Patents Examined by Michael J. Simitoski
-
Patent number: 7748036Abstract: Methods are provided for categorizing input data into a selected data type category. Exemplary embodiments are directed to the categorization of binary input data, for example random input data, as either compressed or encrypted based on statistical analysis. To this end, at least a portion of the input data is analyzed to derive a statistical test result for the portion that is indicative of a degree of randomness of the data. The data is then categorized as either compressed or encrypted based on the statistical test result.Type: GrantFiled: November 28, 2005Date of Patent: June 29, 2010Assignee: Sytex, Inc.Inventors: William R. Speirs, III, Eric B. Cole
-
Patent number: 7747862Abstract: Methods and apparatus to authenticate base and subscriber stations and secure sessions for broadband wireless networks, such as IEEE P802.16-based networks. The apparatus employs a trusted platform module (TPM) to generate security keys, including attestation identity keys (AIKs). A subscriber station (SS) generates an AIK key pair for a specific authentication server (AS) operated by a broadband wireless network, and sends the public AIK key to the AS during a one-time service signup process. In response to an access request, the SS sends authentication information including a manifest signed with the SS's private AIK key. The SS may then be authenticated by the AS via use of the SS's public AIK key. The AS may be authenticated by the SS using a similar process, thus supporting mutual authentication via AIK keys. The TPM may also be used to verify a current configuration of a subscriber station platform is an authorized configuration.Type: GrantFiled: June 28, 2004Date of Patent: June 29, 2010Assignee: Intel CorporationInventor: Shlomo Ovadia
-
Patent number: 7739501Abstract: A computer program product, for producing a cryptographic key label for use in exchanging information between first and second organizations of members, resides on a computer-readable medium includes computer-readable instructions configured to cause a computer to: produce a read-write cryptographic key using at least one base value; produce a write-only cryptographic key using the read-write cryptographic key; combine a first identifier, uniquely associated with the first organization, and a second identifier, uniquely associated with the key label to be produced, using a one-way function to produce a pedigree; and associate the pedigree with the read-write key and the write-only key to form the cryptographic key label.Type: GrantFiled: July 29, 2005Date of Patent: June 15, 2010Assignee: InfoAssure, Inc.Inventors: Gerald D. Kimmel, Ersin L. Domangue
-
Patent number: 7738660Abstract: A cryptographic key split combiner includes a number of key split generators for generating cryptographic key splits from seed data, and a key split randomizer for randomizing the key splits to produce a cryptographic key. The key split generators can include a random split generator for generating random key splits, a token split generator for generating token key splits based on label data, a console split generator for generating console key splits based on maintenance data, a biometric split generator for generating biometric key splits based on biometric data, and a location split generator for generating location key splits based on location data. Label data can be read from storage, and can include user authorization data. A process for forming cryptographic keys includes randomizing or otherwise binding the splits to form the key.Type: GrantFiled: June 22, 2006Date of Patent: June 15, 2010Assignee: TecSec, Inc.Inventors: Edward M. Scheidt, C. Jay Wack
-
Patent number: 7734913Abstract: A delivery of content to the unspecified number of persons is prevented by limiting the content delivery range. A delivery source terminal 110 generates an authentication code based on the number of possible transmission times of content and an authentication code key 116, and configures the number of possible transmission times and the generated authentication code in a packet. The delivery source terminal 110 transmits the packet to a delivery destination terminal 130. A router 120 verifies whether the authentication code generated based on the number of possible transmission times and the authentication code key 124 that are received agrees with the authentication code received from the delivery source terminal 110, updates the number of possible transmission times when the two codes agree, generates a new authentication code, and configures it in the packet. The router 120 transmits the packet thus generated to the delivery destination terminal 130.Type: GrantFiled: February 4, 2005Date of Patent: June 8, 2010Assignee: Hitachi, Ltd.Inventors: Harumi Morino, Masataka Okayama
-
Patent number: 7730313Abstract: Disclosed is a system configured to process content to enable tracing of at least one of a multitude of subsequent uses of content by at least one user. The system provides for: making markable content from content, iteratively marking the markable content with information such as use information; and later extracting at least one of the iteratively applied marks.Type: GrantFiled: August 1, 2005Date of Patent: June 1, 2010Assignee: Dolby Laboratories Licensing CorporationInventors: Robert Schumann, Jeffrey Segal
-
Patent number: 7725946Abstract: An authenticating program, system and method for authenticating permission of a user to use a computer system, by storing inhibiting information, supervising input manipulation to a protected computer upon transition of the operating condition of the protected computer to the usable condition, acquiring input information to indicate contents of relevant input manipulations, and comparing the acquired input information with the inhibiting information stored in said inhibiting information storing means. Then, permission of the user is authenticated based on the result of the comparison. When the permission of the user is determined to be unauthentic, the operating condition of the computer is transitioned to a restricted condition.Type: GrantFiled: April 19, 2006Date of Patent: May 25, 2010Assignee: Fujitsu LimitedInventor: Nobuo Ogushi
-
Patent number: 7721086Abstract: A cryptographic system (500) includes cryptographic sub-units (510) and associated input buffers (520) connected to a scheduler (530) and a reassembler (540). The scheduler (530) receives packets, where each of the packets includes one or more data blocks, and assigns each of the packets to one of the sub-units (510). The input buffers (520) temporarily store the packets from the scheduler (530). Each of the sub-units (510) performs a cryptographic operation on the data blocks from the associated input buffer (520) to form transformed blocks. The reassembler (540) receives the transformed blocks from the sub-units (510), reassembles the packets from the transformed blocks, and outputs the reassembled packets in a same order in which the packets were received by the scheduler (530).Type: GrantFiled: December 31, 2008Date of Patent: May 18, 2010Assignee: Verizon Corporate Services Group Inc. & BBN Technologies Corp.Inventor: Walter Clark Milliken
-
Patent number: 7721102Abstract: A system and method for detecting exposure of an OCSP responder's session private key in a D-OCSP-KIS to verify the status of a user's certificate online are provided. The system includes: a client for requesting certificate status information from the OCSP responder; the OCSP responder for receiving the certificate status information request from the client, sending a response, producing a hash value, and delivering the hash value to a certificate authority (CA) to get a certificate issued; and the CA for receiving the hash value from the OCSP responder and issuing the certificate to the OCSP responder in response to a certificate issue request; wherein the client verifies a digital signature using a hash value contained in the OCSP responder's certificate and the hash value contained in the response, and each client stores a counter value for a hash operation in each verification and recognizes the response as valid when a current counter value is greater than a previous counter value.Type: GrantFiled: May 11, 2006Date of Patent: May 18, 2010Assignee: Sungkyunkwan University Foundation for Corporate CollaborationInventors: Dongho Won, Seungjoo Kim, Younggyo Lee
-
Patent number: 7721333Abstract: A method and system for detecting a keylogger on a computer is described. One illustrative embodiment creates, in a memory of the computer, a hidden window; generates a unique, unpredictable data pattern; inputs, to the hidden window, the unique, unpredictable data pattern in a manner that mimics keyboard input from a user; scans running processes in the memory other than a keylogger detection process for the unique, unpredictable data pattern; and performs a secondary scan of a suspect process, the suspect process having an associated buffer that contains the unique, unpredictable data pattern.Type: GrantFiled: January 18, 2006Date of Patent: May 18, 2010Assignee: Webroot Software, Inc.Inventor: Jefferson Delk Horne
-
Patent number: 7715563Abstract: A state vector acquisition technique for a counter-based cryptographic data communication system is disclosed. The acquisition technique facilitates receipt of the state vector components (the short component and the long components) in any chronological order. The state vector components are saved upon receipt, and a counter for each long component is initialized upon receipt of the long component. After receipt of all components, the receiver device constructs a current state vector value based upon the received component values and the long component counter values.Type: GrantFiled: February 16, 2006Date of Patent: May 11, 2010Assignee: General Dynamics C4 Systems, Inc.Inventor: Ty Lindteigen
-
Patent number: 7713309Abstract: The detection of devices with duplicate media access controller (MAC) addresses in a cable network. A cable network device (CND) having a MAC address is connected by the cable network to a cable modem termination system (CMTS) having a gateway interface address. A centralized storage of historical cable modem MAC address/giaddr tuple data is used to identify CNDs that report duplicate MAC addresses. The cable network tracks the CND MAC address/giaddr tuple data of all CND requests that it receives and stores the MAC address/giaddr tuple data into a datastore (such as a database). When a CND seeks to access the network, the cable network looks into the datastore to determine whether the CND MAC address of the CND has previously been stored with a different associated giaddr, which would imply that there are multiple CNDs attached to different CMTSs where the CNDs share the same MAC address. If such duplication is detected, an appropriate remedial response is taken.Type: GrantFiled: November 7, 2008Date of Patent: May 11, 2010Assignee: Time Warner Cable, a division of Time Warner Entertainment Company, L.P.Inventors: Kenneth Gould, Christopher Pierce Williams
-
Patent number: 7711116Abstract: Digital communication schemes using chaotic signals as carriers can be broadly classified into two categories. In the first category, the chaotic signals carrying the information have to be synchronously regenerated at the receiver, which may be applicable to low noise environment. The second category requires no synchronous regeneration of the carrying chaotic signals in the receiver. An example of the second category utilizes a specific bit structure, which may not be able to resist unintended reception because the fabricated bit structure can be relatively easily detected. This invention involves systems and methods for transmitting digital messages modulated as chaotic signals, and the demodulation methods. One individual chaotic signal generator having a specific chaotic characteristic value is responsible for generating a chaotic signal for each possible value of the digital message according to a chaotic algorithm.Type: GrantFiled: July 8, 2003Date of Patent: May 4, 2010Assignee: The Hong Kong Polytechnic UniversityInventors: Chi-Kong Tse, Chung-Ming Lau
-
Patent number: 7694134Abstract: Systems and methods are provided for encrypting data without regard to applications writing the data to, or reading the data from, encrypted data storage devices. An operating system intercept detects information indicating that a file will be encrypted and, in respond, sets device-level flags indicating encryption and also establishes one or more encryption keys to be used in the encryption process. A second intercept detects an input/output event and, in response, calls an encryption application to encrypt (or decrypt) the data before it is written to (or read from) the data storage device.Type: GrantFiled: April 18, 2006Date of Patent: April 6, 2010Assignee: Computer Associates Think, Inc.Inventors: Russell A. Witt, Timothy R. Bruce, David L. Helsley, Osvaldo A. Ridner, John M. Casey
-
Patent number: 7690024Abstract: It is made possible to prevent “spoofing” and incur no additional management cost as effectively as possible. An authenticated device includes: at least one authenticated element that generates an output signal with characteristics spontaneously varying, at the time of manufacturing, with respect to a continuous input signal. The characteristics of the authenticated element are used as information unique to an individual.Type: GrantFiled: February 9, 2006Date of Patent: March 30, 2010Assignee: Kabushiki Kaisha ToshibaInventors: Atsuhiro Kinoshita, Kazuya Matsuzawa
-
Patent number: 7685415Abstract: An exclusive encryption system is established using multiple computing devices. The exclusive encryption system allows for the exclusion of certain plaintext (e.g., by one of the computing devices) and ciphertext (e.g., by another of the computing devices) while at the same time maintaining the privacy created by the encryption (e.g., so the other computing device cannot see the plaintext). The exclusive encryption system may be implemented as part of a serverless distributed file system with directory entries (e.g., file names or folder names) being the plaintext, or alternatively as part of other systems.Type: GrantFiled: November 10, 2004Date of Patent: March 23, 2010Assignee: Microsoft CorporationInventors: John R. Douceur, Josh D. Benaloh, Gideon A. Yuval, Atul Adya
-
Patent number: 7685630Abstract: Methods and systems of authenticating a plurality of users for access to an on-line group activity are described. The systems and methods prevent overloading of any participant's computer due to authentication. In some configurations, multiple endpoints are designated as authenticators and requests for authentication are load balanced amongst the authenticators.Type: GrantFiled: May 4, 2006Date of Patent: March 23, 2010Assignee: Citrix Online, LLCInventors: Ashish V. Thapliyal, Vishal Mittal, Tony Spataro, John Kennedy
-
Patent number: 7681047Abstract: Provided are a method, system, and article of manufacture, wherein a controller receives encrypted data from a first storage unit coupled to the controller. The received encrypted data is stored in a second storage unit coupled to the controller, wherein the controller is capable of accessing the second storage unit faster in comparison to the first storage unit. The encrypted data is maintained in the second storage unit, until at least one condition is satisfied.Type: GrantFiled: April 18, 2006Date of Patent: March 16, 2010Assignee: International Business Machines CorporationInventors: Michael Thomas Benhase, Susan Kay Candelaria
-
Patent number: 7681243Abstract: A method and apparatus for processing digital rights managements (DRM) contents having advertisement (AD) contents attached thereto in a DRM system are disclosed. When DRM contents including AD contents are selected by a DRM device, a rights issuer (RI) receives the AD contents and the DRM contents from a contents issuer (CI), generates a multipart contents format file, and downloads it to the DRM device. Then, the DRM device decodes the downloaded multipart contents format file to check whether the multipart contents format file includes AD contents-attached DRM contents, and if so, the DRM device reproduces the AD contents to use the DRM contents free of cost. Thus, the DRM contents can be provided to a user by using the AD contents without causing a burden of a charge.Type: GrantFiled: November 7, 2005Date of Patent: March 16, 2010Assignee: LG Electronics, Inc.Inventor: Jea-Un Kim
-
Patent number: 7676677Abstract: A digital signature method and apparatus is provided in which a first party with a first public/private key pair forms an ambiguous signature on subject data using at least the private key of the first key pair, a keystone initially only known to the first party, and the public key of at least one other public/private key-pair. This signature is ambiguous in that a signature-checking party can only verify that the signature is in the set comprising a signature created by the first party and a respective signature created by the possessor of the private key of the or each of the key pairs the public key of which was used in creating the signature. Revelation of the keystone renders the signature unambiguous. Such an ambiguous signature can be used to implement a fair exchange of signatures between any number of parties, with the exchanged signatures being ambiguous signatures until revelation of the initial signer's keystone.Type: GrantFiled: September 30, 2004Date of Patent: March 9, 2010Assignee: Hewlett-Packard Development Company, L.P.Inventors: Liqun Chen, Caroline Kudla