there is a load-transmitting fastener formation engageable with the load-transmitting fastener formation on the harness.
3. A child carrier as claimed in claim 1, in which the load-transmitting fastener formation on the harness comprises a socket
4. A child carrier as claimed in claim 1, in which the frame has a configuration corresponding substantially to that of a downwardly facing C.
5. A child carrier as claimed in claim 1, in which there are fixings on the pouch engageable with fixings on the harness to prevent the pouch and its contents moving sideways (relative to the harness) and away from the harnesswearer.
6. A child carrier comprising a first part and a second part, the first part being in the form of a harness designed to be worn by a person carrying a child and the second part being designed to receive a child that the person wishes to carry, the harness including shoulder straps, a hip belt, a frame mounted on the hip belt and a load-transmitting fastener formation arranged to transmit any load that it receives to the frame, and the second part of the child carrier including a load-transmitting fastener formation that is engageable with the load-transmitting fastener formation on the harness whereby, in use, the two load-transmitting fastener formations can be inter-engaged such that the majority of the weight of the second part of the child carrier and its contents are transferred via the frame to the hip belt and thus to the pelvic region of the person wearing the harness.
7. A child carrier as claimed in claim 6, in which the load-transmitting fastener formation on the harness comprises a socket having an upwardly facing open mouth.
8. A child carrier as claimed in claim 6, in which the hip belt is formed with a series of pockets and in which the frame of the harness has downwardly extending end portions selectively engageable in the pockets of the hip belt.
9. A child carrier as claimed in claim 6, in which fixings are mounted on the shoulder straps of the harness and in which complementary fixings are provided on the second part of the child carrier whereby the complementary fixings on the second part of the child carrier can be engaged with the fixings on the shoulder straps to prevent the pouch and its contents moving sideways (relative to the harness) and away from the harnesswearer.
10. A child carrier as claimed in claim 6, in which the second part comprises a pouch having front and back surfaces on each of which there is a load-transmitting formation engageable with the load-transmitting formation on the harness.