Patents Examined by Cordelia Zecher
  • Patent number: 9288201
    Abstract: One or more user service tickets are obtained (i.e. pre-fetched) from an authentication server and stored in a ticket cache. The user service tickets facilitate a login device communicating with one or more users or group members associated with the login device. Login credentials for the users or group members may be subsequently authenticated against the user service tickets within the ticket cache thereby eliminating the need for immediate access to the authentication server or a previous login session by the users or group members. The user service tickets within the ticket cache may be refreshed as needed. In one embodiment, the user service tickets are refreshed daily and also in response to login attempts if the authentication service is readily accessible.
    Type: Grant
    Filed: November 11, 2013
    Date of Patent: March 15, 2016
    Assignee: Dell Software Inc.
    Inventors: Matthew T. Peterson, Jeff Marsden Webb
  • Patent number: 9021267
    Abstract: According to one embodiment of the invention, a method for setting permission levels is described. First, an application and digital signature is received by logic performing the permission assessment. Then, a determination is made as to what permission level for accessing resources is available to the application based on the particulars of the digital signature. Herein, the digital signature being signed with a private key corresponding to a first public key identifies that the application is assigned a first level of permissions, while the digital signature being signed with a private key corresponding to a second public key identifies the application is assigned a second level of permissions having greater access to the resources of an electronic device than provided by the first level of permissions.
    Type: Grant
    Filed: July 8, 2014
    Date of Patent: April 28, 2015
    Assignee: Sony Corporation
    Inventor: Helmut Neumann
  • Patent number: 8863229
    Abstract: The disclosure provides a method for resource and admission control of a home network, the RACF of an NGN retail service provider formulates an initial policy rule according to a resource request after receiving the resource request sent by an SCF; a CPN performs authorization check on one or more resource requests after receiving them, each of which includes the initial policy rule and is sent by an RACF of a respective NGN retail service provider, formulates a final policy rule after the authorization check is passed, and executes the final policy rule. The disclosure further provides a system for resource and admission control of a home network correspondingly, since a CGPE-FE executes corresponding operation according to the decision result of an HPD-FE, the disclosure can avoid resource control errors such as resource desynchrony or resource inconsistence, and can improve system stability.
    Type: Grant
    Filed: June 11, 2010
    Date of Patent: October 14, 2014
    Assignee: ZTE Corporation
    Inventor: Jianjie You
  • Patent number: 8826008
    Abstract: A system, methods and devices for the secure notification of an identity in a communications network. The methods include sending or receiving a communication including a hash of a certificate of a device to notify or detect the presence of the device in a network. Each certificate is associated with an identity which is excluded from the communication of the hash of the certificate. The received hash is compared to hashes of certificates stored in an electronic device to determine an identity. The identity may represent an electronic device or a user of the electronic device.
    Type: Grant
    Filed: August 3, 2012
    Date of Patent: September 2, 2014
    Assignee: BlackBerry Limited
    Inventors: Michael Stephen Brown, David Francis Tapuska
  • Patent number: 8824680
    Abstract: A first network device is configured to receive a request for a secret key, generate the secret key, and send the secret key to a second network device, a third network device, and a wireless user device. The second network device may send content, encrypted with the secret key, to the wireless user device. The third network device may send content, encrypted with the secret key, to the wireless user device when the second network device is not sending content to the wireless user device. The wireless user device may use the secret key to decrypt the content received from the second network device or the third network device.
    Type: Grant
    Filed: August 8, 2012
    Date of Patent: September 2, 2014
    Assignee: Verizon Patent and Licensing Inc.
    Inventors: William C. King, Bjorn Hjelm, Lalit R. Kotecha
  • Patent number: 8817977
    Abstract: A method for generating a digital signature includes calculating a first magnitude representative of the inverse of a random number raised to the power two; obtaining a first element of the digital signature by executing scalar multiplication between an established point of the elliptic curve and the random number; obtaining a second magnitude by executing modular multiplication, with modulus corresponding to the established elliptic curve's order between the first magnitude and the secret encryption key; obtaining a third magnitude by executing a modular multiplication, with modulus corresponding to the established elliptic curve's order between the random number and the secret encryption key; obtaining a first addend of a second element of the digital signature by executing a modular multiplication, with modulus corresponding to the established elliptic curve's order between the second magnitude and the third magnitude; and generating a second element of the digital signature based on the first addend.
    Type: Grant
    Filed: September 16, 2011
    Date of Patent: August 26, 2014
    Assignee: STMicroelectronics S.r.l.
    Inventors: Guido Marco Bertoni, Ruggero Susella, Andrea Palomba
  • Patent number: 8819720
    Abstract: Tools are provided for distributing access-restricted content in an internet protocol television (“IPTV”) environment based on portable entitlement keys. Such tools can include a decoder, an encoder, and a network entitlement handler. The decoder may be configured to receive a key associated with entitlement information, and transmit the entitlement information over a network. The encoder may be configured to receive content from content providers, and to encode the content to create IP-compatible content, with access restrictions based on entitlement. The network entitlement handler may be configured to receive a request for requested content from the decoder; receive the access-restricted content including (including the requested content) from the encoder; and transmit the requested content over the network to the decoder using IP, when the decoder is entitled to receive the requested content.
    Type: Grant
    Filed: July 2, 2012
    Date of Patent: August 26, 2014
    Assignee: Qwest Communications International Inc.
    Inventors: Steven M. Casey, Gnanasegeran Selvadurai, Felipe Castro, Waqar Khan
  • Patent number: 8817981
    Abstract: In an embodiment, a secure module is provided that provides access keys to an unsecured system. In an embodiment, the secure module may generate passcodes and supply the passcodes to the unsecured system. In an embodiment, the access keys are sent to the unsecured system after the receiving the passcode from the unsecured system. In an embodiment, after authenticating the passcode, the secure module does not store the passcode in its memory. In an embodiment, the unsecured module requires the access key to execute a set of instructions or another entity. In an embodiment, the unsecured system does not store access keys. In an embodiment, the unsecured system erases the access key once the unsecured system no longer requires the access key. In an embodiment, the unsecured system receives a new passcode to replace the stored passcode after using the stored passcode. In an embodiments, a registration code is generated using non-determinism. In an embodiments, a key is generated using non-determinism.
    Type: Grant
    Filed: July 11, 2011
    Date of Patent: August 26, 2014
    Assignee: Biogy, Inc.
    Inventor: Michael Stephen Fiske
  • Patent number: 8819838
    Abstract: A method in a multimedia device (130) including obtaining protected content having a limited exercisable right associated therewith, obtaining an extension of the limited exercisable right when a condition is satisfied, for example, when the device enters a DRM system different than the DRM system from which the protected content originated, wherein the extension of the limited exercisable right is obtained from an entity other than the multimedia device, for example, from an anomaly detector.
    Type: Grant
    Filed: January 25, 2008
    Date of Patent: August 26, 2014
    Assignee: Google Technology Holdings LLC
    Inventor: Hosame H. Abu-Amara
  • Patent number: 8812837
    Abstract: A method that incorporates teachings of the subject disclosure may include, for example, storing, by a universal integrated circuit card (UICC) including at least one processor, a digital root certificate locking a communication device to a network provider, and disabling an activation of the communication device responsive to receiving an indication of a revocation of the stored digital root certificate from a certificate authority, wherein the indication of the revocation of the stored digital root certificate is associated with a revocation of permission for an identity authority to issue a security activation information to the communication device on behalf of the network provide. Other embodiments are disclosed.
    Type: Grant
    Filed: June 1, 2012
    Date of Patent: August 19, 2014
    Assignees: AT&T Intellectual Property I, LP, AT&T Mobility II, LLC
    Inventors: Patrick McCanna, Inderpreet Singh Ahluwalia, John Crockett, David Harber, Aubryn Lewis, Liane F Rulifson
  • Patent number: 8813186
    Abstract: Systems, methods, and computer-readable media provide a requesting device with access to a service. In one implementation, a server receives a request to access a service, and the request includes a device type identifier of a device requesting access to the service. The server extracts the device type identifier from the request and determines a corresponding device type for the requesting device. An authentication module is selected from a plurality of authentication modules based on the device type identifier, and the selected authentication module implements an authentication scheme for the device type of the requesting device. The server authenticates the request using the selected authentication module to determine whether the requesting device is permitted to access the service, and provides access to the service based on at least a determination that the requesting device is authorized to access the service.
    Type: Grant
    Filed: September 29, 2010
    Date of Patent: August 19, 2014
    Assignee: Amazon Technologies, Inc.
    Inventors: Joel C. Hegg, Siddharth Sriram, Kamlesh T. Talreja
  • Patent number: 8813181
    Abstract: A verification system which can be used over electronic networks, such as the Internet, to help prevent phishing, electronic identity theft, and similar illicit activities, by verifying the authenticity of electronic entities (for example, websites). Users and electronic entities register with an authenticating entity. The authenticating entity shares an encryption method with registered electronic entities and establishes a secret code for each registered electronic entity. The secret code is combined with other information and encrypted before being transmitted over the network to ensure that the secret code cannot be compromised. Also disclosed are systems for virtual token devices, which provided object-based authentication without a physical device. Also disclosed are dynamic media credentials, which display nearly-unique behavior, previously specified and known to a user, to assist in verifying the authenticity of the presenter.
    Type: Grant
    Filed: March 6, 2006
    Date of Patent: August 19, 2014
    Inventor: Taun Eric Willis
  • Patent number: 8812848
    Abstract: A method, user equipment (UE) and system are provided for negotiating a security capability during idle state mobility of the UE from a non-long term evolution (non-LTE) network to a long term evolution (LTE) network. The UE sends UE security capabilities supported by the UE to the LTE network for a non-access stratum (NAS) security algorithm selection use. The UE then receives from the LTE network selected NAS security algorithm. The UE further generates a root key from an authentication vector-related key stored at the UE and then derives, from the generated root key, a NAS protection key for security communication with the LTE network.
    Type: Grant
    Filed: January 3, 2014
    Date of Patent: August 19, 2014
    Assignee: Huawei Technologies Co., Ltd.
    Inventor: Chengdong He
  • Patent number: 8812851
    Abstract: The invention relates to a method for reading at least one attribute stored in an ID token (106, 106?) using first (136), second (150) and third (100) computer systems, wherein the third computer system comprises a browser (112) and a client (113), and wherein a service certificate (144) is assigned to the second computer system, wherein the service certificate comprises an identifier which is used to identify the second computer system, wherein the ID token is assigned to a user (102), having the following steps: —a first cryptographically protected connection (TLS1) is set up between the browser of the third computer system and the second computer system, wherein the third computer system receives a first certificate (176), —the first certificate is stored by the third computer system, —the third computer system receives a signed attribute specification (182) via the first connection, —a second cryptographically protected connection (TLS2) is set up between the browser of the third computer system and the f
    Type: Grant
    Filed: April 20, 2011
    Date of Patent: August 19, 2014
    Assignee: Bundesdruckerei GmbH
    Inventors: Carsten Schwarz, Günter Koch
  • Patent number: 8813176
    Abstract: A method and apparatus for creating a policy based on a pre-configured template is described. In one embodiment, source data having a tabular structure is identified. Further, one of multiple policy templates is used to automatically create a policy for detecting information from any one or more rows within the tabular structure of the source data.
    Type: Grant
    Filed: June 25, 2012
    Date of Patent: August 19, 2014
    Assignee: Symantec Corporation
    Inventors: Chris Jones, Eric Bothwell, Kevin T. Rowney
  • Patent number: 8806645
    Abstract: A security metrics system receives security information data for a network system of computers and metric definitions from metric sources. Each metric definition defines a heuristic for calculating a score for the network system from one or more security signal values at a time in the plurality of times, wherein the score quantifies a security metric for the network system. The system calculates each metric definition for a plurality of times and selecting metric definitions that are related to the performance of and are indicative of one or more other metric definitions as candidates to be key performance indicators.
    Type: Grant
    Filed: April 1, 2011
    Date of Patent: August 12, 2014
    Assignee: McAfee, Inc.
    Inventors: Ryan Nakawatase, Stephen Ritter, Sven Schrecker
  • Patent number: 8806625
    Abstract: A computer-implemented method for performing security scans may include 1) generating a first hash of a first file, 2) performing a first security scan on the first file, 3) storing the first hash to indicate a result of the first security scan of the first file, 4) identifying a second file and generating a second hash of the second file, 5) determining that the second hash of the second file is equivalent to the first hash of the first file and, in response, determining that the result of the first security scan of the first file applies to the second file, 6) identifying a third file and determining that the third file is volatile, and 7) performing a second security scan on the third file instead of generating a third hash of the third file. Various other methods, systems, and computer-readable media are also disclosed.
    Type: Grant
    Filed: October 2, 2012
    Date of Patent: August 12, 2014
    Assignee: Symantec Corporation
    Inventor: Henry Berger
  • Patent number: 8806582
    Abstract: A method for reading at least one attribute stored in an ID token assigned to a user involving the steps of: authenticating the user to the ID token, authenticating a first computer system to the ID token, and, assuming successful authentication of the user and the first computer system to the ID token, read access by the first computer system to the at least one attribute stored in the ID token for transmission of the at least one attribute to a second computer system, and generating of a time indication for the at least one attribute by the first computer system.
    Type: Grant
    Filed: July 13, 2010
    Date of Patent: August 12, 2014
    Assignee: Bundesdruckerei GmbH
    Inventor: Frank Dietrich
  • Patent number: 8806657
    Abstract: The storage system includes a host computer; a management computer coupled to the host computer; a first storage device coupled to the host computer and the management computer, and including first port management information; and a second storage device coupled to the host computer, the management computer and the first storage device, and including second port management information. The first port management information and the second port management information include an identifier of a port on each storage device, an identifier of a volume in each storage device, an access restriction and an identifier of a port permitted access from the host computer to each storage device.
    Type: Grant
    Filed: March 21, 2012
    Date of Patent: August 12, 2014
    Assignee: Hitachi, Ltd.
    Inventors: Yasuyuki Mimatsu, Kenichi Shimooka, Masayuki Yamamoto
  • Patent number: 8792640
    Abstract: A digital data signal, such as a digital video signal, is intentionally pre-distorted before being sent over a network. In one embodiment, this pre-distortion may be performed in accordance with a pre-distortion pattern or algorithm which is shared with only intended receivers. The pre-distortion pattern may be used to vary the pre-distortion on a periodic basis, as frequently as on a symbol-by-symbol basis. The pre-distortion function may include distorting the phase and/or the amplitude of the digital signal's modulation.
    Type: Grant
    Filed: January 29, 2008
    Date of Patent: July 29, 2014
    Assignees: Sony Corporation, Sony Electronics Inc.
    Inventors: Kenichi Kawasaki, Robert Hardacker