Patents Examined by Hilary Branske
  • Patent number: 8254579
    Abstract: Cryptographic keys are distributed to computer systems to be remotely managed by a management node. First secure channels are established between the management node and trusted computing platforms associated with the computer systems. Cryptographic keys are sent to the trusted computing platforms via the first secure channels, wherein the cryptographic keys are stored in the trusted computing platforms and retrieved from the trusted computing platforms by the computer systems. Second secure channels are established with the computer systems using the retrieved cryptographic keys. Commands are remotely executed on one or more of the computer systems via the second secure channels.
    Type: Grant
    Filed: January 31, 2007
    Date of Patent: August 28, 2012
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Jeffery A. Morgan, John C. Schettino, Chandrasekar Venkatraman
  • Patent number: 8249257
    Abstract: The present subject matter related to trusted computing, and more particularly, to virtual trusted platform module keys rooted in a hardware trusted platform module. Some embodiments include a trusted platform virtualization module operable to capture virtual machine trusted platform module calls and operates to generate, maintain, and utilize hardware trusted platform module keys on behalf of the one or more virtual machines. Some embodiments include virtual trusted platform module keys having a public portion on top of an private portion including an encrypted hardware trusted platform module key.
    Type: Grant
    Filed: September 28, 2007
    Date of Patent: August 21, 2012
    Assignee: Intel Corporation
    Inventors: Tasneem Brutch, Alok Kumar, Vincent Scarlata, Faraz A. Siddiqi, Ned M. Smith, Willard M. Wiseman
  • Patent number: 8243789
    Abstract: Embodiments of the present invention comprise systems and methods for: authorizing the transmission of audiovisual data based on an iterative changing bit budget, where the bit budget may be based on a value of a total size of the set of Network Abstraction Layer units and a value of an initial size of the group of frames; and determining a bit budget remainder and an adjusted bit budget remainder.
    Type: Grant
    Filed: January 25, 2007
    Date of Patent: August 14, 2012
    Assignee: Sharp Laboratories of America, Inc.
    Inventors: Mehmet Umut Demircin, Petrus J. L. van Beek, Sachin G. Deshpande
  • Patent number: 8233536
    Abstract: Embodiments of the present invention comprise systems and methods for predicting image elements, comprising scaling a received low dynamic range (LDR) image element value for an image element via a binary shift operation, where the binary shift operation is based on a received prediction shift value, and combining, via a received additive operation, the scaled LDR image element value with the received LDR image element value.
    Type: Grant
    Filed: January 23, 2007
    Date of Patent: July 31, 2012
    Assignee: Sharp Laboratories of America, Inc.
    Inventor: Christopher A. Segall
  • Patent number: 8209754
    Abstract: A secure NFC apparatus includes a plug-in socket, an NFC unit, and a protocol matching unit. A security module is inserted in the plug-in socket. The NFC unit communicates with the outside via non-contact NFC using signals based on an S2C protocol. The protocol matching unit determines the type of chip in the inserted security module, generates a chip identification signal according to results of the identification, and matches the protocol of the signals based on the S2C protocol, which are input to and output from the NFC unit, with the protocol of the signals, which are input to and output from the security module, according to the chip identification signal.
    Type: Grant
    Filed: September 1, 2006
    Date of Patent: June 26, 2012
    Assignee: SK Telecom Co., Ltd.
    Inventors: Sung-Rock Cheon, Jae-Sic Jeon, O-Hyon Kwon, Joo-Sik Lee
  • Patent number: 8189787
    Abstract: A data communication apparatus is highly concealable and significantly increases time necessary for an eavesdropper to analyze cipher text. A multi-level code generation section generates, by using predetermined key information, a multi-level code sequence in which a signal level changes so as to be random numbers. The multi-level processing section combines a multi-level code sequence and information data, and generates a multi-level signal having a level corresponding to a combination of the multi-level code sequence and the information data. In the multi-level code generation section, a random number sequence generation section generates a binary random number sequence by using the predetermined key information. A multi-level conversion section generates a multi-level code sequence from the binary random number sequence in accordance with a predetermined encoding rule.
    Type: Grant
    Filed: October 13, 2006
    Date of Patent: May 29, 2012
    Assignee: Panasonic Corporation
    Inventors: Tomokazu Sada, Masaru Fuse, Satoshi Furusawa, Tsuyoshi Ikushima
  • Patent number: 8190902
    Abstract: Techniques are provided for forming a digital signature for a portion of a document. A registered module is invoked to process the document in accordance with a structured format associated with the document. The registered module is able to process a plurality of different structured formats. The registered module obtains the portion. A digital signature is formed for the portion. The digital signature is included in the document in accordance with the structured format.
    Type: Grant
    Filed: February 27, 2006
    Date of Patent: May 29, 2012
    Assignee: Microsoft Corporation
    Inventors: Andrew T. Lytle, Bryan J. Reich, Gitika Gupta, Matthew C. Pohle, Mariya Tikunova
  • Patent number: 8185944
    Abstract: A server for transferring data between networks. The server is programmed to perform the following steps: (a) creating a receiving process, a filtering process and a forwarding process, the filtering process being dictated by a file that specifies filtering rules, wherein: (b) the receiving process receives data transmitted from a source host; (c) the filtering process filters the transmitted data based on the filtering rules; and (d) the forwarding process forwards only filtered data to a destination host.
    Type: Grant
    Filed: February 28, 2006
    Date of Patent: May 22, 2012
    Assignee: The Boeing Company
    Inventors: Daniel D. Schnackenberg, Janell Schnackenberg, legal representative, Kelly S. Bunn, Thomas E. Donofrio, Steven L. Arnold, Travis S. Reid, Ryan D. Hammond
  • Patent number: 8179962
    Abstract: The present invention provides a video coding method and a video decoding method which allow enhancement of coding efficiency and improvement in video quality. A video coding apparatus includes: a mode determination unit which determines a notification method for notifying a transform block size to be used in orthogonal transform of a current block to be either the implicit mode or the explicit mode, and outputs the ABT mode indicating the determined notification method; an orthogonal transformation unit which transforms the difference values between the input image and predicted image into frequency coefficients based on the transform block size determined in accordance with the determined notification method; a quantization unit which quantizes the frequency coefficients and output the quantized values; and a variable length coding unit which performs variable length coding on the quantized values, the ABT mode, and the like, so as to output a coded stream.
    Type: Grant
    Filed: September 6, 2005
    Date of Patent: May 15, 2012
    Assignee: Panasonic Corporation
    Inventors: Chong Soon Lim, Sheng Mei Shen, Shinya Kadono
  • Patent number: 8171289
    Abstract: A method and apparatus to provide a cryptographic protocol for secure authentication, privacy, and anonymity. The protocol, in one embodiment, is designed to be implemented in a small number of logic gates, executed quickly on simple devices, and provide military grade security.
    Type: Grant
    Filed: June 11, 2007
    Date of Patent: May 1, 2012
    Assignee: Symantec Corporation
    Inventors: Joseph A. Adler, David M'Raihi
  • Patent number: 8146163
    Abstract: A method for securing personal computing devices from unauthorized data copying and removal includes detecting an attachment of a device to a client included within a computing network; determining whether the detected attached device is permitted to be attached to the client; prompting a user of the client to remove the attached device therefrom in the event the detected attached device is not permitted to be attached to the client; and loading a replacement device driver onto the client in the event the attached device has not been removed, wherein the replacement device driver prevents the client from copying data to the attached device.
    Type: Grant
    Filed: November 9, 2006
    Date of Patent: March 27, 2012
    Assignee: International Business Machines Corporation
    Inventors: Edward E. Kelley, Tijs Y. Wilbrink
  • Patent number: 8127135
    Abstract: A system comprises a first operating environment and a second operating environment. The first and second operating environments exchange information in encrypted form using a shared encryption key (K3). The first and second operating environments cooperate to change the encryption key K3 using another shared encryption key (K4). The encryption key K4 is changed upon the encryption key K3 being changed.
    Type: Grant
    Filed: September 28, 2006
    Date of Patent: February 28, 2012
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Wael M. Ibrahim, Lan Wang, Jennifer E. Rios, Valluddin Y. Ali, Manuel Novoa
  • Patent number: 8059814
    Abstract: A technique carries out seed (or key) derivation within an electronic apparatus (e.g., a hand holdable electronic apparatus such as a token, an authentication server, etc.). The technique involves acquiring a stored representation of a derived seed, the stored representation of the derived seed resulting from an earlier-performed cryptographic operation based on a higher-level seed. The technique further involves (i) performing a current cryptographic operation based on a stored representation of the higher-level seed, the current cryptographic operation resulting in a current representation of the derived seed, and (ii) providing a corruption detection signal indicating whether the current representation of the derived seed matches the stored representation of the derived seed.
    Type: Grant
    Filed: September 28, 2007
    Date of Patent: November 15, 2011
    Assignee: EMC Corporation
    Inventor: William M. Duane
  • Patent number: 8054967
    Abstract: A computer system having resistance to timing attacks based on measuring processing times by encrypting or decrypting a plain text or ciphertext by converting the partial data related to the plain text or the encrypted text into conversion data. In the system, a conversion table includes one piece of conversion data corresponding to the partial data at a start position of a line table area and includes data not associated with the conversion in the other position. In the system, a computer program includes an operation instruction for calculating a predetermined position of the conversion data in the conversion table by using acquired partial data and a read instruction for reading out the conversion data from the calculated position.
    Type: Grant
    Filed: April 15, 2005
    Date of Patent: November 8, 2011
    Assignee: Panasonic Corporation
    Inventors: Masao Nonaka, Kaoru Yokota, Motoji Ohmori
  • Patent number: 8041946
    Abstract: A secure network server wherein both the forwarding process and the receiving process are created upon connection initialization, and the receiving process is held off from communicating with the source host until the forwarding process has created a connection with the destination host. This solves the problem of message loss when the destination host is unreachable.
    Type: Grant
    Filed: February 28, 2006
    Date of Patent: October 18, 2011
    Assignee: The Boeing Company
    Inventors: Kelly S. Bunn, Daniel D. Schnackenberg, Janell Schnackenberg, legal representative
  • Patent number: 8036380
    Abstract: A message authentication code, MAC, is generated in an electronic circuit, wherein the MAC integrity protects a data value, PD. A random challenge word, RND, is received from a source that is external to the electronic circuit. A first function G(RND,K) is evaluated that generates a first encrypted value, K?, from RND and K, wherein K is a secret key value that is stored on the electronic circuit. A second function F(RND,K) is evaluated that generates a second encrypted value, K?, from RND and K. The MAC is then generated in accordance with MAC=K?+m1K?+m2K?2+ . . . +MlK?l, wherein m1, m2, . . . , ml are derived by representing the data value, PD, as an l-tuple of elements in a field, GF(2n), wherein n is an integer greater than zero. A hardware-efficient arrangement is also disclosed for generating this and other MACs.
    Type: Grant
    Filed: December 14, 2006
    Date of Patent: October 11, 2011
    Assignee: Telefonaktiebolaget L M Ericsson (publ)
    Inventors: Christian Gehrmann, Bernard Smeets
  • Patent number: 7958355
    Abstract: Systems and methods that facilitate introducing devices having digital characteristics to one another, to mitigate a man-in-the-middle attack. A keytote component supplies initial session keys for communication between devices, and includes a plurality of interfaces that can facilitate such communication. The keytote component can receive a key from a first device via one of a plulrality of communication interfaces associated with the keytote component. The user can then physically carry the keytote component to the vicinity of a second device for transferring the key thereto. As such, a man-in-the-middle attack can be mitigated, as an encrypted channel can be established in an insecure environment.
    Type: Grant
    Filed: March 1, 2006
    Date of Patent: June 7, 2011
    Assignee: Microsoft Corporation
    Inventors: William Thomas Blank, Robert G. Atkinson
  • Patent number: 7908651
    Abstract: A method of network communication and a network gateway are disclosed. The method and gateway operate between a secure network and remote clients by way of an intermediate transport network, such as the Internet. The remote clients connect through a NAT router so share a common source address on the intermediate transport network. In the secure network, the method analyses packets received from a remote client to identify packets that start a new secure communication session. Then, the method assigns a session-unique address and port to the new secure communication session. Subsequent packets are translated in the secure communication session by exchanging the source address with the local session address. Thus, the secure network perceived each session as originating from a distinct address and port, whereby several such sessions can coexist simultaneously.
    Type: Grant
    Filed: February 28, 2006
    Date of Patent: March 15, 2011
    Assignee: Asavie R&D Limited
    Inventor: Thomas Maher
  • Patent number: 7904732
    Abstract: Provided are a method, system, and article of manufacture for encrypting and decrypting database records. Encryption metadata is provided for a database file having fields, wherein the encryption metadata indicates at least one encryption key for the file. A request is received to perform a read or write operation with respect to a record including the fields for the database file. A determination is made from the encryption metadata of the at least one encryption key for the database file. The determined encryption key is used to encrypt or decrypt for the read or write operation with respect to at least one of the fields in the database file.
    Type: Grant
    Filed: September 27, 2006
    Date of Patent: March 8, 2011
    Assignee: Rocket Software, Inc.
    Inventors: Jing Cui, Jianhua Zhou
  • Patent number: 7900252
    Abstract: A method for managing shared passwords on a multi-user computer system is disclosed. A set of shared passwords and an administrator internal key are initially generated. After the receipt of an administrator external key, the administrator internal key is encrypted with the administrator external key. For each user level within the computer system, an internal key is generated by hashing the administrator internal key. For each user level within the computer system, each of the shared passwords encrypted with a respective one of the internal keys. The internal keys and the encrypted shared passwords are then stored in a non-volatile storage device.
    Type: Grant
    Filed: August 28, 2006
    Date of Patent: March 1, 2011
    Assignee: Lenovo (Singapore) Pte. Ltd.
    Inventors: Seiichi Kawano, Tadanobu Inoue, David C. Challener, Philip L. Childs, Norman A. Dion, II