Abstract: The electrical phase synchronization technology includes a system, a method, and/or components thereof. In some examples, the electrical phase synchronization system includes an electrical power transmission network having a plurality of transmission lines and a plurality of electrical power generation devices. Each electrical power generation device includes an electrical power source and a control unit.

Abstract: The electrical phase synchronization technology includes a system, a method, and/or components thereof. In some examples, the electrical phase synchronization system includes an electrical power transmission network having a plurality of transmission lines and a plurality of electrical power generation devices. Each electrical power generation device includes an electrical power source and a control unit.

Abstract: A method to providing multilevel security for a data object requested by a workstation user includes providing a security label for the data object, associating security rules including a security clearance level for the data object with the security label, binding the security label to the data object, validating the correctness of the security label, associating the user's security clearance level with at least one user certificate, verifying the at least one user certificate, and determining whether the user has clearance to receive the requested data.

Abstract: A computer system and a method for the protected distribution of certificate and keying material between a certification authority and at least one entity in the certification authority's domain, including the steps of sending keying material, including a password, generated by the Certifying Authority to the entity via a secure medium; generating and protecting, by the entity, a public and a private key pair using the keying material provided it by the certifying authority; generating, protecting and sending a request for a certificate to the certifying authority using the keying material provided it by the certifying authority; requesting, by the certifying authority, that the public key and address of the entity be sent to the certifying authority; protecting and sending the public key and address of the entity to the certifying authority using the keying material provided it by the certifying authority; assembling and issuing the certificate to the entity from the certifying authority and recording the pu

Abstract: A distributed authentication system that prevents unauthorized access to any computer system in a distributed environment. Authentication using the present invention involves three distinct phases. In the first phase, user passwords are generated by the computer system and encrypted on a coded card together with a message authentication code to prevent alterations prior to any access attempts. These are complex and impersonal enough not to be easily guessed. This coded card must be used whenever requesting access to the system. Second, in addition to supplying a password, the user is required to correctly respond to a set of randomly selected authentication challenges when requesting access. The correct responses may vary between the right response, a wrong response or no response depending on some predetermined variable, e.g., the day of the week or hour of the day. The dual randomness thus introduced significantly reduces the usefulness of observed logon information.

Abstract: A method of secure data transfer by physical transport of an electronic storage device wherein the sender, using a type 1 encryption/decryption algorithm, sequentially encrypts data, in any order, with the public key of the receiver and the private key of the sender and then stores then the encrypted data on the transportable electronic storage medium. The receiver, upon receipt of the transportable electronic storage medium, sequentially, in the reverse order of public key/private key use, decrypts using the type 1 encryption/decryption algorithm for said decryption, the data stored on the transportable electronic storage medium with the public key of said sender and the private key of the receiver to provide data in its state prior to by the sender.

Abstract: An authentication method that permits a user and a file serving workstation to mutually authenticate themselves. This is accomplished by exchanging a random number that is encrypted by a password that is known to the user and stored in a password file on the file serving workstation. A logon ID is sent from the client workstation to the server workstation. The stored user password corresponding to the user ID is retrieved from the password file. A random number is created that is encrypted by a symmetric encryption algorithm on the server workstation using the retrieved user password, and which provides an encrypted password. The user is then requested to enter the password into the user workstation. The entered password is used to decrypt the encrypted password received from the server workstation and retrieve the random number therefrom to authenticate the server workstation. The random number is then used as the encryption and decryption key for communication between the user and server workstations.

Abstract: A method and apparatus for remotely accessing a host computer from a remote location. The invention permits a user to remotely change a telephone number that allows the host computer to dial the user's current location. A user performs this change only after he has been strongly authenticated using a distributed user authentication protocol in addition to a simple user ID and password. This allows the user to move between locations and access the host computer, while the call-back feature protects the host computer from unauthorized intrusion. Also, a second registered user who does not have call-back authority may gain access to the host computer through a user that has call-back authority. In this case the user with call-back authority gains entry into the host computer and causes it to call the second registered user, who then enters a user ID and password to gain entry to the host computer.

Abstract: A method of securely deleting a file on a storage medium of a computer system so that it is not readable, wherein an encryption algorithm is used to encrypt the data in the stored file prior to a conventional deletion process. The present invention permits a user to erase files from a permanent storage space and in a manner that makes the file totally unreadable by others. When a user requests deletion of a stored file, the file is encrypted so that it is not readable. The user has an option to undelete the file by decrypting the file as long as this operation is done before the storage space is used by another program. When the secure deletion method is used, no utility program can recover any information from the deleted file. To an intruder, the storage space is encrypted to look like random bits. Therefore, no information can be retrieved nor derived from the encrypted, deleted file.

Abstract: Apparatus and methods of authenticating users in a distributed networked computing system. The system may comprise a central server embodiment that includes a file wherein IDs and encrypted passwords are stored, or a distributed system embodiment where IDs and encrypted passwords are stored in files at each respective computer in the system. A multiple logon procedure and secure transport layer protocol are used with a user's communication software and network communication software. When a user desires to use a particular computer, logon requests are processed by the multiple logon procedure and it accesses the stored file that contains the user's ID and encrypted password, decrypts the password, accesses the remote computer, and logs the user onto that computer. In the central server system all IDs and encrypted passwords are stored on a single computer (the server) that controls access to the entire distributed system.