Patents by Inventor Daniel Kovacs
Daniel Kovacs has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11928755Abstract: Integrating virtual tours on digital resources is provided. A system receives a call generated by a client application executed on a client device responsive to a refresh of a digital resource. The system identifies a request for content for display in a content slot on the digital resource having a content slot size. The system transmits, to the client device, a viewer application configured to execute a priority caching function in the content slot. The viewer application downloads, based on the priority caching function and a computing characteristic of the client device, a first portion of a virtual tour. The viewer application renders the first portion of the virtual tour via the content slot. The viewer application establishes a controller that controls rendering of the virtual tour in response to a detection of an interaction on the digital resource outside the content slot.Type: GrantFiled: February 18, 2022Date of Patent: March 12, 2024Assignee: Threshold 360, Inc.Inventors: Daniel Kraus, Sean Kovacs
-
Patent number: 10833873Abstract: Methods and systems are provided for demonstrating authorization to access a resource to a verifier computer controlling access to the resource. The method comprises, at a user computer, storing an attribute credential certifying a set of attributes; and communicating with a revocation authority computer to obtain an auxiliary credential, bound to the attribute credential, certifying a validity status for each attribute in the attribute credential. The method further comprises, at the user computer, communicating with the verifier computer to prove possession of the attribute credential and the auxiliary credential such that the verifier computer can determine whether at least one attribute in the attribute credential, certified as valid by the auxiliary credential, satisfies an access condition for the resource.Type: GrantFiled: October 29, 2019Date of Patent: November 10, 2020Assignee: International Business Machines CorporationInventors: Jan Camenisch, Daniel Kovacs, Kai Samelin, Dieter M. Sommer
-
Publication number: 20200067716Abstract: Methods and systems are provided for demonstrating authorization to access a resource to a verifier computer controlling access to the resource. The method comprises, at a user computer, storing an attribute credential certifying a set of attributes; and communicating with a revocation authority computer to obtain an auxiliary credential, bound to the attribute credential, certifying a validity status for each attribute in the attribute credential. The method further comprises, at the user computer, communicating with the verifier computer to prove possession of the attribute credential and the auxiliary credential such that the verifier computer can determine whether at least one attribute in the attribute credential, certified as valid by the auxiliary credential, satisfies an access condition for the resource.Type: ApplicationFiled: October 29, 2019Publication date: February 27, 2020Inventors: Jan CAMENISCH, Daniel KOVACS, Kai SAMELIN, Dieter M. SOMMER
-
Patent number: 10560274Abstract: Methods and systems are provided for demonstrating authorization to access a resource to a verifier computer controlling access to the resource. The method comprises, at a user computer, storing an attribute credential certifying a set of attributes; and communicating with a revocation authority computer to obtain an auxiliary credential, bound to the attribute credential, certifying a validity status for each attribute in the attribute credential. The method further comprises, at the user computer, communicating with the verifier computer to prove possession of the attribute credential and the auxiliary credential such that the verifier computer can determine whether at least one attribute in the attribute credential, certified as valid by the auxiliary credential, satisfies an access condition for the resource.Type: GrantFiled: June 9, 2016Date of Patent: February 11, 2020Assignee: International Business Machines CorporationInventors: Jan Camenisch, Daniel Kovacs, Kai Samelin, Dieter M. Sommer
-
Patent number: 10326753Abstract: Methods, systems and computer program products are provided for authenticating a message via a revocable signature. The method includes, at a signing computer, generating first auxiliary data and second auxiliary data respectively dependent on a public key and a private key of a public-private key pair for the message. The signing computer hashes the message and the first auxiliary data via a chameleon hash algorithm, using a public hash key of a verifier computer, to produce a first hash value. The signing computer signs the first hash value, using a secret signing key of the signing computer, to produce a signature. The signing computer sends the message, the signature and the first auxiliary data to the verifier computer, and stores the second auxiliary data.Type: GrantFiled: June 23, 2016Date of Patent: June 18, 2019Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Daniel Kovacs, Kai Samelin, Dieter Sommer
-
Patent number: 10282125Abstract: Systems and methods are provided for preserving data in a data deduplication system. A hash tree-based deduplication system balancing memory utilization and duplication-related storage access overhead is disclosed. The system preferably relies on distributed file system infrastructure and the system modifies this infrastructure. The data structures may be adapted to accommodate file-block distribution properties at runtime, such as runtime-specializing the hash tree to detect replicated chunks.Type: GrantFiled: April 17, 2017Date of Patent: May 7, 2019Assignee: International Business Machines CorporationInventors: Mark Korondi, Dániel Kovács, Michael C. Osborne, Tamas Visegrady
-
Patent number: 10263962Abstract: Methods are provided for authenticating user authentication data, associated with a user ID, at an authentication system. The authentication system comprises an authentication server connected to a network, and a secure cryptoprocessor operatively coupled to the authentication server. A first token for the user ID is provided in data storage operatively coupled to the authentication server. The first token is produced by the secure cryptoprocessor by encoding the user authentication data associated with the user ID via an encoding process dependent on a secret key of the secure cryptoprocessor. The authentication server receives an authentication request for the user ID from a remote computer via the network. The authentication request comprises a ciphertext encrypting user authentication data under a public key of a first public-private key pair, the private key of which is secret to the secure cryptoprocessor.Type: GrantFiled: May 10, 2017Date of Patent: April 16, 2019Assignee: International Business Machines CorporationInventors: Mark Korondi, Daniel Kovacs, Zoltan Arnold Nagy
-
Publication number: 20180300078Abstract: Systems and methods are provided for preserving data in a data deduplication system. A hash tree-based deduplication system balancing memory utilization and duplication-related storage access overhead is disclosed. The system preferably relies on distributed file system infrastructure and the system modifies this infrastructure. The data structures may be adapted to accommodate file-block distribution properties at runtime, such as runtime-specializing the hash tree to detect replicated chunks.Type: ApplicationFiled: April 17, 2017Publication date: October 18, 2018Inventors: Mark Korondi, Dániel Kovács, Michael C. Osborne, Tamas Visegrady
-
Publication number: 20170374033Abstract: Methods, systems and computer program products are provided for authenticating a message via a revocable signature. The method includes, at a signing computer, generating first auxiliary data and second auxiliary data respectively dependent on a public key and a private key of a public-private key pair for the message. The signing computer hashes the message and the first auxiliary data via a chameleon hash algorithm, using a public hash key of a verifier computer, to produce a first hash value. The signing computer signs the first hash value, using a secret signing key of the signing computer, to produce a signature. The signing computer sends the message, the signature and the first auxiliary data to the verifier computer, and stores the second auxiliary data.Type: ApplicationFiled: June 23, 2016Publication date: December 28, 2017Inventors: Daniel Kovacs, Kai Samelin, Dieter Sommer
-
Publication number: 20170359184Abstract: Methods and systems are provided for demonstrating authorization to access a resource to a verifier computer controlling access to the resource. The method comprises, at a user computer, storing an attribute credential certifying a set of attributes; and communicating with a revocation authority computer to obtain an auxiliary credential, bound to the attribute credential, certifying a validity status for each attribute in the attribute credential. The method further comprises, at the user computer, communicating with the verifier computer to prove possession of the attribute credential and the auxiliary credential such that the verifier computer can determine whether at least one attribute in the attribute credential, certified as valid by the auxiliary credential, satisfies an access condition for the resource.Type: ApplicationFiled: June 9, 2016Publication date: December 14, 2017Inventors: Jan CAMENISCH, Daniel Kovacs, Kai Samelin, Dieter M. Sommer
-
Patent number: 9813414Abstract: Embodiments include methods for managing encrypted files by storing a user password hash including a predetermined function of the user password associated with that user ID and the secret keys. Aspects also include, in response to receipt from a user computer of an input password and a the user ID for a required encrypted file, communicating with authentication servers to implement a key-reconstruction protocol in which each server computes first and second hash values for the required encrypted file. The file management server uses the first hash values to compute an input password hash including the predetermined function of the input password and the secret keys, checks if the input password hash matches the user password hash for the received user ID, and reconstructs the encryption key for the required encrypted file.Type: GrantFiled: November 30, 2015Date of Patent: November 7, 2017Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATIONInventors: Jan L. Camenisch, Daniel Kovacs, Anja Lehmann, Gregory Neven
-
Publication number: 20170244678Abstract: Methods are provided for authenticating user authentication data, associated with a user ID, at an authentication system. The authentication system comprises an authentication server connected to a network, and a secure cryptoprocessor operatively coupled to the authentication server. A first token for the user ID is provided in data storage operatively coupled to the authentication server. The first token is produced by the secure cryptoprocessor by encoding the user authentication data associated with the user ID via an encoding process dependent on a secret key of the secure cryptoprocessor. The authentication server receives an authentication request for the user ID from a remote computer via the network. The authentication request comprises a ciphertext encrypting user authentication data under a public key of a first public-private key pair, the private key of which is secret to the secure cryptoprocessor.Type: ApplicationFiled: May 10, 2017Publication date: August 24, 2017Inventors: Mark Korondi, Daniel Kovacs, Zoltan Arnold Nagy
-
Patent number: 9674158Abstract: Methods are provided for authenticating user authentication data, associated with a user ID, at an authentication system. The authentication system comprises an authentication server connected to a network, and a secure cryptoprocessor operatively coupled to the authentication server. A first token for the user ID is provided in data storage operatively coupled to the authentication server. The first token is produced by the secure cryptoprocessor by encoding the user authentication data associated with the user ID via an encoding process dependent on a secret key of the secure cryptoprocessor. The authentication server receives an authentication request for the user ID from a remote computer via the network. The authentication request comprises a ciphertext encrypting user authentication data under a public key of a first public-private key pair, the private key of which is secret to the secure cryptoprocessor.Type: GrantFiled: July 28, 2015Date of Patent: June 6, 2017Assignee: International Business Machines CorporationInventors: Mark Korondi, Daniel Kovacs, Zoltan Arnold Nagy
-
Publication number: 20170155634Abstract: Embodiments include methods for managing encrypted files by storing a user password hash including a predetermined function of the user password associated with that user ID and the secret keys. Aspects also include, in response to receipt from a user computer of an input password and a the user ID for a required encrypted file, communicating with authentication servers to implement a key-reconstruction protocol in which each server computes first and second hash values for the required encrypted file. The file management server uses the first hash values to compute an input password hash including the predetermined function of the input password and the secret keys, checks if the input password hash matches the user password hash for the received user ID, and reconstructs the encryption key for the required encrypted file.Type: ApplicationFiled: November 30, 2015Publication date: June 1, 2017Inventors: Jan L. Camenisch, Daniel Kovacs, Anja Lehmann, Gregory Neven
-
Publication number: 20170126412Abstract: A server system for implementing a distributed cryptographic protocol includes a machine management server which comprises a current virtual machine configured to implement the protocol using a set of communication keys and state information for the protocol. The system further includes a memory and a refresh server. The system is configured, for each of successive new time periods in operation of the protocol, to perform a refresh operation wherein: the refresh server retrieves the state information from the memory, generates a new set of communication keys, and sends the state information and new set of keys to the machine management server; the machine management server configures a new virtual machine for implementing the protocol, whereby the new virtual machine receives the new set of keys and state information sent by the refresh server; and the new virtual machine assumes operation as the current virtual machine for the new time period and stores state information for that time period in the memory.Type: ApplicationFiled: October 30, 2015Publication date: May 4, 2017Inventors: Jan L. Camenisch, Mark Korondi, Daniel Kovacs, Michael C. Osborne
-
Patent number: 9641325Abstract: A server system for implementing a distributed cryptographic protocol includes a machine management server which comprises a current virtual machine configured to implement the protocol using a set of communication keys and state information for the protocol. The system further includes a memory and a refresh server. The system is configured, for each of successive new time periods in operation of the protocol, to perform a refresh operation wherein: the refresh server retrieves the state information from the memory, generates a new set of communication keys, and sends the state information and new set of keys to the machine management server; the machine management server configures a new virtual machine for implementing the protocol, whereby the new virtual machine receives the new set of keys and state information sent by the refresh server; and the new virtual machine assumes operation as the current virtual machine for the new time period and stores state information for that time period in the memory.Type: GrantFiled: October 30, 2015Date of Patent: May 2, 2017Assignee: International Business Machines CorporationInventors: Jan L. Camenisch, Mark Korondi, Daniel Kovacs, Michael C. Osborne
-
Publication number: 20170034133Abstract: Methods are provided for authenticating user authentication data, associated with a user ID, at an authentication system. The authentication system comprises an authentication server connected to a network, and a secure cryptoprocessor operatively coupled to the authentication server. A first token for the user ID is provided in data storage operatively coupled to the authentication server. The first token is produced by the secure cryptoprocessor by encoding the user authentication data associated with the user ID via an encoding process dependent on a secret key of the secure cryptoprocessor. The authentication server receives an authentication request for the user ID from a remote computer via the network. The authentication request comprises a ciphertext encrypting user authentication data under a public key of a first public-private key pair, the private key of which is secret to the secure cryptoprocessor.Type: ApplicationFiled: July 28, 2015Publication date: February 2, 2017Inventors: Mark Korondi, Daniel Kovacs, Zoltan Arnold Nagy