Abstract: A credential store provides for secure storage of credentials. A credential stored in the credential store is encrypted with the public key of a user owning the credential. A first user may provide a credential owned by the first user to a second user. The first user may add credentials owned by the first user to the credential store. An administrator may manage users of the credential store without having the ability to provide credentials to those users.

Abstract: In one embodiment, a method includes receiving a revocation request for revoking a model type of a device. A first computing device determines a list of device unit identifiers (UIDs) that are associated with the model type from a database. The device UIDs are for devices of the model type manufactured by a first entity. The method adds the list of device UIDs to a device revocation list and outputs the device revocation list to revoke a validity of secure information associated with devices associated with the list of device UIDs.

Abstract: In one embodiment, a system processes access decisions for individuals where the system includes a portable handheld housing for the processor, display, internal memory, and card reader of the system.

Abstract: A set of certificate management methods designed to significantly reduce or eliminate reliance on infrastructure network connectivity after vehicles are sold uses techniques to support certificate management operations in order to reduce the frequency which vehicles need to communicate with the Certificate Authorities (CAs) and the amount of data that needs to be exchanged between vehicles and the CA. These methods include, for example, approaches to use one-way communications and vehicle-to-vehicle (V2V) communications to replace expired certificates, approaches to use one-way communications and V2V communications to replace revoked certificates, and use of a small subset of vehicles as proxies to help retrieve and distribute Certificate Revocation Lists (CRLs) and replacement certificates. The combination of these techniques leads to solutions that can eliminate the need for roadside infrastructure networks completely.

Abstract: A wireless communication system includes a plurality of terminals connected to at least one wireless network on the basis of authority of security configuration parameters shared by the plurality of terminals. Each of the plurality of terminals revokes security configuration parameters of the terminal itself or security configuration parameters of another terminal in accordance with an agreement with said another terminal.

Abstract: A method and apparatus for distributing certification statements. Digital certificates are stored in a plurality of entries in a repository. Certification statements that include revocation status information for the stored digital certificates are received and stored in corresponding entries of the repository. Upon receiving a client request for a digital certificate, the digital certificate and corresponding revocation status information is sent to the client.

Abstract: An embodiment relates generally to receiving a plurality of security certificates for each user of a plurality of users and generating a random renewal period for a selected security certificate. The method also includes associating the random renewal period to the selected security certificate and providing the selected security certificate with the random renewal period to the respective user of the plurality of users.

Abstract: A system, method, and owner node for securely changing a mobile device from an old owner to a new owner, or from an old operator network to a new operator network. The old owner initiates the change of owner or operator. The old owner or operator then commands the mobile device to change a currently active first key to a second key. The second key is then transferred to the new owner or operator. The new owner or operator then commands the mobile device to change the second key to a third key for use between the mobile device and the new owner or operator. Upon completion of the change, the new owner or operator does not know the first key in use before the change, and the old owner does not know the third key in use after the change.

Abstract: A tag generation method for generating tags used in data packets in a broadcast encryption system is provided. The method includes detecting at least one revoked leaf node; setting a node identification (node ID) assigned to at least one node among nodes assigned node IDs at a layer 0 and to which the at least one revoked leaf node is subordinate, to a node path identification (NPID) of the at least one revoked leaf node at the layer 0; generating a tag list in the layer 0 by combining the NPID of each of the at least one revoked leaf nodes at the layer 0 in order of increment of node IDs of the corresponding at least one revoked leaf nodes; and generating a tag list in a lowest layer by repeatedly performing the setting and generation operation down to the lowest layer.

Abstract: According to one embodiment, an information processing apparatus includes an input to input a password, a biological authentication device including a storage unit for storing biological information and identification information, and an authentication controller. The authentication controller sets and holds identification information to be stored in the storage unit of the biological authentication device, and permits a password input using the input to be substituted by authentication using the biological authentication device when the identification information held by itself and the identification information stored in the storage unit of the biological authentication device match.

Abstract: Technologies are generally described for automatically reconnecting a security principal to cloud services through correlation of security principal identifier attributes. A new security principal for a user may be detected and automatically reconnected to the user's cloud based services. An administrator for the security domains may specify a value of a unique security principal metadata attribute for the original security principal in a customizable security principal metadata attribute in the new security principal in the same or new security domain. A secondary verification metadata attribute may optionally be specified to ensure the correct security principal is reconnected to the user's cloud based resources. The correlation between the original security principal for the user and the new security principal may be used to reconnect the user's cloud resources.

Abstract: A method and apparatus for establishing security associations between nodes of an ad hoc wireless network includes two authentication steps: an initial first contact step (authentication, authorization, and accounting (AAA)-based authentication), and a “light-weight” step that reuses key material generated during first contact. A mesh authenticator within the network provides two roles. The first role is to implement an 802.1X port access entity (PAE), derive transient keys used for encryption with a supplicant mesh point via a four-way handshake and take care of back end communications with a key distributor. The second role is as a key distributor that implements a AAA-client and derives keys used to authenticate a mesh point during first contact or fast security association. The key distributor and the on-line authentication server can communicate to one another without these messages being transported over mesh links.

Abstract: A system includes a controller and a certificate authority. The controller is configured to control a process. The certificate authority (CA) is configured to issue and to revoke certificates, wherein the controller is configured to use the CA to mutually authenticate a user to enter into a secure mode of operation.

Abstract: A computer-implemented method for generating code-specific code-signing certificates may include (1) receiving a code-signing request from a software publisher to sign code, the code-signing request including both information that uniquely identifies the code and metadata that identifies at least one characteristic of the code, (2) signing the code by generating a unique, code-specific digital certificate for the code that is valid only for the code in question and includes at least a portion of the metadata contained within the code-signing request, and then (3) providing the code-specific digital certificate to the software publisher to enable the software publisher to attest that the code originated from the software publisher and has not been altered since leaving the software publisher's possession. Various additional methods, systems, and encoded computer-readable media are also disclosed.

Abstract: There are disclosed systems and methods for reducing the number of computations performed by a computing device constructing a public key from an implicit certificate associated with a certificate authority in an implicit certificate scheme. In one embodiment, the device first operates on the implicit certificate to derive an integer e. The device then derives a pair of integers (e1, e2) from the integer e, such that each of the pair of integers (e1, e2) has a bit length less than the bit length of the integer e, and such that the ratio of the pair of integers (e1, e2) corresponds to the integer e. The device then computes the public key by combining the integers e1 and e2 with public key contribution data derived from the implicit certificate and a public key of the certificate authority.

Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for providing contextual data aided security protection. In one aspect, a method includes automatically parsing an electronic message associated with a user that includes location information, and extracting the location information from the electronic message. The location information can be added to a database (e.g., white list) associated with the user. The location information in the database can be used to authenticate the user's request for access to electronic mail.

Abstract: Access-control and information-flow integrity policies are enforced in a computing system by detecting security-sensitive sinks in software code for an application running on the computing system and retrieving an access-control policy from a database accessible to the computing system. The access-control policy maps a set of access permissions within the computing system to each one of a plurality of principals. For each detected security-sensitive sink, all principals that influence that security-sensitive sink are detected and an overall access permission is assigned to each security-sensitive sink by taking the intersection of the access permission sets for all influencing principals of that security-sensitive sink. If this permission set is inadequate, an integrity violation is reported. In addition, permission labels are assigned to each value of variables used in the security-sensitive sinks. Each permission label is a set of permissions.

Abstract: A computer-implemented method for ensuring non-repudiation of a payment request and/or other action may include a step of receiving, over a network, the payment request together with a digital certificate identifying a user having caused the payment request to be generated. The certificate may include certificate-identifying information, user-identifying information, authority information that defines and delimits the authority of the user to make the payment request. The certificate-identifying information and the user-identifying information included within the received certificate may be validated. The authority information included within the received certificate may then be validated. The payment request and/or other action is then only executed when the certificate-identifying information, the user-identifying information and the authority information within the received certificate are successfully validated.

Abstract: A method is provided for controlling multiple access to a network service to prevent fraudulent use of the network service. The method includes identifying an account access counter for an account using identification information received from a user at a first device using a network, wherein the user is requesting access to a service provided at a second device, and further wherein the account access counter is the number of service access sessions active for the account; comparing the account access counter to a maximum account access number, wherein the maximum account access number defines a maximum number of service access sessions allowed for the account; and providing the user at the first device access to the service at the second device if the account access counter is less than the maximum account access number.

Abstract: A system including a temporal key module, a nonce module, a security module, and an encryption module. The temporal key module generates a first temporal key used to encrypt a plurality of packets. The nonce module generates a nonce for each packet encrypted based on the first temporal key. Each nonce includes a packet number that is different than packet numbers associated with other nonces generated by the nonce module. The packet number is greater than N bits in length, where N is an integer greater than 40. The security module determines when the packet number included in the nonce generated by the nonce module is greater than or equal to a predetermined threshold. The encryption module encrypts more than 2(N?1) packets using the first temporal key and the nonces without reusing a value of the packet number.

Abstract: A plurality of computing devices used to access backend computing resources of an enterprise by a specific user are identified, and geo-locations of the devices at specific times are tracked. A trusted authentication is received from a specific one of the devices. Responsive to the trusted authentication, the specific device is classified as the primary node of a trusted cluster, and the current geo-location of the user is defined as the geo-location of the specific device, as of the time of the trusted authentication. Devices are assigned to a logical trusted device cluster or to a logical non-trusted device cluster, based on distances between the device geo-locations and the current geo-location of the user, and based on differences between establishment times of the device geo-locations and the establishment time of the user's geo-location.

Abstract: A personal license server and methods for use thereof are disclosed. In one embodiment, a personal license server is provided comprising a memory and circuitry operative to receive a digital rights management (DRM) license from a license server, store the DRM license in the memory, and provide the DRM license to a personal license server client, wherein the personal license server client receives the DRM license without communicating with the license server. In another embodiment, a personal license server client is provided that receives, from a license requester, a request for a digital rights management (DRM) license from a license server; in response to the request, communicates with a personal license server instead of the license server to receive the DRM license; and provides the DRM license to the license requester. Other embodiments are provided, and each of these embodiments can be used alone or in combination with one another.

Abstract: Generation of user and avatar specific content in a virtual world may include generating a local attribute object. The local attribute object may comprise attributes identifying at least one of the user's real world location and the user's avatar's virtual world location. Access to the local attribute object by virtual world operators may be controlled by the user and/or user's avatar. Specific content, based on the local attribute object, is presented to the user's avatar.

Abstract: A method of authentication and authorization over a communication system is provided. The method performs a first authentication of a device based on a set of device identity and credentials. The first authentication includes creation of a first set of keying material. The method also includes performing a second authentication of a subscriber based on a set of subscriber identity and credentials. The second authentication includes creation of a second set of keying material. A set of compound key material is created with a key derivation mechanism that uses the first set of keying material and the second set of keying material. A binding token is created by cryptographically signing at least the device identity authenticated in the first authentication and the subscriber identity authenticated in the second authentication using the set of compound keying material. The signed binding token is exchanged for verification with an authenticating and authorizing party.

Abstract: A document accessible over a network can be registered. A registered document, and the content contained therein, cannot be transmitted undetected over and off of the network. In one embodiment, a plurality of stored signatures are maintained in a signature database, each signature being associated with one of a plurality of registered documents. In one embodiment, the signature database is maintained by de-registering documents by removing the signatures associated with de-registered documents. In one embodiment, the database is maintained by removing redundant and high detection rate signatures. In one embodiment, the signature database is maintained by removing signatures based on the source text used to generate the signature.

Abstract: A method of identity authentication and fraudulent phone call verification uses an identification code of a communication device and a dynamic password. The “dynamic password” is directly sent to an Internet user via a dynamic web-page of a specific website instead of by means of a traditional telephone short message. Thus, the “dynamic password” cannot be copied from the spyware infected communication device of the Internet user. Furthermore, even if the “dynamic password” is intercepted or otherwise discovered by a hacker or intruder, authentication is still secure because the dynamic password must be sent back to the specific website via a short message or the like from the same communication device having the corresponding identification code that was initially input by the Internet user in order to generate the dynamic password.

Abstract: A method and system is provide for performing a certificate validity check between a vehicle receiving a message and an entity transmitting the message in a vehicle-to-entity communication system. The message includes a digital certificate. A determination is made whether the digital certificate is expired. A determination is made whether the digital certificate is listed in a local certificate revocation list stored in a memory of the vehicle in response to a determination that the digital certificate is not expired, otherwise, disregarding the message. An elapsed time is determined since a last freshness check in response the digital certificate not listed in the local certificate revocation list. The elapsed time is compared to a threshold requirement. The digital message is accepted for additional processing in response to the freshness check meeting the threshold requirement, otherwise, the message is disregarded.

Abstract: A system and method for enabling access to a computer server operating within a private network, in which the computer server is isolated by access restrictions that prevent incoming connections from a public network. In one embodiment, the method includes identifying a remote client operating in a public network outside the private network, initiating a secure communication channel with the remote client, and instructing the remote client to initiate a Point-to-Point Protocol (PPP) session with the computer server via the secure communication channel.

Abstract: A computer uses the information included within a digital certificate to obtain a current date and time value from a trusted extrinsic trusted source and the computer compares the obtained current date and time value to a validity period included in the digital certificate to determine if the digital certificate is expired. The information included within the digital certificate specifying an extrinsic source for the current date and time value can be included in an extension of the digital certificate, and the information can specify a plurality of extrinsic sources.

Abstract: A cryptographic hash of content (e.g., applications, documents, widgets, software, music, videos, etc.) is created and made available for distribution over a network (or by other means) as part of a ticket file. The ticket file can be cryptographically signed to ensure its authenticity. The ticket file and content can be downloaded separately (e.g., from different websites) to a user system (e.g., a computer, mobile phone, media player/recorder, personal digital assistant (PDA), etc.). The user system verifies the signature of the ticket file and the content hash to ensure that the content has not been compromised. The ticket file can include information relating to downloading the content (e.g., a Uniform Resource Identifier (URI)) and other meta-data (e.g., hash type, content information, public key, size, version, etc.).

Abstract: A key selection vector for a revocation list in an HDCP system as well as a mobile device and a method for processing a key selection vector, a digital content output device using a key selection vector and a revocation list for use in an HDCP system comprising a key selection vector are described. It is desired to improve handling of key selection vectors of revocation lists. A structured key selection vector for a revocation list is provided. The key selection vector is structured to contain at least one bit field with a predetermined number of bits and at a predetermined location in the key selection vector. The bit field contains information relating to a group property of a device, which group property allows to process as a group a plurality of key selection vectors storing the same or similar group property information in said at least one bit field.

Abstract: Techniques for non-repudiation of storage in cloud or shared storage environments are provided. A unique signature is generated within a cloud or shared storage environment for each file of the storage tenant that accesses the cloud or shared storage environment. Each signature is stored as part of the file system and every time a file is accessed that signature is verified. When a file is updated, the signature is updated as well to reflect the file update.

Abstract: A current version certificate is stored that includes a corresponding current version identifier. A current instance certificate is received from the certificate authority, wherein the current instance certificate includes the current version identifier of the current version certificate and a current instance public key corresponding to the current instance private key. The current instance certificate is sent to a local station, during a registration with the local station. A request is generated and sent to the local station. First encrypted data is received from the local station, wherein the first encrypted data includes a content key that is encrypted via the current instance public key.

Abstract: A method and system for Certificate management and transfer between messaging clients are disclosed. When communications are established between a first messaging client and a second messaging client, one or more Certificates stored on the first messaging client may be selected and transferred to the second messaging client. Messaging clients may thereby share Certificates. Certificate management functions such as Certificate deletions, Certificate updates and Certificate status checks may also be provided.

Abstract: In accordance with some embodiments, a computer-implemented method for fetching email from an email server to a portable electronic device is disclosed.

Abstract: A method for providing efficient management of certificate revocation may comprise storing a list of identifiers of digital certificates including a revocation list defining a list of revoked certificates in an accumulator, storing a witness value in association with at least some entries in the revocation list in which the witness value provides proof of the membership or non-membership of an identifier in the revocation list, enabling generation of a new accumulator and a new witness value responsive to each insertion or deletion of an entry in the revocation list, and enabling batch updates to the revocation list using a reduced bitlength value generated based on to a ratio of a value generated based on elements added to the revocation list to a value generated based on elements deleted from the revocation list. A corresponding apparatus is also provided.

Abstract: In general, the subject matter described in this specification can be embodied in methods, systems, and program products for providing access to secured resources. A token providing system stores a primary authentication token that is used to obtain temporary authentication tokens. The token providing system provides, to application programs that are unable to access the primary authentication token, the temporary authentication tokens. The token providing system receives, from a first application program of the application programs, a first request to obtain a first temporary authentication token. The first request does not include the primary authentication token. The token providing system transmits a second request to obtain the first temporary authentication token. The second request includes the primary authentication token. The token providing system receives the first temporary authentication token.

Abstract: According to a general aspect, a computer-implemented method for a first user to verify an association with a second user through a secret handshake protocol includes maintaining information about a reusable identification handle for the first user, where the information about the reusable identification handle is provided by a trusted third party, maintaining information about a reusable credential for the first user, where the information about the reusable credential is provided by a trusted third party, and maintaining information about a matching reference for verifying an association with another user, where the information about the matching reference is provided by a trusted third party. Information based on the reusable identification handle and based on the reusable credential is transmitted to a potential peer. First information based on a reusable identification handle for the second user is received, and second information based on a reusable credential for the second user is received.

Abstract: A method and apparatus for propagating certificate revocation information. A first query is received regarding a revocation status of a first digital certificate. One or more additional queries are received regarding revocation statuses of one or more additional digital certificates. A response to the first query and the one or more additional queries is generated, the response including the revocation status of the first digital certificate and the revocation statuses of the one or more additional digital certificates.

Abstract: A method to manage members of a group of decoders having access to broadcast data, each group member sharing a common broadcast encryption scheme (BES) comprising the steps of, in a stage for a decoder to become a group member, receiving keys pertaining to the position in the group according to the BES, receiving a current group access data comprising a current group access key, and in a stage of accessing broadcast data, using the current group access data to access the broadcast data, and in a stage of renewing the current group access key, sending a first group message comprising at least a next group access key encrypted so that only non-revoked decoders can access it, said group message being further encrypted by the current group access key, updating the current group access key with the next group access key.

Abstract: In a method for managing use information of a measurement device, an operating interface of the device is locked before the device is operated. When a user starts to use the device, the method provides a login interface to verify whether the user is authorized to login the operating interface. If the user is authorized to login the operating interface, the operating interface is unlocked and the method records first information of starting to operate the device. After finishing the operation or when an elapsed time of the device not in use is greater than a predetermined time, the method controls the user to log out the operating interface, records second information of finishing the operation, and the operating interface is locked. The first information and the second information are saved in a text file.

Abstract: A dual cryptographic keying system. In particular implementations, a method includes responsive to an initial session key negotiation, storing security association information for a tunnel in a security association memory; responsive to a session key renegotiation, storing security association information for the tunnel in a cache; decrypting received packets associated with the tunnel conditionally using the security association information in the cache or the security association information in the security association memory; and upon an expiration condition, overwriting the security association information, for the tunnel, in the security association memory with the security association information, for the tunnel, copied from the cache.

Abstract: A set of certificate management methods designed to significantly reduce or eliminate reliance on infrastructure network connectivity after vehicles are sold uses techniques to support certificate management operations in order to reduce the frequency which vehicles need to communicate with the Certificate Authorities (CAs) and the amount of data that needs to be exchanged between vehicles and the CA. These methods include, for example, approaches to use one-way communications and vehicle-to-vehicle (V2V) communications to replace expired certificates, approaches to use one-way communications and V2V communications to replace revoked certificates, and use of a small subset of vehicles as proxies to help retrieve and distribute Certificate Revocation Lists (CRLs) and replacement certificates. The combination of these techniques leads to solutions that can eliminate the need for roadside infrastructure networks completely.

Abstract: The cryptographic scheme subdivides time into periods with an index j=0, 1, 2, etc. A public key indicates elements u and v of a first cyclic group G1 of prime order p and, for each period j, an integer sj between 0 and p?1 and elements g1,j of the group G1 and g2,j, wj and hj of another cyclic group G2 of order p. The private key of a member of the group indicates an integer xi between 0 and p?1 and, for each period j, an element Ai,j of the group G1 such that Ai,n=[Ai,n-1/g1,n-1]1/(xi?sn) for 1?n?j. To sign a message during a period j?0, the member selects two integers ? and ? between 0 and p?1, calculates T1=u?, T2=Ai,j·v?, S1=g2,j? and S2=e(Ai,j, hj)? where e(., .) is a bilinear map of G1×G2 onto GT, and determines according to the message the data that justify the fact that the elements T1, T2, S1 and S2 are correctly formed with knowledge of the private key of the member for the period with index j.

Abstract: In a communication network comprised of a central management entity and plurality of terminals, methods and systems for remotely binding terminals to the network and for unbinding already bind terminals when necessary. Once bind to a network, a terminal may not operate in another network, unless the two networks share a secret.

Abstract: A validation authority for certificates searches for and verifies paths and certificate revocation lists periodically, and classifies the paths into valid paths and invalid paths in accordance with the results of the validations, so as to register the paths in databases beforehand. Besides, in a case where a request for authenticating the validity of a certificate has been received from an end entity, the validation authority judges the validity of the public key certificate by checking in which of the valid-path database and the invalid-path database a path corresponding to the request is registered. On the other hand, in a case where the path corresponding to the validity authentication request is not registered in either of the databases, the validity of the public key certificate is authenticated by performing path search and validation anew.

Abstract: Techniques for providing revocation information for revocable items are described. In implementations, a revocation service is employed to manage revocation information for various revocable items. For example, the revocation service can maintain a revoked list that includes revoked revocable items, such as revoked digital certificates, revoked files (e.g., files that are considered to the unsafe), unsafe network resources (e.g., a website that is determined to be unsafe), and so on. In implementations, the revocation service can communicate a revoked list to a client device to enable the client device to maintain an updated list of revocation information.

Abstract: A card to card transfer method used in the financial system is provided in the present invention, and comprises an initializing step, a transferring step and a transaction confirming step, wherein the initializing step includes the steps of calculating and obtaining the public key certificate and checking the amount of the transaction and so on, and the transferring step includes the steps of performing the transaction and so on. The present invention can achieve the function of transferring the electronic cash between two cards and can prevent the risk of repeatedly transferring the money into the card for transfer-in by using the card for transfer-out and so on.

Abstract: A network component comprising at least one processor configured to implement a method comprising deriving a Master Session Key (MSK) using a secret key and at least one parameter obtained from an Extensible Authentication Protocol (EAP) sequence, deriving a first Pairwise Master Key (PMK) and a second PMK from the MSK, authenticating with a home gateway (HG) using the first PMK, and authenticating with an end point using the second PMK. Included is an apparatus comprising a node comprising an access controller (AC) and a protocol for carrying authentication for network access (PANA) Authentication Agent (PAA), wherein the AC is configured to manage authentication for a UE, and wherein the PAA is configured to implement a PANA to forward authentication information related to the UE.

Abstract: Embodiments of the invention provide systems and methods for providing service level, policy-based QoS enforcement on a network or networks. According to one embodiment, a system can comprise at least one communications network, a first endpoint communicatively coupled with the communications network, and a second endpoint communicatively coupled with the communications network and can monitor traffic on the communications network between the first endpoint and the second endpoint. A policy enforcer can be communicatively coupled with the network monitor. The policy enforcer can apply one or more policies based the traffic between the first endpoint and the second endpoint. The one or more policies can define a Quality of Service (QoS) for the traffic between the first endpoint and the second endpoint and can apply the policies to affect the traffic between the endpoints to maintain the QoS defined by the one or more policies.