Abstract: Apparatus and methods are provided for multiplexing and selectively encrypting application flows, such as VoIP services, over a pre-allocated bandwidth reservation protocol session. According to one embodiment, a pre-allocated reservation protocol session, such as an RSVP session, is shared by one or more individual application sessions. The reservation protocol session is pre-allocated over a path between a first network device associated with a first user community and a second network device associated with a second user community based upon an estimated usage of the path for individual application sessions between users of the first and second user communities. Subsequently, the one or more individual application sessions are dynamically aggregated by multiplexing application flows associated with the one or more individual application sessions onto the pre-allocated reservation protocol session at the first network device and demultiplexing at the second network device.

Abstract: A configurable timer may be used for seamless authentication administration. A network administrator may set the timer value. Then the network administrator may begin to update the authentication configuration or key and the timer may begin to count down. While the timer counts down, the network device may still send outgoing packets using the old authentication configuration or key and may begin to authenticate incoming packets using both the old authentication configuration or key and the new authentication configuration or key. Once it expires, the network device may begin to send outgoing packets using just the new authentication configuration or key. The counter may then be reset and counted down again. Once the counter expires a second time, the new authentication configuration or key may be used for both incoming and outgoing packets. Two-timer implementations are also possible.

Abstract: This system relates to a secure encryption/decryption protocol for elevator displays and controls. The protocol uses an algorithm to scramble information before transmission and reassemble it after transmission. The system uses at least one block of data assembled into unencrypted N-bits of information. An encryption device encodes the data into at least one block of encrypted M-bits of information. A data encryption mask provides an encryption routine which also includes scrambling the data.

Abstract: Methods, apparatus, and systems are provided for distributing a key between nodes. The nodes are provided separate links for carrying messages versus keying information or material. The links for carrying messages couple the nodes to a messaging network, such as the Internet. In addition, the nodes are coupled together in a key distribution network by specialized links for carrying keying information or material. The links for keying information or material are configured to ensure the security of the keying information or material. The nodes that neighbor each other in the key distribution network establish respective pairwise keys. Once the pairwise keys are established, a set of non-neighboring nodes establish a shared key by communicating a sequence of bits through the messaging network. In order to ensure the security of the sequence of bits, the sequence of bits is encrypted based on the respective pairwise keys of neighboring nodes as it is forwarded in messages through the messaging network.

Abstract: According to some embodiments, a shared new data and swap input line adapted to receive a shared new data and swap bit and an output bit that is the shared new data and swap bit is provided.

Abstract: In one embodiment, a networked processor-based system is operated. Also, a non-network processor-based system is operated, wherein the networked and non-networked processor-based systems each include a security module that enables access to respective resources associated with the networked and non-networked processor-based systems. A handheld computer readable medium is received at the network processor-based system, wherein the handheld computer readable medium belongs to a first user. The networked processor-based system writes information to the handheld computer readable medium that indicates that a second user is not authorized to access the resource associated with the non-networked processor-based system.

Abstract: A method is disclosed for securely updating system attributes of a client computer with a BIOS and includes signing a public key of a secure server with a private key of the BIOS prior to completion of manufacturing of the client computer to create an encrypted public key and embedded private key stored at the server. The method includes receiving at the server a request packet transmitted from the client computer requesting system attribute modification, encrypting the request packet to create an encrypted packet, and transmitting a return packet to client computer comprising the encrypted packet, the server's public key, and server instructions. The client computer decrypts the request packet using the server's public key and compares it to the original request packet, and if identical, executes the server instructions to modify the client computer's boot block to update client computer's system attributes.

Abstract: In a storage area network (SAN) including a storage device accessible by a remote client, a method is provided. The SAN is configured to allow input/output (I/O) data transport over the SAN between the remote client and the storage device. The method includes establishing a write once read many (WORM) server in the SAN between the storage device and the remote client. Data is received at the WORM server from the remote client. The method further includes appending a digitally signed timestamp to the data, specifying a plurality of locations, and sending the data and the timestamp to the storage device. The data is sent as a series of data over the SAN such that the series of data is written to the storage device at the specified plurality of locations. Future writing of data to the specified plurality of locations is prevented.