Abstract: A key server (320) based communication system (310) wherewith communicating parties, originators (312) and recipients (314), exchange encrypted communications (324). An originator requests or provides a key (330) to the key server, optionally with an assertion (322) from an authentication authority (318). Based on attributes (326) from the originator or elsewhere, the key server sets controlling events (340) for the communication. The originator encrypts and sends the communication to one or more recipients. A recipient may or may not request the key to decrypt the message. Positive events (342) are determined based on the controlling events and when and how many such requests occur. Negative events (344) are determined based on the absence of any requests or all requests being untimely.

Abstract: The present invention is directed to a method and apparatus for sending and retrieving location relevant information to a user by selecting and designating a point of interest that is displayed on a graphical user interface and sending the location information associated with that point of interest to a receiver that is also selected using the graphical user interface. The location relevant information may also include mapped routes, waypoints, geo-fenced areas, moving vehicles etc. Updated location relevant information may also be continuously sent to the user while generating updated mapping information on the graphical user interface. The present invention may be practiced by using communication devices such as a personal computer, a personal digital assistance, in-vehicle navigation systems, or a mobile telephone.

Abstract: The present invention is directed to a method and apparatus for storing, referencing, retrieving, and graphically displaying spatial and non-spatial related information of a mobile computing device, such as a laptop computer or a cellular telephone. The spatial-related information may be obtained by using positioning tracking systems such as a global positioning system, whereas the non-spatial related information may include communication activities associated with the mobile computing device, such as phone calls, e-mails, text messages, pages, etc. The present invention also provides methods and apparatus of summarizing the spatial and non-spatial related information for more effective and intuitive display of the information to the user, including the use of graphical map and calendar of events.

Abstract: A federated authentication service technology (10) for authenticating a subject (20) residing in a subject domain (12) on a network to a server application (38) residing in a server domain (18), wherein an authentication mechanism (32) residing in an authentication domain (16) affects the service provided by the server application (38). A client (22), which may be integrated non-human instances of the subject (20), authenticates the subject (20) and a protocol proxy (34) mediates with the authentication mechanism (32) to obtain a name assertion which the client can use to access the server application (38). When multiple authentication mechanisms (32) are available, an optional agent (24), mechanism resolution process (26) and mechanism repository (28), all residing in an agent domain (14), may be used to resolve to one suitable authentication mechanism (32).

Abstract: A system for communicating a message securely between a sender and a receiver. The sender provides a key server with a string specifying the receiver. The key server obtains a message key and a particular envelope encryption key corresponding with a particular envelope decryption key, encrypts the message key with the envelope encryption key (creating the envelope), and provides the envelope to the sender-client. The sender-client encrypts the message with the message key and provides it and the envelope to the receiver. The receiver-client receives these and asks an authentication server for the envelope decryption key. The authentication server obtains the envelope decryption key and provides it to the receiver. The receiver then decrypts the envelope with the envelope decryption key, to get the message key, and decrypts the message.

Abstract: The present invention is directed to a system and method for searching and retrieving location information associated with one or more points of interests, whereby the search criteria can be dependent upon the location of a point of interest with respect to the real-time position of the user, and any preferences or search restrictions selected by the user, such as rating information about the point of interest. Upon selecting a point of interest from the search result, the user is then given further information regarding the selected point of interest, including but not limited to directions for traveling to the point of interest. Additionally, the present invention can provide to the user a proximity notification once the user is within a certain distance from the point interest.

Abstract: The present invention is directed to a method and system for providing off-board navigational information from a network server to a mobile communication device, such as a cellular phone. Specifically, upon receiving from the mobile communication device the real time location of the mobile communication device and a location or identification of a destination, the network server transmits to the mobile communication device routing information as well as audible navigation voice prompts. In accordance with the preferred embodiment, the routing information includes maneuver information for traveling from the real location of the mobile communication device to the destination, and the audible navigation voice prompts provide data for generating audible turn-by-turn instructions for traveling from the real time location of the mobile communication device to the destination.

Abstract: The preferred embodiments of the present invention are directed to an improved mapping and navigational system. Specifically, the present invention is directed to a system for defining and assigning geographical boundaries to points of interests on a graphical map, where the geographical boundaries preferably correlate to spatially defined boundaries of the respective points of interests. In accordance with one embodiment of the present invention, the points of interest, along with the respective defined geographical boundaries, can be transferred from a personal computing device to a telecommunication device, such as a portable communication device, so as to be used for mapping purposes and to set off proximity alerts when the portable communication device, equipped with a GPS unit, enters or exits the geographical boundary of a particular point of interest.

Abstract: A system and method for searching and retrieving location information associated with one or more points of interests, whereby the search criteria can be dependent upon the location of a point of interest with respect to the the real-time position of the user, and any preferences or search restrictions selected by the user, such as rating information about the point of interest. Upon selecting a point of interest from the search result, the user is then given further information regarding the selected point of interest, including but not limited to directions for traveling to the point of interest. Additionally, preferred embodiments of the present invention can provide to the user a proximity notification once the user is within a certain distance from the point interest.

Abstract: A federated authentication service technology (10) for authenticating a subject (20) residing in a subject domain (12) on a network to a server application (38) residing in a server domain (18), wherein an authentication mechanism (32) residing in an authentication domain (16) affects the service provided by the server application (38). A client (22), which may be integrated non-human instances of the subject (20), authenticates the subject (20) and a protocol proxy (34) mediates with the authentication mechanism (32) to obtain a name assertion which the client can use to access the server application (38). When multiple authentication mechanisms (32) are available, an optional agent (24), mechanism resolution process (26) and mechanism repository (28), all residing in an agent domain (14), may be used to resolve to one suitable authentication mechanism (32).

Abstract: A user interface is presented through which a training plan is established. The training plan includes a plurality of workouts each describing a human physical activity. The training plan is stored within data storage for selection by any of a plurality of users. In response to a user among said plurality of users selecting said training plan, data describing at least one workout in said training plan is electronically transmitted to a client device associated with the user.

Abstract: A federated authentication service technology (10) for authenticating a subject (20) residing in a subject domain (12) on a network to a server application (38) residing in a server domain (18), wherein an authentication mechanism (32) residing in an authentication domain (16) affects the service provided by the server application (38). A client (22), which may be integrated non-human instances of the subject (20), authenticates the subject (20) and a protocol proxy (34) mediates with the authentication mechanism (32) to obtain a name assertion which the client can use to access the server application (38). When multiple authentication mechanisms (32) are available, an optional agent (24), mechanism resolution process (26) and mechanism repository (28), all residing in an agent domain (14), may be used to resolve to one suitable authentication mechanism (32).

Abstract: A system (50, 150) for assisting a user (14) to determine whether a hyperlink (152) to a target uniform resource locator (URL) is spoofed. A computerized system having a display unit is provided and logic (158) therein listens for activation of the hyperlink (152) in a message (154). The logic (158) extracts an originator identifier (102) and encrypted data from the hyperlink (152), and decrypts the encrypted data into decrypted data based on the originator identifier (102). The logic (158) determines whether the hyperlink (152) includes the originator identifier (102) and the encrypted data decrypts successfully. Responsive to this it then presents a confirmation of authentication conveying the name of the owner and the domain name of the target URL on the display unit, and it redirects the user (14) to the target URL. Otherwise, it presents a warning dialog to the user (14) on the display unit.

Abstract: A system (50, 150) for assisting a user (14) to determine whether an email (18) comes from a purported originator (16). A computerized system having a display unit is provided. Logic (54) in the computerized system determines whether the email (18) includes an authenticity mark (52) including an originator identifier (102) and encrypted data (104). Logic (54) in the computerized system then decrypts the encrypted data (104) into decrypted data (108-14), based on the originator identifier (102). Logic (54) in the computerized system then presents to the user (14), on the display, whether the email (18) includes the authenticity mark (52), whether the encrypted data (104) decrypts successfully, and information based on the authenticity mark (52) and the decrypted data (108-14).

Abstract: The present invention is directed to a method and apparatus for storing, referencing, retrieving, and graphically displaying spatial and non-spatial related information of a mobile computing device, such as a laptop computer or a cellular telephone. The spatial-related information may be obtained by using positioning tracking systems such as a global positioning system, whereas the non-spatial related information may include communication activities associated with the mobile computing device, such as phone calls, e-mails, text messages, pages, etc. The present invention also provides methods and apparatus of summarizing the spatial and non-spatial related information for more effective and intuitive display of the information to the user, including the use of graphical map and calendar of events.

Abstract: A method for interactively communicating with regard to a statement in e-mail form including a tag and a link. The statement is communicated from a first computer to a second via a network. The first computer is operated by the statement provider and the second is operated by a clerk associated with the statement receiver. A client software is provided to the second computer automatically based on said tag being present in the statement. An instant messaging session between the second computer and a third computer is employed based on selective link activation by the clerk. The third computer (potentially the same as the first) is operated by a service representative associated with the provider.

Abstract: The present invention is directed to a method and apparatus for recording and generating additional information related to telecommunication events using a mobile communication device, such as a telephone call or a text messaging event using cellular phone or a personal digital assistant. Specifically, the preferred embodiments of the present invention records information such as GPS coordinates that indicate a position of the mobile communication device during the communication event, as well as a location of a sender or receiver of data to or from the mobile communication device, so as to facilitate a log entry of the position of the mobile communication device as well as other useful information that are associated with the communication events.

Abstract: A digital signature verification system wherein a signature system may sign a conversational message, as might be used in a chat, instant messaging or enterprise instant messaging dialog, and a verification system may then verify the signature. The signature system may include a signing entity and a vault, wherein the signing entity provides the message and credentials and the vault creates the signature based on a first hash of the message that is further encrypted with a signature key. The verification system may include a validating entity and a verifier, wherein the validating entity provides the message, the signature, and assertions to the verifier and the verifier then forms a second hash of the message, uses a verification key corresponding with the signature key to decrypt the signature and obtain the first hash, and compares the two hashes to determine a proper validation response.

Abstract: A secure communication system wherein message decryption may be performed while off-line, or optionally while on-line. A sender encrypts a message based on the message key and sends it to the recipient. An envelope containing a message key is created by encrypting the message key based on a verifier, where the verifier is based on a secret of the recipient. The recipient is provided the envelope, along with the message or separately, from the sender or from another party, contemporaneous with receipt of the message or otherwise. The recipient can then open the envelope while off-line, based on their secret, and retrieve the message key from the envelope to decrypt the message. In the event the recipient cannot open the envelope, optional on-line access permits obtaining assistance that may include obtaining an alternate envelope that the recipient can open.

Abstract: A communication system (410) wherewith sources (414) and targets (416) employ a key server (420) to exchange transactions (424). A first request to the key server includes a source assertion (422) from an authentication authority (418), and optionally a key (430). The key server provides a transaction ID (428), and the key if not already provided, in reply to this request. The key server stores the transaction ID and source assertion. The source encrypts the transaction and sends it with the transaction ID to the targets. A second request to the key server includes a target assertion and the transaction ID. The key server provides the key in reply to this request. The key server also stores the target assertion in association with the transaction ID. The respective assertions then establish the source and targets of the transaction in a manner that cannot plausibly be repudiated.