Patents by Inventor Dirk Balfanz

Dirk Balfanz has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 10050960
    Abstract: A method of adding a user account to an unassociated device may include detecting, by an associated device that is associated with a user account, an audio signal broadcast by an unassociated device that is not associated with the user account, where the audio signal includes a token. The method may include sending the token to a computing device associated with a service provider of the user account, receiving, by the associated device, a command, determining that the received command is an authorization command, and in response to determining that the received command is an authorization command, sending one or more authorization instructions to the computing device. The one or more authorization instructions may instruct the computing device to send one or more credentials associated with the user.
    Type: Grant
    Filed: August 24, 2016
    Date of Patent: August 14, 2018
    Assignee: Google LLC
    Inventors: Alexei Czeskis, Dirk Balfanz
  • Publication number: 20180131683
    Abstract: The subject technology provides for detecting, by a first computing device, a second computing device being within a predetermined distance of the first computing device, the first computing device being in a locked mode. The subject technology receives an access key from the second computing device. Additionally, the subject technology exits, by the first computing device, the locked mode based on the access key from the second computing device.
    Type: Application
    Filed: January 4, 2018
    Publication date: May 10, 2018
    Inventors: Joshua Woodward, Jay Pierre Civelli, Dirk Balfanz, Marco Fucci, Alexei Czeskis, Nishit Shah, Kan Liu, Michal Levin
  • Patent number: 9882895
    Abstract: A first computing device provides an indication that the first computing device accepts dynamic user registration of user accounts over a wireless connection. A second computing device automatically connects to the first computing device and passes an account token to the first computing device over the wireless connection, all without physical interaction with the first computing device. The first computing device automatically contacts a remote account server to retrieve a user account associated with the account token and registers the user account with the first computing device.
    Type: Grant
    Filed: January 6, 2016
    Date of Patent: January 30, 2018
    Assignee: Google LLC
    Inventors: Joshua Woodward, Jay Pierre Civelli, Dirk Balfanz, Marco Fucci, Alexei Czeskis, Nishit Shah, Kan Liu, Michal Levin
  • Patent number: 9449160
    Abstract: A method of adding a user account to an unassociated device may include detecting, by an associated device that is associated with a user account, an audio signal broadcast by an unassociated device that is not associated with the user account, where the audio signal includes a token. The method may include sending the token to a computing device associated with a service provider of the user account, receiving, by the associated device, a command, determining that the received command is an authorization command, and in response to determining that the received command is an authorization command, sending one or more authorization instructions to the computing device. The one or more authorization instructions may instruct the computing device to send one or more credentials associated with the user.
    Type: Grant
    Filed: February 18, 2014
    Date of Patent: September 20, 2016
    Assignee: Google Inc.
    Inventors: Alexei Czeskis, Dirk Balfanz
  • Patent number: 9392104
    Abstract: A first computing device monitors a presence of a second computing device, and determines when the second computing device has moved out of an area proximate to the first computing device. In response to determining that the second computer moved out of the area, the first computing device is automatically configured to limit user interaction with one or more applications currently operating on the first computing device to a predetermined set of commands while preventing user interaction with other applications provided by the first computing device.
    Type: Grant
    Filed: February 10, 2015
    Date of Patent: July 12, 2016
    Assignee: Google Inc.
    Inventors: Nishit Shah, Kan Liu, Caesar Sengupta, Benjamin Thomas Smith, Eric Sachs, Mayank Dutt Upadhyay, Dirk Balfanz, Michal Levin
  • Publication number: 20160119322
    Abstract: A first computing device provides an indication that the first computing device accepts dynamic user registration of user accounts over a wireless connection. A second computing device automatically connects to the first computing device and passes an account token to the first computing device over the wireless connection, all without physical interaction with the first computing device. The first computing device automatically contacts a remote account server to retrieve a user account associated with the account token and registers the user account with the first computing device.
    Type: Application
    Filed: January 6, 2016
    Publication date: April 28, 2016
    Inventors: Joshua Woodward, Jay Pierre Civelli, Dirk Balfanz, Marco Fucci, Alexei Czeskis, Nishit Shah, Kan Liu, Michal Levin
  • Patent number: 9325696
    Abstract: A system and method is disclosed for authenticating a user using locally stored credentials. A website is configured to provide, to a web browser, a login page, including header information which informs the web browser that the website may accept an automatic login. In response to receiving, from the web browser, credential information and a request to login to the website, a login token having an expiration time is generated by an authentication server and returned to the web browser. The web browser provides the login token to an authentication address associated with the website, before the expiration time, to automatically login to the website.
    Type: Grant
    Filed: January 31, 2012
    Date of Patent: April 26, 2016
    Assignee: Google Inc.
    Inventors: Dirk Balfanz, Michael K. Fleming, Doru Costin Manolache
  • Patent number: 9276914
    Abstract: A computing device provides an indication that the computing device accepts dynamic user registration of user accounts over a wireless connection. A wireless mobile device automatically connects to the computing device, establishes an encrypted connection, and receives, over the encrypted connection, and passes an encrypted account token over the encrypted connection to the computing device, all without physical interaction with the computing device. The computing device automatically contacts a remote account server to retrieve a user account associated with the account token and registers the user account with the device.
    Type: Grant
    Filed: January 29, 2015
    Date of Patent: March 1, 2016
    Assignee: Google Inc.
    Inventors: Joshua Woodward, Jay Pierre Civelli, Dirk Balfanz, Marco Fucci, Alexei Czeskis, Nishit Shah, Kan Liu, Michal Levin
  • Publication number: 20150296074
    Abstract: A first computing device monitors a presence of a second computing device, and determines when the second computing device has moved out of an area proximate to the first computing device. In response to determining that the second computer moved out of the area, the first computing device is automatically configured to limit user interaction with one or more applications currently operating on the first computing device to a predetermined set of commands while preventing user interaction with other applications provided by the first computing device.
    Type: Application
    Filed: February 10, 2015
    Publication date: October 15, 2015
    Inventors: Nishit SHAH, Kan LIU, Caesar SENGUPTA, Benjamin Thomas SMITH, Eric SACHS, Mayank Dutt UPADHYAY, Dirk BALFANZ, Michal LEVIN
  • Publication number: 20150295901
    Abstract: A computing device provides an indication that the computing device accepts dynamic user registration of user accounts over a wireless connection. A wireless mobile device automatically connects to the computing device, establishes an encrypted connection, and receives, over the encrypted connection, and passes an encrypted account token over the encrypted connection to the computing device, all without physical interaction with the computing device. The computing device automatically contacts a remote account server to retrieve a user account associated with the account token and registers the user account with the device.
    Type: Application
    Filed: January 29, 2015
    Publication date: October 15, 2015
    Inventors: Joshua WOODWARD, Jay Pierre CIVELLI, Dirk BALFANZ, Marco FUCCI, Alexei CZESKIS, Nishit SHAH, Kan LIU, Michal LEVIN
  • Patent number: 8515389
    Abstract: We present technology that allows layman computer users to simply create, provision, and maintain secured infrastructure—an instant PKI. This technology can be used in a wide variety of applications including wired and wireless networks, secure sensor networks (such as medical networks), emergency alert networks, as well as simply and automatically provisioning network devices whether secure or not.
    Type: Grant
    Filed: February 14, 2011
    Date of Patent: August 20, 2013
    Assignee: Palo Alto Research Center Incorporated
    Inventors: Diana K. Smetters, Dirk Balfanz, Glenn E. Durfee, Rebecca E. Grinter, Paul J. Stewart, Hao-Chi Wong
  • Patent number: 8345871
    Abstract: A method of providing secure communications over a network includes receiving, at a receiving computer, a public key of a sending computer, and a hash of a sending random number over a first communication channel, transmitting, from the receiving computer, a public key of the receiving computer and a receiving random number provided by the receiving computer over the first communication channel, and receiving, at the receiving computer, the sending random number provided by the sending computer over the first communication channel.
    Type: Grant
    Filed: March 15, 2007
    Date of Patent: January 1, 2013
    Assignees: Palo Alto Research Center Incorporated, Samsung Electronics Co., Ltd.
    Inventors: Dirk Balfanz, Philippe J. Golle, Diana K. Smetters, Glenn E. Durfee
  • Patent number: 8256664
    Abstract: Systems and methods provide a user with secure access to a web site at a first client device without having to enter login information, such as a username and password, at that device. For example, the first device may request access to user information from a server system. The server may generate a session ID, associate it with the first device, and encode it into a bar code that is displayed at the first device. Using camera functions, a second client device may identify and decode the bar code to determine the session ID. The login information may be entered into the second device in order to establish a secure connection with the server. The second device may transmit the session ID to the server system. The server may identify the first client device based on the common session ID and transmit the requested user information to the first device.
    Type: Grant
    Filed: April 9, 2010
    Date of Patent: September 4, 2012
    Assignee: Google Inc.
    Inventors: Dirk Balfanz, Breno Fonseca de Medeiros, Sheldon Walfish
  • Patent number: 8156337
    Abstract: Pre-authentication information of devices is used to securely authenticate arbitrary peer-to-peer ad-hoc interactions. In one embodiment, public key cryptography is used in the main wireless link with location-limited channels being initially used to pre-authenticate devices. Use of public keys in the pre-authentication data allows for the broadening of types of media suitable for use as location-limited channels to include, for example, audio and infrared. Also, it allows a range of key exchange protocols which can be authenticated in this manner to include most public-key-based protocols. As a result, a large range of devices, protocols can be used in various applications. Further, an eavesdropper is forced to mount an active attack on the location-limited channel itself in order to access an ad-hoc exchange. However, this results in the discovery of the eavesdropper.
    Type: Grant
    Filed: April 3, 2006
    Date of Patent: April 10, 2012
    Assignee: Palo Alto Research Center Incorporated
    Inventors: Dirk Balfanz, Cristina Lopes, Diana Smetters, Paul Stewart, Hao-Chi Wong
  • Patent number: 8135956
    Abstract: Techniques are provided for the lightweight authentication of a user to an application, a computer or other device. An interaction element such as a stylus, a pen or marker is uniquely identified. The interactive element is associated with a user. The interaction element provides a means for interacting with the application. The proximity of the identification element within the interaction element during data entry operations to the authentication sensor signals the controlled application that the user has been authenticated.
    Type: Grant
    Filed: December 11, 2006
    Date of Patent: March 13, 2012
    Assignee: Palo Alto Research Center Incorporated
    Inventor: Dirk Balfanz
  • Patent number: 8023654
    Abstract: A method for securing human to human communication over a network includes receiving, by a first computer, an incoming authenticated data stream from a second computer over a first communication channel, the incoming authenticated data stream having been computed using an incoming digital experiential data stream and a first imprint, and extracting the first imprint from the incoming authenticated data stream. The incoming authenticated data stream is then presented for sensory experience by a human. An outgoing digital experiential data stream is then input and the method computes a second imprint associated with the first computer and computes an outgoing authenticated data stream using the outgoing digital experiential data stream and the second imprint. A second communication channel is then secured from the first computer to the second computer using the first imprint, the second communication channel suitable for sending the outgoing authenticated data stream to the second computer.
    Type: Grant
    Filed: December 18, 2006
    Date of Patent: September 20, 2011
    Assignee: Palo Alto Research Center Incorporated
    Inventors: Paul J. Stewart, Dirk Balfanz, Glenn E. Durfee, Diana K. Smetters
  • Publication number: 20110219358
    Abstract: A method of receiving mobile code includes receiving, from a source node, a dependency descriptor describing at least one permitted configuration, each configuration comprising necessary conditions on a destination node to execute mobile code, executing, on the destination node, checker code associated with the conditions described in the dependency descriptor, and, if at least one configuration is compatible, receiving the mobile code at the destination node.
    Type: Application
    Filed: May 13, 2011
    Publication date: September 8, 2011
    Applicant: PALO ALTO RESEARCH CENTER INCORPORATED
    Inventor: Dirk Balfanz
  • Publication number: 20110134847
    Abstract: We present technology that allows layman computer users to simply create, provision, and maintain secured infrastructure—an instant PKI. This technology can be used in a wide variety of applications including wired and wireless networks, secure sensor networks (such as medical networks), emergency alert networks, as well as simply and automatically provisioning network devices whether secure or not.
    Type: Application
    Filed: February 14, 2011
    Publication date: June 9, 2011
    Applicant: PALO ALTO RESEARCH CENTER INCORPORATED
    Inventors: Diana K. Smetters, Dirk Balfanz, Glenn E. Durfee, Rebecca E. Grinter, Paul J. Stewart, Hao-Chi Wong
  • Patent number: 7937089
    Abstract: We present technology that allows layman computer users to simply create, provision, and maintain secured infrastructure—an instant PKI. This technology can be used in a wide variety of applications including wired and wireless networks, secure sensor networks (such as medical networks), emergency alert networks, as well as simply and automatically provisioning network devices whether secure or not.
    Type: Grant
    Filed: September 5, 2003
    Date of Patent: May 3, 2011
    Assignee: Palo Alto Research Center Incorporated
    Inventors: Diana K. Smetters, Dirk Balfanz, Glenn E. Durfee, Rebecca E. Grinter, Paul J. Stewart, Hao-Chi Wong
  • Patent number: 7937752
    Abstract: A system and method for sharing files securely includes server software on a first device configured to communicate with server software operating on one or more other preauthorized devices, such as a second device. The servers communicate with each other securely using cryptographic information exchanged during a preauthorization phase using a range-limited communication channel. The server on the first device obtains file information from the other preauthorized device(s) and combines the information with local file information from the first device. This combined file information is sent to client software operating on the machine, which presents the combined file information to users.
    Type: Grant
    Filed: February 18, 2009
    Date of Patent: May 3, 2011
    Assignee: Palo Alto Research Center Incorporated
    Inventors: Dirk Balfanz, Diana Smetters, Kenneth Conley, Bryan Pendleton, Steve Cousins