Patents Assigned to Route1 Inc.
-
Patent number: 10652230Abstract: A user having remote device wants to access an application that requires that the user possess a user application cryptographic credential. If the application needs to verify the identity of the user, the user's remote device performs a cryptographic operation using the user application cryptographic credentials, and sends the result to the application. A configuration for securely distributing the user application cryptographic credentials includes at least one gateway located at an enterprise that is under the control of an enterprise administrator, and a controller that is not located at the enterprise but can be configured by the enterprise administrator to cooperate with the at least one gateway.Type: GrantFiled: October 17, 2018Date of Patent: May 12, 2020Assignee: ROUTE1 INC.Inventors: Jerry S. Iwanski, Yamian Quintero Cantero
-
Patent number: 10320774Abstract: At a mobile device, a password is used to create a proof of knowledge (POK). The POK is stored in a controller accessible via a communication network. The POK ensures that the controller can detect an incorrect password from the mobile device, and that the mobile device cannot be subject to a brute force attack to determine the DC stored in the mobile device. After a predetermined number of unsuccessful attempts to enter the password, the controller blocks further attempts, thereby restoring protection against a brute force attack that was lost going from a standalone smart card to mobile-device-based derived credentials. A portion of Derived Credentials, needed to authenticate the user of a mobile device, is stored in the controller, further increasing the difficulty of unauthorized use.Type: GrantFiled: August 5, 2016Date of Patent: June 11, 2019Assignee: ROUTE1 INC.Inventors: Yamian Quintero Cantero, Jerry S. Iwanski
-
Patent number: 10148641Abstract: A user having remote device wants to access an application that requires that the user possess a user application cryptographic credential. If the application needs to verify the identity of the user, the user's remote device performs a cryptographic operation using the user application cryptographic credentials, and sends the result to the application. A configuration for securely distributing the user application cryptographic credentials includes at least one gateway located at an enterprise that is under the control of an enterprise administrator, and a controller that is not located at the enterprise but can be configured by the enterprise administrator to cooperate with the at least one gateway.Type: GrantFiled: May 11, 2015Date of Patent: December 4, 2018Assignee: ROUTE1 INC.Inventors: Jerry S. Iwanski, Yamian Quintero Cantero
-
Patent number: 10135807Abstract: A user having remote device wants to access an application that requires that the user possess a user application cryptographic credential. If the application needs to verify the identity of the user, the user's remote device performs a cryptographic operation using the user application cryptographic credentials, and sends the result to the application. A configuration for securely distributing the user application cryptographic credentials includes at least one gateway located at an enterprise that is under the control of an enterprise administrator, and a controller that is not located at the enterprise but can be configured by the enterprise administrator to cooperate with the at least one gateway.Type: GrantFiled: May 11, 2015Date of Patent: November 20, 2018Assignee: ROUTE1 INC.Inventors: Jerry S. Iwanski, Yamian Quintero Cantero
-
Publication number: 20180041494Abstract: At a mobile device, a password is used to create a proof of knowledge (POK). The POK is stored in a controller accessible via a communication network. The POK ensures that the controller can detect an incorrect password from the mobile device, and that the mobile device cannot be subject to a brute force attack to determine the DC stored in the mobile device. After a predetermined number of unsuccessful attempts to enter the password, the controller blocks further attempts, thereby restoring protection against a brute force attack that was lost going from a standalone smart card to mobile-device-based derived credentials. A portion of Derived Credentials, needed to authenticate the user of a mobile device, is stored in the controller, further increasing the difficulty of unauthorized use.Type: ApplicationFiled: August 5, 2016Publication date: February 8, 2018Applicant: Route1 Inc.Inventors: Yamian Quintero Cantero, Jerry S. Iwanski
-
Patent number: 9319385Abstract: In a peer-to-peer fashion, various host computers communicate with various remote computers using the Internet so that user inputs from the remote computers are transferred to the host computers as if the user inputs occurred locally, and information generated by the host computers is displayed on the remote computers. Thus, a remote computer is able to access all of the information and application programs on the host computer.Type: GrantFiled: September 27, 2010Date of Patent: April 19, 2016Assignee: Route 1 Inc.Inventors: Jerry S. Iwanski, K. Andrew White
-
Publication number: 20150249662Abstract: A user having remote device wants to access an application that requires that the user possess a user application cryptographic credential. If the application needs to verify the identity of the user, the user's remote device performs a cryptographic operation using the user application cryptographic credentials, and sends the result to the application. A configuration for securely distributing the user application cryptographic credentials includes at least one gateway located at an enterprise that is under the control of an enterprise administrator, and a controller that is not located at the enterprise but can be configured by the enterprise administrator to cooperate with the at least one gateway.Type: ApplicationFiled: May 11, 2015Publication date: September 3, 2015Applicant: ROUTE1 INC.Inventors: Jerry S. Iwanski, Yamian Quintero Cantero
-
Publication number: 20150244712Abstract: A user having remote device wants to access an application that requires that the user possess a user application cryptographic credential. If the application needs to verify the identity of the user, the user's remote device performs a cryptographic operation using the user application cryptographic credentials, and sends the result to the application. A configuration for securely distributing the user application cryptographic credentials includes at least one gateway located at an enterprise that is under the control of an enterprise administrator, and a controller that is not located at the enterprise but can be configured by the enterprise administrator to cooperate with the at least one gateway.Type: ApplicationFiled: May 11, 2015Publication date: August 27, 2015Applicant: ROUTE1 INC.Inventors: Jerry S. Iwanski, Yamian Quintero Cantero
-
Patent number: 9059977Abstract: A user having remote device wants to access an application that requires that the user possess a user application cryptographic credential. If the application needs to verify the identity of the user, the user's remote device performs a cryptographic operation using the user application cryptographic credentials, and sends the result to the application. A configuration for securely distributing the user application cryptographic credentials includes at least one gateway located at an enterprise that is under the control of an enterprise administrator, and a controller that is not located at the enterprise but can be configured by the enterprise administrator to cooperate with the at least one gateway.Type: GrantFiled: March 13, 2013Date of Patent: June 16, 2015Assignee: Route1 Inc.Inventors: Jerry S. Iwanski, Yamian Quintero Cantero
-
Patent number: 9059962Abstract: A user having remote device wants to access an application executing on an application server computer that is behind a firewall. During set-up, another firewall and a gateway computer are configured in front of the original firewall. During registration, users' remote devices are configured with security data. The security data includes user authentication cryptographic credentials, for establishing secure channels, and may include user application cryptographic credentials as needed by individual applications executing on the application server. During operation, the user provides a password to an application program executing on his/her remote device to use the security information on the remote device to establish a secure channel to the application, and then conducts a data session with the application.Type: GrantFiled: March 13, 2013Date of Patent: June 16, 2015Assignee: Route1 Inc.Inventors: Jerry S. Iwanski, Yamian Quintero Cantero
-
Publication number: 20140282999Abstract: A user having remote device wants to access an application executing on an application server computer that is behind a firewall. During a set-up phase, another firewall and a gateway computer are configured in front of the original firewall, creating a demilitarized zone (DMZ) having the gateway computer. During a registration phase, users' remote devices are configured with security data. The security data includes user authentication cryptographic credentials, for establishing secure channels, and may include user application cryptographic credentials as needed by individual applications executing on the application server. After set-up and registration, i.e., during operation, the user provides a password to an application program executing on his/her remote device. The password enables use of the security information on the remote device. The user uses the security information to establish a secure channel to the application, and then conducts a data session with the application.Type: ApplicationFiled: March 13, 2013Publication date: September 18, 2014Applicant: Route1 IncInventors: Jerry S. Iwanski, Yamian Quintero Cantero
-
Publication number: 20140282922Abstract: A user having remote device wants to access an application that requires that the user possess a user application cryptographic credential. If the application needs to verify the identity of the user, the user's remote device performs a cryptographic operation using the user application cryptographic credentials, and sends the result to the application. A configuration for securely distributing the user application cryptographic credentials includes at least one gateway located at an enterprise that is under the control of an enterprise administrator, and a controller that is not located at the enterprise but can be configured by the enterprise administrator to cooperate with the at least one gateway.Type: ApplicationFiled: March 13, 2013Publication date: September 18, 2014Applicant: Route1 Inc.Inventors: Jerry S. Iwanski, Yamian Quintero Cantero
-
Publication number: 20110016312Abstract: In a peer-to-peer fashion, various host computers communicate with various remote computers using the Internet so that user inputs from the remote computers are transferred to the host computers as if the user inputs occurred locally, and information generated by the host computers is displayed on the remote computers. Thus, a remote computer is able to access all of the information and application programs on the host computer.Type: ApplicationFiled: September 27, 2010Publication date: January 20, 2011Applicant: Route1 Inc.Inventors: Jerry S. IWANSKI, K. Andrew White
-
Patent number: 7814216Abstract: In a peer-to-peer fashion, various host computers communicate with various remote computers using the Internet so that user inputs from the remote computers are transferred to the host computers as if the user inputs occurred locally, and information generated by the host computers is displayed on the remote computers. Thus, a remote computer is able to access all of the information and application programs on the host computer.Type: GrantFiled: September 7, 2004Date of Patent: October 12, 2010Assignee: Route 1 Inc.Inventors: Jerry S. Iwanski, K. Andrew White
-
Patent number: 7739726Abstract: A portable device enables access to a host computer via a guest computer. The portable device is connected to the guest computer, and a program stored in a memory on the portable device is activated, the program including instructions for establishing communication with the host computer such that input to the guest computer serves as input to the host computer, and output displays from the host computer are displayed on the guest computer. The portable device includes a cryptographic processor for performing cryptographic processing for communicating with the host computer. The portable device also includes a protected memory for storing a private key accessible to the cryptographic processor, the private key being used during cryptographic processing. The protected memory can be internal or external to the cryptographic processor.Type: GrantFiled: November 14, 2005Date of Patent: June 15, 2010Assignee: Route1 Inc.Inventors: Jerry S. Iwanski, K. Andrew White
-
Publication number: 20070113267Abstract: A portable device enables access to a host computer via a guest computer. The portable device is connected to the guest computer, and a program stored in a memory on the portable device is activated, the program including instructions for establishing communication with the host computer such that input to the guest computer serves as input to the host computer, and output displays from the host computer are displayed on the guest computer. The portable device includes a cryptographic processor for performing cryptographic processing for communicating with the host computer. The portable device also includes a protected memory for storing a private key accessible to the cryptographic processor, the private key being used during cryptographic processing. The protected memory can be internal or external to the cryptographic processor.Type: ApplicationFiled: November 14, 2005Publication date: May 17, 2007Applicant: Route1 Inc.Inventors: Jerry Iwanski, K. White