Patents Examined by Jason Plotkin
-
Patent number: 8949949Abstract: In an embodiment, a method enables authentication of devices connected to a network. The method also enables the devices to digitally sign communication on the network with private keys. When a new device is added to the network, a mobile device may be connected to the new device. The mobile device receives identification from the new device and sends the identification to an authorization server, over a public network. The mobile device also sends a request for a private key to the authorization server. The authorization server contains an inventory of the devices authorized to communicate over the network. If the identification of the new device exists in the inventory, the authorization server sends a private key to the mobile device, over the public network. The mobile device forwards the private key to the new device.Type: GrantFiled: February 11, 2014Date of Patent: February 3, 2015Assignee: Level 3 Communications, LLCInventors: William Thomas Sella, James Michael Sella
-
Patent number: 8930707Abstract: A method and apparatus for selectively securing records in a Near Field Communication Data Exchange Format (NDEF) message in a Near Field Communication (NFC) device are provided. The method includes generating a place marker signature record by setting a URI_present field to ‘0’ and setting a signature_type field to a predefined value, wherein a combination of the URI_present field set to ‘0’ and the signature_type field set to the predefined value indicates that a signature Record Type Definition (RTD) is a place marker signature record; and placing the place marker signature record in the NDEF message, wherein a set of records following the place marker signature record are secured.Type: GrantFiled: February 24, 2014Date of Patent: January 6, 2015Assignee: Samsung Electronics Co., LtdInventors: Thenmozhi Arunan, Eun-Tae Won
-
Patent number: 8924727Abstract: Technologies for labeling diverse content are described. In some embodiments, a content creation device generates a data structure that may include encrypted diverse content and metadata including at least one rights management (RM) label applying to the diverse content. The RM label may attribute all or a portion of the diverse content to one or more authors. The metadata may also be signed using an independently verifiable electronic signature. A consumption device receiving such a data structure may verify the authenticity of the electronic signature and, if verification succeeds, decrypt the encrypted diverse content in the data structure. Because the metadata is encapsulated with the diverse content in the data structure, it may accompany the diverse content upon its transfer or incorporation into other diverse content.Type: GrantFiled: October 12, 2012Date of Patent: December 30, 2014Assignee: Intel CorporationInventors: Ned M. Smith, Kenneth T. Layton, Michael M. Amirfathi
-
Patent number: 8909761Abstract: Provided are methods and computer program products for monitoring the performance of network applications executing within operating-system-level virtualization containers. Methods may include enumerating operating-system-level virtualization containers on a networked device; creating a named pipe accessible by at least one application running in each operating-system-level virtualization container; retrieving, via the named pipe, performance data gathered by the at least one application, including an identification of each operating-system-level virtualization container; generating metrics based on the retrieved performance data; and generating an event incorporating the metrics, including operating-system-level virtualization container identifiers.Type: GrantFiled: February 8, 2011Date of Patent: December 9, 2014Assignee: BlueStripe Software, Inc.Inventors: Patrick A. Reynolds, Glenn T. Nethercutt, John B. Bley, Nathaniel C. Williams
-
Patent number: 8904511Abstract: Virtual firewalls may be established that enforce sets of policies with respect to computing resources maintained by multi-tenant distributed services. Particular subsets of computing resources may be associated with particular tenants of a multi-tenant distributed service. A tenant may establish a firewalling policy set enforced by a virtual firewall for an associated subset of computing resources without affecting other tenants of the multi-tenant distributed service. Virtual firewalls enforcing multiple firewalling policy sets may be maintained by a common firewalling component of the multi-tenant distributed service. Firewalling policy sets may be distributed at multiple locations throughout the multi-tenant distributed service. For a request targeting a particular computing resource, the common firewalling component may identify the associated virtual firewall, and submit the request to the virtual firewall for evaluation in accordance with the corresponding firewalling policy set.Type: GrantFiled: August 23, 2010Date of Patent: December 2, 2014Assignee: Amazon Technologies, Inc.Inventors: Kevin Ross O'Neill, Mark Joseph Cavage, Nathan R. Fitch, Anders Samuelsson, Brian Irl Pratt, Yunong Jeff Xiao, Bradley Jeffery Behm, James E. Scharf, Jr.
-
Patent number: 8898752Abstract: In an embodiment, an administrative computer system receives user login credentials from a user and makes at least one of the following determinations: that the user identifier does not match any existing user account, that the user identifier matches at least one existing user account, but that the user's account is in a locked state, or that the user identifier matches at least one existing user account, but the user's password does not match the user identifier. The administrative computer system then returns to the user the same response message regardless of which determination is made. The response indicates that the user's login credentials are invalid. The response also prevents the user from determining which of the credentials was invalid, as the response message is the same for each determination and is sent to the user after a measured response time that is the same for each determination.Type: GrantFiled: February 1, 2012Date of Patent: November 25, 2014Assignee: Microsoft CorporationInventors: Ariel Gordon, Richard Allen Lundeen
-
Patent number: 8893306Abstract: A system to address resource management and security in a computer system may include an operating system kernel executing on a computer processor. The system may also include a data processing application and a mediator configured to execute on the computer processor. The mediator may operate between the operating system kernel and the data processing application. The mediator may control access of user generated state data of the data processing application and may restrict access of the operating system kernel to the user generated state data.Type: GrantFiled: August 31, 2010Date of Patent: November 18, 2014Assignee: International Business Machines CorporationInventor: Marcel C. Rosu
-
Patent number: 8892680Abstract: A system and method for allowing requests generated as a result of dynamic URLs to be efficiently looked up in a cache are provided. The system and method involve receiving a request for a content element, the request being generated from a dynamic URL. A static content element identifier is generated from the request. In an embodiment, the static content element identifier includes only the content identification parameters and the dynamic parameters are removed. The static content element identifier is then used to determine whether the content element is in the cache.Type: GrantFiled: January 25, 2011Date of Patent: November 18, 2014Assignee: Openwave Mobility, Inc.Inventors: Stephen Wright, Robert Logue
-
Patent number: 8869235Abstract: A system is disclosed that includes components and features for enabling enterprise users to securely access enterprise resources (documents, data, application servers, etc.) using their mobile devices. An enterprise can use some or all components of the system to, for example, securely but flexibly implement a BYOD (bring your own device) policy in which users can run both personal applications and secure enterprise applications on their mobile devices. The system may, for example, implement policies for controlling mobile device accesses to enterprise resources based on device attributes (e.g., what mobile applications are installed), user attributes (e.g., the user's position or department), behavioral attributes, and other criteria.Type: GrantFiled: October 10, 2012Date of Patent: October 21, 2014Assignee: Citrix Systems, Inc.Inventors: Waheed Qureshi, Kelly Brian Roach, John M. McGinty, Olivier Andre, Shafaq Abdullah, Thomas H. DeBenning, Ahmed Datoo
-
Patent number: 8868786Abstract: A web services hub receives a request from a data source system, transforms the request, and transmits the transformed request to an external system. A secure service router is coupled to the web services hub. The secure service router authenticates the data source system and locates a transformation service to transform the request.Type: GrantFiled: April 18, 2011Date of Patent: October 21, 2014Assignee: The PNC Financial Services Group, Inc.Inventors: Michael Kutchmark, Randal Heuler, Robert Bills, W. Scott Edwards, Sergiy Nepomyashchyy
-
Patent number: 8839384Abstract: Methods and systems for maintaining user privacy preferences based on one or more user identifications across a plurality of applications are provided. Two or more user identifications are received with associated user privacy preferences. The received user identification is compared against other user identifications to determine if the user identifications relate to the same user. It may be determined that two user identifications are related if they have at least one browser property in common. A consolidated data stream of the user privacy preferences for the related user identifications is created. The consolidated data stream is communicated to one or more applications and propagated to maintain the user privacy preferences across the applications relating to the user identification.Type: GrantFiled: September 1, 2010Date of Patent: September 16, 2014Assignee: Microsoft CorporationInventors: Siddhartha Roy, Sijian Zhang, Michael Elizarov, Shaoyu Zhou, Fei Cao
-
Patent number: 8800027Abstract: An authentication method and system provides for a user requesting authentication where the authentication request includes Personally Identifiable Information (PPI) such as geolocation data. The user's device requesting authentication alters or encrypts the PII in order to prevent the PII's unintentional discovery by third parties or to comply with jurisdictional requirements for the safeguarding of PII. The receiving party saves the altered or encrypted PII for later use. In order to use the PII and perform calculations for authentication, the receiving party requests a trusted third party with knowledge of the methodology or key used to alter or encrypt the PII to perform calculations on the original values of the PII without saving the PII. The trusted third party returns a computed value to the receiving party where it is used to determine whether the user will be authenticated.Type: GrantFiled: September 14, 2012Date of Patent: August 5, 2014Assignee: EMC CorporationInventor: Karl Ackerman
-
Patent number: 8744083Abstract: VoIP systems often use multiple ciphers for different components. The present invention includes a system and method for early detection of encrypted signals in packet networks that may be encrypted using any of a multitude of ciphers.Type: GrantFiled: June 29, 2012Date of Patent: June 3, 2014Assignee: Mitel Networks CorporationInventor: Lee Dilkie
-
Patent number: 8732473Abstract: In some embodiments, a system may comprise a database and one or more servers. The database may, for example, store a plurality of content claims for previously evaluated data items, with each of the plurality of content claims being associated in the database with a corresponding stored digital fingerprint of a previously evaluated data item. The server(s) may, for example, be configured to receive a determined digital fingerprint of a data item from a client device on another network node, to submit a query to the database using the determined digital fingerprint as a primary key, and to transmit one or more content claims returned by the query to the client device. In some embodiments, the server(s) may be further configured to receive the content claim(s) and the digital fingerprint associated therewith from one or more computers on another network node, and to cause the received content claim(s) and digital fingerprint associated therewith to be stored in the database.Type: GrantFiled: June 1, 2010Date of Patent: May 20, 2014Assignee: Microsoft CorporationInventors: Robert Bisso, Vadim Ismailov, Lingling Liu, Robert Saccone, Mukeshkumar Beher
-
Patent number: 8719924Abstract: Various embodiments for detecting harmful software are disclosed.Type: GrantFiled: March 3, 2006Date of Patent: May 6, 2014Assignee: AVG Technologies N.V.Inventors: Matthew Williamson, Vladimir Gorelik
-
Patent number: 8707416Abstract: The preferred embodiments involve a mechanism to bootstrap Kerberos from EAP in which EAP is used for initial network access authentication and Kerberos is used for provisioning session keys to multiple different protocols. The preferred embodiments make use of an EAP extension method (EAP-EXT) to realize the mechanism.Type: GrantFiled: November 24, 2007Date of Patent: April 22, 2014Assignees: Toshiba America Research, Inc., Telcordia Technologies, IncInventors: Yoshihiro Oba, Subir Das
-
Patent number: 8701184Abstract: An authentication apparatus includes: a database section that stores a password; an entry section through which a password is entered; a storage section that stores an entered password which is entered through the entry section; an authentication section that authenticates whether the password and the entered password match with each other; and a determining section that determines whether or not a re-entered password is to be subjected to an authentication processing performed by the authentication section when the re-entered password is entered through the entry section after the authentication section determines that the password and the entered password do not match with each other.Type: GrantFiled: June 30, 2008Date of Patent: April 15, 2014Assignee: Kyocera Mita CorporationInventor: Toshimitsu Morimoto
-
Patent number: 8683227Abstract: A communication system is provided with an information processing device, and a management device capable of updating old data stored in the information processing device by outputting new data to the information processing device. The management device is provided with an old data input device that inputs the old data, a first new data input device that inputs the new data, an encryption device that encrypts the new data by utilizing the old data as a key, and a new data output device that outputs the new data encrypted by the encryption device to the information processing device. The information processing device is provided with an old data storage that stores the old data, a second new data input device that inputs the encrypted new data output by the management device, a decryption device that decrypts the encrypted new data by utilizing the old data as a key, and an updating device that updates the old data stored in the old data storage to the new data decrypted by the decryption device.Type: GrantFiled: August 29, 2007Date of Patent: March 25, 2014Assignee: Brother Kogyo Kabushiki KaishaInventor: Kan Ishimoto
-
Patent number: 8645556Abstract: A method and system for reducing memory required to maintain connection states in a traffic manager. A network device receives a message from a client in which at least a portion of the message is to be forward to a first server. If the network device is maintaining information for facilitating a first connection with a second server, the network device maintains a subset of the information for use in restoring the first connection and frees memory associated with information that is not needed for restoring the first connection. The network device then employs other previously stored information to restore the state of a second connection to the first server. The network device then sends at least a portion of the message to the first server using the second connection.Type: GrantFiled: April 8, 2003Date of Patent: February 4, 2014Assignee: F5 Networks, Inc.Inventor: Richard Roderick Masters
-
Patent number: 8611540Abstract: An improved system and method are disclosed for peer-to-peer communications. In one example, the method enables endpoints to securely send and receive messages to one another within a hybrid peer-to-peer environment.Type: GrantFiled: June 23, 2010Date of Patent: December 17, 2013Assignee: Damaka, Inc.Inventors: Sivakumar Chaturvedi, Satish Gundabathula