Patents Examined by Andrew L Nalven
  • Patent number: 7660984
    Abstract: Aspects for achieving individualized protected space in an operating system are provided. The aspects include performing on demand hardware instantiation via an ACE (an adaptive computing engine), and utilizing the hardware for monitoring predetermined software programming to protect an operating system.
    Type: Grant
    Filed: May 13, 2003
    Date of Patent: February 9, 2010
    Assignee: Quicksilver Technology
    Inventor: Paul L. Master
  • Patent number: 7657934
    Abstract: A monitoring device is disposed to thwart denial of service attacks on a data center. The monitoring device is a device that collects statistical information on packets that are sent between a network and the data center for a plurality of customers by examining traffic as if the device was disposed on links that are downstream from links that the provisioned monitor is disposed on.
    Type: Grant
    Filed: January 31, 2002
    Date of Patent: February 2, 2010
    Assignee: Riverbed Technology, Inc.
    Inventors: Massimiliano Antonio Poletto, Anne Elizabeth Dudfield
  • Patent number: 7657036
    Abstract: Techniques are provided for determining an updated session encryption key. According to one embodiment, a packet index can be computed using a sequence number received in a session data packet during a SRTP session and a predetermined value. The predetermined value can be, for example, a non-zero value from a roll-over-counter that has been set to the non-zero value. The updated session encryption key can then be determined using a master key received from a BCMCS controller and the packet index. The determined updated session key is used to encrypt or de-encrypt content provided by a content server.
    Type: Grant
    Filed: September 21, 2004
    Date of Patent: February 2, 2010
    Assignee: QUALCOMM Incorporated
    Inventors: Raymond Tah-Sheng Hsu, Jun Wang
  • Patent number: 7653817
    Abstract: Methods and systems are provided for generating and verifying signatures of digital messages communicated between signers and verifiers. Using bilinear mappings, such as Weil or Tate pairings, these methods and systems enable generation and verification of efficient multisignatures, identity-based ring signatures, hierarchical proxy signatures, and hierarchical online/offline signatures.
    Type: Grant
    Filed: December 12, 2007
    Date of Patent: January 26, 2010
    Assignee: NTT DOCOMO, Inc.
    Inventor: Craig B. Gentry
  • Patent number: 7647625
    Abstract: The subject matter disclosed herein relates to authenticating an identity of users desiring access to an application program and determining whether an authenticated user is authorized to access one or more aspects of the application program.
    Type: Grant
    Filed: October 4, 2005
    Date of Patent: January 12, 2010
    Assignee: Disney Enterprises, Inc.
    Inventor: Doron Grinstein
  • Patent number: 7630498
    Abstract: An engine, register in a memory, and methods for the same are provided. The engine may include a data encryptor, a key encryptor, a data decryptor, a key decryptor, a register, and a control circuit. The data encryptor may encrypt data using a key. The key encryptor may encrypt the key used by the data encryptor. The data decryptor may receive encrypted data from a storage medium and may decrypt the encrypted data. The key decryptor may receive an encrypted key from the storage medium and may decrypt the encrypted key. The register may indicate the status of the key and/or the encrypted key. The control circuit may control the data encryptor, the data decryptor, the key encryptor, the key decryptor, and the register.
    Type: Grant
    Filed: January 13, 2005
    Date of Patent: December 8, 2009
    Assignee: Samsung Electronics.Co., Ltd.
    Inventor: Mi-jung Noh
  • Patent number: 7624270
    Abstract: The present invention communication network system and method facilitates authentication and registration in a communication network as mobile nodes move from one geographical region to another. Multiple wireless domain services (WDSs) share client authentication information permitting relatively seamless roaming between subnets with minimal interruptions and delays. In one embodiment, a wireless domain service network communication method is performed utilizing partial authentication processes. A mobile node engages in an authentication protocol with a first wireless domain service (WDS) access point in a first subnet. The authentication credentials are forwarded to a second wireless domain service in a second subnet if the authentication protocol is successfully completed. The forwarded authentication credentials are utilized to authenticate the client entering the service area of the second wireless domain service in the second subnet.
    Type: Grant
    Filed: February 18, 2005
    Date of Patent: November 24, 2009
    Assignee: Cisco Technology, Inc.
    Inventors: Arnavkumar M. Pathan, Patrick Pak-Chiu Leung, John F. Wakerly, Nancy Cam Winget, Robert Charles Meier
  • Patent number: 7624433
    Abstract: A token generator such as a keyfob is used to access the computer of an authentication entity different from the authentication entity that issued the token generator. The token generator stores authentication entity identification information identifying the authentication entity that issued the token generator. The token generator causes a user computer to transmit an authentication request including such authentication entity identification information together with a token generated in synchronization with the authentication entity issuing the token generator, so that the authentication request can be routed to the appropriate authentication entity that issued the keyfob for validation. The authentication request can be sent directly to the authentication entity that issued the token generator. The authentication request can also be sent to the authentication entity that issued the token generator via another authentication entity to which the user computer attempts to access.
    Type: Grant
    Filed: February 24, 2005
    Date of Patent: November 24, 2009
    Assignee: Intuit Inc.
    Inventors: Gilbert W. Clark, Michael J. Graves
  • Patent number: 7624266
    Abstract: A communication method and a communication system providing services for subscribers having private identities is disclosed. The method includes receiving at a network element (S-CSCF) a communication from user equipment (UE) including a private identity of the subscriber and assigning a random string to the private identity.
    Type: Grant
    Filed: March 7, 2003
    Date of Patent: November 24, 2009
    Assignee: Nokia Corporation
    Inventor: Bajkó Gábor
  • Patent number: 7624452
    Abstract: A system and method of configuring an embedded system from removable media. The removable media is connected to the embedded system and the embedded system determines if the removable media includes a configuration key. If the removable media includes a configuration key, the embedded system determines if the configuration key includes configuration data applicable to the embedded system and, if the removable media includes a configuration key and the configuration key includes configuration data applicable to the embedded system, the embedded system applies the configuration data to the embedded system.
    Type: Grant
    Filed: October 20, 2004
    Date of Patent: November 24, 2009
    Assignee: Digi International
    Inventors: Joel K. Young, Michael L. Zarns
  • Patent number: 7613923
    Abstract: A Voice over IP (VoIP) or Real Time Messaging (RTM) firewall device is claimed that protects VoIP or RTM network traffic by identifying and controlling the delivery of such network traffic that is unsolicited and undesired by the recipient (i.e. VoIP or RTM spam). The system involves applying a unique marking to RTM messages close to a point of message origination and then at a point close to message termination for the intended recipient examining a reputation store for information on the unique marking and using that information in conjunction with a set of policy rules to decide whether to pass, reject, pass on to an RTM store or otherwise filter the RTM message. The unique marking serves to identify a source characteristic of the message such as the message originator, a corporate affiliation for the originator, or a RTM network characteristic of the originator such as a transmission gateway.
    Type: Grant
    Filed: February 25, 2005
    Date of Patent: November 3, 2009
    Assignee: WatchGuard Technologies, Inc.
    Inventors: Rod Gilchrist, Richard Fogel, John Alsop
  • Patent number: 7606362
    Abstract: Circuits, methods, and apparatus that prevent detection and erasure of a configuration bitstream or other data for an FPGA or other device. An exemplary embodiment of the present invention masks a user key in order to prevent its detection. In a specific embodiment, the user key is masked by software that performs a function on it a first number of times. The result is used to encrypt a configuration bitstream. The user key is also provided to an FPGA or other device, where the function is performed a second number of times and the result stored. When the device is configured, the result is retrieved, the function is performed on it the first number of times less the second number of times and then it is used to decrypt the configuration bitstream. A further embodiment uses a one-time programmable fuse (OTP) array to prevent erasure or modification.
    Type: Grant
    Filed: January 25, 2005
    Date of Patent: October 20, 2009
    Assignee: Altera Corporation
    Inventors: Keone Streicher, David Jefferson, Juju Joyce, Martin Langhammer
  • Patent number: 7607171
    Abstract: An intermediary isolation server receives e-mails and isolates any viral behavior from harming its intended destination. After the intermediary receives an e-mail, it determines that the e-mail has associated executable code, and then identifies the environment in which the e-mail code would be executed if delivered. The intermediary then executes the code by emulating how it would be executed in its ultimate environment. If a viral-like behavior is detected, appropriate action is taken to prevent the execution of the code at its intended destination. The attachment is executed in a contained environment that allows for the contained environment to be easily restarted in a clean state.
    Type: Grant
    Filed: November 18, 2002
    Date of Patent: October 20, 2009
    Assignee: Avinti, Inc.
    Inventors: Walter L. Marsden, David E. Green
  • Patent number: 7603569
    Abstract: A system and method are provided which are necessary for exchanging information among a sales agent a1, user a2 and manufacturer A, for preparing a parts check list on an on-line basis, and for storing information to be provided. If, for example, the sales agent a1 or user a2 wants to acquire information from the manufacturer A, manufacturer A will directly confer a password to sales agent a1 with whom manufacturer A directly deals with, while sales agent a1 will directly confer a password to user a2 with whom sales agent a1 directly deals with, on behalf of manufacturer A. This arrangement makes it possible to easily and securely provide, to a specified information seeker, information required by that information seeker.
    Type: Grant
    Filed: September 23, 2004
    Date of Patent: October 13, 2009
    Assignee: Komatsu Ltd.
    Inventors: Kazuharu Maeda, Susumu Takahashi, Toshio Abe, Kouji Yasuoka, Katsumasa Sasaki, Noriyoshi Mitsudome, Sahoko Iwatani
  • Patent number: 7603563
    Abstract: Content such as computer software, data representing audiovisual works, and electronic documents can converted from a machine-bound state to user-bound state without modification to the content data itself. Instead, keys used to access the content are converted from the machine-bound state to the user-bound state. In particular, the keys are kept in a passport data structure which can represent either a machine-binding or a user-binding. A machine-bound passport can be upgraded to a user-bound passport without modifying the bound content. The private key of the machine-bound passport, in cleartext form, is included in the user-bound passport and encrypted using a user-supplied password to bind the private key to the user. In addition, private user information is collected and verified and included in the user-bound passport.
    Type: Grant
    Filed: September 14, 2004
    Date of Patent: October 13, 2009
    Assignee: Microsoft Corporation
    Inventors: Steven T. Ansell, Andrew R. Cherenson, Leon Rishniw, Susan A. Cannon, Edward J. Allard, Jason S. Brownell, Micah Stroud
  • Patent number: 7599496
    Abstract: A method for distributing encryption keys for use in communication systems such as trunked radio communication systems. Group traffic keys are encrypted at a key administrator and passed to a distribution facility for storage and distribution. The distribution facility passes the encrypted group traffic key to communication devices where the group traffic keys are decrypted and used to encrypt/decrypt traffic.
    Type: Grant
    Filed: August 27, 2002
    Date of Patent: October 6, 2009
    Assignee: Pine Valley Investments, Inc.
    Inventors: Thomas Andrew Hengeveld, Dennis Michael Martinez
  • Patent number: 7587754
    Abstract: In a networked computing environment, a server is equipped to assure the integrity of the service components of a service, including the direct service providing component and one or more supporting components as requested, and a client is equipped to request on behalf of an application in need of the service the integrity assurance. The client is further equipped to either request or accept the service, only upon receiving the integrity assurance. In one embodiment, the request for integrity assurance, and the subsequent conditional request or acceptance of the service is performed in real time.
    Type: Grant
    Filed: December 24, 2002
    Date of Patent: September 8, 2009
    Assignee: Tripwire, Inc.
    Inventors: Robert A. DiFalco, Thomas E. Good
  • Patent number: 7581106
    Abstract: One embodiment of the present invention provides a system that uses digital certificates to facilitate enforcing licensing terms for applications that manipulate documents. During operation, the system obtains a credential, wherein the credential includes a private key and a digital certificate containing a corresponding public key. This digital certificate also contains a profile specifying allowed operations which can be performed on documents signed with the credential. Next, the system digitally signs a document using the credential, so that the resulting signed document is signed with the private key and includes a copy of the digital certificate with the profile specifying the allowed operations. The certificate issuer can subsequently revoke the digital certificate (which effectively revokes the license) if terms of a license agreement associated with the digital certificate are violated.
    Type: Grant
    Filed: April 20, 2005
    Date of Patent: August 25, 2009
    Assignee: Adobe Systems Incorporated
    Inventors: Sujata Das, Sunil C. Agrawal, Charles R. Myers, IV
  • Patent number: 7577849
    Abstract: A keyed-build system for controlling the distribution of software. The system and method of the present invention control distribution of software by keying computer-executable programs with device identifications. Each of the computing devices of the keyed-build system contains a device identification that is uniquely associated with and is embedded in the device. A computer-executable program for use in a particular computing device is keyed with the device's unique device identification during the build process of the program. When the computer-executable program is launched on a computing device, the device identification in the program is compared with the device identification embedded in the computing device. If the two device identifications do not match, the computer-executable program is disabled.
    Type: Grant
    Filed: April 2, 2003
    Date of Patent: August 18, 2009
    Assignee: Microsoft Corporation
    Inventors: Chee Chew, Michael P. Calligaro, Dominique Fortier, Igor Borisov Peev
  • Patent number: 7574606
    Abstract: A location stamp automatically attached to messages indicates location information such as longitude and latitude information from a GPS device. The location stamp helps a receiver to identify the location of the sender or a transaction, identify the sender, and provides context to the message that further indicates the messages meaning. Applications of the location stamp include authentication of the location of a sender or a transaction and identifying the location of a sender for a search and rescue.
    Type: Grant
    Filed: October 24, 2000
    Date of Patent: August 11, 2009
    Assignee: Trimble Navigation Limited
    Inventors: Carey B. Fan, Kulbir S. Sandhu, Kenny Man D Nguyen