Patents by Inventor Martin Hallam
Martin Hallam has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10462084Abstract: A method for controlling a message from a sender. A referee can evaluate a credential associated with a message to determine it's desirability to the intended recipient, and take an action based upon the results of the determination. A sender that includes a trusted component can send a credential with the message, and the message can be controlled without a referee.Type: GrantFiled: July 1, 2015Date of Patent: October 29, 2019Assignee: VERISIGN, INC.Inventor: Phillip Martin Hallam-Baker
-
Publication number: 20160191486Abstract: A system and method for authenticating an application (client) to a server or service. During a registration phase, an application that requests access to a service can receive a service identifier, which it can authenticate. The application can generate and send to the server or service an application-service key that is based upon the authenticated service identifier and a secret application key; a service-application identifier that can be based upon the authenticated service identifier and an application identifier; and a registration nonce, all of which can be stored at the server. During the authentication phase, the client can send to the server the application-service identifier, which the server can use to lookup the stored registration data. The server can send the registration nonce to the client, which can compute a proof of possession of the service-application key and send to the server. The server can compute its own version of this key and compare it to the received key.Type: ApplicationFiled: December 28, 2015Publication date: June 30, 2016Inventor: Philip Martin Hallam-Baker
-
Patent number: 9240891Abstract: A hybrid authentication device that has a keypad, a display, an electronic communications interface and a processor and memory that can be removable, such as a Subscriber Identity Module. The device can operate in a stand-alone mode, in which a user enters a personal identification number and challenge using the keypad, and the device generates a response. The device can also function as a smartcard, and can be electronically coupled to an external device using the communications interface.Type: GrantFiled: June 10, 2004Date of Patent: January 19, 2016Assignee: Symantec CorporationInventors: Nicolas Popp, Siddharth Bajaj, Phillip Martin Hallam-Baker
-
Patent number: 9225702Abstract: A system and method for authenticating an application (client) to a server or service. During a registration phase, an application that requests access to a service can receive a service identifier, which it can authenticate. The application can generate and send to the server or service an application-service key that is based upon the authenticated service identifier and a secret application key; a service-application identifier that can be based upon the authenticated service identifier and an application identifier; and a registration nonce, all of which can be stored at the server. During the authentication phase, the client can send to the server the application-service identifier, which the server can use to lookup the stored registration data. The server can send the registration nonce to the client, which can compute a proof of possession of the service-application key and send to the server. The server can compute its own version of this key and compare it to the received key.Type: GrantFiled: March 18, 2013Date of Patent: December 29, 2015Assignee: VERISIGN, INC.Inventor: Phillip Martin Hallam-Baker
-
Publication number: 20150304259Abstract: A method for controlling a message from a sender. A referee can evaluate a credential associated with a message to determine it's desirability to the intended recipient, and take an action based upon the results of the determination. A sender that includes a trusted component can send a credential with the message, and the message can be controlled without a referee.Type: ApplicationFiled: July 1, 2015Publication date: October 22, 2015Inventor: Phillip Martin Hallam-Baker
-
Patent number: 9083695Abstract: A method for controlling a message from a sender. A referee can evaluate a credential associated with a message to determine its desirability to the intended recipient, and take an action based upon the results of the determination. A sender that includes a trusted component can send a credential with the message, and the message can be controlled without a referee.Type: GrantFiled: May 13, 2014Date of Patent: July 14, 2015Assignee: VERISIGN, INC.Inventor: Phillip Martin Hallam-Baker
-
Publication number: 20140250506Abstract: A method for controlling a message from a sender. A referee can evaluate a credential associated with a message to determine its desirability to the intended recipient, and take an action based upon the results of the determination. A sender that includes a trusted component can send a credential with the message, and the message can be controlled without a referee.Type: ApplicationFiled: May 13, 2014Publication date: September 4, 2014Applicant: Verisign, Inc.Inventor: Phillip Martin Hallam-Baker
-
Patent number: 8745146Abstract: A method for controlling a message from a sender. A referee can evaluate a credential associated with a message to determine ifs desirability to the intended recipient, and take an action based upon the results of the determination. A sender that includes a trusted component can send a credential with the message, and the message can be controlled without a referee.Type: GrantFiled: January 13, 2012Date of Patent: June 3, 2014Assignee: Verisign, Inc.Inventor: Phillip Martin Hallam-Baker
-
Patent number: 8607044Abstract: A privacy enhanced identity scheme that may use public and private key cryptography to selectively distribute attributes of a token holder to a relying party. A challenge message {Rnonce, RID}, where Rnonce is a reader nonce and RID is a reader identifier. Methods may also include, responsive to the challenge message, sending a response message including at least an encrypted private token identifier TID and a session key k. In response to a challenge from a reader. The token sends a message that includes token identifier that is un-linkable to other identifiers sent from the same token.Type: GrantFiled: February 2, 2007Date of Patent: December 10, 2013Assignee: Verisign, Inc.Inventor: Philip Martin Hallam-Baker
-
Publication number: 20130219477Abstract: A system and method for authenticating an application (client) to a server or service. During a registration phase, an application that requests access to a service can receive a service identifier, which it can authenticate. The application can generate and send to the server or service an application-service key that is based upon the authenticated service identifier and a secret application key; a service-application identifier that can be based upon the authenticated service identifier and an application identifier; and a registration nonce, all of which can be stored at the server. During the authentication phase, the client can send to the server the application-service identifier, which the server can use to lookup the stored registration data. The server can send the registration nonce to the client, which can compute a proof of possession of the service-application key and send to the server. The server can compute its own version of this key and compare it to the received key.Type: ApplicationFiled: March 18, 2013Publication date: August 22, 2013Applicant: VERISIGN, INC.Inventor: Phillip Martin Hallam-Baker
-
Patent number: 8402519Abstract: A system and method for authenticating an application (client) to a server or service. During a registration phase, an application that requests access to a service can receive a service identifier, which it can authenticate. The application can generate and send to the server or service an application-service key that is based upon the authenticated service identifier and a secret application key; a service-application identifier that can be based upon the authenticated service identifier and an application identifier; and a registration nonce, all of which can be stored at the server. During the authentication phase, the client can send to the server the application-service identifier, which the server can use to lookup the stored registration data. The server can send the registration nonce to the client, which can compute a proof of possession of the service-application key and send to the server. The server can compute its own version of this key and compare it to the received key.Type: GrantFiled: September 17, 2009Date of Patent: March 19, 2013Assignee: Verisign, Inc.Inventor: Phillip Martin Hallam-Baker
-
Publication number: 20120117173Abstract: A method for controlling a message from a sender. A referee can evaluate a credential associated with a message to determine ifs desirability to the intended recipient, and take an action based upon the results of the determination. A sender that includes a trusted component can send a credential with the message, and the message can be controlled without a referee.Type: ApplicationFiled: January 13, 2012Publication date: May 10, 2012Applicant: VeriSign, Inc.Inventor: Phillip Martin HALLAM-BAKER
-
Patent number: 8103732Abstract: A method for controlling a message from a sender. A referee can evaluate a credential associated with a message to determine ifs desirability to the intended recipient, and take an action based upon the results of the determination. A sender that includes a trusted component can send a credential with the message, and the message can be controlled without a referee.Type: GrantFiled: January 22, 2010Date of Patent: January 24, 2012Assignee: Verisign, Inc.Inventor: Phillip Martin Hallam-Baker
-
Publication number: 20120017098Abstract: A computer memory with cryptographic content authentication that provides a means of verifying that the contents of the memory are those intended. Said authentication code may be calculated directly from some or all of the contents of the stored memory or indirectly with respect to a trust statement used to establish the validity of a digital signature calculated over some or all of the contents of the stored memory.Type: ApplicationFiled: July 5, 2011Publication date: January 19, 2012Inventor: Phillip Martin Hallam-Baker
-
Publication number: 20120008784Abstract: A cryptographic key exchange protocol that enables a device that does not have the capability to perform public key operations to securely establish a shared key with a host device without any information disclosing the key being revealed to the delegate key service.Type: ApplicationFiled: June 22, 2011Publication date: January 12, 2012Inventor: Phillip Martin Hallam-Baker
-
Publication number: 20100306836Abstract: A method for controlling a message from a sender. A referee can evaluate a credential associated with a message to determine ifs desirability to the intended recipient, and take an action based upon the results of the determination. A sender that includes a trusted component can send a credential with the message, and the message can be controlled without a referee.Type: ApplicationFiled: January 22, 2010Publication date: December 2, 2010Applicant: VeriSign, Inc.Inventor: Phillip Martin Hallam-Baker
-
Publication number: 20100100946Abstract: A system and method for authenticating an application (client) to a server or service. During a registration phase, an application that requests access to a service can receive a service identifier, which it can authenticate. The application can generate and send to the server or service an application-service key that is based upon the authenticated service identifier and a secret application key; a service-application identifier that can be based upon the authenticated service identifier and an application identifier; and a registration nonce, all of which can be stored at the server. During the authentication phase, the client can send to the server the application-service identifier, which the server can use to lookup the stored registration data. The server can send the registration nonce to the client, which can compute a proof of possession of the service-application key and send to the server. The server can compute its own version of this key and compare it to the received key.Type: ApplicationFiled: September 17, 2009Publication date: April 22, 2010Applicant: VeriSign, Inc.Inventor: Phillip Martin Hallam-Baker
-
Patent number: 7676546Abstract: A method for controlling a message from a sender. A referee can evaluate a credential associated with a message to determine it's desirability to the intended recipient, and take an action based upon the results of the determination. A sender that includes a trusted component can send a credential with the message, and the message can be controlled without a referee.Type: GrantFiled: March 25, 2003Date of Patent: March 9, 2010Assignee: VeriSign, Inc.Inventor: Phillip Martin Hallam-Baker
-
Publication number: 20070250704Abstract: A privacy enhanced identity scheme that may use public and private key cryptography to selectively distribute attributes of a token holder to a relying party. A challenge message {Rnonce, RID}, where Rnonce is a reader nonce and RID is a reader identifier. Methods may also include, responsive to the challenge message, sending a response message including at least an encrypted private token identifier TID and a session key k. In response to a challenge from a reader. The token sends a message that includes token identifier that is un-linkable to other identifiers sent from the same token.Type: ApplicationFiled: February 2, 2007Publication date: October 25, 2007Inventor: Phillip Martin Hallam-Baker
-
Publication number: 20040205135Abstract: A method for controlling a message from a sender. A referee can evaluate a credential associated with a message to determine it's desirability to the intended recipient, and take an action based upon the results of the determination. A sender that includes a trusted component can send a credential with the message, and the message can be controlled without a referee.Type: ApplicationFiled: March 25, 2003Publication date: October 14, 2004Inventor: Phillip Martin Hallam-Baker