Patents by Inventor Derk Norton
Derk Norton has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11936639Abstract: A device comprises: a receiver configured to receive a client certificate; a processor coupled to the receiver and configured to: authenticate the client certificate, extract, in response to the authentication, attributes from the client certificate, and create, in response to the extraction, a message comprising reformatted attributes based on the attributes, wherein the reformatted attributes can be trusted; and a transmitter coupled to the processor and configured to transmit the message. A device comprises: a processor configured to: process a client certificate comprising a certificate identifier (ID) attribute, a tenant ID attribute, and a role ID attribute, and package the client certificate in a request for a shared service; and a transmitter coupled to the processor and configured to transmit the request.Type: GrantFiled: March 4, 2021Date of Patent: March 19, 2024Assignee: Blackhawk Network, Inc.Inventors: Derk Norton, Tushar Vaish, Jeff Webb
-
Publication number: 20210194865Abstract: A device comprises: a receiver configured to receive a client certificate; a processor coupled to the receiver and configured to: authenticate the client certificate, extract, in response to the authentication, attributes from the client certificate, and create, in response to the extraction, a message comprising reformatted attributes based on the attributes, wherein the reformatted attributes can be trusted; and a transmitter coupled to the processor and configured to transmit the message. A device comprises: a processor configured to: process a client certificate comprising a certificate identifier (ID) attribute, a tenant ID attribute, and a role ID attribute, and package the client certificate in a request for a shared service; and a transmitter coupled to the processor and configured to transmit the request.Type: ApplicationFiled: March 4, 2021Publication date: June 24, 2021Applicant: Blackhawk Network, Inc.Inventors: Derk Norton, Tushar Vaish, Jeff Webb
-
Patent number: 10958636Abstract: A device comprises: a receiver configured to receive a client certificate; a processor coupled to the receiver and configured to: authenticate the client certificate, extract, in response to the authentication, attributes from the client certificate, and create, in response to the extraction, a message comprising reformatted attributes based on the attributes, wherein the reformatted attributes can be trusted; and a transmitter coupled to the processor and configured to transmit the message. A device comprises: a processor configured to: process a client certificate comprising a certificate identifier (ID) attribute, a tenant ID attribute, and a role ID attribute, and package the client certificate in a request for a shared service; and a transmitter coupled to the processor and configured to transmit the request.Type: GrantFiled: December 20, 2018Date of Patent: March 23, 2021Assignee: Blackhawk Network, Inc.Inventors: Derk Norton, Tushar Vaish, Jeff Webb
-
Publication number: 20200036524Abstract: Systems and methods are provided for securing a private key on a mobile device for use with public key cryptography. Specifically, a private key is reduced to two partial keys where the partial keys are stored on separate electronic devices. The partial keys combine to temporarily regenerate the private key for the purposes of notarizing (digitally signing) messages or documents, and decrypting a message or document that was encrypted using the corresponding public key. The partial keys in some embodiments may be a secret key, which can be derived from an account identifier and a password, and an exclusive key, which can be derived from the secret key and the private key. The private key can be regenerated from the secret key and the exclusive key. With the partial keys stored on separate devices, another layer of practical security is provided to public key cryptography.Type: ApplicationFiled: October 7, 2019Publication date: January 30, 2020Inventor: Derk Norton
-
Publication number: 20190386978Abstract: A device comprises: a receiver configured to receive a client certificate; a processor coupled to the receiver and configured to: authenticate the client certificate, extract, in response to the authentication, attributes from the client certificate, and create, in response to the extraction, a message comprising reformatted attributes based on the attributes, wherein the reformatted attributes can be trusted; and a transmitter coupled to the processor and configured to transmit the message. A device comprises: a processor configured to: process a client certificate comprising a certificate identifier (ID) attribute, a tenant ID attribute, and a role ID attribute, and package the client certificate in a request for a shared service; and a transmitter coupled to the processor and configured to transmit the request.Type: ApplicationFiled: December 20, 2018Publication date: December 19, 2019Inventors: Derk Norton, Tushar Vaish, Jeff Webb
-
Patent number: 10439811Abstract: Systems and methods are provided for securing a private key on a mobile device for use with public key cryptography. Specifically, a private key is reduced to two partial keys where the partial keys are stored on separate electronic devices. The partial keys combine to temporarily regenerate the private key for the purposes of notarizing (digitally signing) messages or documents, and decrypting a message or document that was encrypted using the corresponding public key. The partial keys in some embodiments may be a secret key, which can be derived from an account identifier and a password, and an exclusive key, which can be derived from the secret key and the private key. The private key can be regenerated from the secret key and the exclusive key. With the partial keys stored on separate devices, another layer of practical security is provided to public key cryptography.Type: GrantFiled: December 22, 2017Date of Patent: October 8, 2019Assignee: Crater Dog Technologies, LLCInventor: Derk Norton
-
Patent number: 10404671Abstract: Disclosed are requesting party and responding party computer systems which perform a message level encryption for messages sent through the computer systems. Using the message level encryption, the computer systems may prevent those with access to an unsecured zone in one or more of the computer systems from viewing the messages.Type: GrantFiled: October 16, 2018Date of Patent: September 3, 2019Assignee: BLACKHAWK NETWORK, INC.Inventor: Derk Norton
-
Publication number: 20190052612Abstract: Disclosed are requesting party and responding party computer systems which perform a message level encryption for messages sent through the computer systems. Using the message level encryption, the computer systems may prevent those with access to an unsecured zone in one or more of the computer systems from viewing the messages.Type: ApplicationFiled: October 16, 2018Publication date: February 14, 2019Inventor: Derk Norton
-
Patent number: 10164962Abstract: A trusted information communication device comprising a receiver configured to receive a client certificate; a processor coupled to the receiver and configured to: authenticate the client certificate, extract, in response to the authentication, attributes from the client certificate, and create, in response to the extraction, a message comprising reformatted attributes based on the attributes, wherein the reformatted attributes can be trusted; and a transmitter coupled to the processor and configured to transmit the message.Type: GrantFiled: March 14, 2014Date of Patent: December 25, 2018Assignee: BLACKHAWK NETWORK, INC.Inventors: Derk Norton, Tushar Vaish, Jeff Webb, Rajiv Venkataramana Appana
-
Patent number: 10129225Abstract: Disclosed are requesting party and responding party computer systems which perform a message level encryption for messages sent through the computer systems. Using the message level encryption, the computer systems may prevent those with access to an unsecured zone in one or more of the computer systems from viewing the messages.Type: GrantFiled: November 18, 2016Date of Patent: November 13, 2018Assignee: BLACKHAWK NETWORK, INC.Inventor: Derk Norton
-
Publication number: 20180205544Abstract: Systems and methods are provided for securing a private key on a mobile device for use with public key cryptography. Specifically, a private key is reduced to two partial keys where the partial keys are stored on separate electronic devices. The partial keys combine to temporarily regenerate the private key for the purposes of notarizing (digitally signing) messages or documents, and decrypting a message or document that was encrypted using the corresponding public key. The partial keys in some embodiments may be a secret key, which can be derived from an account identifier and a password, and an exclusive key, which can be derived from the secret key and the private key. The private key can be regenerated from the secret key and the exclusive key. With the partial keys stored on separate devices, another layer of practical security is provided to public key cryptography.Type: ApplicationFiled: December 22, 2017Publication date: July 19, 2018Inventor: Derk Norton
-
Patent number: 9853813Abstract: Systems and methods are provided for securing a private key on a mobile device for use with public key cryptography. Specifically, a private key is reduced to two partial keys where the partial keys are stored on separate electronic devices. The partial keys combine to temporarily regenerate the private key for the purposes of notarizing (digitally signing) messages or documents, and decrypting a message or document that was encrypted using the corresponding public key. The partial keys in some embodiments may be a secret key, which can be derived from an account identifier and a password, and an exclusive key, which can be derived from the secret key and the private key. The private key can be regenerated from the secret key and the exclusive key. With the partial keys stored on separate devices, another layer of practical security is provided to public key cryptography.Type: GrantFiled: May 10, 2016Date of Patent: December 26, 2017Assignee: Crater Dog Technologies, LLCInventor: Derk Norton
-
Publication number: 20170272245Abstract: Systems and methods are provided for securing a private key on a mobile device for use with public key cryptography. Specifically, a private key is reduced to two partial keys where the partial keys are stored on separate electronic devices. The partial keys combine to temporarily regenerate the private key for the purposes of notarizing (digitally signing) messages or documents, and decrypting a message or document that was encrypted using the corresponding public key. The partial keys in some embodiments may be a secret key, which can be derived from an account identifier and a password, and an exclusive key, which can be derived from the secret key and the private key. The private key can be regenerated from the secret key and the exclusive key. With the partial keys stored on separate devices, another layer of practical security is provided to public key cryptography.Type: ApplicationFiled: May 10, 2016Publication date: September 21, 2017Inventor: Derk Norton
-
Publication number: 20170070489Abstract: Disclosed are requesting party and responding party computer systems which perform a message level encryption for messages sent through the computer systems. Using the message level encryption, the computer systems may prevent those with access to an unsecured zone in one or more of the computer systems from viewing the messages.Type: ApplicationFiled: November 18, 2016Publication date: March 9, 2017Inventor: Derk Norton
-
Patent number: 9531688Abstract: Disclosed are requesting party and responding party computer systems which perform a message level encryption for messages sent through the computer systems. Using the message level encryption, the computer systems may prevent those with access to an unsecured zone in one or more of the computer systems from viewing the messages.Type: GrantFiled: January 14, 2015Date of Patent: December 27, 2016Assignee: BLACKHAWK NETWORK, INC.Inventor: Derk Norton
-
Publication number: 20160359633Abstract: Systems and methods are provided for certifying digital tokens and digital transactions that transfer certified digital tokens from one party to another party. Multiple parties such as electronic devices may exchange digital tokens and digital transactions using public key cryptography, which means that each party has a private key that is used to digitally sign a digital token or digital transaction and a public key that is used to verify the signature. After mutual verification, the signed digital tokens and signed digital transactions may be sent to various registries that verify aspects of the tokens, transactions, and related signatures before publicly publishing the signed digital tokens and signed digital transactions such that no party may later repudiate the signed digital tokens, the signed digital transactions, or parties that signed them.Type: ApplicationFiled: June 2, 2016Publication date: December 8, 2016Inventor: Derk Norton
-
Publication number: 20150200920Abstract: Disclosed are requesting party and responding party computer systems which perform a message level encryption for messages sent through the computer systems. Using the message level encryption, the computer systems may prevent those with access to an unsecured zone in one or more of the computer systems from viewing the messages.Type: ApplicationFiled: January 14, 2015Publication date: July 16, 2015Inventor: Derk Norton
-
Publication number: 20140282997Abstract: A device comprises: a receiver configured to receive a client certificate; a processor coupled to the receiver and configured to: authenticate the client certificate, extract, in response to the authentication, attributes from the client certificate, and create, in response to the extraction, a message comprising reformatted attributes based on the attributes, wherein the reformatted attributes can be trusted; and a transmitter coupled to the processor and configured to transmit the message. A device comprises: a processor configured to: process a client certificate comprising a certificate identifier (ID) attribute, a tenant ID attribute, and a role ID attribute, and package the client certificate in a request for a shared service; and a transmitter coupled to the processor and configured to transmit the request.Type: ApplicationFiled: March 14, 2014Publication date: September 18, 2014Applicant: Blackhawk Network, Inc.Inventors: Derk Norton, Tushar Vaish, Jeff Webb, Rajiv Venkataramana Appana
-
Patent number: 7620980Abstract: A secure data broker has been developed, which provides a restricted message based data exchange between a client application and a secured information resource by allowing registered or verified messages to be brokered across a security barrier. In some configurations, both requests and responses are validated and brokered across the security barrier. In other configuration, either requests or responses are validated. To support validation, messages are formatted in accordance with a predefined message specification for at least part of a transaction path between a client application and an information resource accessed by the client application.Type: GrantFiled: July 21, 1999Date of Patent: November 17, 2009Assignee: Sun Microsystems, Inc.Inventors: David L. Wood, Michael B. Dilger, Thomas Pratt, Derk Norton, Stan D. Shurygailo
-
Patent number: 7325128Abstract: A security architecture has been developed in which a single sign-on is provided for multiple information resources. Rather than specifying a single authentication scheme for all information resources, the security architecture associates trust-level requirements with information resources. Authentication schemes (e.g., those based on passwords, certificates, biometric techniques, smart cards, etc.) are employed depending on the trust-level requirement(s) of an information resource (or information resources) to be accessed. Once credentials have been obtained for an entity and the entity has been authenticated to a given trust level, access is granted, without the need for further credentials and authentication, to information resources for which the authenticated trust level is sufficient.Type: GrantFiled: September 19, 2006Date of Patent: January 29, 2008Assignee: Sun Microsystems, Inc.Inventors: David L. Wood, Paul Weschler, Derk Norton, Chris Ferris, Yvonne Wilson, William R. Soley