Patents by Inventor G. Thomas Athens
G. Thomas Athens has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Mutual authentication system and method for protection of postal security devices and infrastructure
Patent number: 7912788Abstract: A method of authenticating a PSD and an initializing infrastructure that uses a secret key, a PSD public/private key pair and a provider public/private key pair. The infrastructure prepares a signed provider key record using the provider public key and the provider private key and a first MAC using the signed provider key record and the secret key. Both are sent to the PSD. The PSD authenticates the signed provider key record using the first MAC and the provider public key using the included digital signature. The PSD prepares a signed PSD key record using the PSD public key and the PSD private key and a second MAC using the signed PSD key record and the secret key. Both are sent to the infrastructure. The infrastructure authenticates the signed PSD key record using the second MAC and the PSD public key using the included digital signature.Type: GrantFiled: September 29, 2004Date of Patent: March 22, 2011Assignee: Pitney Bowes Inc.Inventors: G. Thomas Athens, Michael J. Shukaitis, Robert W. Sission -
Patent number: 7908217Abstract: A mailing machine that optimizes throughput by reducing the amount of time necessary for the PSD to generate the digital signature and indicium for each mail piece is provided. The debit operation performed by the PSD, i.e., adjusting the PSD registers, is separated into three different sections, a pre-debit operation, a perform debit operation, and a complete debit operation. In addition, the calculation of the digital signature can optionally be pre-computed, or, alternatively, computed in stages, i.e., partial signature calculation. Utilizing this granularity, the cryptographic operations associated with generating the digital signature can be shifted between the three debit operations such that the execution time of the time critical portion of the debit operation (perform debit) can be optimized to meet the performance requirements of the mailing machine in which the PSD is deployed.Type: GrantFiled: August 13, 2007Date of Patent: March 15, 2011Assignee: Pitney Bowes Inc.Inventors: G. Thomas Athens, Roger Ratzenberger, Jr., Maria P. Parkos, Mark A. Scribe, Robert A. Cordery, John A. Hurd
-
Publication number: 20100211726Abstract: A method includes configuring a flash memory device including a first memory sector having a primary memory sector correspondence, a second memory sector having an alternate memory sector correspondence, and a third memory sector having a free memory sector correspondence, copying a portion of the primary memory sector to the free memory sector, erasing the primary memory sector, and changing a correspondence of each of the first memory sector, the second memory sector, and the third memory sector.Type: ApplicationFiled: May 4, 2010Publication date: August 19, 2010Applicant: Pitney Bowes Inc.Inventors: Wesley A. Kirschner, Gary S. Jacobson, John A. Hurd, G. Thomas Athens, Steven J. Pauly, Richard C. Day, JR.
-
Patent number: 7747812Abstract: A method includes configuring a flash memory device including a first memory sector having a primary memory sector correspondence, a second memory sector having an alternate memory sector correspondence, and a third memory sector having a free memory sector correspondence, copying a portion of the primary memory sector to the free memory sector, erasing the primary memory sector, and changing a correspondence of each of the first memory sector, the second memory sector, and the third memory sector.Type: GrantFiled: December 22, 2005Date of Patent: June 29, 2010Assignee: Pitney Bowes Inc.Inventors: Wesley A. Kirschner, Gary S. Jacobson, John A. Hurd, G. Thomas Athens, Steven J. Pauly, Richard C. Day, Jr.
-
Patent number: 7516105Abstract: A method and system that increases the throughput of a mailing machine by continuously computing indicia prior to and during mail processing is provided. The indicia generation process is divided into two distinct parts, cryptographic calculation and funds committal/printing. Indicium data are continuously computed, asynchronously with the printing of the indicia, and stored in a buffer until needed. This enables several indicium data to be computed and stored prior to processing of a mail piece by the mailing machine. Prior to printing an indicium on a mail piece, the funds for the indicium are accounted for by updating the registers of the mailing machine. Since a number of indicium data may be pre-computed prior to the start of processing the mail through the mailing machine, the throughput of the mailing machine can be increased.Type: GrantFiled: December 11, 2003Date of Patent: April 7, 2009Assignee: Pitney Bowes Inc.Inventors: Frederick W. Ryan, Jr., Douglas A. Clark, Michael J. Ramadei, G. Thomas Athens, David G. Collings
-
Patent number: 7319989Abstract: A method and system that protects against a replay attack in a closed system postage meter is provided. “Freshness” data is included along with each indicium message sent from the meter to the printer, thereby enabling the printer to detect “stale” indicium data, i.e., indicium data that was previously generated and is being replayed, and prohibit the printing of duplicate indicia. The freshness data includes a random nonce generated by the printer during initialization along with sequence data that the printer can verify against sequence data from the previous printed indicium. If in the current indicium message the nonce is different or the current sequence data is not greater than or equal to the sequence data from the previous printed indicium, indicating the current indicium data may have been previously generated and is a replay, the printer will not print the current indicium data.Type: GrantFiled: March 4, 2003Date of Patent: January 15, 2008Assignee: Pitney Bowes Inc.Inventors: G. Thomas Athens, Robert A. Cordery, John A. Hurd, Maria P. Parkos, Roger J. Ratzenberger, Jr.
-
Patent number: 7305710Abstract: In a value dispensing system, a system and method for securely loading and executing software in a secure device that does not include any non-volatile programmable memory is provided. A non-secure portion of the value dispensing system stores software for loading into the secure portion when needed. Commands being sent to the secure printer are monitored to determine if the secure has the necessary software to execute the command. If the secure device currently does not have the necessary software to execute the command, the command is delayed and the proper software is loaded from the non-secure portion to the RAM of the secure device. A signature associated with the software is verified to ensure the authenticity of the software. If the signature is verified, the command is passed to the secure device, and, utilizing the software in the RAM, the command is executed by the secure device.Type: GrantFiled: April 29, 2003Date of Patent: December 4, 2007Assignee: Pitney Bowes Inc.Inventors: G. Thomas Athens, Robert G. Arsenault, Walter J. Baker, John A. Hurd, Wesley A. Kirschner, Roger J. Ratzenberger, Jr., Albert P. Jacques, Thomas O. Matthews
-
Patent number: 7272581Abstract: A mailing machine that optimizes throughput by reducing the amount of time necessary for the PSD to generate the digital signature and indicium for each mail piece is provided. The debit operation performed by the PSD, i.e., adjusting the PSD registers, is separated into three different sections, a pre-debit operation, a perform debit operation, and a complete debit operation. In addition, the calculation of the digital signature can optionally be pre-computed, or, alternatively, computed in stages, i.e., partial signature calculation. Utilizing this granularity, the cryptographic operations associated with generating the digital signature can be shifted between the three debit operations such that the execution time of the time critical portion of the debit operation (perform debit) can be optimized to meet the performance requirements of the mailing machine in which the PSD is deployed.Type: GrantFiled: September 17, 2002Date of Patent: September 18, 2007Assignee: Pitney Bowes Inc.Inventors: G. Thomas Athens, Roger Ratzenberger, Jr., Maria P. Parkos, Mark A. Scribe, Robert A. Cordery, John A. Hurd
-
Publication number: 20070150966Abstract: In accordance with an exemplary embodiment of the invention, a method includes storing at least one data element in an external memory located outside of a security boundary, and executing a validation algorithm within the security boundary to repeatedly validate the at least one data element. The validation algorithm includes validating a size of the at least one data element, validating a hash of the at least one data element, and validating a signature of a hash file comprising information corresponding to the at least one data element.Type: ApplicationFiled: December 22, 2005Publication date: June 28, 2007Inventors: Wesley Kirschner, Gary Jacobson, John Hurd, G. Thomas Athens, Walter Baker, Ramprasad Bagawadi-Ellur, Sathish Varma Kalidindi, Steven Pauly
-
Publication number: 20070150643Abstract: A method includes configuring a flash memory device including a first memory sector having a primary memory sector correspondence, a second memory sector having an alternate memory sector correspondence, and a third memory sector having a free memory sector correspondence, copying a portion of the primary memory sector to the free memory sector, erasing the primary memory sector, and changing a correspondence of each of the first memory sector, the second memory sector, and the third memory sector.Type: ApplicationFiled: December 22, 2005Publication date: June 28, 2007Inventors: Wesley Kirschner, Gary Jacobson, John Hurd, G. Thomas Athens, Steven Pauly, Richard Day
-
Publication number: 20040221175Abstract: In a value dispensing system, a system and method for securely loading and executing software in a secure device that does not include any non-volatile programmable memory is provided. A non-secure portion of the value dispensing system stores software for loading into the secure portion when needed. Commands being sent to the secure printer are monitored to determine if the secure has the necessary software to execute the command. If the secure device currently does not have the necessary software to execute the command, the command is delayed and the proper software is loaded from the non-secure portion to the RAM of the secure device. A signature associated with the software is verified to ensure the authenticity of the software. If the signature is verified, the command is passed to the secure device, and, utilizing the software in the RAM, the command is executed by the secure device.Type: ApplicationFiled: April 29, 2003Publication date: November 4, 2004Applicant: Pitney Bowes IncorporatedInventors: G. Thomas Athens, Robert G. Arsenault, Walter J. Baker, John A. Hurd, Wesley A. Kirschner, Roger J. Ratzenberger, Albert P. Jacques, Thomas O. Matthews
-
Publication number: 20040177050Abstract: A method and system that protects against a replay attack in a closed system postage meter is provided. “Freshness” data is included along with each indicium message sent from the meter to the printer, thereby enabling the printer to detect “stale” indicium data, i.e., indicium data that was previously generated and is being replayed, and prohibit the printing of duplicate indicia. The freshness data includes a random nonce generated by the printer during initialization along with sequence data that the printer can verify against sequence data from the previous printed indicium. If in the current indicium message the nonce is different or the current sequence data is not greater than or equal to the sequence data from the previous printed indicium, indicating the current indicium data may have been previously generated and is a replay, the printer will not print the current indicium data.Type: ApplicationFiled: March 4, 2003Publication date: September 9, 2004Applicant: Pitney Bowes IncorporatedInventors: G. Thomas Athens, Robert A. Cordery, John A. Hurd, Maria P. Parkos, Roger J. Ratzenberger
-
Publication number: 20040177049Abstract: A method and system that protects against a parallel printing attack is provided. During initialization of a printer and a meter, the printer provides the meter with an identification number. The identification number can be a serial number or the like, or a random number generated by the printer. The meter includes the identification number in each indicium message sent to the printer and optionally signs the message. When the printer receives an indicium message, it will compare the identification number in the indicium message to its own identification number. If the identification number is identical, the printer will print the indicium. If the identification number is not identical or the signature does not verify, the printer will not print the indicium. Thus, only the printer connected to the meter during initialization of the system will be able to print indicia generated during that session.Type: ApplicationFiled: March 4, 2003Publication date: September 9, 2004Applicant: Pitney Bowes IncorporatedInventors: G. Thomas Athens, Robert A. Cordery, John A. Hurd, Maria P. Parkos, Roger J. Ratzenberger
-
Patent number: 6631012Abstract: A method and system for printing a 2D-barcode corresponding to a binary data array and a substrate imprinted with such barcode. The barcode has I first columns of modules and J rows of modules transverse to columns. Each module having a one-to-one correspondence with a bit in a data array and comprising X columns and Y rows of pixels.Type: GrantFiled: December 11, 2001Date of Patent: October 7, 2003Assignee: Pitney Bowes Inc.Inventors: G. Thomas Athens, John A. Hurd, Jerome E. Jackson
-
Publication number: 20030177104Abstract: A mailing machine that optimizes throughput by reducing the amount of time necessary for the PSD to generate the digital signature and indicium for each mail piece is provided. The debit operation performed by the PSD, i.e., adjusting the PSD registers, is separated into three different sections, a pre-debit operation, a perform debit operation, and a complete debit operation. In addition, the calculation of the digital signature can optionally be pre-computed, or, alternatively, computed in stages, i.e., partial signature calculation. Utilizing this granularity, the cryptographic operations associated with generating the digital signature can be shifted between the three debit operations such that the execution time of the time critical portion of the debit operation (perform debit) can be optimized to meet the performance requirements of the mailing machine in which the PSD is deployed.Type: ApplicationFiled: September 17, 2002Publication date: September 18, 2003Applicant: Pitney Bowes Inc.Inventors: G. Thomas Athens, Roger Ratzenberger, Maria P. Parkos, Mark A. Scribe, Robert A. Cordery, John A. Hurd
-
Publication number: 20030107759Abstract: A method and system for printing a 2D-barcode corresponding to a binary data array and a substrate imprinted with such barcode. The barcode has I first columns of modules and J rows of modules transverse to columns. Each module having a one-to-one correspondence with a bit in a data array and comprising X columns and Y rows of pixels.Type: ApplicationFiled: December 11, 2001Publication date: June 12, 2003Applicant: Pitney Bowes Inc.Inventors: G. Thomas Athens, John A. Hurd, Jerome E. Jackson