Patents Examined by Peter Poltorak
  • Patent number: 9032205
    Abstract: Embodiments of the invention may be used to provide an authentication and key agreement protocol that is more robust against base station, replay and other attacks compared to previously known systems. The nonce-based authentication and key agreement protocol provides security against such attacks while avoiding the problems that arise in systems that use sequence number counters on the home environment and mobile station-sides. In an embodiment, a nonce that is transmitted from the user to the home environment through the serving network, as well as subsequent values for the nonce that are derived from the initial nonce, are used as indices for authentication vectors.
    Type: Grant
    Filed: July 7, 2009
    Date of Patent: May 12, 2015
    Assignee: Verizon Patent and Licensing Inc.
    Inventor: Muxiang Zhang
  • Patent number: 9025772
    Abstract: According to one embodiment, an information processing apparatus, which is connected to an external apparatus, includes a device key storage unit, a creating unit, a calculating unit, a communication unit, and a key calculating unit. The device key storage unit stores therein a device key. The creating unit creates a media key from the device key and a media key block. The calculating unit calculates first output information on the basis of first inherent information inherent to the information processing apparatus and public information. The communication unit transmits the first output information to the external apparatus and receives second output information calculated by the external apparatus from the external apparatus. The key calculating unit calculates a shared key shared between the information processing apparatus and the external apparatus on the basis of the media key, the first inherent information, and the second output information.
    Type: Grant
    Filed: March 19, 2012
    Date of Patent: May 5, 2015
    Assignee: Kabushiki Kaisha Toshiba
    Inventors: Toru Kambayashi, Yoshikazu Hanatani, Yuichi Komano, Yoshihiro Oba, Satoshi Ito, Taku Kato, Yasuro Shobatake
  • Patent number: 9021259
    Abstract: A client terminal is provided with a column encryption unit that, from an encryption key, a table identifier, and a column identifier, generates a column private key, a column public key, and a comparison value, from which the unit generates a concealed comparison value and a ciphertext, encrypting a particular column; and an encrypted table natural joining request unit that issues a natural joining request text that requests natural joining with regards to columns encrypted from the encryption key, the table identifier, and the column identifier. The natural joining request text contains as a table joining key the column private key generated by a group of generating elements and the encryption key from the table identifier of a first and second table and the column identifier of an a-th column and a b-th column. An encrypted database server executes natural joining using the table joining key, and returns the results.
    Type: Grant
    Filed: July 29, 2011
    Date of Patent: April 28, 2015
    Assignee: NEC Corporation
    Inventor: Jun Furukawa
  • Patent number: 9015798
    Abstract: Methods and apparatus for performing user authentication using pointing device gestures are disclosed. An example method includes receiving, by a computing device, input data from a pointing device that is operatively coupled with the computing device, where the received input data corresponds with a user gesture, and comparing the received user gesture with one or more authorized user gestures to determine if the received user gesture matches one of the authorized user gestures, where each of the one or more authorized user gestures corresponds with at least one of a respective username and a respective password. If the received user gesture matches one of the authorized user gestures, the example method include granting access to the computing device and/or a user account. If the received user gesture does not match any of the authorized user gestures, the example method includes denying access to the computing device and/or the user account.
    Type: Grant
    Filed: February 16, 2012
    Date of Patent: April 21, 2015
    Assignee: Google Inc.
    Inventor: Yoshimichi Matsuoka
  • Patent number: 9009497
    Abstract: A method of operating a system on chip. The system on chip includes a controller. The method includes: receiving, at the system on chip and in a storage drive, encrypted content and an encrypted content key; storing the encrypted content and the encrypted content key in a storage device; and transmitting the encrypted content key from the controller to a first decryption module. The method further includes: decrypting the encrypted content key to generate a content key based on an identification of the system on chip; transmitting the encrypted content from the controller to a second decryption module; and decrypting the encrypted content based on the content key to generate content.
    Type: Grant
    Filed: January 21, 2014
    Date of Patent: April 14, 2015
    Assignee: Marvell International Ltd.
    Inventor: Weishi Feng
  • Patent number: 9008313
    Abstract: A system for generating random key stream cipher texts passes an unencrypted random key stream through an AES engine to produce encrypted cipher text having a first block size in a first frequency domain; converts the encrypted cipher text in the first frequency domain to encrypted cipher text in a second frequency domain; and converts the encrypted cipher text having the first block size in the second frequency domain into smaller block sizes. The frequency in the first frequency domain is preferably lower than the frequency in the second frequency domain. The converting of the encrypted cipher text in the first frequency domain to encrypted cipher text in a second frequency domain may be effected by a dual clock domain FIFO.
    Type: Grant
    Filed: July 24, 2014
    Date of Patent: April 14, 2015
    Assignee: Elliptic Technologies Inc.
    Inventors: Michael James Lewis, Neil Leckett, A. A. Jithra Adikari
  • Patent number: 9003509
    Abstract: A method and system for improving the security and control of internet/network web application processes, such as web applications. The invention enables validation of requests from web clients before the request reaches a web application server. Incoming web client requests are compared to an application model that may include an allowed navigation path within an underlying web application. Requests inconsistent with the application model are blocked before reaching the application server. The invention may also verify that application state data sent to application servers has not been inappropriately modified. Furthermore, the invention enables application models to be automatically generated by employing, for example, a web crawler to probe target applications. Once a preliminary application model is generated it can be operated in a training mode. An administrator may tune the application model by adding a request that was incorrectly marked as non-compliant to the application model.
    Type: Grant
    Filed: December 10, 2008
    Date of Patent: April 7, 2015
    Assignee: F5 Networks, Inc.
    Inventor: David Movshovitz
  • Patent number: 8984609
    Abstract: Methods and apparatus are provided for embedding auxiliary information in one-time passcode authentication tokens. Auxiliary information is embedded in authentication information transmitted to a receiver by obtaining the auxiliary information; and mapping the auxiliary information to a codeword using a secret key, wherein the secret key is shared between the security token and an authentication authority; and combining the codeword with a tokencode generated by a security token to generate a one-time passcode. The one-time passcode can then be transmitted to the receiver.
    Type: Grant
    Filed: February 24, 2012
    Date of Patent: March 17, 2015
    Assignee: EMC Corporation
    Inventors: Ari Juels, Nikolaos Triandopoulos, Ronald Rivest, Marten Erik van Dijk
  • Patent number: 8984605
    Abstract: According to some embodiments, a method provides a designated link in a notification to an intended recipient of the message. The designated link includes a unique identifier associated with the message. Upon receiving a request to access the message, the method authenticates the request. Authentication includes verifying whether the request corresponds to the designated link provided in the notification. If the request passes authentication, the method communicates the message.
    Type: Grant
    Filed: August 23, 2011
    Date of Patent: March 17, 2015
    Assignee: ZixCorp Systems, Inc.
    Inventors: Dena Terry Bauckman, Nigel Paul Johnson, David Joseph Robertson
  • Patent number: 8973105
    Abstract: Computers can be authenticated using automatically combined images. During an authentication process, a server transmits an image to a client. The transmitted image is combined with a stored image using a randomly selected logical operator to generate a combined image. The combined image is transmitted back to the server. The server has a copy of the transmitted image and the stored image and generates a series of template combined images using different logical operators selected from a set of logical operators to determine whether any of the template combined images match the received combined image. If the received combined image matches one of the template combined images, the user is authenticated.
    Type: Grant
    Filed: March 14, 2013
    Date of Patent: March 3, 2015
    Assignee: MobileSphere Holdings II LLC
    Inventor: Robert G. Mechaley, Jr.
  • Patent number: 8959639
    Abstract: A method of detecting and blocking malicious activity of processes in computer memory during unpacking of a file after the code and data contained in the file are unpacked is described. The method includes inserting a hook function into one or more un-assessed processes running in the computer memory. A hook is then placed on one or more system calls carried out by the one or more un-assessed processes; the one or more system calls determining an optimal time period in which to detect malicious activity in the un-assessed processes. During the optimal time period the one or more system calls carried out by the one or more un-assessed processes are suspended and attributes of the one or more un-assessed processes are detected and the likely maliciousness of the one or more un-assessed processes is determined from the attributes.
    Type: Grant
    Filed: June 6, 2008
    Date of Patent: February 17, 2015
    Assignee: Symantec Corporation
    Inventor: Sergei Shevchenko
  • Patent number: 8958552
    Abstract: A certification device 101 encrypts a feature vector for registration by using a random number and a public key which is set to correspond to a secret key in a decryption device 103. The encrypted feature vector for registration is registered in an authentication device 102. In authentication, the certification device encrypts a feature vector for authentication by using the public key and a random number. With the two encrypted feature vectors being kept encrypted, the authentication device generates encrypted similarity degree information from which the decryption device can derive the similarity degree between the two feature vectors by a decryption process using the secret key. The decryption device 103 decrypts the encrypted similarity degree information to derive the similarity degree of the plaintext. The authentication device 102, if the similarity degree is equal to or larger than a threshold, determines that the user is the correct user.
    Type: Grant
    Filed: October 29, 2009
    Date of Patent: February 17, 2015
    Assignee: Mitsubishi Electric Corporation
    Inventors: Mitsuhiro Hattori, Yoichi Shibata, Takashi Ito, Nori Matsuda, Katsuyuki Takashima, Takeshi Yoneda
  • Patent number: 8949991
    Abstract: Systems, methods, and computer program products are disclosed for testing web service-related elements, where the instructions of a web service-related element are statically analyzed to identify a characteristic of an output of the web service-related element, and where it is determined from a received response to a web service request that the web service request was processed by the web service-related element if at least a portion of the response matches the characteristic of the output of the web service-related element.
    Type: Grant
    Filed: January 28, 2011
    Date of Patent: February 3, 2015
    Assignee: International Business Machines Corporation
    Inventors: Evgeny Beskrovny, Omer Tripp
  • Patent number: 8948570
    Abstract: An image capturing system that records on a video recording unit a video captured by an image capturing apparatus and displays the video thus captured on a display unit comprises a change recording unit that records information of the time when, and the region where, a change of status occurs when the change detection unit detects such a change of status, and an extraction unit that extracts a partial region of video from the video thus recorded for displaying on the display unit. The extraction unit switches the video that is displayed on the display unit by extracting a video of the region of the change of status when the imaging time of the video that is displayed on the display unit reaches a time before a time prior to change that is preset, from the time when the change of status occurs.
    Type: Grant
    Filed: November 14, 2007
    Date of Patent: February 3, 2015
    Assignee: Canon Kabushiki Kaisha
    Inventor: Tetsuhiro Takanezawa
  • Patent number: 8924721
    Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for generating a nonce. In one aspect, a method includes generating, by a data processing apparatus, a source value, and hashing, by the data processing apparatus, the source value to generate the nonce.
    Type: Grant
    Filed: October 6, 2009
    Date of Patent: December 30, 2014
    Assignee: McAfee, Inc.
    Inventor: Srinivasan Narasimhan
  • Patent number: 8918889
    Abstract: An information processing apparatus for determining whether or not to transmit a predetermined content to a reception apparatus connected to a network, in accordance with a response time taken to respond to a predetermined command, including: reception means receiving a response to a command; measuring means measuring the response time to the command; authentication means authenticating the reception apparatus; generation means generating authentication data to be inserted into the command; transmission means transmitting the command including predetermined one of the authentication data; storage means storing the authentication data contained in the command and the response data contained in the response; request means requesting the reception apparatus for transmission of the authentication data and the response data; and determination means determining whether the authentication data and the response data transmitted from the reception apparatus, and determining transmission permission/inhibition of a cont
    Type: Grant
    Filed: May 31, 2005
    Date of Patent: December 23, 2014
    Assignee: Sony Corporation
    Inventor: Hisato Shima
  • Patent number: 8914844
    Abstract: A method, system, computer program product, and computer program storage device for transforming a high-level policy associated with a high layer to a low-level policy associated with a low layer. Mapping between high-level objects in a high layer and low-level objects in a low layer is derived by an automated discovery tool. The high-level policy is mapped to the low-level policy according to the mapping (e.g., by substituting the high-level objects with the low-level objects and by performing a syntax transformation). In one embodiment, a low-level policy is transformed to a high-level policy according to the mapping. As exemplary embodiments, policy transformations in traffic shaping and data retention are disclosed.
    Type: Grant
    Filed: July 19, 2012
    Date of Patent: December 16, 2014
    Assignee: International Business Machines Corporation
    Inventors: Alain C. Azagury, Murthy V. Devarakonda, Nikolai Joukov, Manoj Kumar, Konstantinos Magoutis, Birgit M. Pfitzmann, Norbert G. Vogl
  • Patent number: 8906114
    Abstract: A method and apparatus are disclosed for detecting the removal of a device connected to a network. The present invention generates an alarm on a protected device when an unauthorized user disconnects the device from a network connection. The network connection is monitored and an alarm is generated if the protected device is disconnected from the network connection without proper notification to the theft protection utility. A number of fail-safe features can optionally be employed to ensure that the theft protection aspects of the present invention are not bypassed. For example, the theft protection utility process can employ speaker, volume and/or power control features to ensure that the alarms generated by the present invention, or the theft protection feature itself, cannot be bypassed.
    Type: Grant
    Filed: May 18, 2009
    Date of Patent: December 9, 2014
    Assignee: Agere Systems LLC
    Inventors: Jalaludeen Ca, Nandakumar Gn
  • Patent number: 8898750
    Abstract: One or more portable identification devices associated with a first smart network can be carried with a user of the first smart network to a second smart network and used to automatically identify the first smart network and allow authorized access to the smart network via the second smart network. The one or more portable identification devices are configured to automatically provision the second smart network with the information necessary for the second smart network to identify the first smart network and the authorization credentials to connect to the first smart network. In some example embodiments, the portable identification devices may be RFID tags.
    Type: Grant
    Filed: August 23, 2011
    Date of Patent: November 25, 2014
    Assignee: Cisco Technology, Inc.
    Inventors: Siddhartha Dattagupta, James J. Simon
  • Patent number: 8898461
    Abstract: Improved handling of battery recognition tasks in an electronic device such as a cell phone, smart phone, computer system, recording device or others is facilitated. Recognition of a battery so as to enable exchange of power between the device and the battery is determined by a match between one of a plurality of number strings stored in the device and the decrypted response to an encrypted challenge derived from the one of stored number string.
    Type: Grant
    Filed: March 3, 2011
    Date of Patent: November 25, 2014
    Assignee: Lenovo (Singapore) Pte. Ltd.
    Inventors: Kenneth Scott Seethaler, Randall Scott Springfield