Abstract: A system for building tolerance into authentication of a computing device includes a means for executing, from a computer-readable medium, computer-implementable steps of: (a) receiving and storing a first digital fingerprint of the device during a first boot of an authenticating software on the device, the first digital fingerprint based on a first set of device components, (b) receiving a second digital fingerprint from the device at a subsequent time, (c) comparing the second digital fingerprint with a plurality of stored digital fingerprints of known devices, (d) in response to the comparison indicating a mismatch between the second digital fingerprint and the plurality of stored digital fingerprints, generating a request code comprising instructions for the device to generate a third digital fingerprint using the first set of device components, (e) sending the request code to the remote device, (f) receiving the third digital fingerprint from the remote device in response to the request code, and (g) aut

Abstract: A health assessment server allows people to conduct their own physical examinations using one or more medical measurement devices that are bound to one or more user devices. The user uses the medical measurement devices herself and submits the results to the health assessment server through a computer network such as the Internet, either directly from the medical measurement devices or through the user devices. The health assessment server determines an improved health state of the user at which benefits accrue to the user and periodically requests updated health attributes to measure progress toward the improved health state and projecting time until the improved health state is achieved.

Abstract: A device-bound certificate authority binds a certificate to one or more devices by including digital fingerprints of the devices in the certificate. A device only uses a device-bound certificate if the digital fingerprint of the device is included in the certificate and is verified. Thus, a certificate is only usable by one or more devices to which the certificate is explicitly bound. Such device-bound certificates can be used for various purposes served by certificates generally such as device driver authentication and authorization of access to secure content, for example.

Abstract: System information relating to the hardware and software configuration of a networked client computer is used by a server from which the client computer has requested information to infer demographic characteristics of the user of the client computer. The system information provided to the server gathered from the use of network browser software by the client computer is used by the server to add customized content to the information requested by the client computer. Inferring demographic characteristics of the user involves application of predetermined demographics inference rules stored by the server to the client computer configuration information provided by the client.

Abstract: A data repository grants data access through a computer network only to previously authorized computing devices identified by their digital fingerprint. Digital fingerprint authentication can be used with other, conventional authentication protocols for data repository access. Digital fingerprints of authorized computing devices are received by the data repository from known and trusted computing devices.

Abstract: System for authorizing a request for remote access to customer account information includes a server configured to receive the request via a network from a remote computing device, a database storing the customer account information accessible by the server, and memory accessible by the server and storing a customer notification program which, when executed by the server, performs steps for (a) identifying, responsive to the server receiving the request, the remote computing device by a device fingerprint and by a requesting location, (b) determining whether the device fingerprint matches any of a number of device fingerprints authorized to access the customer account information, and (c) sending, responsive to determining a mismatch between the device fingerprint and each of the previously authorized device fingerprints, a notification of the request to a customer-specified address, the notification indicating (i) the request, (ii) identity of the remote computing device, and (iii) the requesting location.

Abstract: A device reputation server recognizes malicious devices used in prior attacks and prevents further attacks by the malicious devices. Server computers require a digital fingerprint of any client devices prior to providing any service to such client devices. Logging of network activity include the digital fingerprint of the device perpetrating the attack. When an attack is detected or discovered, the attacked server reports the attack and the digital fingerprint of the perpetrating device to a device reputation server. The device reputation server uses the report to improve future assessments of the reputation of the device associated with the reported digital fingerprint.

Abstract: Techniques are provided secured communication of data, such as in the context of a public key infrastructure (PKI). In one embodiment, the technique may involve using a private key that is bound to the device requesting the secure data, thereby making it harder for someone to copy, steal or fake. The private key may be generated by adding a filler code to a unique device identifier. The identifier may be based on at least one user-configurable parameter and at least one non-user-configurable parameter of the device.

Abstract: A system for content delivery operates as a static network device for delivering content to a mobile node. The system includes a transceiver adapted to receive a device identifier over a public network from the mobile node, the device identifier based on a combination of user-configurable and non-user-configurable parameters of the mobile node, a processor operatively coupled to the transceiver and to memory storing executable code. Executed, the code enables the processor to access a database of authorized device identifiers corresponding to known mobile nodes, establish, in response to the received device identifier matching one of the authorized device identifiers, a secure private network (SPN) with the mobile node, the established SPN tunneling across a segment of the public network, obtain the content for the mobile node, and send the content to the mobile node via the SPN.

Abstract: Tokens identifying all of the physical routing devices, i.e., network nodes, through which a packet travels are recorded in a limited amount of space reserved in the header of the packet for such tokens. When insufficient space remains in the header of the packet for all tokens required to identify all physical routing devices through which the packet travels, sequences of multiple tokens are replaced with an abbreviation token representing the sequence. The sequence of tokens represented by an abbreviation token can also be abbreviation tokens, supporting recursive abbreviation of the token sequence in the header of the packet as needed to record the entire route of the packet through the network regardless of the limited space in the header for tracking the route of the packet.

Abstract: A device-bound certificate authority binds a certificate to one or more devices by including digital fingerprints of the devices in the certificate. A device only uses a device-bound certificate if the digital fingerprint of the device is included in the certificate and is verified. Thus, a certificate is only usable by one or more devices to which the certificate is explicitly bound. Such device-bound certificates can be used for various purposes served by certificates generally such as device driver authentication and authorization of access to secure content, for example.