Patents Examined by Matthew B. Smithers
  • Patent number: 7849306
    Abstract: The relay method for relaying an encryption communication in a gateway server between a client device and a content server includes the steps of receiving an encryption communication connection message to the content server from the device; producing a temporary encryption communication permit and a private key of its counterpart for the content server of a destination server name included in the connection message; sending the permit to the device; performing an End-End encryption communication with the device, receiving an encrypted access request message sent by the device, and decrypting and converting the request message to an access request message of a plain text; performing an End-End encryption communication with the content server, and acquiring content information instructed by the access request message; and performing value added processing for the acquired content information and its communication header, encrypting the information and the header, and sending them to the device.
    Type: Grant
    Filed: December 2, 2005
    Date of Patent: December 7, 2010
    Assignee: Hitachi, Ltd.
    Inventors: Yoshiteru Takeshima, Takahiro Ogawa
  • Patent number: 7849512
    Abstract: A method and system for creating secure virtual project rooms is provided. The system creates a security focused development infrastructure to augment existing planning tools, existing development environment, and provide analytics for adjusting the plans to carry out a secure distributed project development.
    Type: Grant
    Filed: March 20, 2006
    Date of Patent: December 7, 2010
    Assignee: Fortressware, Inc.
    Inventors: Annsheng Chien Ting, Tipin Chang
  • Patent number: 7845003
    Abstract: Techniques for variable security access information are presented. The complexity levels associated with access secrets drive the assigned access rights to target resources. A single target resource may have varying sets of access rights, where each set is associated with a particular complexity level for a given access secret. A requesting principal can custom establish the principal's desired access secret complexity level for a target resource; this in turn drives the set of access rights for the target resource, which the principal may use when accessing the target resource.
    Type: Grant
    Filed: October 31, 2006
    Date of Patent: November 30, 2010
    Assignee: Novell, Inc.
    Inventors: Cameron Craig Morris, Lloyd Leon Burch, Stephen R. Carter
  • Patent number: 7844823
    Abstract: An interactive system for managing access via a communications network by one or more Device-Users and Database-Users with regard to at least one secured Location and an entry control Device assignable for use in gaining access to the Location by the one or more Device-Users. The system comprises a searchable database configured to store information on at least one of the secured Location, the one or more Device-Users, the one or more Database-Users, or the entry control Device, and Software stored on a readable medium and configured to search the database and report one or more conflicts concerning the information.
    Type: Grant
    Filed: October 28, 2005
    Date of Patent: November 30, 2010
    Assignee: Shield Security Systems, LLC
    Inventors: Scott M. Serani, Leslie S. McMillin, Charles D. Blish, III
  • Patent number: 7844814
    Abstract: Methods and apparatus detecting attempts to obtain IP addresses by faking a MAC address in a data portion of an IP address request message are described. In accordance with the present invention, rather than use standard address allocation protocols, e.g., ARP, the DNS DCHP contacts the requesting edge router via a private secure network. The MAC address received in the address request is compared to the MAC addresses stored in the edge routers port/MAC address resolution table. If the MAC address received in the request message cannot be found in the edge router's table which was created from the MAC address included in the message's header, a fraudulent attempt to obtain a MAC address is declared. The fraudulent attempt to obtain an IP address can be reported and steps taken to identify the perpetrator of the fraud.
    Type: Grant
    Filed: December 10, 2007
    Date of Patent: November 30, 2010
    Assignee: Verizon Services Corp.
    Inventor: Robert T Baum
  • Patent number: 7840818
    Abstract: A secure software package for original equipment manufacturers to run in electronic devices in order to access and dynamically decrypt encrypted audio video or other content from a memory storage device such as a memory card, optical or hard disk such that the user interface of the device need only send simple commands and the decrypted content is output.
    Type: Grant
    Filed: December 6, 2001
    Date of Patent: November 23, 2010
    Assignee: SanDisk Corporation
    Inventors: Farshid Sabet-Sharghi, Bahman Qawami, Robert C. Chang
  • Patent number: 7840808
    Abstract: A client device transmits service identification information to an authentication device at the time of a service request, prompts selection of one or more authentication entity devices which execute one or more authentication subprocesses from among all the authentication entity devices adaptive to profile information received from the authentication device, based on “function list information defining an execution environment of each of the authentication entity devices”, transmits a request for executing an authentication subprocess to such selected each authentication entity device, and transmits to the authentication device “authentication context information including an execution environment and an execution result of an authentication subprocess” received from such each authentication entity device.
    Type: Grant
    Filed: October 24, 2006
    Date of Patent: November 23, 2010
    Assignees: Kabushiki Kaisha Toshiba, Toshiba Solutions Corporation
    Inventors: Hidehisa Takamizawa, Koji Okada, Tatsuro Ikeda, Tomoaki Morijiri, Asahiko Yamada
  • Patent number: 7841006
    Abstract: In accordance with a particular embodiment of the present invention, a method of detecting kernel level rootkits includes requesting first information from a kernel level process, the first information including first contents. The first information is received at a user level process. The method also includes compiling second information at kernel level, the second information including second contents corresponding to an expected first contents of the first information. The first contents are compared to the second contents.
    Type: Grant
    Filed: October 5, 2005
    Date of Patent: November 23, 2010
    Assignee: Computer Associates Think, Inc.
    Inventor: Paul A. Gassoway
  • Patent number: 7840005
    Abstract: A method for synchronization of a media signal computes features of the media signal and determines redundancy of the features to establish synchronization. The synchronization method is adapted for both temporal and spatial synchronization. For spatial synchronization, spatial redundancy is used to detect geometric distortion of a signal using an autocorrelation method to detect peaks caused by the redundancy of features of the signal. These peaks are then analyzed with a histogram method to detect rotation and scaling of the host media signal. The spatial synchronization process is applied for both intra-coded frames of video (I-frames) as well as still images.
    Type: Grant
    Filed: January 20, 2005
    Date of Patent: November 23, 2010
    Assignee: Digimarc Corporation
    Inventors: Edward J. Delp, Eugene T. Lin
  • Patent number: 7840006
    Abstract: Disclosed herein is a content distribution system including: a content distribution server; a sender terminal; and a receiver terminal; wherein the content distribution server including a communication block; a recording block; a content management block; a content encryption block; and a key management block; wherein the sender terminal including a communication block; a terminal detection block; a recording block; and an extraction block; wherein the receiver terminal including a terminal detection block; a recording block; a decryption block; and a content reproduction block; wherein, if the sender terminal is located inside a communicable range in which data can be transmitted and received with the receiver terminal, the sender terminal distributes the content and the receiver terminal, if located inside the communicable range, reproduces the decrypted content.
    Type: Grant
    Filed: July 19, 2006
    Date of Patent: November 23, 2010
    Assignee: Sony Corporation
    Inventors: Akimichi Ogawa, Kazuhiro Shitama, Seiji Miyama
  • Patent number: 7835527
    Abstract: One illustrative method involves the steps of receiving a ciphering mode information message from a wireless network; identifying and processing valid radio bearer downlink ciphering activation time information in the ciphering mode information message when it is part of a security mode command message; and refraining from processing any valid radio bearer downlink ciphering activation time information in the ciphering mode information message when it is part of a message that is different from the security mode command message (i.e. when it is part of a radio network subsystem relocation procedure).
    Type: Grant
    Filed: October 1, 2008
    Date of Patent: November 16, 2010
    Assignee: Research In Motion Limited
    Inventors: Andrew John Farnsworth, Mark Dennis Norton
  • Patent number: 7836516
    Abstract: To provide a microelectronic circuit arrangement (100) and a method for protecting at least one electronic component against illicit manipulation and/or unauthorized access, in which circuit arrangement (100) and method there are no opportunities for manipulation even during or in connection with the start-up procedure, it is proposed that there be arranged at least activating unit (Ai; i=1, 2, 3, 4, 5) for checking whether at least one activating condition is met and for activating at least one preventing unit (Vj; j=1, 2, 3, 4, 5, 6, 7) that is also associated with the circuit arrangement (100) and that is connected to the activating unit (Ai), by means of which preventing unit (Vj) the component (200) can be at least partly de-activated and/or at least partly destroyed in the event of illicit manipulation and/or unauthorized access.
    Type: Grant
    Filed: December 15, 2003
    Date of Patent: November 16, 2010
    Assignee: NXP B.V.
    Inventors: Wolfgang Stidl, Thomas Rottschäfer
  • Patent number: 7836510
    Abstract: A mechanism is disclosed for enabling an attribute provider service (APS), which provides access to one or more attributes, to control access to the attributes at the attribute level. In one implementation, a request is received, which specifies a particular attribute that is desired to be accessed from an attribute repository. In response to this request, a policy that applies to the particular attribute is accessed. The policy is then processed to determine whether access to the particular attribute is to be allowed or denied. With the above mechanism, it is possible to control access to attributes at the attribute level rather than at the service level. Because access control is exercised at such a low level, an administrator can exercise much tighter and precise control over how attributes provided by an APS are accessed.
    Type: Grant
    Filed: April 30, 2004
    Date of Patent: November 16, 2010
    Assignee: Oracle America, Inc.
    Inventors: Rajeev Angal, Qingwen Cheng, Heng-Ming Hsu, Malla Simhachalam, Dilli Dorai Minnal Arumugam
  • Patent number: 7832008
    Abstract: In one embodiment, local software code present in a computer system enables real-time detection of whether the computer system is properly protected against malicious attacks from harmful software. For example, software code such as one or more agents executing in the computer system support real-time protection validation based upon detection of the behavior of the computer system (as opposed to mere detection of the presence of resources or applications in the computer system). In response to detecting that the computer system or an application accesses or provides a particular type of resource and should be protected via one or more appropriate protection policies, if the computer system is not already protected, an agent of the computer system can provide immediate remediation (e.g., a security measure) to temporarily protect the computer system until the appropriate protection policy can be activated to protect the computer system against malicious software threats.
    Type: Grant
    Filed: October 11, 2006
    Date of Patent: November 9, 2010
    Assignee: Cisco Technology, Inc.
    Inventor: Jeffrey A. Kraemer
  • Patent number: 7831841
    Abstract: A secure LSI device 1 includes an encryption section 2 for encrypting a program, and an external I/F 50 for inputting/outputting a program or data from/to an external memory 100. In the encryption section 2, the operation of a private key arithmetic processing section 20 is prohibited with respect to a sequence whose execution is determined by a key-generation/update sequencer 30 to be impermissible. In the external I/F 50, a program processing section 51 and a data processing section 55 are structured independently from each other.
    Type: Grant
    Filed: January 22, 2008
    Date of Patent: November 9, 2010
    Assignee: Panasonic Corporation
    Inventors: Makoto Fujiwara, Yusuke Nemoto, Junichi Yasui, Takuji Maeda, Takayuki Ito, Yasushi Yamada, Shinji Inoue
  • Patent number: 7832007
    Abstract: An exemplary method is provided for managing and mitigating security risks through planning. A first security-related information of a requested product is received. A second security-related information of resources that are available for producing the requested product is received. A multi-stage process with security risks managed by the first security-related information and the second security-related information is performed to produce the requested product.
    Type: Grant
    Filed: January 10, 2006
    Date of Patent: November 9, 2010
    Assignee: International Business Machines Corporation
    Inventors: Kay S. Anderson, Pau-Chen Cheng, Mark D. Feblowitz, Genady Grabarnik, Shai Halevi, Nagui Halim, Trent R. Jaeger, Paul Ashley Karger, Zhen Liu, Ronald Perez, Anton V. Riabov, Pankaj Rohatgi, Angela Marie Schuett, Michael Steiner, Grant M. Wagner
  • Patent number: 7831826
    Abstract: A method and system for distributing and enforcing security policies is provided. A firewall agent executing at a host computer system that is to be protected receives security policies for the enforcement engines responsible for enforcing the security policies on the host computer system. A security policy has rules that each provide a condition and action to be performed when the condition is satisfied. A rule also has a rule type that is used by the distribution system to identify the security components that are responsible for enforcing the rules. To distribute the security policies that have been received at a host computer system, the firewall agent identifies to which enforcement engine a rule applies based in part on rule type. The firewall agent then distributes the rule to the identified enforcement engine, which then enforces the rule.
    Type: Grant
    Filed: March 11, 2009
    Date of Patent: November 9, 2010
    Assignee: Microsoft Corporation
    Inventors: Shirish Koti, Narasimha Rao S. S. Nagampalli, Maxim Alexandrovich Ivanov, Sachin C. Sheth, Emanuel Paleologu, Yun Lin, Eric Erwin Youngblut
  • Patent number: 7827597
    Abstract: A communication network encrypts a first portion of a transaction associated with point-to-point communications using a point-to-point encryption key. A second portion of the transaction associated with end-to-end communications is encrypted using an end-to-end encryption key.
    Type: Grant
    Filed: October 19, 2007
    Date of Patent: November 2, 2010
    Assignee: Seven Networks, Inc.
    Inventors: Lee R. Boynton, Trevor A. Fiatal, Scott M. Burke, Mark Sikes
  • Patent number: 7823200
    Abstract: Methods and systems for reducing the spread of malware in communication between an instant message (IM) client and an IM server are described. An IM filter module (IM FM) is configured to examine incoming messages from an IM server to an IM client and outgoing messages from the IM client to the IM server. The IM filter module is further configured to analyze relationship among the incoming and outgoing messages and determine whether one or more messages contain malware based on the analysis of relationship among the incoming and outgoing messages.
    Type: Grant
    Filed: July 1, 2005
    Date of Patent: October 26, 2010
    Assignee: Symantec Corporation
    Inventors: Francis Aurelio Desouza, Jon Sakoda, Arthur William Gilliland, Anandamoy Roychowdhary, Eric Lyle Lorenzo, Milan Shah
  • Patent number: 7822974
    Abstract: Techniques for establishing implicit trust of authorship certification are provided. A message's domain is validated in response to a valid domain certificate. A message's author is validated in response to an author identification, which is acquired from the message and which is supplied to a domain service of the author. The domain service is implicitly trusted based on the domain being validated via the domain certificate. The domain service uses the author's identification to traverse to a specific location within the domain that houses an author certificate for the author. The author certificate is compared against a message certificate that accompanies the message in order to establish trust with the author and the author's message.
    Type: Grant
    Filed: May 15, 2006
    Date of Patent: October 26, 2010
    Assignee: Novell, Inc.
    Inventors: Stephen Hugh Kinser, Lloyd Leon Burch, Cameron Craig Morris