Patents by Inventor Christopher Zarcone
Christopher Zarcone has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11876786Abstract: Methods and systems for implementing a moving target defense are described. The moving target defense can comprise obfuscating a protocol identifier within a packet. The protocol identifier can be replaced with a faux protocol identifier. Additionally, diversion headers can be inserted into to the packet, thereby creating additional layers of complexity.Type: GrantFiled: December 8, 2016Date of Patent: January 16, 2024Assignee: Comcast Cable Communications, LLCInventor: Christopher Zarcone
-
Publication number: 20230353378Abstract: A network router may send a self-authenticating message to a plurality of host devices. The self-authenticating message may comprise a router advertisement message and a hash of at least a portion of the router advertisement message. The hash may allow the host devices to authenticate the network router for communications.Type: ApplicationFiled: June 6, 2023Publication date: November 2, 2023Inventors: Christopher Zarcone, John Jason Brzozowski
-
Patent number: 11728999Abstract: A first computing device may authenticate itself to a second computing device by providing a verifier value based on a private key. The verifier value may be sent to the second computing device, and a session key may be determined based on the private key. A secure message may comprise routing information associated with the first computing device and a hash value based on the routing information and the session key, and the first computing device may communicate with the second computing device using the session key.Type: GrantFiled: January 8, 2021Date of Patent: August 15, 2023Assignee: Comcast Cable Communications, LLCInventors: Christopher Zarcone, John Jason Brzozowski
-
Publication number: 20220318438Abstract: A mobile device may comprise a secure memory. The mobile device may receive a request from a mobile application executing on the mobile device to store data in the secure memory. The request may comprise the data and a group identifier associated with the mobile application. A primary symmetric key associated with the group identifier may be determined. The data may be encrypted, using the primary symmetric key, to produce first encrypted data. A secondary symmetric key associated with the group identifier may be determined. The first encrypted data may be encrypted, using the secondary symmetric key, to produce second encrypted data.Type: ApplicationFiled: April 6, 2021Publication date: October 6, 2022Inventors: James Hoelsworth, Christopher Zarcone, Sai Sreenath Adabala, Thomas Kilgallon, Anvesh Paidipala, Herbert Marti, Hugo Allexis Cardona Escalante
-
Publication number: 20210377251Abstract: A method and system may allow for authenticating a computing device. A computing device may send an authentication request over a network to an authentication computing device. The authentication request may include a user name and a password. The user name may include a credential and the password may be a digitally signed version of the user name. The authentication computing device may authenticate the requesting computing device by decrypting the password and comparing the received user name to the decrypted password.Type: ApplicationFiled: August 16, 2021Publication date: December 2, 2021Inventors: Kris Bransom, Christopher Zarcone
-
Patent number: 11128615Abstract: A method and system may allow for authenticating a computing device. A computing device may send an authentication request over a network to an authentication computing device. The authentication request may include a user name and a password. The user name may include a credential and the password may be a digitally signed version of the user name. The authentication computing device may authenticate the requesting computing device by decrypting the password and comparing the received user name to the decrypted password.Type: GrantFiled: September 5, 2019Date of Patent: September 21, 2021Assignee: Comcast Cable Communications, LLCInventors: Kris Bransom, Christopher Zarcone
-
Publication number: 20210211297Abstract: Systems and methods involving secure device authentication using aspects of a zero-knowledge password proof approach are disclosed. In one example, a device may generate a self-authenticating message including its identity and/or its capabilities. The device may use a secret value, random nonce, public ephemeral value (PEV), session key, and/or other values to generate the self-authenticating message. The secret value may be unknown to device receiving the self-authenticating message. With the use of pre-loaded values, including a verifier, the receiving device may compare a host-HMAC with the router-HMAC to verify the authenticity of the message. Such authentication may be used, inter alia, on an Internet Protocol network utilizing Neighbor Discovery protocol.Type: ApplicationFiled: January 8, 2021Publication date: July 8, 2021Inventors: Christopher Zarcone, John Jason Brzozowski
-
Patent number: 10931456Abstract: Systems and methods involving secure device authentication using aspects of a zero-knowledge password proof approach are disclosed. In one example, a device may generate a self-authenticating message including its identity and/or its capabilities. The device may use a secret value, random nonce, public ephemeral value (PEV), session key, and/or other values to generate the self-authenticating message. The secret value may be unknown to device receiving the self-authenticating message. With the use of pre-loaded values, including a verifier, the receiving device may compare a host-HMAC with the router-HMAC to verify the authenticity of the message. Such authentication may be used, inter alia, on an Internet Protocol network utilizing Neighbor Discovery protocol.Type: GrantFiled: June 26, 2014Date of Patent: February 23, 2021Assignee: Comcast Cable Communications, LLCInventors: Christopher Zarcone, John Jason Brzozowski
-
Patent number: 10904220Abstract: An apparatus, method, system and computer-readable medium are provided for provisioning a user equipment device (UED). The UED may be configured to receive a generic configuration and (dynamically) derive settings specific to the UED that would otherwise have been received in the configuration. The UED may execute one or more applications to derive the settings specific to the UED. A first application may enable the UED to dynamically learn a fully qualified domain name (FQDN) and IP address of a node. A second application may enable the UED to generate authentication credentials for the UED. A third application may enable the UED to determine a port or ports that are authorized for service and a port or ports that are not authorized for service. A fourth application may enable the UED to determine a number associated with the UED.Type: GrantFiled: June 26, 2019Date of Patent: January 26, 2021Assignee: Comcast Cable Communications, LLCInventors: Carl Klatsky, Chris Wendt, Manoj Chaudhari, Christopher Zarcone
-
Publication number: 20200145401Abstract: A method and system may allow for authenticating a computing device. A computing device may send an authentication request over a network to an authentication computing device. The authentication request may include a user name and a password. The user name may include a credential and the password may be a digitally signed version of the user name. The authentication computing device may authenticate the requesting computing device by decrypting the password and comparing the received user name to the decrypted password.Type: ApplicationFiled: September 5, 2019Publication date: May 7, 2020Inventors: Kris Bransom, Christopher Zarcone
-
Publication number: 20200021562Abstract: An apparatus, method, system and computer-readable medium are provided for provisioning a user equipment device (UED). The UED may be configured to receive a generic configuration and (dynamically) derive settings specific to the UED that would otherwise have been received in the configuration. The UED may execute one or more applications to derive the settings specific to the UED. A first application may enable the UED to dynamically learn a fully qualified domain name (FQDN) and IP address of a node. A second application may enable the UED to generate authentication credentials for the UED. A third application may enable the UED to determine a port or ports that are authorized for service and a port or ports that are not authorized for service. A fourth application may enable the UED to determine a number associated with the UED.Type: ApplicationFiled: June 26, 2019Publication date: January 16, 2020Inventors: Carl Klatsky, Chris Wendt, Manoj Chaudhari, Christopher Zarcone
-
Patent number: 10484364Abstract: A method and system may allow for authenticating a computing device. A computing device may send an authentication request over a network to an authentication computing device. The authentication request may include a user name and a password. The user name may include a credential and the password may be a digitally signed version of the user name. The authentication computing device may authenticate the requesting computing device by decrypting the password and comparing the received user name to the decrypted password.Type: GrantFiled: September 1, 2017Date of Patent: November 19, 2019Assignee: Comcast Cable Communications, LLCInventors: Kris Bransom, Christopher Zarcone
-
Patent number: 10375027Abstract: An apparatus, method, system and computer-readable medium are provided for provisioning a user equipment device (UED). The UED may be configured to receive a generic configuration and (dynamically) derive settings specific to the UED that would otherwise have been received in the configuration. The UED may execute one or more applications to derive the settings specific to the UED. A first application may enable the UED to dynamically learn a fully qualified domain name (FQDN) and IP address of a node. A second application may enable the UED to generate authentication credentials for the UED. A third application may enable the UED to determine a port or ports that arc authorized for service and a port or ports that are not authorized for service. A fourth application may enable the UED to determine a number associated with the UED.Type: GrantFiled: October 20, 2016Date of Patent: August 6, 2019Assignee: Comcast Cable Communications, LLCInventors: Carl Klatsky, Chris Wendt, Manoj Chaudhari, Christopher Zarcone
-
Patent number: 10108579Abstract: Systems and methods for remote signaling are disclosed. One method can comprise receiving, by a destination node, a data packet having a source address associated with source node comprising an interface identifier of the source node, comparing at least a portion of the source address to one or more memory locations of the destination node, identifying a select memory location of the one or more memory locations based upon the comparing at least the portion of the source address to the one or more memory locations of the destination node, and causing execution of an executable instruction stored at the identified memory location.Type: GrantFiled: April 28, 2015Date of Patent: October 23, 2018Assignee: Comcast Cable Communications, LLCInventor: Christopher Zarcone
-
Publication number: 20180234408Abstract: A method and system may allow for authenticating a computing device. A computing device may send an authentication request over a network to an authentication computing device. The authentication request may include a user name and a password. The user name may include a credential and the password may be a digitally signed version of the user name. The authentication computing device may authenticate the requesting computing device by decrypting the password and comparing the received user name to the decrypted password.Type: ApplicationFiled: September 1, 2017Publication date: August 16, 2018Inventors: Kris Bransom, Christopher Zarcone
-
Publication number: 20180167365Abstract: Methods and systems for implementing a moving target defense are described. The moving target defense can comprise obfuscating a protocol identifier within a packet. The protocol identifier can be replaced with a faux protocol identifier. Additionally, diversion headers can be inserted into to the packet, thereby creating additional layers of complexity.Type: ApplicationFiled: December 8, 2016Publication date: June 14, 2018Inventor: Christopher Zarcone
-
Patent number: 9787669Abstract: A method and system may allow for authenticating a computing device. A computing device may send an authentication request over a network to an authentication computing device. The authentication request may include a user name and a password. The user name may include a credential and the password may be a digitally signed version of the user name. The authentication computing device may authenticate the requesting computing device by decrypting the password and comparing the received user name to the decrypted password.Type: GrantFiled: March 14, 2013Date of Patent: October 10, 2017Assignee: Comcast Cable Communications, LLCInventors: Kris Bransom, Christopher Zarcone
-
Publication number: 20170171160Abstract: An apparatus, method, system and computer-readable medium are provided for provisioning a user equipment device (UED). The UED may be configured to receive a generic configuration and (dynamically) derive settings specific to the UED that would otherwise have been received in the configuration. The UED may execute one or more applications to derive the settings specific to the UED. A first application may enable the UED to dynamically learn a fully qualified domain name (FQDN) and IP address of a node. A second application may enable the UED to generate authentication credentials for the UED. A third application may enable the UED to determine a port or ports that arc authorized for service and a port or ports that are not authorized for service. A fourth application may enable the UED to determine a number associated with the UED.Type: ApplicationFiled: October 20, 2016Publication date: June 15, 2017Inventors: Carl Klatsky, Chris Wendt, Manoj Chaudhari, Christopher Zarcone
-
Patent number: 9509513Abstract: An apparatus, method, system and computer-readable medium are provided for provisioning a user equipment device (UED). The UED may be configured to receive a generic configuration and (dynamically) derive settings specific to the UED that would otherwise have been received in the configuration. The UED may execute one or more applications to derive the settings specific to the UED. A first application may enable the UED to dynamically learn a fully qualified domain name (FQDN) and IP address of a node. A second application may enable the UED to generate authentication credentials for the UED. A third application may enable the UED to determine a port or ports that are authorized for service and a port or ports that are not authorized for service. A fourth application may enable the UED to determine a number associated with the UED.Type: GrantFiled: April 15, 2011Date of Patent: November 29, 2016Assignee: Comcast Cable Communications, LLCInventors: Carl Klatsky, Chris Wendt, Christopher Zarcone, Manoj Chaudhari
-
Publication number: 20160321211Abstract: Systems and methods for remote signaling are disclosed. One method can comprise receiving, by a destination node, a data packet having a source address associated with source node comprising an interface identifier of the source node, comparing at least a portion of the source address to one or more memory locations of the destination node, identifying a select memory location of the one or more memory locations based upon the comparing at least the portion of the source address to the one or more memory locations of the destination node, and causing execution of an executable instruction stored at the identified memory location.Type: ApplicationFiled: April 28, 2015Publication date: November 3, 2016Inventor: Christopher Zarcone