Patents Assigned to BlackRidge Technology Holdings, Inc.
-
Patent number: 10375118Abstract: Methods and apparatus for providing a mechanism that uses attribution information present in some network traffic to provide enhanced security for all network services protected by an attribution security system are disclosed.Type: GrantFiled: July 13, 2015Date of Patent: August 6, 2019Assignee: BlackRidge Technology Holdings, Inc.Inventor: John William Hayes
-
Patent number: 10187299Abstract: The present invention enables the selection of network routes based on a combination of traditional route table entries and identity policy information determined dynamically for each network session. This enables a network operator to apply different policies to network entities presenting differing identity credentials. It also allows network operators to block access to networks and network resources when identity credentials are not provided or are unauthorized.Type: GrantFiled: April 22, 2016Date of Patent: January 22, 2019Assignee: BlackRidge Technology Holdings, Inc.Inventor: John W. Hayes
-
Patent number: 9973499Abstract: A mechanism to activate an original object (12S) so that statistical objects (14S) generated from the original object can be recognized using statistical object identification is disclosed. An object activation agent (48) with a clock (47) and at least one original object (12S) communicates the original object (12S) and time from the clock (47) to an object activation service (50). The object activation service (50) provides and communicates keying information (61) and expiration criterion (63) for at least one of said original objects (12S) back to the object activation agent (48).Type: GrantFiled: January 26, 2016Date of Patent: May 15, 2018Assignee: BlackRidge Technology Holdings, Inc.Inventors: John W. Hayes, Christopher Luis Hamlin, Charles Andrew Gram
-
Patent number: 9118644Abstract: The present invention enables an enterprise to move from an implicitly trusted resource pool to an explicitly authenticated resource pool. Trust information is generally conveyed whenever a new resource is added to the pool and trust information is revoked when a resource is removed from the pool or is unable to provide its advertised resources. The dynamic, event driven conveyance of trust information is particularly important in highly virtualized environments where virtual resources are dynamically scaled up and down in response to resource demand.Type: GrantFiled: August 30, 2012Date of Patent: August 25, 2015Assignee: BlackRidge Technology Holdings, Inc.Inventors: John W Hayes, Christopher L Hamlin
-
Publication number: 20150067796Abstract: The present invention provides a mechanism to activate an original object (12S) so that statistical objects (14S) generated from the original object can be recognized using statistical object identification. An object activation agent (48) with a clock (47) and at least one original object (12S) communicates the original object (12S) and time from the clock (47) to an object activation service (50). The object activation service (50) provides and communicates keying information (61) and expiration criterion (63) for at least one of said original objects (12S) back to the object activation agent (48).Type: ApplicationFiled: August 27, 2013Publication date: March 5, 2015Applicant: BlackRidge Technology Holdings, Inc.Inventors: John William Hayes, Christopher Luis Hamlin, Charles Andrew Gram
-
Patent number: 8635445Abstract: In a preferred embodiment of the invention, an authenticating device (22) receives a first digital identity (43) and a second digital identity (63). The authenticating device (22) uses the second digital identity (63) as a key to a Identity Association Database (24) to retrieve a database entry (33). If the database entry (33) shows an association between the first digital identity (43) and the second digital identity (63), the digital identities are valid and an indication (72) of the validation of existence of association between first digital identity and second digital identity (96) is made by the authenticating device (22).Type: GrantFiled: August 16, 2012Date of Patent: January 21, 2014Assignee: BlackRidge Technology Holdings, Inc.Inventor: John W. Hayes
-
Patent number: 8572697Abstract: The present invention provides a mechanism to communicate an original object (12S) without requiring the sending of the complete original object. A representative of the original object (12S), a statistical object (14S), is generated by one entity and is communicated to a second entity. The second entity receives the statistical object (14S), and identifies it as being generated from an original object (12S). If the second entity is unable to unambiguously identify the statistical object (14S), the second entity records the partial identity progress and associated communications characteristics information (22). The amount of information communicated during this process is much smaller than the original object (12S), greatly improving the speed and efficiency of communicating an original object (12S).Type: GrantFiled: November 18, 2011Date of Patent: October 29, 2013Assignee: BlackRidge Technology Holdings, Inc.Inventors: John W. Hayes, Christopher Luis Hamlin
-
Publication number: 20130133045Abstract: The present invention enables an enterprise to move from an implicitly trusted resource pool to an explicitly authenticated resource pool. Trust information is generally conveyed whenever a new resource is added to the pool and trust information is revoked when a resource is removed from the pool or is unable to provide its advertised resources. The dynamic, event driven conveyance of trust information is particularly important in highly virtualized environments where virtual resources are dynamically scaled up and down in response to resource demand.Type: ApplicationFiled: August 30, 2012Publication date: May 23, 2013Applicant: BlackRidge Technology Holdings, Inc.Inventors: John William Hayes, Christopher Luis Hamlin
-
Patent number: 8346951Abstract: In a preferred embodiment of the invention, a network client (42) inserts an authorization key (38) into the SEQ (30) and ACK (32) fields of a TCP connection request (56). The TCP connection request (56) is sent to a authorizing server (46). The authorizing server (46) extracts the authorization key (38) and uses the authorization key (38), with other implicit and explicit data contained within the TCP connection request (56) to authorize the TCP connection request (56). If the TCP connection request (56) is authorized, the authorizing server (46) sends a TCP-SYN/ACK (58) back to the network client (42) as described in the TCP protocol specification. If the TCP connection request (56) is denied, the TCP connection request (56) is discarded and nothing is sent back to the network client (42).Type: GrantFiled: September 30, 2005Date of Patent: January 1, 2013Assignee: BlackRidge Technology Holdings, Inc.Inventor: John W. Hayes
-
Patent number: 8281127Abstract: In a preferred embodiment of the invention, an authenticating device (22) receives a first digital identity (43) and a second digital identity (63). The authenticating device (22) uses the second digital identity (63) as a key to a Identity Association Database (24) to retrieve a database entry (33). If the database entry (33) shows an association between the first digital identity (43) and the second digital identity (63), the digital identities are valid and an indication (72) of the validation of existence of association between first digital identity and second digital identity (96) is made by the authenticating device (22).Type: GrantFiled: February 1, 2010Date of Patent: October 2, 2012Assignee: BlackRidge Technology Holdings, Inc.Inventor: John W. Hayes