Patents Examined by Techane J. Gergiso
  • Patent number: 7802103
    Abstract: A user recognition and identification system and method is presented in which text entered by a user at a keyboard is evaluated against previously recorded keystrokes by the user for the presence of repeatable patterns that are unique to an individual.
    Type: Grant
    Filed: March 6, 2007
    Date of Patent: September 21, 2010
    Assignee: iMagic Software, Inc.
    Inventors: Steven S. Bender, Howard J. Postley
  • Patent number: 7801309
    Abstract: A private key delivery system and a private key delivery method are disclosed. The private key delivery system includes a transmitter, a receiver, and an optical transmission line connecting the transmitter and the receiver. The transmitter includes a single photon generating unit for simultaneously generating two or more single photons having different wavelengths using a quantum dot structure that has quantum dots of various sizes, an optical splitter for splitting the single photons by wavelengths, a phase modulating unit for modulating each of the single photons split by the wavelengths with private key information, and an optical multiplexer for multiplexing the modulated single photons of the different wavelength and for transmitting the multiplexed single photons to the optical transmission line. The multiplexed single photons are received by the receiver, and the private key information is taken out from the received single photons.
    Type: Grant
    Filed: August 24, 2005
    Date of Patent: September 21, 2010
    Assignee: Fujitsu Limited
    Inventors: Kazuya Takemoto, Tatsuya Usuki
  • Patent number: 7796760
    Abstract: Controlling access to disseminated messages includes implementing one or more key management policies that specify how various encryption keys are maintained and in particular, when encryption keys are made inaccessible. Deleting a particular key renders inaccessible all copies of messages, known or unknown, associated with the particular key, regardless of the location of the associated messages. A message may be directly or indirectly associated with a deleted key. Any number of levels of indirection are possible and either situation makes the message unrecoverable. The approach is applicable to any type of data in any format and the invention is not limited to any type of data or any type of data format.
    Type: Grant
    Filed: February 19, 2008
    Date of Patent: September 14, 2010
    Assignee: Liquid Machines, Inc.
    Inventors: Dean Brettle, Yair Zadik
  • Patent number: 7788501
    Abstract: A method and system for securely enrolling personal identity credentials into personal identification devices. The system of the invention comprises the manufacturer of the device and an enrollment authority. The manufacturer is responsible for recording serial numbers or another unique identifier for each device that it produces, along with a self-generated public key for each device. The enrollment authority is recognized by the manufacturer or another suitable institution as capable of validating an individual before enrolling him into the device. The enrollment authority maintains and operates the appropriate equipment for enrollment, and provides its approval of the enrollment. The methods described herein discuss post-manufacturing, enrollment, backup, and recovery processes for the device.
    Type: Grant
    Filed: August 12, 2008
    Date of Patent: August 31, 2010
    Assignee: Privaris, Inc.
    Inventors: David S. Abdallah, Barry W. Johnson
  • Patent number: 7783895
    Abstract: A controller of a recording device issues a secure command to a storage device, and then waits the time estimated necessary for the storage device to execute the secure command before issuing the next secure command. When a controller of the storage device is executing the previous command, it notifies the recording device of being in process. When the previous command has been completed normally, the controller moves to the next process. Information for estimating the execution time of the command is obtained from the storage device in advance.
    Type: Grant
    Filed: March 26, 2004
    Date of Patent: August 24, 2010
    Assignees: Sanyo Electric Co., Ltd., Sharp Corporation, Victor Company of Japan Limited, Pioneer Corporation, Fujitsu Limited, Hitachi Global Storage Technologies Japan, Ltd.
    Inventors: Yoshihiro Hori, Yuichi Kanai, Ryoji Ohno, Takeo Ohishi, Kenichiro Tada, Tatsuya Hirai, Masafumi Tsuru, Takayuki Hasebe
  • Patent number: 7770024
    Abstract: A method, system and computer program product for computing a message authentication code for data in storage of a computing environment. An instruction specifies a unit of storage for which an authentication code is to be computed. An computing operation computes an authentication code for the unit of storage. A register is used for providing a cryptographic key for use in the computing to the authentication code. Further, the register may be used in a chaining operation.
    Type: Grant
    Filed: February 12, 2008
    Date of Patent: August 3, 2010
    Assignee: International Business Machines Corporation
    Inventors: Shawn D. Lundvall, Ronald M. Smith, Sr., Phil Chi-Chung Yeh
  • Patent number: 7757093
    Abstract: An imaging system is provided with an authentication data storage that stores a plurality of pieces of authentication data in relationship to user IDs respectively representing owners of the plurality of communication devices. Further included is a reading system that reads out one of the plurality of pieces of the authentication data corresponding to a user ID if the user ID is transmitted from the external device in relationship to the image data, and a searching system searches for a communication device with which a connection authentication is established using the authentication data read out by the reading system within a predetermined communication area with respect to the imaging system. An imaging system forms an image represented by the image data transmitted in relationship to the user ID from the external device when the communication device is detected by the searching system.
    Type: Grant
    Filed: June 12, 2007
    Date of Patent: July 13, 2010
    Assignee: Brother Kogyo Kabushiki Kaisha
    Inventors: Masaaki Hibino, Yohei Maekawa, Koshi Fukazawa
  • Patent number: 7757277
    Abstract: A system and method for representing multiple security groups as a single data object are provided. With the system and method, a complex group object is created that consists of a group set value and a mask value. The complex group object represents a plurality of groups by the group set value. The mask value is used to apply to group identifiers received during an authentication process to generate a value that is compared against the group set value to determine if the group identifiers are part of the complex group. For example, in a first step of authorization processing, the group identifier received in an authorization request is bit-wise AND'd with the mask value for the complex group data object. In a second step, the masked group identifier from the received request is compared to the group set value of the complex group object.
    Type: Grant
    Filed: December 17, 2008
    Date of Patent: July 13, 2010
    Assignee: International Business Machines Corporation
    Inventor: Julianne Frances Haugh
  • Patent number: 7747854
    Abstract: A header object for a data file is comprised of sub-objects which specify properties of the data stream and contains information needed to properly verify and interpret the information within the data object. In order to allow the protection of any set of sub-objects without requiring that the sub-objects follow any specific ordering, a new sub-object is introduced which includes region specifiers identifying regions within sub-objects and verification information for those regions. This new sub-object in the header object allows the modification of non-protected regions and reorganization of sub-objects in a header without invalidating verification information.
    Type: Grant
    Filed: April 7, 2008
    Date of Patent: June 29, 2010
    Assignee: Microsoft Corporation
    Inventors: Daniel Adent, Cory West, Ptratul Dublish, Clifford P Strom, Brian D. Crites
  • Patent number: 7739741
    Abstract: A method and apparatus are disclosed which incorporate a system for enabling the adaptive modification of the security level of a node in a network based on software use of nodes in the network. The system is particularly applicable to dynamic network i.e. networks in which nodes may be mobile and in which the network topology is not constant.
    Type: Grant
    Filed: March 25, 2003
    Date of Patent: June 15, 2010
    Assignee: British Telecommunications public limited company
    Inventor: Fabrice T P Saffre
  • Patent number: 7735117
    Abstract: Techniques are disclosed for achieving context-sensitive confidentiality within a federated environment for which content is aggregated in a distributed Web portal (or similar aggregation framework), ensuring that message portions that should be confidential are confidential to all entities in the federated environment except those entities to which the message portions may properly be divulged. The federation may comprise an arbitrary number of autonomous security domains, and these security domains may have independent trust models and authentication services. Using the disclosed techniques, messages can be routed securely within a cross-domain federation (irrespective of routing paths), thereby ensuring that confidential information is not exposed to unintended third parties and that critical information is not tampered with while in transit between security domains. Preferred embodiments leverage Web services techniques and a number of industry standards.
    Type: Grant
    Filed: July 12, 2008
    Date of Patent: June 8, 2010
    Assignee: International Business Machines Corporation
    Inventors: Anthony J. Nadalin, Ajamu A. Wesley
  • Patent number: 7735120
    Abstract: A method for authenticating computers is disclosed. The method comprises issuing a credential from a first computer to a second computer. When the second computer authenticates to the first computer, the second computer transmits the credential and a first challenge to the first computer. The first computer determines whether the credential is valid, computes a first response to the first challenge, and generates a second challenge. The first computer transmits the first response and the second challenge to the second computer. The second computer determines whether the first response is valid and computes a second response to the second challenge. The second computer transmits the second response to the first computer in order to verify and authenticate the computers.
    Type: Grant
    Filed: December 24, 2003
    Date of Patent: June 8, 2010
    Assignee: Apple Inc.
    Inventors: Leland A. Wallace, David M. O'Rourke
  • Patent number: 7725716
    Abstract: Methods and systems for securely requesting, retrieving, sending, and storing files. One aspect involves receiving a request for a file from a client device that identifies a user and the client device, encrypting the file using a session key based at least in part on the user and the client device, and transmitting the encrypted file to the client device. Other aspects of the invention include storing the encrypted file on the client device in encrypted form such that the file may only be decrypted or accessed by the particular user on that particular client device.
    Type: Grant
    Filed: June 16, 2005
    Date of Patent: May 25, 2010
    Assignee: Japan Communications, Inc.
    Inventors: Justin Owen Tidwell, Karlton Mark Zeitz
  • Patent number: 7721321
    Abstract: Disclosed is a method and apparatus for reducing communication system downtime when enabling cryptographic operation of a cryptographic system of the communication system where the cryptographic system includes a first cryptographic device operatively coupled to a plurality of second cryptographic devices via a communication network of the communication system. The method includes causing a pass-through mode of the second cryptographic devices to be suspended, sequentially determining a state of each of the second cryptographic devices, causing the second cryptographic devices and the first cryptographic device to substantially simultaneously operate in a secure mode if each of the second cryptographic devices is determined to have a first state, and causing the second cryptographic devices and the first cryptographic device to operate in the pass-through mode if at least one of the plurality of second cryptographic devices is determined to have a second state.
    Type: Grant
    Filed: January 13, 2005
    Date of Patent: May 18, 2010
    Assignee: Schweitzer Engineering Laboratories, Inc.
    Inventor: Allen D. Risley
  • Patent number: 7721104
    Abstract: A system is provided for downloading pushed content includes a terminal capable of receiving service loading content that identifies download content and has a digital signature. The terminal is capable of authenticating the service loading content based upon the digital signature, and if the service loading content is authenticated, pulling the download content to the terminal. In this regard, the terminal is capable of authenticating the service loading content, and pulling the download content, in response to receiving the service loading content and independent of interaction from a user of the terminal. The terminal can also be capable of determining if an interruption occurs in receiving the download content such that the terminal receives less than the entire download content. And if an interruption occurs, the terminal can be capable of recovering the download content such that the terminal receives the plurality of data packets.
    Type: Grant
    Filed: October 20, 2003
    Date of Patent: May 18, 2010
    Assignee: Nokia Corporation
    Inventors: Juha H. Salo, Janne La. Aaltonen, Guido Cugi
  • Patent number: 7721326
    Abstract: An authentication server automatically selects one of plural authentications identified by authentication identifiers to authorize access by a user to a service dispensed by a service server of a provider identified by a provider identifier via a communication network. The server includes a module for selecting an authentication identifier in a memory as a function of the provider identifier and the type of the terminal and/or the network type of the communication network, and a module for authenticating the user by launching an authentication process associated with the authentication identifier.
    Type: Grant
    Filed: February 10, 2005
    Date of Patent: May 18, 2010
    Assignee: France Telecom
    Inventors: Patrick Bauban, Philippe Michon
  • Patent number: 7721103
    Abstract: One embodiment of the present invention enables global delivery of “on-demand” high fidelity media content to client computers via a network, such as, the Internet or a wide area network (WAN) while restricting unauthorized users from directly retrieving media content from its sources. The present embodiment includes a global media content delivery network that may include multiple “points of presence” which may be located throughout the world. Each point of presence may store a portion or the entirety of a media content library that may be provided to client devices. Each one of the points of presence may provide media content to client devices in their respective vicinity of the world. Once a client receives media, it is stored using hidden directories to prevent easy redistribution with other devices. An access key procedure and rate control restrictor may also be implemented to monitor and restrict suspicious media requests.
    Type: Grant
    Filed: September 4, 2002
    Date of Patent: May 18, 2010
    Assignee: Media Rights Technologies, Inc.
    Inventors: Hank Risan, Edward Vincent Fitzgerald
  • Patent number: 7720220
    Abstract: A method, system and program product for executing a cipher message assist instruction in a computer system by specifying, via the cipher message assist instruction, either a capability query installed function or execution of a selected function of one or more optional functions, wherein the selected function is an installed optional function, wherein the capability query determines which optional functions of the one or more optional functions are installed on the computer system.
    Type: Grant
    Filed: February 27, 2009
    Date of Patent: May 18, 2010
    Assignee: International Business Machines Corporation
    Inventors: Shawn D. Lundvall, Ronald M. Smith, Sr., Phil Chi-Chung Yeh
  • Patent number: 7721099
    Abstract: A printer that prints encrypted information in a document can be the key authority for that document. A document containing encrypted information and a source reference can be printed by a printer associated with a key module. The key module contains the key for decrypting the information. A scanner scanning the document obtains the source reference and the encrypted information. The scanner can use the source reference to send a key request to the printer and the printer can respond with the appropriate key. A decryption module associated with the scanner can use the key to decrypt the information. The decrypted information can be incorporated into a second document that can be electronically stored or printed.
    Type: Grant
    Filed: December 1, 2005
    Date of Patent: May 18, 2010
    Assignee: Xerox Corporation
    Inventors: Dennis C. DeYoung, Devin J. Rosenbauer
  • Patent number: 7715560
    Abstract: A system is provided for hiding a data group in a wireless communication device, in which a predetermined data group is hidden according to a hiding request. The system for hiding a data group comprises an encryption module for receiving the hiding request and the predetermined groups in a memory in the wireless communication device and an access module. Next, the encryption module establishes mechanism for hiding a data group to hide the predetermined data group. The access module performs the mechanism for hiding a data group and decrypts a secret code encrypted by the encryption module when data in the predetermined data group is to be read.
    Type: Grant
    Filed: November 17, 2004
    Date of Patent: May 11, 2010
    Assignee: Inventec Appliances Corp.
    Inventors: Cheng-Shing Lai, Steven Wu