Patents Examined by Cordelia Kane
  • Patent number: 7770203
    Abstract: The invention relates to the integration of a security operations policy into a threat management vector.
    Type: Grant
    Filed: April 17, 2007
    Date of Patent: August 3, 2010
    Assignee: International Business Machines Corporation
    Inventor: John J. McKenna
  • Patent number: 7721093
    Abstract: Methods and systems are provided for using an existing email transfer protocol, such as SMTP, to exchange digital objects in an authenticated manner. The provided methods and systems solve the bootstrapping problem of computer identities for P2P communication by authenticating the exchange of public information. If the electronic mail protocols are strong, in that sending an email message to a given address results in the message reaching that address with a high degree of confidence, then the exchange of public information performed in accordance with embodiments of the invention is confidently authenticated.
    Type: Grant
    Filed: April 2, 2004
    Date of Patent: May 18, 2010
    Assignee: Microsoft Corporation
    Inventor: Narasimhan Sundararajan
  • Patent number: 7716745
    Abstract: To render digital content encrypted according to a content key (KD) on a first device having a public key (PU1) and a corresponding private key (PR1), a digital license corresponding to the content is obtained, where the digital license includes the content key (KD) therein in an encrypted form. The encrypted content key (KD) from the digital license is decrypted to produce the content key (KD), and the public key (PU1) of the first device is obtained therefrom. The content key (KD) is then encrypted according to the public key (PU1) of the first device (PU1 (KD)), and a sub-license corresponding to and based on the obtained license is composed, where the sub-license includes (PU1 (KD)). The composed sub-license is then transferred to the first device.
    Type: Grant
    Filed: June 9, 2008
    Date of Patent: May 11, 2010
    Assignee: Microsoft Corporation
    Inventor: Marcus Peinado
  • Patent number: 7707422
    Abstract: The present invention relates to a method for embedding and detecting a watermark where a forgery/alternation of an image can be identified and the location of forgery/alternation can be verified by embedding and detecting a watermark into a digital image which is shot in real time. The watermark is generated by using a quantized coefficient after frequency transform used in the compression process. By embedding this into an image, the image can be compressed simultaneously with the embedded watermark. The present invention relates to a method for embedding a robust watermark which embeds a random sequence circular shifted from an original pseudo random sequence by the distance d as the watermark is embedded into an image, and a method for generating and embedding the watermark by using a DCT coefficient quantized during an MPEG compression process of the image.
    Type: Grant
    Filed: April 22, 2004
    Date of Patent: April 27, 2010
    Assignees: Marktek Inc., Markany Inc.
    Inventors: Dong-Hwan Shin, Kyong-Soon Kim, Won-Ha Lee, Jong-Uk Choi
  • Patent number: 7702918
    Abstract: A distributed network of independently operable servers is provided. Each server is adapted to communicate over the network with at least one of the other servers and has a datastore with a plurality of datafields adapted to store information about at least one user. By enabling an authentication of a user based on a user supplied biometric identifier, the network is adapted to enable the transfer of information relating to the user between different servers.
    Type: Grant
    Filed: July 2, 2002
    Date of Patent: April 20, 2010
    Assignee: Daon Holdings Limited
    Inventors: Oliver Tattan, Michael Peirce
  • Patent number: 7703135
    Abstract: A multi-identity security environment is created for use in controlling access to resources. The multi-identity security environment enables one process that is spawned by another process to access resources security accessible to the one process, as well as resources security accessible to the another process. The multi-identity security environment includes an identity of the one process and an identity of the another process.
    Type: Grant
    Filed: December 21, 2004
    Date of Patent: April 20, 2010
    Assignee: International Business Machines Corporation
    Inventors: Ernest S. Bender, Richard H. Guski, Deborah F. Mapes, Bruce R. Wells
  • Patent number: 7694146
    Abstract: A method embodied in a daemon resident on a server provides for notification of a client when a new session is initiated with respect to the client's private account. Assuming that a user is able to log onto the server and gain access to the client's account, the daemon checks if the client has requested notification and if so, formats e-mail alerts and distributes them to requested e-mail addresses on, for instance, local computers, cell phones, PDA and other receivers of e-mail traffic. Should the client discover, by receiving one of these e-mails that an impostor client has gained access to the client's account, the daemon is able to close down the sessions selected by the client and cancel the current password in favor of a temporary new password available only to the client.
    Type: Grant
    Filed: November 18, 2006
    Date of Patent: April 6, 2010
    Assignee: 3501256 Canada, Inc.
    Inventor: Doug Friend
  • Patent number: 7685516
    Abstract: The invention relates to aspects in connection with the automatic generation and processing of signature files. The signature files are generated in paper form on the basis of documents (28) that comprise a personal signature (34) and also control information items (30) assigned to the signature (34) and/or the documents (28). The documents in paper form (28) are scanned in within the scope of a batch processing operation in order to generate signature files that contain the personal signatures (34) in an electronically processable form and also representations of the respectively assigned control information items (30). The control information items (30) contained in a signature file are identified and interpreted document-wise. Then the signature files are automatically processed as a function of the content of the assigned control information items (30).
    Type: Grant
    Filed: May 18, 2004
    Date of Patent: March 23, 2010
    Assignee: UBS AG
    Inventor: Hans-Peter Fischer
  • Patent number: 7664953
    Abstract: A data processing device, in a system performing authentication among a plurality of storage device (IC cards etc.), able to maintain security of authentication at other device even when secrecy of key data held by part of the devices is lost, wherein a key generation unit generates individual key data unique to an IC card based on identification data unique to the IC cards received from the ICs of the IC cards and a card processing unit performs mutual authentication with the IC based on the individual key data.
    Type: Grant
    Filed: March 4, 2004
    Date of Patent: February 16, 2010
    Assignee: Sony Corporation
    Inventors: Kei Tateno, Masahiro Sueyoshi, Yoshiaki Hirano, Katsuyuki Teruyama
  • Patent number: 7664959
    Abstract: A tamper-resistant certification device receives a certified digital time stamp from a trusted third party, resets a time function and produces a time stamp receipt in an on-line mode; The tamper-resistant certification device receives a digital file from a mobile computing device, and produces a certified digitally signed digital file including a copy of the digital file, time stamp receipt and temporal offset in an off-line mode to evidence the content of the digital file within a defined tolerance of a day and/or time. A processor may be portioned into tamper and non-tamper resistant portions.
    Type: Grant
    Filed: October 10, 2008
    Date of Patent: February 16, 2010
    Assignee: Intermec IP Corp.
    Inventor: Robert D. Buck
  • Patent number: 7665133
    Abstract: This invention is directed to a system and method for monitoring the processes of a document processing peripheral, including unauthorized access thereof. More particularly, this invention is directed to a system and method for monitoring the processes of a document processing peripheral, detecting any unauthorized processes, operations, or usage levels of the document processing peripheral, and then generating a notification of such unauthorized process.
    Type: Grant
    Filed: June 12, 2004
    Date of Patent: February 16, 2010
    Assignees: Toshbia Tec Kabushiki Kaisha, Toshiba Corporation
    Inventor: Girish R. Krishna
  • Patent number: 7653816
    Abstract: A method is provided to handle an electronic mail message such that the receiver of the e-mail message can verify the integrity of the message. A request is provided from a sender's side to a service. The request includes information regarding the e-mail message. The service processes at least a portion of the request to generate a result. For example, the service may encrypt the portion of the request, according to a public/private key encryption scheme, to generate a digital signature as the result. The service provides the result to the sender's side. At the sender's side, the result is incorporated into the e-mail message and the result-incorporated message is transmitted via an e-mail system. At the receiver's side, the result-incorporated e-mail message is processed to assess the integrity of the received e-mail message.
    Type: Grant
    Filed: December 30, 2003
    Date of Patent: January 26, 2010
    Assignee: First Information Systems, LLC
    Inventors: Peter S. Avritch, Bruce M. Clay, James R. Du Molin
  • Patent number: 7644446
    Abstract: A source generates a medium key (KM) and a media secret table including a plurality of entries, each entry including (KM) encrypted by a public key (PU-PD) of a plurality of devices, obtains the medium ID of a medium therefrom, generates a content key (KD) for a piece of content, encrypts the content with (KD) to result in (KD(content)), encrypts (KD) with (KM) to result in (KM(KD)), generates a package for the content including (KD(content)), (KM(KD)), the medium ID, and a signature based on at least the medium ID and verifiable with (KM), and copies the generated package and the media secret table to the medium. Thus, a device with the medium and a private key (PR-PD) corresponding to an entry of the media secret table can access and render the content.
    Type: Grant
    Filed: September 20, 2004
    Date of Patent: January 5, 2010
    Assignees: Microsoft Corporation, Panasonic Corporation
    Inventors: Clifford P. Strom, Ian Cameron Mercer, James Morris Alkove, Jeffrey R. McKune, Kevin Leigh LaChapelle, Michael Jay Parks, Shunji Harada, Toshihisa Nakano, Kaoru Murase
  • Patent number: 7640580
    Abstract: A method and apparatus for accessing a destination computer behind a firewall using a browser are described. In one embodiment, the method includes an intermediary service receiving a destination computer request, which demonstrates that the destination computer is available to be accessed, and receiving a browser request to access the destination computer. The method then includes the intermediary service associating the browser with the destination computer and providing communication between the browser and the destination computer. The communication is being provided in a form acceptable to the firewall.
    Type: Grant
    Filed: May 17, 2000
    Date of Patent: December 29, 2009
    Assignee: F5 Networks, Inc.
    Inventors: Igor Plotnikov, Alexander Sokolsky, Michael L. Herne
  • Patent number: 7640581
    Abstract: A system and method for establishing centralized, out-of-band access to remote network elements is provided. Status and other information can be securely retrieved from the remote elements. One or more servers observe and manage a plurality of remote elements using modem-to-modem communications between a modem bank and a remote modem. Requests are submitted through a central mediation point, thereby allowing central control of user profiles and a collection of security audit log information. One or more authentication mechanisms provide enforced security measures and trusted communication paths between a user and a remote element. Remote elements can be securely monitored and administered from a central location.
    Type: Grant
    Filed: February 27, 2004
    Date of Patent: December 29, 2009
    Assignee: Embarq Holdings Company, LLC
    Inventors: James Albert Brenton, Matthew Hermstedt, Michael Lee Martin, David Wayne Reece
  • Patent number: 7624451
    Abstract: To render digital content encrypted according to a content key (KD) on a first device having a public key (PU1) and a corresponding private key (PR1), a digital license corresponding to the content is obtained, where the digital license includes the content key (KD) therein in an encrypted form. The encrypted content key (KD) from the digital license is decrypted to produce the content key (KD), and the public key (PU1) of the first device is obtained therefrom. The content key (KD) is then encrypted according to the public key (PU1) of the first device (PU1 (KD)), and a sub-license corresponding to and based on the obtained license is composed, where the sub-license includes (PU1 (KD)). The composed sub-license is then transferred to the first device.
    Type: Grant
    Filed: May 19, 2005
    Date of Patent: November 24, 2009
    Assignee: Microsoft Corporation
    Inventor: Marcus Peinado
  • Patent number: 7617524
    Abstract: The invention proposes a method for handling authentication requests in a network, wherein the authentication requests may have different types, the method comprising the steps of determining (S1, S3, S4) types of the authentication requests, and applying (S5-S7) a policy for handling the received authentication requests based on the determined types of authentication requests. The invention also proposes a corresponding network control element and a computer program product.
    Type: Grant
    Filed: October 24, 2005
    Date of Patent: November 10, 2009
    Assignee: Nokia Corporation
    Inventors: Henry Haverinen, Pasi Eronen
  • Patent number: 7613929
    Abstract: Embodiments of the invention provide methods and systems for authenticating an enrolled user of a biometric authentication and/or identification system having an exception mode, in which the enrolled user submits a temporary password during authentication. The temporary password is only generated if the enrolled user's identity is verified and the person authorizing a change to the exception mode submits a valid biometric identifier.
    Type: Grant
    Filed: November 17, 2005
    Date of Patent: November 3, 2009
    Assignee: Triad Biometrics, LLC
    Inventors: Mark Sherman Cohen, Shailesh Chirputkar, Scott Stanley Allan Coby
  • Patent number: 7610488
    Abstract: A data processing device able to keep a technique for generation of the key data in a key generating means secret from a developer of an authenticating means, wherein an authentication program has a description for calling up a function in a key generation program and entering identification data of service etc. input from an IC of an IC card as input parameters of the function and wherein a key generation program generates a key by using the identification data written at predetermined addresses as input parameters in accordance with the execution of a code on the basis of the authentication program.
    Type: Grant
    Filed: March 4, 2004
    Date of Patent: October 27, 2009
    Assignee: Sony Corporation
    Inventors: Masahiro Sueyoshi, Kei Tateno, Yoshiaki Hirano, Katsuyuki Teruyama
  • Patent number: 7596807
    Abstract: Technique for protecting a communications network, such a computer network, from attack such as self-propagating code violations of security policies, in which the network is divided into “compartments” that are separated by access control devices such as firewalls. The access control devices are then used to stop the spread of self-propagating attack code, the “zero-day” worms, for example. However, the access control devices are configured such that upon activation legitimate in-use network services will not be jeopardized.
    Type: Grant
    Filed: October 14, 2003
    Date of Patent: September 29, 2009
    Assignee: Arbor Networks, Inc.
    Inventors: Thomas Henry Ptacek, Douglas Joon Song, Jose Oscar Nazario