Patents Assigned to INTEGRITY SECURITY SERVICES LLC
-
Patent number: 11070565Abstract: Systems, methods, and devices for securely provisioning a roadside unit (RSU) that includes an application certificate, wherein the RSU is geographically restricted according to the application certificate. An enhanced SCMS system may receive a request for an application certificate for the RSU; determine, in response to the request, an operating geolocation for the RSU; verify that the operating geolocation is within the allowed geo-region for the RSU; generate an application certificate that includes the operating geolocation; and provide the application certificate to the RSU device.Type: GrantFiled: October 6, 2020Date of Patent: July 20, 2021Assignee: INTEGRITY SECURITY SERVICES LLCInventors: Daniel R. Fynaardt, William L. Lattin, Alan T. Meyer
-
Patent number: 11050553Abstract: A system includes a campaign management service to detect a campaign initiation request indicating a number of computerized devices to be updated for a campaign and store data corresponding to the computerized devices to be updated. The campaign management service can generate a bloom filter data structure comprising hash values based on the data for each of the computerized devices to be updated and transmit the bloom filter data structure to a network edge. The system can include the network edge that can use the bloom filter data structure from the campaign management service to determine whether a computerized device is to obtain a device update from the campaign management service. The network edge can retrieve the device update and modify the computerized device by transmitting the device update to the computerized device, which then installs it.Type: GrantFiled: May 7, 2020Date of Patent: June 29, 2021Assignee: INTEGRITY SECURITY SERVICES LLCInventor: Neil Locketz
-
Patent number: 11005885Abstract: Disclosed herein are systems, methods and devices system for identifying a misbehaving computerized device. In some implementations, the system includes a processor to perform operations including receiving, by the system, a report about a computerized device, wherein the report comprises a pseudonym certificate from the computerized device, and wherein the pseudonym certificate comprises a linkage value. The operations also include transmitting, by the system and to a cloaking authority device, a request for a cloak index, wherein the request for the cloak index comprises the linkage value from the pseudonym certificate from the computerized device. The operations also include receiving, by the system, the cloak index from the cloaking authority device, and determining, by the system and using the cloak index, that the computerized device is the misbehaving computerized device.Type: GrantFiled: February 12, 2020Date of Patent: May 11, 2021Assignee: INTEGRITY SECURITY SERVICES LLCInventor: Erik S. Schetina
-
Patent number: 10956542Abstract: Systems, methods and devices for provisioning a computerized device(s). The system may include a distributor computer that is connected to the computerized device, and is operable to receive a digital asset and transmit it to the device. The system may include a digital asset management server that is connected to the distributor computer, and is operable to transmit the digital asset to the distributor computer, and a provisioning controller that is connected to the distributor computer and the digital asset management server, and is operable to cause transmission of the digital asset to the distributor computer. The system can include a second distributor computer that is connected to the digital asset management server and the device (e.g., at a later time), and that receives a second digital asset and transmits it to the device, wherein the second digital asset causes the device to become partially or fully functional.Type: GrantFiled: August 24, 2020Date of Patent: March 23, 2021Assignee: INTEGRITY SECURITY SERVICES LLCInventors: William L. Lattin, David R. Sequino, Alan T. Meyer, Gregory A. Powell
-
Patent number: 10917248Abstract: An example system receives certificate requests from clients. Each request can indicate a number of computerized devices needing certificates; a timestamp indicating when the request was transmitted; and a client identifier. The system includes a Quality of Service (QoS) manager that: distributes the requests from the clients across client queues, each of the client queues corresponding to a particular client; and divides requests into smaller subgroups of entries corresponding to a subset of the computerized devices needing certificates. The system can also transmit retrieved entries from the client queues to a certificate management service.Type: GrantFiled: June 12, 2020Date of Patent: February 9, 2021Assignee: INTEGRITY SECURITY SERVICES LLCInventors: Alan T. Meyer, Daniel R. Fynaardt
-
Patent number: 10873470Abstract: An example system for securely provisioning computerized devices of a plurality of tenants includes a Security Credential Management System (SCMS) host that is communicatively connected to the devices and is operable to receive provisioning requests from computerized devices needing certificates. Each provisioning request indicates a tenant identifier (ID) uniquely identifying a tenant of the plurality of tenants. The system also includes a registration authority communicatively connected to the SCMS host and operable to transmit requests to SCMS backend components.Type: GrantFiled: October 2, 2019Date of Patent: December 22, 2020Assignee: INTEGRITY SECURITY SERVICES LLCInventors: Daniel R. Fynaardt, William L. Lattin, Gregory Powell
-
Patent number: 10762178Abstract: Systems, methods and devices for provisioning a computerized device(s). The system may include a distributor computer that is connected to the computerized device, and is operable to receive a digital asset and transmit it to the device. The system may include a digital asset management server that is connected to the distributor computer, and is operable to transmit the digital asset to the distributor computer, and a provisioning controller that is connected to the distributor computer and the digital asset management server, and is operable to cause transmission of the digital asset to the distributor computer. The system can include a second distributor computer that is connected to the digital asset management server and the device (e.g., at a later time), and that receives a second digital asset and transmits it to the device, wherein the second digital asset causes the device to become partially or fully functional.Type: GrantFiled: March 23, 2020Date of Patent: September 1, 2020Assignee: INTEGRITY SECURITY SERVICES LLCInventors: William L. Lattin, David R. Sequino, Alan T. Meyer, Gregory A. Powell
-
Patent number: 10749691Abstract: An example system receives certificate requests from clients. Each request can indicate a number of computerized devices needing certificates; a timestamp indicating when the request was transmitted; and a client identifier. The system includes a Quality of Service (QoS) manager that: distributes the requests from the clients across client queues, each of the client queues corresponding to a particular client; and divides requests into smaller subgroups of entries corresponding to a subset of the computerized devices needing certificates. The system can also transmit retrieved entries from the client queues to a certificate management service.Type: GrantFiled: July 15, 2019Date of Patent: August 18, 2020Assignee: INTEGRITY SECURITY SERVICES LLCInventors: Alan T. Meyer, Daniel R. Fynaardt
-
Patent number: 10666427Abstract: A system includes a campaign management service to detect a campaign initiation request indicating a number of computerized devices to be updated for a campaign and store data corresponding to the computerized devices to be updated. The campaign management service can generate a bloom filter data structure comprising hash values based on the data for each of the computerized devices to be updated and transmit the bloom filter data structure to a network edge. The system can include the network edge that can use the bloom filter data structure from the campaign management service to determine whether a computerized device is to obtain a device update from the campaign management service. The network edge can retrieve the device update and modify the computerized device by transmitting the device update to the computerized device, which then installs it.Type: GrantFiled: June 11, 2019Date of Patent: May 26, 2020Assignee: INTEGRITY SECURITY SERVICES LLCInventor: Neil Locketz
-
Patent number: 10645094Abstract: Systems, methods, and devices for securely provisioning a roadside unit (RSU) that includes an application certificate, wherein the RSU is geographically restricted according to the application certificate. An enhanced SCMS system may receive a request for an application certificate for the RSU; determine, in response to the request, an operating geolocation for the RSU; verify that the operating geolocation is within the allowed geo-region for the RSU; generate an application certificate that includes the operating geolocation; and provide the application certificate to the RSU device.Type: GrantFiled: February 15, 2019Date of Patent: May 5, 2020Assignee: INTEGRITY SECURITY SERVICES LLCInventors: Daniel R. Fynaardt, William L. Lattin, Alan T. Meyer
-
Patent number: 10599819Abstract: Systems and methods for secure provisioning and management of computerized devices. The system may include a distributor appliance that is communicatively connected to the computerized device, and that is operable to receive a digital asset and to load the digital asset into the computerized device. It may include an optional digital asset management system that is connected via a secure communication channel to the distributor appliance, and that is operable to transmit the digital asset to the distributor appliance; and a provisioning controller that is connected via a secure communication channel to the distributor appliance and is connected via another secure communication channel to the optional digital asset management system, and that is operable to directly or indirectly transmit the digital asset to the distributor appliance. The computerized device is not fully functional before the digital asset is loaded into it.Type: GrantFiled: September 5, 2019Date of Patent: March 24, 2020Assignee: INTEGRITY SECURITY SERVICES LLCInventors: William L. Lattin, David R. Sequino, Alan T. Meyer, Gregory A. Powell
-
Patent number: 10581620Abstract: Scalable certificate management system architectures. An example system may include one or more application platforms (e.g., VMs) that run a registration authority and are communicatively connected to one or more compute engines that perform cryptographic computations required by the registration authority. The system may also include one or more application platforms that run an enrollment certificate authority and that are communicatively connected to one or more compute engines that perform cryptographic computations required by the enrollment certificate authority. It may further include one or more application platforms that run a pseudonym certificate authority and that are communicatively connected to one or more compute engines that perform cryptographic computations required by the pseudonym certificate authority.Type: GrantFiled: July 7, 2018Date of Patent: March 3, 2020Assignee: INTEGRITY SECURITY SERVICES LLCInventors: Alan T. Meyer, Gregory A. Powell
-
Patent number: 10574694Abstract: Disclosed herein are systems, methods and devices system for identifying a misbehaving computerized device. In some implementations, the system includes a cloaking authority device for identifying a misbehaving computerized device, wherein the cloaking authority device includes a processor that can receive a request for a cloak index, wherein the request for the cloak index comprises a linkage value retrieved from a pseudonym certificate. In some examples, the processor can also request, from a pseudonym certificate authority device, first information that is used to produce the cloak index, wherein the first information is associated with the linkage value. Additionally, the processor can process, by the cloaking authority device, the linkage value to produce the cloak index based in part on the first information, wherein the cloak index identifies a misbehaving computerized device. Furthermore, the processor can transmit, by the cloaking authority device, the cloak index to a misbehavior authority device.Type: GrantFiled: April 24, 2019Date of Patent: February 25, 2020Assignee: INTEGRITY SECURITY SERVICES, LLCInventor: Erik S. Schetina
-
Patent number: 10503881Abstract: Systems for secure provisioning and management of computerized devices. The system may include a distributor appliance that is communicatively connected to the computerized device, and that is operable to receive a digital asset and to load the digital asset into the computerized device. It may also include a digital asset management system that is connected via a first secure communication channel to the distributor appliance, and that is operable to generate and conditionally transmit the digital asset to the distributor appliance; and a provisioning controller that is connected via a second secure communication channel to the distributor appliance and is connected via a third secure communication channel to the digital asset management system, and that is operable to direct the digital asset management system to transmit the digital asset to the distributor appliance. The computerized device is not fully functional before the digital asset is loaded into it.Type: GrantFiled: November 14, 2017Date of Patent: December 10, 2019Assignee: INTEGRITY SECURITY SERVICES LLCInventors: William L. Lattin, David R. Sequino, Alan T. Meyer, Gregory A. Powell
-
Patent number: 10284596Abstract: A cloaking authority system that securely and anonymously identifies a misbehaving device based on its digital certificate. The system may include a cloaking authority server or device that is communicatively connected to a misbehavior authority server, and may also include a pseudonym certificate authority device, and a registration authority device. The cloaking authority device receives, from the misbehavior authority server, a request for a cloak index, wherein the request for the cloak index includes the linkage value from a PC of a misbehaving computerized device. The cloaking authority device processes the linkage value to produce a cloak index, which identifies the misbehaving computerized device and which is unique and anonymous, and transmits it to the requesting misbehavior authority server. The misbehavior authority server uses the cloak index to identify the specific computerized device that has misbehaved, usually repeatedly.Type: GrantFiled: October 31, 2018Date of Patent: May 7, 2019Assignee: INTEGRITY SECURITY SERVICES LLCInventor: Erik S. Schetina