Patents by Inventor Glenn E. Durfee
Glenn E. Durfee has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 8515389Abstract: We present technology that allows layman computer users to simply create, provision, and maintain secured infrastructure—an instant PKI. This technology can be used in a wide variety of applications including wired and wireless networks, secure sensor networks (such as medical networks), emergency alert networks, as well as simply and automatically provisioning network devices whether secure or not.Type: GrantFiled: February 14, 2011Date of Patent: August 20, 2013Assignee: Palo Alto Research Center IncorporatedInventors: Diana K. Smetters, Dirk Balfanz, Glenn E. Durfee, Rebecca E. Grinter, Paul J. Stewart, Hao-Chi Wong
-
Patent number: 8345871Abstract: A method of providing secure communications over a network includes receiving, at a receiving computer, a public key of a sending computer, and a hash of a sending random number over a first communication channel, transmitting, from the receiving computer, a public key of the receiving computer and a receiving random number provided by the receiving computer over the first communication channel, and receiving, at the receiving computer, the sending random number provided by the sending computer over the first communication channel.Type: GrantFiled: March 15, 2007Date of Patent: January 1, 2013Assignees: Palo Alto Research Center Incorporated, Samsung Electronics Co., Ltd.Inventors: Dirk Balfanz, Philippe J. Golle, Diana K. Smetters, Glenn E. Durfee
-
Patent number: 8023654Abstract: A method for securing human to human communication over a network includes receiving, by a first computer, an incoming authenticated data stream from a second computer over a first communication channel, the incoming authenticated data stream having been computed using an incoming digital experiential data stream and a first imprint, and extracting the first imprint from the incoming authenticated data stream. The incoming authenticated data stream is then presented for sensory experience by a human. An outgoing digital experiential data stream is then input and the method computes a second imprint associated with the first computer and computes an outgoing authenticated data stream using the outgoing digital experiential data stream and the second imprint. A second communication channel is then secured from the first computer to the second computer using the first imprint, the second communication channel suitable for sending the outgoing authenticated data stream to the second computer.Type: GrantFiled: December 18, 2006Date of Patent: September 20, 2011Assignee: Palo Alto Research Center IncorporatedInventors: Paul J. Stewart, Dirk Balfanz, Glenn E. Durfee, Diana K. Smetters
-
Publication number: 20110134847Abstract: We present technology that allows layman computer users to simply create, provision, and maintain secured infrastructure—an instant PKI. This technology can be used in a wide variety of applications including wired and wireless networks, secure sensor networks (such as medical networks), emergency alert networks, as well as simply and automatically provisioning network devices whether secure or not.Type: ApplicationFiled: February 14, 2011Publication date: June 9, 2011Applicant: PALO ALTO RESEARCH CENTER INCORPORATEDInventors: Diana K. Smetters, Dirk Balfanz, Glenn E. Durfee, Rebecca E. Grinter, Paul J. Stewart, Hao-Chi Wong
-
Patent number: 7937089Abstract: We present technology that allows layman computer users to simply create, provision, and maintain secured infrastructure—an instant PKI. This technology can be used in a wide variety of applications including wired and wireless networks, secure sensor networks (such as medical networks), emergency alert networks, as well as simply and automatically provisioning network devices whether secure or not.Type: GrantFiled: September 5, 2003Date of Patent: May 3, 2011Assignee: Palo Alto Research Center IncorporatedInventors: Diana K. Smetters, Dirk Balfanz, Glenn E. Durfee, Rebecca E. Grinter, Paul J. Stewart, Hao-Chi Wong
-
Patent number: 7916861Abstract: A method for establishing a secondary communication channel between at least two computing devices over a network medium through use of a primary channel connects a first computing device with a first telephonic unit and a second computing device with a second telephonic unit. If the two telephonic units are in communication with each other over a primary channel, and communication channels are established between the computing devices and their respective telephonic units, then the first computing device transmits its location information to the second computing device over the primary channel. A connection is then established between the second computing device and the first computing device over a secondary communication channel.Type: GrantFiled: September 28, 2006Date of Patent: March 29, 2011Assignee: Palo Alto Research Center IncorporatedInventors: Kenneth W. Conley, Dirk Balfanz, Bryan A. Pendleton, Diana K. Smetters, Glenn E. Durfee
-
Patent number: 7822863Abstract: A method of accessing a data resource identifies the data resource, the data resource accessible through a first device and associated with a resource locator, the first device configured to provide access to the data resource responsive to possession of a whitelisted credential. The method includes receiving a second-device credential from a second device by a personal domain controller, the personal domain controller and the first device within a first trusted relationship and provides, by the personal domain controller, the second-device credential to the first device for whitelisting subject to the first trusted relationship. The method uses, by the second device, the second-device credential to access the data resource responsive to the resource locator.Type: GrantFiled: May 12, 2006Date of Patent: October 26, 2010Assignee: Palo Alto Research Center IncorporatedInventors: Dirk Balfanz, Diana K. Smetters, Glenn E. Durfee, Trevor F. Smith
-
Patent number: 7793110Abstract: One embodiment of the present invention provides a system that facilitates access to encrypted data on a computing device based on a security-posture of the computing device. During operation, the system assesses the security-posture of the computing device upon which the encrypted data is stored. If the assessed security-posture meets specified criteria, the system provides the computing device with a key which enables the computing device to access the encrypted data.Type: GrantFiled: May 24, 2006Date of Patent: September 7, 2010Assignee: Palo Alto Research Center IncorporatedInventors: Glenn E. Durfee, Dirk Balfanz, Diana K. Smetters, Paul J. Stewart
-
Patent number: 7757076Abstract: We present technology that allows layman computer users to simply create, provision, and maintain secured infrastructure—an instant PKI. This technology can be used in a wide variety of applications including enabling secure communications to components of a vehicle, and enabling secure communications between the vehicle and associated infrastructure.Type: GrantFiled: April 30, 2004Date of Patent: July 13, 2010Assignee: Palo Alto Research Center IncorporatedInventors: Paul J. Stewart, Diana K. Smetters, Rebecca E. Grinter, Dirk Balfanz, Glenn E. Durfee, Hao-Chi Wong
-
Patent number: 7725928Abstract: One embodiment of the present invention provides a system for establishing temporary and permanent credentials for secure remote data access. The system includes a temporary smart card configured to provide a temporary credential for a first device, thereby providing the first device with temporary secure access to a remote data source when the temporary smart card is used with the first device. Additionally, the system includes an enrollment smart card configured to provide a permanent credential for a second device, thereby providing the second device with permanent secure access to the remote data source without presence of the enrollment smart card or the temporary smart card.Type: GrantFiled: December 2, 2005Date of Patent: May 25, 2010Assignee: Palo Alto Research Center IncorporatedInventors: Glenn E. Durfee, Dirk Balfanz, Diana K. Smetters
-
Patent number: 7581096Abstract: We present technology that allows layman computer users to simply create, provision, and maintain secured infrastructure—an instant PKI. This technology can be used in a wide variety of applications including wired and wireless networks, secure sensor networks (such as medical networks), emergency alert networks, as well as simply and automatically provisioning network devices whether secure or not.Type: GrantFiled: September 5, 2003Date of Patent: August 25, 2009Assignee: Xerox CorporationInventors: Dirk Balfanz, Diana K. Smetters, Paul Joseph Stewart, Glenn E. Durfee, Rebecca E. Grinter, Hao-Chi Wong
-
Patent number: 7552322Abstract: One embodiment of the present invention provides a system that uses a portable security token to facilitate public key certification for a target device in a network. During system operation, the portable security token is located in close physical proximity to the target device to allow the portable security token to communicate with the target device through a location-limited communication channel. During this communication, the portable security token receives an authenticator for the target device, and forms a ticket by digitally signing the authenticator with a key previously agreed upon by the portable security token and a certification authority (CA). Next, the portable security token sends the ticket to the target device, whereby the target device can subsequently present the ticket to the CA to prove that the target device is authorized to receive a credential from the CA.Type: GrantFiled: June 24, 2004Date of Patent: June 23, 2009Assignee: Palo Alto Research Center IncorporatedInventors: Dirk Balfanz, Glenn E. Durfee, Diana K. Smetters
-
Patent number: 7454619Abstract: We present technology that allows layman computer users to simply create, provision, and maintain secured infrastructure—an instant PKI. This technology can be used in a wide variety of applications including wired and wireless networks, secure sensor networks (such as medical networks), emergency alert networks, as well as simply and automatically provisioning network devices whether secure or not.Type: GrantFiled: September 5, 2003Date of Patent: November 18, 2008Assignee: Palo Alto Research Center IncorporatedInventors: Diana K. Smetters, Dirk Balfanz, Glenn E. Durfee, Rebecca E. Grinter, Paul J. Stewart, Hao-Chi Wong
-
Publication number: 20080229110Abstract: A method of providing secure communications over a network includes receiving, at a receiving computer, a public key of a sending computer, and a hash of a sending random number over a first communication channel, transmitting, from the receiving computer, a public key of the receiving computer and a receiving random number provided by the receiving computer over the first communication channel, and receiving, at the receiving computer, the sending random number provided by the sending computer over the first communication channel.Type: ApplicationFiled: March 15, 2007Publication date: September 18, 2008Applicant: PALO ALTO RESEARCH CENTER INCORPORATED AND SAMSUNG ELECTRONICS CO., LTDInventors: Dirk Balfanz, Phillipe J. Golle, Diana K. Smetters, Glenn E. Durfee
-
Patent number: 7426271Abstract: A method for establishing a secondary communication channel between at least two computing devices over a network medium through use of a primary channel connects a first computing device with a first telephonic unit and a second computing device with a second telephonic unit. If the two telephonic units are in communication with each other over a primary channel, and communication channels are established between the computing devices and their respective telephonic units, then the first computing device transmits its location information to the second computing device over the primary channel. A connection is then established between the second computing device and the first computing device over a secondary communication channel.Type: GrantFiled: April 25, 2003Date of Patent: September 16, 2008Assignee: Palo Alto Research Center IncorporatedInventors: Kenneth W. Conley, Dirk Balfanz, Bryan A. Pendleton, Diana K. Smetters, Glenn E. Durfee
-
Publication number: 20080144824Abstract: A method for securing human to human communication over a network includes receiving, by a first computer, an incoming authenticated data stream from a second computer over a first communication channel, the incoming authenticateed data stream having been computed using an incoming digital experiential data stream and a first imprint, and extracting the first imprint from the incoming authenticated data stream. The incoming authenticated data stream is then presented for sensory experience by a human. An outgoing digital experiential data stream is then input and the method computes a second imprint associated with the first computer and computes an outgoing authenticated data stream using the outgoing digital experiential data stream and the second imprint. A second communication channel is then secured from the first computer to the second computer using the first imprint, the second communication channel suitable for sending the outgoing authenticated data stream to the second computer.Type: ApplicationFiled: December 18, 2006Publication date: June 19, 2008Applicants: PALO ALTO RESEARCH CENTER INCORPORATED, SAMSUNG ELECTRONICS CO., LTD.Inventors: Paul J. Stewart, Dirk Balfanz, Glenn E. Durfee, Diana K. Smetters
-
Publication number: 20070277240Abstract: One embodiment of the present invention provides a system that facilitates access to encrypted data on a computing device based on a security-posture of the computing device. During operation, the system assesses the security-posture of the computing device upon which the encrypted data is stored. If the assessed security-posture meets specified criteria, the system provides the computing device with a key which enables the computing device to access the encrypted data.Type: ApplicationFiled: May 24, 2006Publication date: November 29, 2007Inventors: Glenn E. Durfee, Dirk Balfanz, Diana K. Smetters, Paul J. Stewart
-
Patent number: 7275156Abstract: We present technology that allows layman computer users to simply create, provision, and maintain secured infrastructure—an instant PKI. This technology can be used in a wide variety of applications including wired and wireless networks, secure sensor networks (such as medical networks), emergency alert networks, as well as simply and automatically provisioning network devices whether secure or not.Type: GrantFiled: September 5, 2003Date of Patent: September 25, 2007Assignee: Xerox CorporationInventors: Dirk Balfanz, Diana K. Smetters, Paul Joseph Stewart, Glenn E. Durfee, Rebecca E. Grinter, Hao-Chi Wong
-
Patent number: 7130998Abstract: One embodiment of the present invention provides a system that uses a portable security token (PST) to facilitate cross-certification between a first certification authority (CA) and a second CA, wherein the first CA and associated subscriber devices constitute a first public-key infrastructure (PKI) domain, and wherein the second CA and associated subscriber devices constitute a second PKI domain. During operation, the system uses the PST to transfer certification information between the first CA and the second CA, wherein the PST communicates with the first CA and the second CA through a location-limited communication channel. Next, the system uses the certification information to issue a cross-certificate to the first CA. Note that the cross-certificate is signed by the second CA.Type: GrantFiled: October 14, 2004Date of Patent: October 31, 2006Assignee: Palo Alto Research Center, Inc.Inventors: Dirk Balfanz, Glenn E. Durfee, Diana K. Smetters
-
Publication number: 20040268119Abstract: We present technology that allows layman computer users to simply create, provision, and maintain secured infrastructure—an instant PKI. This technology can be used in a wide variety of applications including wired and wireless networks, secure sensor networks (such as medical networks), emergency alert networks, as well as simply and automatically provisioning network devices whether secure or not.Type: ApplicationFiled: September 5, 2003Publication date: December 30, 2004Applicant: Palo Alto Research Center, IncorporatedInventors: Diana K. Smetters, Dirk Balfanz, Glenn E. Durfee, Rebecca E. Grinter, Paul J. Stewart, Hao-Chi Wong