Patents by Inventor James E. Zmuda

James E. Zmuda has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20190245690
    Abstract: Techniques are disclosed relating to time synchronization in a network. In some embodiments, an apparatus includes a first circuit having a first clock configured to maintain a local time value for a node coupled to a network. The first circuit is configured to send a first message to a second circuit. The first message includes a first nonce. The second circuit has a second clock that maintains a reference time value for the network. The first circuit receives a second message from the second circuit, the second message including a second nonce and is associated with a timestamp identifying the reference time value. The first circuit compares the first nonce to the second nonce to determine whether the timestamp is valid and, in response to determining that the timestamp is valid, uses the timestamp to synchronize the first clock with the second clock.
    Type: Application
    Filed: September 8, 2017
    Publication date: August 8, 2019
    Inventors: Birju N. Shah, Tristan F. Schaap, James E. Zmuda, Manfred von Willich
  • Patent number: 7757100
    Abstract: A method provides a protected region of a data storage device associated with a computational device, where data in the protected region is primarily protected by preventing access without proper access authorization. The method comprises the steps of providing, in an unprotected region of the data storage device, a first operating system and associated operating system data; monitoring operating system data accessed by the computational device until a predetermined functionality becomes available; storing, in the protected region, the monitored operating system data; providing, in the protected region, a second operating system; transferring control of the computational device from the first operating system to the second operating system; storing data in the protected region; and preventing access to the stored data in the protected region without access authorization.
    Type: Grant
    Filed: May 23, 2008
    Date of Patent: July 13, 2010
    Assignee: Spyrus, Inc.
    Inventors: Gregg D. Weissman, Hon Tran, Gregory W. Dalcher, Jay H. Hoffmeier, James E. Zmuda, Mark J. Sutherland, Michael T. Guttman
  • Publication number: 20080263371
    Abstract: A method provides a protected region of a data storage device associated with a computational device, where data in the protected region is primarily protected by preventing access without proper access authorization. The method comprises the steps of providing, in an unprotected region of the data storage device, a first operating system and associated operating system data; monitoring operating system data accessed by the computational device until a predetermined functionality becomes available; storing, in the protected region, the monitored operating system data; providing, in the protected region, a second operating system; transferring control of the computational device from the first operating system to the second operating system; storing data in the protected region; and preventing access to the stored data in the protected region without access authorization.
    Type: Application
    Filed: May 23, 2008
    Publication date: October 23, 2008
    Applicant: SPYRUS, INC.
    Inventors: Gregg D. Weissman, Hon Tran, Gregory W. Dalcher, Jay H. Hoffmeier, James E. Zmuda, Mark J. Sutherland, Michael T. Guttman
  • Patent number: 7380140
    Abstract: The invention establishes a protected volume on a data storage device associated with a computational device by allowing an operating system of the computational device to boot up to a point (the volume conversion crossover point) at which predetermined functionality of the operating system becomes available, then establishing the protected volume. A copy of the operating system data (cleartext operating system data) that is accessed during boot up prior to the volume conversion crossover point (which can be known by monitoring and recording access to operating system data during boot-up) is stored in an unprotected region of the data storage device. A copy of the cleartext operating system data is also stored in the protected volume. After the protected volume is established, the computational device is reset, causing the operating system to boot up again.
    Type: Grant
    Filed: March 21, 2005
    Date of Patent: May 27, 2008
    Assignee: Spyrus, Inc.
    Inventors: Gregg D. Weissman, Hon Tran, Gregory W. Dalcher, Jay H. Hoffmeier, James E. Zmuda, Mark J. Sutherland, Michael T. Guttman
  • Patent number: 6385651
    Abstract: User and network computer client device (NC) registration with an internet service provider (ISP) occurs in two phases: the first phase with the relationship server and the second phase with the ISP. In the first phase, the NC sends the relationship server a unique identifier of the NC manufacturer, such as the manufacturer identification number. In the preferred embodiment, the NC also transmits an enterprise identification number from a smart card uniquely specifying the ISP to which the user wishes to connect. The relationship server queries a relationship database using the manufacturer and enterprise identification numbers. In the preferred embodiment, the relationship server determines whether the specified manufacturer has authorized connection to the specified ISP; if no authorization exists in the relationship server database, then the relationship server disconnects from the NC.
    Type: Grant
    Filed: May 5, 1998
    Date of Patent: May 7, 2002
    Assignee: Liberate Technologies
    Inventors: Frank B. Dancs, James E. Zmuda
  • Publication number: 20010016877
    Abstract: User and network computer client device (NC) registration with an internet service provider (ISP) occurs in two phases: the first phase with the relationship server and the second phase with the ISP. In the first phase, the NC sends the relationship server a unique identifier of the NC manufacturer, such as the manufacturer identification number. In the preferred embodiment, the NC also transmits an enterprise identification number from a smart card uniquely specifying the ISP to which the user wishes to connect. The relationship server queries a relationship database using the manufacturer and enterprise identification numbers. In the preferred embodiment, the relationship server determines whether the specified manufacturer has authorized connection to the specified ISP; if no authorization exists in the relationship server database, then the relationship server disconnects from the NC.
    Type: Application
    Filed: May 5, 1998
    Publication date: August 23, 2001
    Applicant: LIBERATE TECHNOLOGIES
    Inventors: FRANK B. DANCS, JAMES E. ZMUDA
  • Patent number: 6141752
    Abstract: A network computer client device (NC) maintains a root internet service provider (ISP) certificate which includes the ISP's public key and which is digitally signed by a root authority using the root authority's private key. The NC also maintains a root public key. When an ISP desires to write onto the smart card inserted into an NC, it sends ISP account information to be written including a digital signature portion created with the ISP's private key to the NC. The NC performs a cryptographic verification of the ISP account information using the ISP's public key found in the root ISP certificate. If this verification is successful, the NC writes the ISP account information to the smart card. If this verification fails, the ISP account information is not written to the smart card.
    Type: Grant
    Filed: May 5, 1998
    Date of Patent: October 31, 2000
    Assignee: Liberate Technologies
    Inventors: Frank B. Dancs, James E. Zmuda
  • Patent number: 6112305
    Abstract: All network computer client device (NC) manufacturers' authorizations to connect to specific internet service providers (ISPs) are maintained in a central database associated with a relationship server. The relationship server issues digital certificates which associate various ISPs to their respective public keys. Each ISP is assigned a unique enterprise identification number by the relationship server. To authorize a specific ISP, the manufacturer begins with the relationship server's ISP certificate. The manufacturer computes and appends its own digital signature for the relationship server's ISP certificate, thereby creating an ISP usage certificate valid for its NCs which it sends back to the relationship server. Upon first powering on, each NC dials the relationship server and transmits its manufacturer identification number. The relationship server uses the manufacturer identification number to find the ISP usage certificates corresponding to the NC manufacturer.
    Type: Grant
    Filed: May 5, 1998
    Date of Patent: August 29, 2000
    Assignee: Liberate Technologies
    Inventors: Frank B. Dancs, James E. Zmuda
  • Patent number: 6108789
    Abstract: User specific internet service provider (ISP) account information is stored on the user's smart card, but the ISP specific connection information is stored within a network computer client device (NC). When the NC is first powered on and used, it calls the relationship server to receive connection information corresponding to the ISP that is either specified on the first user's smart card or is otherwise chosen by the first user. This connection information is preferably stored in non-volatile memory within the NC, so that even if the NC is powered down, it maintains the ability to connect to the ISP designated by its previous user. Each ISP is designated by a unique enterprise identification number assigned by the relationship server. When a subsequent user inserts his smart card into an NC, the NC compares the enterprise identification number on the smart card to the enterprise identification number within the NC.
    Type: Grant
    Filed: May 5, 1998
    Date of Patent: August 22, 2000
    Assignee: Liberate Technologies
    Inventors: Frank B. Dancs, James E. Zmuda
  • Patent number: 5825300
    Abstract: A computer system and a method for the protected distribution of certificate and keying material between a certification authority and at least one entity in the certification authority's domain, including the steps of sending keying material, including a password, generated by the Certifying Authority to the entity via a secure medium; generating and protecting, by the entity, a public and a private key pair using the keying material provided it by the certifying authority; generating, protecting and sending a request for a certificate to the certifying authority using the keying material provided it by the certifying authority; requesting, by the certifying authority, that the public key and address of the entity be sent to the certifying authority; protecting and sending the public key and address of the entity to the certifying authority using the keying material provided it by the certifying authority; assembling and issuing the certificate to the entity from the certifying authority and recording the pu
    Type: Grant
    Filed: September 12, 1995
    Date of Patent: October 20, 1998
    Assignee: Hughes Aircraft Company
    Inventors: Erwin W. Bathrick, John W. Garber, Cheng-Chi Huang, Kenneth C. Kung, Todd E. Matthews, James E. Zmuda, Regina L. Matthews
  • Patent number: 5434918
    Abstract: An authentication method that permits a user and a file serving workstation to mutually authenticate themselves. This is accomplished by exchanging a random number that is encrypted by a password that is known to the user and stored in a password file on the file serving workstation. A logon ID is sent from the client workstation to the server workstation. The stored user password corresponding to the user ID is retrieved from the password file. A random number is created that is encrypted by a symmetric encryption algorithm on the server workstation using the retrieved user password, and which provides an encrypted password. The user is then requested to enter the password into the user workstation. The entered password is used to decrypt the encrypted password received from the server workstation and retrieve the random number therefrom to authenticate the server workstation. The random number is then used as the encryption and decryption key for communication between the user and server workstations.
    Type: Grant
    Filed: December 14, 1993
    Date of Patent: July 18, 1995
    Assignee: Hughes Aircraft Company
    Inventors: Kenneth C. Kung, Erwin W. Bathrick, Cheng-Chi Huang, Mae-Hwa Ma, Todd E. Matthews, James E. Zmuda
  • Patent number: 5010572
    Abstract: The invention is an improved distributed information system which automatically provides for the transmission of security protocol data units between end-users of a distributed information system. The invention compares the address and security key of a received security protocol data unit to stored end-system addresses and security key information and, in the absence of an existing end-system address and security key, automatically initiates negotiation of a security key between end-systems and then confirms the negotiated security key and initiates a security protocol transmission of the data unit. A method af automatic invoking secure communications between end-systems of a distributed information system is also disclosed.
    Type: Grant
    Filed: April 27, 1990
    Date of Patent: April 23, 1991
    Assignee: Hughes Aircraft Company
    Inventors: Erwin W. Bathrick, James E. Zmuda