Patents Assigned to Aladdin Knowledge Systems
-
Patent number: 7890767Abstract: A public key authentication system and method for use in a computer system having a plurality of users. The system includes a virtual smart card server, storage connected to the virtual smart card server, and a virtual smart card agent connected to the virtual smart card server. The storage includes a plurality of virtual smart cards, wherein each virtual smart card is associated with a user and wherein each smart card includes a private key. The virtual smart card agent authenticates the user and accesses the authenticated user's virtual smart card to obtain the user's private key.Type: GrantFiled: February 3, 2009Date of Patent: February 15, 2011Assignee: Aladdin Knowledge Systems Ltd.Inventors: Lawrence Smith, Richard Levenberg
-
Patent number: 7773753Abstract: An efficient symmetrical-cryptographic method for using a fast but insecure host to perform encryption/decryption based on a secret key in a secure, but slow hardware token, such as a smartcard or similar device, without revealing the secret key to the host, and such that the ciphertext and plaintext are exactly the same size. The present method is suitable for use in Digital Rights Management and Software Rights Management applications which require precise interchangeability of ciphertext and plaintext in pre-allocated areas of data storage.Type: GrantFiled: June 28, 2007Date of Patent: August 10, 2010Assignee: Aladdin Knowledge Systems Ltd.Inventors: Michael Zunke, Yanki Margalit, Dani Margalit
-
Patent number: 7636943Abstract: In one aspect, the present invention is directed to a method for detecting spyware activity, the method comprises the steps of: monitoring outgoing communication data sent from a user's computer; searching for predefined keywords within the communication data; indicating spyware activity in the user's computer by presence of at least one of the predefined keywords within the communication data, the keywords are selected from a group comprising: a signature of the spyware, personal information of the user, an addressee to where the communication data is sent. The method may further comprise: upon detecting a spyware activity in the user's computer, blocking communication from the computer. The method may further comprise removing the spyware. The blocking can be carried out at the user's computer, at the gateway to which the user's computer is connected, etc.Type: GrantFiled: June 13, 2005Date of Patent: December 22, 2009Assignee: Aladdin Knowledge Systems Ltd.Inventors: Shimon Gruper, Yanki Margalit, Dany Margalit
-
Patent number: 7603614Abstract: A method and system for indicating an executable as Trojan Horse, based on the CRC values of the routines of an executable. The method comprising a preliminary stage in which the CRC values of the routines of known Trojan Horses are gathered in a database, and a stage in which indicating an executable as Trojan Horse is carried out by the correspondence of the CRC values of the routines of said executable to the CRC values of the known Trojan Horses, as gathered in said database. The system comprising means for calculating the CRC values of routines; means for identifying the borders of the routines of an executable; a database system, for storing the CRC values of routines of known Trojan Horses; and means for determining the correspondence between two groups of CRC values, thereby enabling detection of the correspondence of an executable to at least one known Trojan Horse.Type: GrantFiled: May 13, 2003Date of Patent: October 13, 2009Assignee: Aladdin Knowledge Systems Ltd.Inventors: Oded Cohen, Yanki Margalit, Dany Margalit
-
Publication number: 20090205040Abstract: An authenticated digital confirmation of an installation or an update of a licensed computer data product, for providing the licensor with a validation that the installation/update was carried out as intended, and conveying relevant details of the installation/update. The installation/updating facility (internal software, external hardware device, or combination thereof) examines and documents the pre-installation/update state of the target computer system, performs the installation/update, examines and documents the post-installation/update state, and generates the confirmation, which is a summary or digest of the process and the status thereof. The confirmation is securely authenticated and sent to the licensor for validation, to be used for order fulfillment, billing and accounting, and other purposes.Type: ApplicationFiled: February 10, 2008Publication date: August 13, 2009Applicant: Aladdin Knowledge Systems Ltd.Inventor: Michael Zunke
-
Publication number: 20090049425Abstract: A method of obfuscating executable computer code to impede reverse-engineering, by interrupting the software's execution flow and replacing in-line code with calls to subroutines that do not represent logical program blocks. Embodiments of the present invention introduce decoy code to confuse attackers, and computed branching to relocated code so that actual program flow cannot be inferred from disassembled source representations.Type: ApplicationFiled: August 14, 2007Publication date: February 19, 2009Applicant: ALADDIN KNOWLEDGE SYSTEMS LTD.Inventors: Martin Liepert, Vitali Yauseyanka
-
Patent number: 7487357Abstract: A public key authentication system and method for use in a computer system having a plurality of users. The system includes a virtual smart card server, storage connected to the virtual smart card server, and a virtual smart card agent connected to the virtual smart card server. The storage includes a plurality of virtual smart cards, wherein each virtual smart card is associated with a user and wherein each smart card includes a private key. The virtual smart card agent authenticates the user and accesses the authenticated user's virtual smart card to obtain the user's private key.Type: GrantFiled: June 21, 2006Date of Patent: February 3, 2009Assignee: Aladdin Knowledge SystemsInventors: Lawrence Smith, Richard Levenberg
-
Publication number: 20080259797Abstract: A network load-balancing cluster configured to function as a transparent bridge, by connecting the load-balancing nodes in series rather than in parallel, as is done in prior-art configurations. A load-balancing algorithm and method are disclosed, by which each node in the configuration independently determines whether to process a data packet or pass the data packet along for processing by another node. To support this, load-balancing nodes are equipped with both software and hardware data pass-through capabilities that allow the nodes to pass along data packets that are processed by a different nodes.Type: ApplicationFiled: April 18, 2007Publication date: October 23, 2008Applicant: ALADDIN KNOWLEDGE SYSTEMS LTD.Inventors: Shimon Gruper, Yanki Margalit, Dany Margalit
-
Publication number: 20080209558Abstract: A method and system of computer program modules for extending the cover time of protection for a licensed software product, by increasing the difficulty and time required for an attacker to produce a workable cracked version of the program. When an attack is detected, critical information about the effectiveness of the attack are withheld from the attacker by simulating the behavior of a cracked program, thereby inducing the attacker to prematurely consider the attack successful. Latent license enforcement features are provided, whose activation is suspended until predefined environmental conditions are met.Type: ApplicationFiled: February 22, 2007Publication date: August 28, 2008Applicant: Aladdin Knowledge SystemsInventors: Michael Zunke, Yanki Margalit, Dany Margalit
-
Publication number: 20080208754Abstract: A method for issuing and updating a software program license for a computer, with a unique identifier data object embedded in the computer and referenced by the license. The unique identifier may also be used with a conventional computer fingerprint. The software program does not run on a computer without a license that references the unique identifier. The license is issued via a server over a network (such as the Internet) and must be regularly updated by the server. When updating, the present unique identifier is sent to the server, to verify that the unique identifier is the latest unique identifier issued for that license. If an unauthorized copy is made for operation on an unlicensed computer, such as by cloning the licensed computer, this is detected when the second computer is updated, because the unique identifier sent with the update request is no longer current.Type: ApplicationFiled: February 22, 2007Publication date: August 28, 2008Applicant: Aladdin Knowledge SystemsInventors: Michael Zunke, Yanki Margalit, Dany Margalit
-
Publication number: 20080209559Abstract: A method for determining if a software program having a protective envelope has been cracked, and signaling an indication thereof. A direct determination is made of whether the protective envelope is intact or has been compromised by an attack, without requiring a license violation to occur. Executable code in the protective envelope generates an envelope confirmation which is validated by executable code in the program itself. Any disabling or separation of the envelope from the program will be detectable by the program at validation time. Provisions are made for a secure envelope confirmation, the use of arguments as input to the confirmation generation, and for incorporating information related to the computer and user to facilitate identifying the attacker. Signaled indications can include network messaging to alert the licensor that the program has been cracked.Type: ApplicationFiled: February 22, 2007Publication date: August 28, 2008Applicant: Aladdin Knowledge SystemsInventors: Michael Zunke, Yanki Margalit, Dany Margalit
-
Patent number: 7386884Abstract: A method for preventing activating a malicious object passing through a checkpoint, and decreasing the overall inspection delay thereof, the method comprising the steps of: (a) at the checkpoint, creating an envelope file, being an executable file comprising: the object; code for extracting the object from the envelope file; and an indicator for indicating the integrity of the object; (b) forwarding the envelope file instead of the object toward its destination, while holding at least a part of the envelope file which comprises the indicator; (c) inspecting the object; and (d) setting the indicator on the envelope file to indicate the inspection result thereof, and releasing the rest of the envelope file.Type: GrantFiled: April 19, 2004Date of Patent: June 10, 2008Assignee: Aladdin Knowledge Systems Ltd.Inventors: Oded Cohen, Yanki Margalit, Dany Margalit
-
Publication number: 20080005430Abstract: In one aspect, the present invention is directed to a communication interface such as a USB and a Firewire, for transferring data between a peripheral and a host, the interface comprising: a first connector, at the host side, through which the host communicates with the peripheral; a second connector, at the peripheral or at an extension cable connected to the peripheral, through which the peripheral communicates with the host upon mating between the first connector and the second connector; a switch coupled to the second connector, the switch operative for modifying a service provided by the peripheral to the host, and/or a modifying a connectivity between the host and the peripheral. According to a preferred embodiment of the invention, the switch does not harm waterproof characteristic of the peripheral.Type: ApplicationFiled: May 8, 2006Publication date: January 3, 2008Applicant: ALADDIN KNOWLEDGE SYSTEMS LTD.Inventors: Ron Kozenitzky, Yanki Margalit, Dany Margalit
-
Publication number: 20070277238Abstract: A method and system for preventing the exploitation of email messages in attacks on computer systems. Invalid formatting is often used by attackers to introduce undesirable content into email, because email handling applications and utilities are often insensitive to deviations from the standards, and invalid formatting can allow undesirable content to go undetected. According to the present invention, an original email message is decomposed into component parts, which are formatted according to email message standards. Format-compliant components are inspected for undesirable content and reassembled into a replacement email message that is sent to the destination of the original email message. Components with undesirable content are sanitized.Type: ApplicationFiled: April 26, 2007Publication date: November 29, 2007Applicant: ALADDIN KNOWLEDGE SYSTEMS LTD.Inventors: Yanki Margalit, Dany Margalit
-
Publication number: 20070217413Abstract: A method of assigning a predetermined IP address to a device for installation on a private network. This IP address can be assigned before installation into any private network without having to be reassigned and without creating addressing conflicts, thereby simplifying the installation process. A registered global IP address is obtained from an Internet Registry and assigned to a multiplicity of devices. Exactly one such device is installed on the private network. The device has an internal router that captures data packets associated with the global IP address, so that this traffic is not put onto a public network connected to the private network. Because the registered global IP address is unique and intended for public networks, no other device on the private network has this address. Thus, the device's assigned IP address is guaranteed not to conflict with existing IP address assignments on the private network.Type: ApplicationFiled: April 17, 2007Publication date: September 20, 2007Applicant: ALADDIN KNOWLEDGE SYSTEMS LTD.Inventors: Dany Margalit, Yanki Margalit
-
Patent number: 7249266Abstract: A user-computer interaction method for use by a population of flexibly connectible computer systems and a population of mobile users, the method comprising storing information characterizing each mobile user on an FCCS plug to be borne by that mobile user; and accepting the FCCS plug from the mobile user for connection to one of the flexibly connectible computer systems and employing the information characterizing the mobile user to perform at least one computer operation.Type: GrantFiled: May 4, 2004Date of Patent: July 24, 2007Assignee: Aladdin Knowledge Systems, Ltd.Inventors: Yanki Margalit, Dany Margalit
-
Publication number: 20070143630Abstract: What is provided is a computer-implemented method for protection of a program comprising a functional block, wherein the functional block is encrypted, additional code is added to the program and a protected program is thus generated, which is executable only in the presence of a predetermined license in a computer system which comprises a working memory, into which the protected program is loaded during execution, and a protection module for protection against unauthorized execution of the protected program, wherein, if the encrypted functional block is to be executed during execution of the protected program, the additional code is executed and, if a license is present, said additional code, together with the protection module, a) causes decryption of the functional block such that the functional block is present in the working memory of the computer system in decrypted form; b) allows execution of the decrypted functional block, and c) upon completion of execution of the decrypted functional block, causesType: ApplicationFiled: December 17, 2006Publication date: June 21, 2007Applicant: Aladdin Knowledge Systems (Deutschland) GmbHInventor: MICHAEL ZUNKE
-
Patent number: 7191325Abstract: A method of operating a computer system on which an application is installed comprises the steps of: verifying whether a predetermined run authorization for the application is present, and, in the absence of said predetermined run authorization, decreasing the speed of execution of the application on the computer system as compared to the speed of execution of the application in the presence of the predetermined run authorization.Type: GrantFiled: July 31, 2003Date of Patent: March 13, 2007Assignee: Aladdin Knowledge Systems (Deutschland) GmbHInventor: Michael Zunke
-
Patent number: D561184Type: GrantFiled: January 5, 2006Date of Patent: February 5, 2008Assignee: Aladdin Knowledge Systems Ltd.Inventors: Ron Kozenitzky, Yanki Margalit
-
Patent number: D589516Type: GrantFiled: July 5, 2007Date of Patent: March 31, 2009Assignee: Aladdin Knowledge SystemsInventor: Noah L. Anglin