Rekeying System Patents (Class 380/273)
-
Patent number: 11968299Abstract: Certain aspects relate to encryption systems and methods for medical devices. A medical device can include a connectivity module for establishing a communication channel with a cloud system. After obtaining a test result, the device can generate an unencrypted data block comprising a device identifier and an encrypted data block comprising a serial number of the device and the test result using an encryption key associated with the device identifier. The device can securely send the test result to the cloud system by transmitting the unencrypted data block and the encrypted data block to the cloud system via the communication channel.Type: GrantFiled: November 28, 2022Date of Patent: April 23, 2024Assignee: BECTON, DICKINSON AND COMPANYInventors: Strett Roger Nicolson, Larry Greenspan, Michael Fenske, Paul Fieni, Mark Larsen
-
Patent number: 11889302Abstract: The presence of a wireless device and/or accessory that cannot maintain an independent network connection can be detected by network connected wireless devices and the location of the detected device and/or accessory can be reported to a device location service. As the wireless devices and/or accessories do not have independent network connections, periodic maintenance is performed on those devices by nearby owner devices to which the wireless devices and/or accessories are paired or associated. Described herein are systems, methods, and associated devices to maintain a locatable wireless device by a set of multiple owner devices for that wireless device.Type: GrantFiled: February 5, 2021Date of Patent: January 30, 2024Assignee: Apple Inc.Inventors: Kenneth U. Victa, Benjamin A. Detwiler, Nikhil Nilakantan, Todd Wheeler, Robert W. Mayor, Brent M. Ledvina, E. Thomas Erdmann, IV, Sriram Hariharan
-
Patent number: 11842328Abstract: A token management computing system for provisioning a payment token to a token storage device for a payment transaction is provided. The token management computing system includes a user computing device in communication with the token storage device and a token management server that includes at least one processor communicatively coupled to a memory device. The at least one processor is programmed to (i) receive, from the user computing device, a token request for a payment token, the request including a payment account number (PAN) selected from a digital wallet stored on the user computing device, and at least one token control, (ii) store token information including the PAN and the at least one token control, (iii) generate a single-use payment token, (iv) transmit the token to the user computing device, and (v) instruct the user computing device to transfer the token to the token storage device.Type: GrantFiled: October 24, 2019Date of Patent: December 12, 2023Assignee: MASTERCARD INTERNATIONAL INCORPORATEDInventors: Shawn Mehrhoff, Christopher T. Scholl
-
Patent number: 11805415Abstract: In embodiments of the present disclosure, there is provided a method for authenticating an access point. In the method, a request for joining a network is received from an access point. A neighbor authentication notification is transmitted to the access point for obtaining an authentication code from a neighbor access point that is connected in the network in accordance with a determination that the access point is verified. The authentication code that is generated by the neighbor access point is received from the access point. The access point is accepted to join the network in accordance with a determination that the authentication code is valid. Embodiments of the present disclosure present a safe and effective way for authenticating the access point that is requesting to join the network, which provides enhanced authentication and increases the security level of the network.Type: GrantFiled: October 29, 2020Date of Patent: October 31, 2023Assignee: Hewlett Packard Enterprise Development LPInventors: Guangzhi Ran, Qiang Zhou, Jianpo Han
-
Patent number: 11783089Abstract: A system includes a security device, configured for cryptographic processing, coupled to receive incoming data from a plurality of data sources (e.g., data from different customers), wherein the incoming data includes first data from a first data source; a controller (e.g., an external key manager) configured to select a first set of keys from a plurality of key sets, each of the key sets corresponding to one of the plurality of data sources, wherein the first set of keys is used by the security device to encrypt the first data; and a common encrypted data storage, coupled to receive the encrypted first data from the security device.Type: GrantFiled: December 16, 2020Date of Patent: October 10, 2023Assignee: SECTURION SYSTEMS, INC.Inventor: Richard J. Takahashi
-
Patent number: 11765137Abstract: The present invention makes it possible to improve confidentiality. A communication terminal stores a session key shared with other communication terminals (S3). The communication terminal makes a pair of an index generated by using the session key for a character string relating to a message and a message identifier, and transmits it to a server apparatus (S4). The server apparatus stores the pair of the index and the message identifier (S5). The communication terminal generates, when the session key is updated, a re-encryption key with a session key before update and a session key after update (S8). The server apparatus updates, by using the re-encryption key, the stored index to an index generated by using the session key after update (S9). The communication terminal encrypts a search keyword with the session key to generate a search query (S10). The server apparatus extracts a message identifier of which the index matches the search query (S11).Type: GrantFiled: December 6, 2017Date of Patent: September 19, 2023Assignee: NIPPON TELEGRAPH AND TELEPHONE CORPORATIONInventors: Yuki Okano, Reo Yoshida, Tetsutaro Kobayashi
-
Patent number: 11736938Abstract: The presence of a wireless device and/or accessory that cannot maintain an independent network connection can be detected by network connected wireless devices and the location of the detected device and/or accessory can be reported to a device location service. As the wireless devices and/or accessories do not have independent network connections, periodic maintenance is performed on those devices by nearby owner devices to which the wireless devices and/or accessories are paired or associated. Described herein are systems, methods, and associated devices to maintain a locatable wireless device by a set of multiple owner devices for that wireless device.Type: GrantFiled: February 5, 2021Date of Patent: August 22, 2023Assignee: Apple Inc.Inventors: Kenneth U. Victa, Benjamin A. Detwiler, Nikhil Nilakantan, Todd Wheeler, Robert W. Mayor, Brent M. Ledvina, E. Thomas Erdmann, IV, Sriram Hariharan
-
Patent number: 11711736Abstract: A UE (10) provides information on potential S?eNB(s). The information is forwarded from an MeNB (20_1) to an M?eNB (20_2) such that the M?eNB (20_2) can determine, before the handover happens, whether the M?eNB (20_2) will configure a new SeNB (S?eNB) and which S?eNB the M?eNB (20_2) will configure. In one of options, the MeNB (20_1) derives a key S?-KeNB for communication protection between the UE (10) and the S?eNB (30_1), and send the S?-KeNB to the M?eNB (20_2). In another option, the M?eNB (20_2) derives the S?-KeNB from a key KeNB* received from the MeNB (20_1). The M?eNB (20_2) sends the S?-KeNB to the S?eNB (30_1). Moreover, there are also provided several variations to perform SeNB Release, SeNB Addition, Bearer Modification and the like, in which the order and/or timing thereof can be different during the handover procedure.Type: GrantFiled: January 5, 2022Date of Patent: July 25, 2023Assignee: NEC CORPORATIONInventors: Xiaowei Zhang, Anand Raghawa Prasad
-
Patent number: 11637699Abstract: There is provided a technique of establishing encryption keys for communication between 1st peer and 2nd peer via a data path. The technique comprises: by each peer, using input keying material to independently generate equivalent pairs of peer encryption keys (PEKs), verifying equivalence of the generated PEK pairs, and using by 1st peer and 2nd peer the verified PEK pairs to become in possession of equivalent pairs of session encryption keys (SEKs). Verifying comprises: generating by 1st peer a first handshake (HS) message encrypted by PEK Tx1 and sending the first HS message to the 2nd peer via the data path; decrypting by the 2nd peer the first HS message using the PEK Rx2, generating a second HS message encrypted by PEK Tx2, and sending the second HS message to the 1st peer via the data path; and decrypting the second HS message by the 1st peer using PEK Rx1.Type: GrantFiled: July 20, 2021Date of Patent: April 25, 2023Assignee: ADVA Optical Networking SEInventors: Andrew Sergeev, Joo Yeon Cho
-
Patent number: 11616768Abstract: A method and apparatus for handling security keys for individual bearers of the user equipment include dividing between a plurality of different sub-groups, a plurality of individual bearers, each sub-group having a different base value from which the security keys for the associated bearers are derived. When the security keys associated with the individual bearers of one particular sub-group are refreshed, the security keys of the individual bearers, which are not a part of the particular sub-group do not need to be refreshed.Type: GrantFiled: June 23, 2018Date of Patent: March 28, 2023Assignee: Motorola Mobility LLCInventors: Prateek Basu Mallick, Andreas Kunz, Joachim Löhr, Ravi Kuchibhotla
-
Patent number: 11595204Abstract: Techniques for adaptive re-keying of encrypted data are provided. For example, a method comprises the following steps. Utilization information associated with a storage system is obtained, wherein the storage system comprises a set of storage devices. The method dynamically selects a re-keying process from a plurality of different re-keying processes based on at least a portion of the obtained utilization information. At least a portion of the set of storage devices are re-keyed in accordance with the selected re-keying process.Type: GrantFiled: June 4, 2019Date of Patent: February 28, 2023Assignee: EMC IP Holding Company LLCInventors: Xuan Tang, Marion Meirlaen
-
Patent number: 11436344Abstract: Secure encryption in a deduplication cluster, including: initiating, by a node among a cluster of nodes, a leadership transition that includes transmitting an updated secret key identifier to each of the cluster of nodes; receiving, at the node, an alternative secret key identifier that is different from both a current secret key identifier and from the updated secret key identifier; updating, based at least in part on a resolution policy, the current secret key identifier to be the updated secret key identifier instead of the alternative secret key identifier; and transitioning, based at least in part on the updated secret key identifier being selected to be the current secret key identifier, the node to be a leader node of the cluster of nodes.Type: GrantFiled: January 13, 2020Date of Patent: September 6, 2022Assignee: Pure Storage, Inc.Inventors: Ian Juch, Tyler Power
-
Patent number: 11416625Abstract: Systems and methods for protecting cryptographic keys stored in a non-volatile memory. An example method may comprise: storing a device root key in a non-volatile memory; storing a volatile key in a volatile memory; storing a masked cryptographic key in the non-volatile memory, wherein the masked cryptographic key is produced by combining a cryptographic key and the device root key; storing a masked device root key in the non-volatile memory, wherein the masked root key is produced by combining the device root key and the volatile key; and erasing the device root key from the non-volatile memory.Type: GrantFiled: January 30, 2019Date of Patent: August 16, 2022Assignee: CRYPTOGRAPHY RESEARCH, INC.Inventors: Mark Evan Marson, Michael A. Hamburg
-
Patent number: 11284317Abstract: A UE (10) provides information on potential S?eNB(s). The information is forwarded from an MeNB (20_1) to an M?eNB (20_2) such that the M?eNB (20_2) can determine, before the handover happens, whether the M?eNB (20_2) will configure a new SeNB (S?eNB) and which S?eNB the M?eNB (20_2) will configure. In one of options, the MeNB (20_1) derives a key S?-KeNB for communication protection between the UE (10) and the S?eNB (30_1), and send the S?-KeNB to the M?eNB (20_2). In another option, the M?eNB (20_2) derives the S?-KeNB from a key KeNB* received from the MeNB (20_1). The M?eNB (20_2) sends the S?-KeNB to the S?eNB (30_1). Moreover, there are also provided several variations to perform SeNB Release, SeNB Addition, Bearer Modification and the like, in which the order and/or timing thereof can be different during the handover procedure.Type: GrantFiled: April 18, 2019Date of Patent: March 22, 2022Assignee: NEC CORPORATIONInventors: Xiaowei Zhang, Anand Raghawa Prasad
-
Patent number: 11275911Abstract: A tag adapted to be applied to an object is disclosed. The tag includes a wireless communication interface, a processor and a memory. A univocal code, a cipher key and a count value are store in the memory. The tag generates a dynamic code as a function of the cipher key and the count value. Next, the tag varies the count value according to a determined operation, and stores the varied count value in the memory. The tag transmits the univocal code and the dynamic code to a reader device. The tag may transmit the univocal code and the dynamic code in a URL.Type: GrantFiled: January 28, 2020Date of Patent: March 15, 2022Assignee: STMICROELECTRONICS S.r.l.Inventors: Carlo Cimino, Marco Alfarano
-
Patent number: 11210406Abstract: Systems and methods for encrypting system level data structures are described. A storage system may include a storage drive and at least one controller for the storage drive. In some embodiments, the at least one controller may be configured to identify user data assigned to be stored on the storage drive, encrypt the user data, identify a system data structure generated in relation to the user data, and encrypt the system data structure. In some cases, the data structure may include at least one of metadata, system data, and data encapsulation relative to the user data. In some embodiments, the user data and the data structure may be encrypted with one or more encryption keys programmed on the storage drive.Type: GrantFiled: July 15, 2016Date of Patent: December 28, 2021Assignee: SEAGATE TECHNOLOGY LLCInventors: Robert W. Moss, Stacey Secatch, Kristofer C. Conklin, Dana L. Simonson
-
Patent number: 11126356Abstract: In some aspects, an apparatus for encoding data for transmission by a transmitter device to a receiver device having an initial common cryptographic key with the apparatus comprises a memory device and a hardware processor. The memory device is configured to store a plurality of parameters associated with a plurality of cryptographic protocols, the plurality of parameters comprising the initial common cryptographic key. The hardware processor is configured to generate a frame comprising a plurality of fields defining instructions related to a first cryptographic scheme, a first cipher directive, a first cryptographic key operation, and/or a first cryptographic key length, that are derived from the plurality of parameters for use in a subsequent communication session with the receiver device.Type: GrantFiled: September 12, 2019Date of Patent: September 21, 2021Assignee: SeaPort, Inc.Inventor: William F. Van Duyne
-
Patent number: 11113259Abstract: Method and system for analyzing unstructured data for compliance enforcement is disclosed. The system provides a comprehensive compliance enforcement platform, which enables purpose based data processing in an enterprise to support automatic discovery of purposes and linking between data fields and purposes. The system creates a single view of data associated with the data subject for enforcing the data subject's right for data protection and privacy. The system supports database like transactions for unstructured data over web and ensures Atomicity, Consistency, Isolation and Durability (ACID) properties of these transactions. Thus, the system creates a uniform data layer or a web view for data residing in the unstructured and semi-structured data, spread across the enterprise. The transactions on the unstructured data include READ operation, UPDATE operation, and DELETE operation using hypertext transfer protocol (http) over the unstructured data.Type: GrantFiled: August 1, 2018Date of Patent: September 7, 2021Assignee: Tata Consultancy Services LimitedInventors: Kumar Mansukhlal Vidhani, Vijayanand Mahadeo Banahatti, Sachin Premsukh Lodha, Gangadhara Reddy Sirigireddy, Govind Vitthal Waghmare, Nikhil Pradeep Sambhus, Rekha Chandrakant Pathak, Payal Ashok Lathi, Kalyani Mashiwal, Shefali Soni, Vidyadhar Rao, Rosni Kottekulam Vasu
-
Patent number: 11102651Abstract: The embodiments of the present disclosure disclose a method for data transmission, comprising: authenticating, by a target node in a battery management system, a source node in response to a request for data transmission from the source node; selecting, by the target node, any two prime numbers from a pre-stored set of prime numbers if the authentication is passed, generating a public key and a private key according to the two prime numbers, and transmitting the public key to the source node; performing, by the source node, a first encryption byte-by-byte for source data to be transmitted using the public key, performing a second encryption for the first encrypted data using a first encryption algorithm stored by the source node itself, and transmitting the second encrypted data to the target node.Type: GrantFiled: August 29, 2019Date of Patent: August 24, 2021Assignee: Contemporary Amperex Technology Co., LimitedInventors: Wenbin Lu, Zhimin Dan, Yizhen Hou, Wei Zhang, Jia Xu, Jiechao Luo, Teng Yu
-
Patent number: 11082218Abstract: A module with an embedded universal integrated circuit card (eUICC) can include a received eUICC profile and a set of cryptographic algorithms. The received eUICC profile can include an initial shared secret key for authentication with a wireless network. The module can receive a key K network token and send a key K module token to the wireless network. The module can use the key K network token, a derived module private key, and a key derivation function to derive a secret shared network key K that supports communication with the wireless network. The wireless network can use the received key K module token, a network private key, and the key derivation function in order to derive the same secret shared network key K derived by the module. The module and the wireless network can subsequently use the mutually derived key K to communicate using traditional wireless network standards.Type: GrantFiled: May 20, 2020Date of Patent: August 3, 2021Assignee: Network-1 Technologies, Inc.Inventor: John A. Nix
-
Patent number: 11082410Abstract: Implementations of this specification provide data transceiving operations and devices. An example method performed by a network interface controller (NIC) includes receiving to-be-sent data from a host; sending the to-be-sent data to a first data processing module that is outside of the NIC; receiving first processing result data from the first data processing module; using a network interface of the NIC to send the first processing result data to a data receiver; receiving to-be-received data from a data sender; sending the to-be-received data to a second data processing module that is outside of the NIC; receiving second processing result data from the second data processing module; and using a host interface of the NIC to send the second processing result data to the host.Type: GrantFiled: March 13, 2020Date of Patent: August 3, 2021Assignee: Advanced New Technologies Co., Ltd.Inventor: Lin Cao
-
Patent number: 11063980Abstract: Examples described herein relate to systems and methods for integrating and implementing ad hoc groups within a policy hierarchy environment. The ad hoc groups may implement particular guidelines for group membership, policy evaluations, and group actions. Systems and methods provide a framework for creating groups, removing groups, and associating groups, nodes, clients, and users with groups and policy.Type: GrantFiled: February 22, 2017Date of Patent: July 13, 2021Assignee: Fornetix LLCInventors: Stephen Edwards, Gerald J. Stueve, Gary C. Gardner, Charles White
-
Patent number: 11054999Abstract: In some aspects, an apparatus for encoding data for transmission to a receiver device having an initial common cryptographic key with the apparatus comprises a memory device and a hardware processor. The memory device is configured to store a plurality of parameters associated with a plurality of cryptographic protocols, the plurality of parameters comprising the initial common cryptographic key. The hardware processor is configured to generate a frame comprising a plurality of fields defining instructions related to one or more of a first cryptographic scheme, a first cryptographic key operation, and a first cryptographic key length that are derived from the plurality of parameters for use in a subsequent communication session with the receiver device.Type: GrantFiled: September 12, 2019Date of Patent: July 6, 2021Assignee: SeaPort, Inc.Inventor: William F. Van Duyne
-
Patent number: 11032694Abstract: Methods and systems for providing optimized communications links between at least two network nodes. Configuration data may be generated and exchanged between the two network nodes. Based on the configuration data, at least one signaling channel may be created by one of the two network nodes, via one of the available network interfaces between the two network nodes, and at least one data channel may be created, via one of the available network interfaces. The data channel may then be changed from one available network interface to another available network interface, based on monitoring of the plurality of available network interfaces and assessment of at least one performance related parameter of the available network interfaces.Type: GrantFiled: April 12, 2016Date of Patent: June 8, 2021Inventors: Marc Danzeisen, Michael Schaedler, Daniel Rodellar
-
Patent number: 10951405Abstract: Examples disclosed herein relate to encryption of community-based security information. Some examples may enable authorizing a user of a community to access an encrypted data item (e.g., at least an encrypted portion of community-based security information of that community) using a decryption key. The community may be generated on a security information sharing platform based on a set of community attributes. The decryption key may comprise a private key corresponding to each user attribute of a set of user attributes that are associated with the authorized user where the set of user attributes satisfy the set of community attributes.Type: GrantFiled: January 29, 2016Date of Patent: March 16, 2021Assignee: MICRO FOCUS LLCInventors: Terence Spies, Tomas Sander, Susan K. Langford
-
Patent number: 10952149Abstract: The present method and electronic device are adapted for secured commissioning. A generic password is stored in memory of the electronic device, and a transmission power of the electronic device is set to a reduced transmission power. The electronic device receives a commissioning request including the generic password and a specific password. The generic password is replaced in the memory of the electronic device by the specific password, and the transmission power of the electronic device is increased to full transmission power.Type: GrantFiled: June 11, 2019Date of Patent: March 16, 2021Assignee: DISTECH CONTROLS INC.Inventors: Dominic Gagnon, Xavier Rousseau
-
Patent number: 10938574Abstract: This disclosure describes techniques for authenticating text documents that can include a cryptographic font script. The text documents can be generated using a text editor application that can generate a machine-readable code or a unique document identification (ID) that can include a metadata component having various authentication data and that can cryptographically sign the documents. The signature on the document can be used to verify the data and identity of the signer. Each such transaction is referenced in a blockchain to construe a public ledger representing the ownership of the text documents from the full record of transactions in the blockchain.Type: GrantFiled: November 26, 2018Date of Patent: March 2, 2021Assignee: T-Mobile USA, Inc.Inventors: Aaron Drake, Lee Miller London
-
Patent number: 10931715Abstract: This disclosure provides for a network element (in the middle) to inject enrichments into SSL connections, and for taking them out. This network element is sometimes referred to herein as a “middle box.” In the context of layered software architecture, this solution preferably is implemented by a library that operates below the SSL layer and above the TCP sockets layer at the two endpoints of the SSL connection. Preferably, the SSL enrichments are implemented as SSL/TLS records.Type: GrantFiled: September 23, 2019Date of Patent: February 23, 2021Assignee: Akamai Technologies, Inc.Inventor: Mangesh Kasbekar
-
Patent number: 10924274Abstract: A network device may determine that network traffic for a communication session between a first peer device and a second peer device is to be protected using a security protocol suite. The network device may establish, using one or more tunnels, multiple security associations that are to be used to securely provide the network traffic of the communication session over an unsecured medium. The network device may determine a rekey scheduling time for each security association, of the multiple security associations, based on a combination of configuration information and dynamic network device information. The network device may perform, at each rekey scheduling time, a rekeying procedure to rekey each security association of the multiple security associations.Type: GrantFiled: February 13, 2018Date of Patent: February 16, 2021Assignee: Junioer Networks, Inc.Inventors: Shibu Piriyath, Vinay Gudur
-
Patent number: 10904014Abstract: The claimed invention is a method for encryption synchronization and user authentication, which allows a user to set up an encrypted mark created by using an encryption algorithm and a user-provided encryption key. The method does not leave any information that would be used by internal staff or an authentication service provider to acquire user account credentials, and thus preventing hackers from acquiring such information to be used to gain unauthorized access to stored user data.Type: GrantFiled: September 17, 2016Date of Patent: January 26, 2021Inventor: Jianqing Wu
-
Patent number: 10877716Abstract: A wireless peripheral mode is provided by a host system that communicates to a WiFi infrastructure and, utilizing the same WiFi RF subsystem, also communicates to peripherals. The host system may employ additional RF channels for communicating with high bandwidth peripherals, such as display devices, where high levels of QoS may be managed locally. The host system may be a conventional desktop computer system, a notebook computer system, a multi-media access point, a cell phone, a game machine, a portable game machine, a Personal Digital Assistant (PDA), a smart phone or any other type of device that benefits from accessing both a WiFi infrastructure and local peripherals.Type: GrantFiled: October 7, 2019Date of Patent: December 29, 2020Assignee: III Holdings 1, LLCInventor: Neal David Margulis
-
Patent number: 10878848Abstract: A technique to manage members of a group of decoders having access to broadcast data, each group member sharing a common broadcast encryption scheme (BES) comprising the steps of, in a stage for a decoder to become a group member, receiving keys pertaining to the position in the group according to the BES, receiving a current group access data comprising a current group access key, and in a stage of accessing broadcast data, using the current group access data to access the broadcast data, and in a stage of renewing the current group access key, sending a first group message comprising at lease a next group access key encrypted so that only non-revoked decoders can access it, said group message being further encrypted by the current group access key, updating the current group access key with the next group access key.Type: GrantFiled: July 6, 2017Date of Patent: December 29, 2020Assignee: NAGRAVISION S.A.Inventors: Guy Moreillon, Alexandre Karlov
-
Patent number: 10873569Abstract: A communication device of handling data transmission comprises instructions of configuring a first bearer and a second bearer according to at least one bearer configuration received from a network; encrypting a first packet of a first flow into a first encrypted packet according to an encryption key and a first bearer identity of the first bearer; receiving a second packet of the first flow from the network via the second bearer, before transmitting the first encrypted packet to the network successfully; transmitting the first encrypted packet to the network via the first bearer, after receiving the second packet; encrypting a third packet of the first flow into a second encrypted packet according to the encryption key and a second bearer identity of the second bearer in response to the second packet; and transmitting the second encrypted packet to the network via the second bearer.Type: GrantFiled: September 23, 2019Date of Patent: December 22, 2020Assignee: HTC CorporationInventor: Chih-Hsiang Wu
-
Patent number: 10855463Abstract: Methods and systems for providing quality of service to an information handling system may involve generating a new transport encryption key for a management controller group, notifying nodes in the management controller group to negotiate for the new transport encryption key, and encrypting a first message to be sent to a first node in the management controller group using a current transport encryption key. The new transport encryption key for encrypted communications in the management controller group and to replace a current transport encryption key. The first message encrypted after notifying the nodes in the management controller group to negotiate for the new transport encryption key. The nodes of the management controller group including the first node.Type: GrantFiled: February 8, 2018Date of Patent: December 1, 2020Assignee: Dell Products L.P.Inventors: Yee Ja, Marshal F. Savage, Cyril Jose
-
Patent number: 10856145Abstract: Authentication problems often occur when a user of a terminal visits a communications network while roaming. A method is therefore provided for authorizing an authenticated user of a communications terminal. The terminal is configured to connect to a packet-switching network via an access gateway over a current network to which the terminal is connected. The method is implemented by a current authentication server over the current network and includes: receipt of a user authorization request from the access gateway, including an identifier of the user; transmission of a user authorization response to the access gateway, including parameters for authorizing the user, and a unique identifier of an authentication server that authenticated the user.Type: GrantFiled: August 2, 2016Date of Patent: December 1, 2020Assignee: ORANGEInventors: Marc Varon, Lionel Morand, Julien Bournelle
-
Patent number: 10819524Abstract: Systems, methods, and devices of the various embodiments provide for header extension preservation, security, authentication, and/or protocol translation for Multipath Real-Time Transport Protocol (MPRTP). Various embodiments include methods that may be implemented in a processor of a computing device for MPRTP transmission of Real-Time Transport Protocol (RTP) packets. Various embodiments may include receiving an RTP packet in which the received RTP packet may be part of an RTP stream that may be protected using secure RTP (SRTP), and applying an authentication signature to the RTP packet to authenticate an MPRTP header extension separate from a body of the RTP packet. Various embodiments may include sending and/or receiving MPRTP subflows of an MPRTP session in which a same security context may be applied across all MPRTP subflows of the MPRTP session.Type: GrantFiled: August 29, 2017Date of Patent: October 27, 2020Assignee: QUALCOMM IncorporatedInventors: Ralph Akram Gholmieh, Sivaramakrishna Veerepalli, Min Wang, Long Duan, Mukesh Kumar Mittal, Arnaud Meylan
-
Patent number: 10778429Abstract: Fault-tolerant storage of cryptographic information maintained on a fleet of HSMs may be provided by dividing the cryptographic information into a number of stripes which are distributed and stored on individual HSMs in the HSM fleet. Parity information is generated which allows one or more stripes to be regenerated if one or more stripes becomes corrupt or is lost. The parity information may be stored on an HSM in the HSM fleet, or outside the fleet on a storage service, HSM management hub, tangible computer-readable media, or other device. If an HSM in the HSM fleet fails, resulting in the loss of a stripe, an HSM in the fleet can recover the missing stripe by re-creating the missing stripe from the remaining stripes combined with the parity information. In some examples, stripes are mirrored within the fleet of HSMs.Type: GrantFiled: December 3, 2015Date of Patent: September 15, 2020Assignee: Amazon Technologies, Inc.Inventors: Gregory Alan Rubin, Benjamin Philip Grubin
-
Patent number: 10771460Abstract: A method. At least some embodiments are a method including detecting docking of a mobile computer system to a docking device. In response to detecting the docking, the method further includes connecting an external data communication network to a bridge logic device in the mobile computer system via the docking device, and uploading, via the external data communication network, first data to a non-volatile random access memory coupled to the bridge logic device in the mobile computer system. The method further includes uploading, via the external data communication network, second data to the non-volatile random access memory coupled to the bridge logic device in the mobile computer system, the second data comprising programming instructions for execution on a computer system external to the mobile computer system.Type: GrantFiled: July 31, 2017Date of Patent: September 8, 2020Assignee: Elbit Systems of America, LLCInventors: Robert A. Woodward, Daniel M. Herring, Andrew W. Hull
-
Patent number: 10733300Abstract: A Basic Input/Output System (BIOS)/Unified Extensible Firmware Interface (UEFI) on a Self-Service Terminal (SST) processes during a boot of the SST. When a new hard disk is detected as being present and an identifier for the new hard disk is missing from a whitelist, a signed hard disk identifier is verified from storage on the new hard disk. If the signed hard disk identifier is verified: the new hard disk is authenticated, the whitelist is updated to include the new hard disk identifier, a unique identifier for BIOS/UEFI and the new hard disk identifier are written to the storage of the new hard disk, and the boot process is permitted to continue for the SST.Type: GrantFiled: October 24, 2017Date of Patent: August 4, 2020Assignee: NCR CorporationInventor: Brian Steven Wotherspoon
-
Patent number: 10700856Abstract: A module with an embedded universal integrated circuit card (eUICC) can include a received eUICC profile and a set of cryptographic algorithms. The received eUICC profile can include an initial shared secret key for authentication with a wireless network. The module can receive a key K network token and send a key K module token to the wireless network. The module can use the key K network token, a derived module private key, and a key derivation function to derive a secret shared network key K that supports communication with the wireless network. The wireless network can use the received key K module token, a network private key, and the key derivation function in order to derive the same secret shared network key K derived by the module. The module and the wireless network can subsequently use the mutually derived key K to communicate using traditional wireless network standards.Type: GrantFiled: November 27, 2018Date of Patent: June 30, 2020Assignee: Network-1 Technologies, Inc.Inventor: John A. Nix
-
Patent number: 10674359Abstract: A method by which a first vehicle authenticates a second vehicle using a plurality of communication schemes and a vehicle capable of performing the method are disclosed.Type: GrantFiled: October 16, 2017Date of Patent: June 2, 2020Assignee: Samsung Electronics Co., Ltd.Inventors: Seong-won Han, Woo-jin Park, Dae-hyun Ban, Sang-soon Lim
-
Patent number: 10652021Abstract: The present disclosure relates to secure communication over a cellular network between a mobile terminal 30 and a network entity 40 via a node of a cellular network, wherein a Home Public Land Mobile Network, PLMN, of the mobile terminal generates a ciphering key, CK, and/or an integrity key, IK, for authentication of the mobile terminal and wherein performance of an Authentication and Key Agreement, AKA, procedure between the mobile terminal and the node of the cellular network permits the mobile terminal to determine CK and/or IK. In particular, there is provided the method comprising applying a special key to allow communication of user-plane data between the mobile terminal and the network entity in a trusted manner, wherein the special key is generated from the CK and/or IK but is different from the CK and IK.Type: GrantFiled: April 13, 2016Date of Patent: May 12, 2020Assignee: VODAFONE IP LICENSING LIMITEDInventor: Aguibou Mountaga Barry
-
Patent number: 10642600Abstract: A method and system for securing a cloud application are provided. The method includes receiving a webpage sent to a client device from at least one cloud application; injecting a piece of code into the webpage, wherein the piece of code maintains an encryption key in a document object model (DOM) of the webpage, wherein the piece of code allows encryption of any text field in the webpage when executed by the client device; intercepting at least one encrypted text field inserted into the DOM; and modifying the DOM by decrypting each of the intercepted at least one encrypted text field and inserting each decrypted text field into the DOM.Type: GrantFiled: May 1, 2019Date of Patent: May 5, 2020Assignee: Microsoft Technology Licensing, LLC.Inventors: Gregory Vishnepolsky, Liran Moysi
-
Patent number: 10623178Abstract: Methods and systems for secure messaging may involve receiving an encrypted message from a node, decrypting the message using a default key, sending a message, rotating a group key, and distributing a key rotation message. The message received may be to discover a master of a group. The message sent may welcome the node into the group as a member. The welcome message may be encrypted with the default key and may include information to determine the group key. The group key may be rotated based on an expiration of a group key rotation window. The group key may become a prior group key and the rotated group key may be a current group key. The key rotation message may be encrypted with one of the default key or the prior group key and may include information to determine the current group key.Type: GrantFiled: July 15, 2016Date of Patent: April 14, 2020Assignee: Dell Products L.P.Inventors: Marshal F. Savage, Cyril Jose
-
Patent number: 10606738Abstract: A blockchain test configuration may provide a simple and secure infrastructure for testing applications. One example method of operation may comprise one or more of transmitting a request to a network of nodes to test a test package associated with an application. The method may also include receiving results based on the test of the test package and recording the results in a blockchain.Type: GrantFiled: February 5, 2018Date of Patent: March 31, 2020Assignee: International Business Machines CorporationInventors: Vijay Kumar Ananthapur Bache, Jhilam Bera, Arvind Kumar, Bidhu Sahoo
-
Patent number: 10609561Abstract: A method performed by a network node (106) of a serving public land mobile network, PLMN, (112) associated with a user equipment, UE, (102) comprising: obtaining a secret identifier (110) that uniquely identifies the UE, wherein the secret identifier is a secret that is shared between the UE and at least a home PLMN of the UE and that is shared by the home PLMN with the network node; and performing an operation (108) related to the UE using the secret identifier. Other methods, computer programs, computer program products, network nodes and a serving PLMN are also disclosed.Type: GrantFiled: July 12, 2017Date of Patent: March 31, 2020Assignee: Telefonaktiebolaget LM Ericsson (publ)Inventors: Prajwol Kumar Nakarmi, Noamen Ben Henda, Christine Jost, Vesa Torvinen
-
Patent number: 10592679Abstract: Representative embodiments set forth herein disclose techniques for modifying encryption classes of files. According to some embodiments, a technique can include receiving a request to update an encryption configuration of a file from a current encryption class to an updated encryption class. In response, the technique involves obtaining (i) a first class key associated with the current encryption class, and (ii) a second class key associated with the updated encryption class. Next, the technique involves identifying file extents of the file, where each file extent is encrypted by a respective extent key that is encrypted by the first class key. Finally, the technique involves, for each file extent of the file: (i) decrypting the respective extent key using the first class key to produce a decrypted respective extent key, and (ii) encrypting the decrypted respective extent key using the second class key to produce an updated respective extent key.Type: GrantFiled: September 23, 2016Date of Patent: March 17, 2020Assignee: Apple Inc.Inventors: Eric B. Tamura, Kelly B. Yancey
-
Patent number: 10565074Abstract: A computing device configured to identify portions of a computing job that are assigned to the computing device, if any, based on identification information of the computing job and identifiers of a list of computing devices present in a computing network to process the computing job. The portions are identified by the computing device independent of other computing devices in the computing network. For example, the identification information of the computing job can be mapped by the computing device to a set of identifiers of computing devices based on a predetermined computing function. Each of the identifiers corresponds to a predetermined portion of the computing job. If one of identifiers corresponds to the identifier of the computing device, the computer device performs the predetermined portion of the computing job associated with the mapped identifier.Type: GrantFiled: April 20, 2015Date of Patent: February 18, 2020Assignee: CYNNY SPACE SRLInventor: Stefano Bargagni
-
Patent number: 10470241Abstract: Communication between drones of multiple drone meshes is disclosed. Attributes of drones can be cataloged by a network device. A portion of the drone attribute catalog can be received by a drone belonging to a drone mesh. The drone can determine, based on the portion of the drone attribute catalog, an adaptation to the drone mesh in response to a change in a status of a drone of the drone mesh. The adaptation of the drone mesh can comprise adding a drone to the drone mesh, removing drone from the drone mesh, merging the drone mesh with another drone mesh, splitting the drone mesh into a plurality of drone meshes, forming a submesh of the drone mesh, etc. Receiving the portion of the drone attribute catalog can facilitate self-organization and/or self-optimization of a drone mesh by drones comprising the drone mesh. A drone can concurrently be a member of one or more drone meshes as a result of the adaptation of the drone mesh.Type: GrantFiled: November 15, 2016Date of Patent: November 5, 2019Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.Inventors: Venson Shaw, Sangar Dowlatkhah, Zhi Cui
-
Patent number: 10452821Abstract: A method for viewing a plurality of encrypted code displayed within an integrated development environment with a pair of augmented reality (AR) glasses. A plurality of user login credentials submitted by a user utilizing the pair of AR glasses to access a plurality of encrypted code. The method may determine the user is authorized to access a portion of the plurality of encrypted code based on the received plurality of user login credentials. The method may further decrypt the portion based on determining the user is authorized to access the portion. The method may further include displaying the decrypted portion on a lens within the pair of AR glasses.Type: GrantFiled: March 30, 2016Date of Patent: October 22, 2019Assignee: International Business Machines CorporationInventors: James K. Hook, Hamish C. Hunt, Nicholas K. Lincoln