Patents Examined by Peter Poltorak
-
Patent number: 9917687Abstract: Systems and methods facilitating a framework that provides a core trusted computing base (TCB) of an electronic device with various security capabilities. The framework can include a low-resource device and at least one distributed resource. The low-resource device can be configured to generate sealing keys, migration keys, and attestation keys that are based on a device secret associated with the low-resource device and one or more software modules. The low-resource device can further be configured to use the migration keys and the sealing keys to both verify a software update and migrate secrets from a previous version of the software to a newer version of the software. Additionally, the low-resource device can be configured to generate an attestation statement using the attestation keys and perform attestation using the attestation statement and the at least one distributed resource.Type: GrantFiled: October 12, 2015Date of Patent: March 13, 2018Assignee: Microsoft Technology Licensing, LLCInventors: David R Wooten, Andrey Marochko, Dennis Mattoon, Paul England
-
Patent number: 9906368Abstract: Various embodiments relate to a method of encoding data and related device and non-transitory machine readable storage medium, the method including: determining a set of digits, X, representative of a value to be encoded; determining a set of factor values, S, to be used in generating an encoded value, wherein the set of factor values, S, is a set of input value factors for a modular exponentiated digital signature process; for a given digit, x, of the set of digits, X, determining at least one factor value, s, of the set of factor values, S, corresponding to the given digit, x; and including the at least one factor value, s, in an encoded value.Type: GrantFiled: December 23, 2014Date of Patent: February 27, 2018Assignee: NXP B.V.Inventors: Joppe Bos, Michaël Peeters
-
Patent number: 9904783Abstract: An information processing method and an electronic device are provided. The method includes: detecting a first operation of a first application, where the first operation is for displaying a first interface corresponding to the first application on a display of the electronic device; determining whether the first application is identical to one of M applications to obtain a first determination result where M is a positive integer, where each of the M applications has at least one corresponding interface currently displayed on the display of the electronic device; and generating and outputting a prompt message if the first determination result indicates that the first application is not identical to any one of the M applications.Type: GrantFiled: June 29, 2015Date of Patent: February 27, 2018Assignee: Lenovo (Beijing) Co., Ltd.Inventor: Yakun Li
-
Patent number: 9900311Abstract: A device for reading a message includes a reader to read biometric data of a holder of the medium and a scanner to capture, on a medium, an encoded message having elementary message units. The message includes a noise that consists of marking defects of the message on the medium which are random and unpredictable for each elementary message unit. A noise reducer to reduce the noise of the captured message based on biometric data. A decoder to decode at least one portion of the message in which the noise has been at least partially removed. Preferably, the decoder utilizes redundancies of the message with the noise removed to determine at least one portion of the encoded message.Type: GrantFiled: December 2, 2014Date of Patent: February 20, 2018Assignee: ADVANCED TRACK AND TRACEInventors: Jean-Pierre Massicot, Alain Foucou, Zbigniew Sagan
-
Patent number: 9900769Abstract: An embodiment takes the form of a method carried out by a personal mobile device. The personal mobile device receives a session-request message requesting establishment an encrypted-audio session with a call-initiating device, responsively presents one or more call-response inquiries via a user interface, and subsequently receives an accessory-unready indication via the user interface. The one or more call-response inquiries include an accessory-status inquiry, and the accessory-unready indication is associated with the presented accessory-status inquiry. In response to receiving the accessory-unready indication, the personal mobile device sends, to the call-initiating device, a request-acknowledgment message that is associated with the session-request message. Subsequent to sending the request-acknowledgment message but before establishing the encrypted-audio session, the personal mobile device makes an accessory-ready determination.Type: GrantFiled: May 29, 2015Date of Patent: February 20, 2018Assignee: NAGRAVISION S.A.Inventor: Bertrand Wendling
-
Patent number: 9894473Abstract: A platform, apparatus and method are described for pairing devices. For example, one embodiment of a system for pairing devices comprises: a first data processing device having a machine-readable optical label associated therewith and including a first wireless communication interface; a second data processing device having a second wireless communication interface and an optical reader for reading identification data from the optical label associated with the first data processing device, the second wireless communication interface including pairing logic to use the identification data to pair with the first data processing device by establishing a secure communication channel between the first and second wireless communication interfaces.Type: GrantFiled: March 29, 2017Date of Patent: February 13, 2018Assignee: AFERO, INC.Inventors: Joe Britt, Shin Matsumura, Houman Forood, Scott Zimmerman, Phillip Myles, Sean Zawicki, Daisuke Kutami, Shannon Holland, Justin Lee
-
Patent number: 9881182Abstract: A method may be executed by a secure processor having secure cryptography hardware implemented thereon. The method may be executed in a security kernel of a secure on-chip non-volatile (NV) memory coupled to the secure processor. The method may include: storing a rewritable state and a device private key based at least in part on a programmed secret seed and the rewritable state, the device private key being part of a cryptographic key pair comprising a public key associated with the device private key, and the rewritable state being a state of a secure application encrypted with the public key; providing one or more instructions to gather the device private key and from the private key datastore; and using the device private key to generate a device certificate, the device certificate providing the device with access to the secure application.Type: GrantFiled: January 26, 2017Date of Patent: January 30, 2018Assignee: Acer Cloud Technology, Inc.Inventors: Pramila Srinivasan, John Princen
-
Patent number: 9871660Abstract: Methods for certifying a security document comprising the steps of: a) selecting a set of unique characteristics, obtained as the result of the variations in the manufacturing process and supplies, b) getting a digital image of a security document and obtaining data of the relative position between features selected from different manufacturing processes (register), c) constructing a message by measuring the register of selected features from the document and the document ID data, d) constructing a hashed message, the hashed message being the message obtained after being encoded by means of a unidirectional cryptographic hash function, e) encrypting the hashed message using a public key cryptographic system to obtain a digital certificate by means of a private key, and f) storing the digital certificate in an external database.Type: GrantFiled: December 23, 2014Date of Patent: January 16, 2018Assignee: BANCO DE MEXICOInventors: Heinrich Fidencio Terborg Del Rosal, Ernesto Gonzalez Candela, Monica Lopez Gonzalez
-
Patent number: 9825924Abstract: A file sharing method and apparatus. The method includes uploading, by a first terminal, each encrypted file to a server for saving, and receiving a uniform resource locator (URL) that is returned by the server and corresponds to a location for saving each encrypted file, generating a key package that includes a shared key and a URL that correspond to a file to be shared, and providing the key package for a second terminal, so that the second terminal acquires a corresponding encrypted file by using the URL in the key package, and decrypts the acquired encrypted file by using the shared key in the key package.Type: GrantFiled: September 8, 2015Date of Patent: November 21, 2017Assignee: HUAWEI DEVICE (DONGGUAN) CO., LTD.Inventors: Jiejing Huang, Huangwei Wu, Chan Wang
-
Patent number: 9817956Abstract: A user is authenticated based on feature data of a target such as a body-part or other object obtained by a touchscreen of a computing device. When the user positions the target to interact with the touchscreen, interaction data is gathered. Feature data of the target is determined from the gathered interaction data. The feature data is used to identify one or more of the target and the user. Various actions are executed based on the identification and authentication of the user.Type: GrantFiled: December 12, 2014Date of Patent: November 14, 2017Assignee: EXCALIBUR IP, LLCInventors: Christian Holz, Marius Knaust, Rajiv Ayyangar, Senaka Buthpitiya, Haojian Jin
-
Patent number: 9804800Abstract: A computer is protected from heap spray attacks by identifying blocks in a heap memory, associating the blocks in buckets according to the block sizes, selecting one of the buckets, and choosing a first block and a second block from the selected bucket. The method is further carried out by making a content comparison of the first block with the second block, accumulating a positive result when the comparison meets a predetermined criterion of similarity, and reporting a heap spray detection when accumulated positive results exceed a predetermined threshold.Type: GrantFiled: June 29, 2015Date of Patent: October 31, 2017Assignee: PALO ALTO NETWORKS, INC.Inventors: Alon Livne, Shlomi Levin, Gal Diskin
-
Patent number: 9801052Abstract: The present invention provides a method and an apparatus for securing data packets and control messages in a mobile broadband network environment. In one embodiment, a mobile station and a data gateway are peers for securing data packets. That is, security context for data packets is maintained at the mobile station and the data gateway. Further, security processing for data packets is performed by the mobile station and the data gateway. In another embodiment, the mobile station and a base station are peers for securing control messages. That is, security context for control messages is maintained at the mobile station and the base station(s). Further, security processing for control messages is performed by the mobile station and the base station(s).Type: GrantFiled: June 13, 2013Date of Patent: October 24, 2017Assignee: Samsung Electronics Co., Ltd.Inventor: Anil Agiwal
-
Patent number: 9781097Abstract: A device fingerprinting system provides an additional factor of authentication. A user device may be redirected, along with user ID parameters, to authentication system. The user device may be sent instructions to execute that collect and send back device characteristic information to the authentication system. The authentication can create a unique fingerprint of the device, and determine if the fingerprint has been seen before. If seen before, the authentication system may send back an authentication token indicating the additional factor of authentication was a success. If the fingerprint has not been seen previously, the authentication system may conduct a one-time password authentication as the additional factor. If successful, the fingerprint may be stored in association with the user device for future authentication as an additional factor.Type: GrantFiled: February 13, 2015Date of Patent: October 3, 2017Assignee: SecureAuth CorporationInventors: Garret Florian Grajek, Chihwei Liu, Allen Yu Quach, Jeffrey Chiwai Lo
-
Patent number: 9774443Abstract: Some embodiments provide a method for performing a cryptographic process. The method receives first and second cipher keys. The method generates a set of subkeys corresponding to each of the first and second cipher keys. The set of subkeys for the first cipher key is dependent on the first cipher key and the second cipher key. The method performs the cryptographic process by using the generated sets of subkeys.Type: GrantFiled: March 4, 2015Date of Patent: September 26, 2017Assignee: Apple Inc.Inventors: Benoit Chevallier-Mames, Bruno Kindarji, Thomas Icart, Augustin J. Farrugia, Mathieu Ciet
-
Patent number: 9775039Abstract: A telecommunication carrier may stitch data from multiple sources to support device automation and access control. A state may be assigned to a user of a user device at a telecommunication carrier based on a data stitch of information from multiple data sources. The data sources may include data on a geolocation of the user device. The state may be provided to a rules engine at a remote location via a carrier network of the telecommunication carrier. An indication from the rules engine that the user device is granted or denied access to one or more entities at the location based on the state may be received via the carrier network at the telecommunication carrier. In turn, the telecommunication carrier may provide the indication of the granted or denied access to the user device of the user.Type: GrantFiled: November 18, 2014Date of Patent: September 26, 2017Assignee: T-MOBILE USA, INC.Inventors: Eric W. Yocam, Ahmad Arash Obaidi
-
Patent number: 9773124Abstract: A system and method of performing date shifting with randomized intervals for the de-identification of a dataset from a source database containing information identifiable to individuals is provided. The de-identified dataset is retrieved comprising a plurality of entries or records containing personal identifying information. Date quasi-identifiers in the dataset for the entries can be identified within the data set which may be used potentially identifiable for a patient. Date events are consolidated in the date quasi-identifiers and connected dates in the dataset. The date events are moved relative to an anchor date in a longitudinal sequence of the date events. De-identification of the entries in the dataset including the date quasi-identifiers is performed to meet a risk metric defining risk of re-identified patients associated with the records.Type: GrantFiled: May 22, 2015Date of Patent: September 26, 2017Assignee: PRIVACY ANALYTICS INC.Inventors: Khaled El Emam, Luk Arbuckle, Ben Eze, Geoffrey Green
-
Patent number: 9755829Abstract: Method for generating a pair of public and private cryptographic keys in the additive group of integers modulo n, where n is the product of two prime numbers p and q, the method including the following steps: calculating a public exponent e for said public key, and calculating a private exponent d for said private key from said public exponent and said public modulus, where d·e=1 mod ?(n), ?(n) being the least common multiple between p-1 and q-1, characterized in that the method furthermore comprises a step: of checking to check that ?(n)=0 mod (p-1) and ?(n)=0 mod (q-1).Type: GrantFiled: December 16, 2014Date of Patent: September 5, 2017Assignee: OBERTHUR TECHNOLOGIESInventors: Alberto Battistello, Christophe Giraud
-
Patent number: 9755828Abstract: According to a communication device includes a sharing processing unit, a storage, and a controller. The sharing processing unit shares an encryption key with one or more external devices. The storage stores therein the encryption key. The controller compares a current amount representing an amount of the stored encryption key with a specified reference amount and performs control to continue or stop sharing processing, which is performed by the sharing processing unit, for sharing the encryption key on the basis of a comparison result.Type: GrantFiled: October 2, 2015Date of Patent: September 5, 2017Assignee: Kabushiki Kaisha ToshibaInventor: Yoshimichi Tanizawa
-
Patent number: 9736165Abstract: Methods, apparatus, systems and articles of manufacture (e.g., physical storage media) to implement centralized authentication for granting access to online services are disclosed. Example authentication methods disclosed herein include accessing an identification code included in an authentication request received from an online service for authentication information associated with a first device, wherein the identification code was previously assigned to provide valid identification of the first device during a first time interval. Disclosed example authentication methods also include, in response to determining a profile selected based on the identification code permits the online service to access the authentication information, evaluating activity information associated with the first device based on the profile to determine the authentication information. Disclosed example authentication methods further include transmitting the authentication information to the online service.Type: GrantFiled: May 29, 2015Date of Patent: August 15, 2017Assignee: AT&T Intellectual Property I, L.P.Inventor: Dale W. Malik
-
Patent number: 9729327Abstract: A system for generating a digital signature may include a record management facility configured to group a first record with a second record and to generate a first digital signature based at least in part on the first record and the second record.Type: GrantFiled: October 29, 2013Date of Patent: August 8, 2017Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: John C. Dayka, Anthony T. Sofia