Patents by Inventor Jinsong Zheng
Jinsong Zheng has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Publication number: 20200304299Abstract: A system is provided for distribution of device key sets over a network in a protected software environment (PSE). In the system, a client device includes a connection interface for receiving a crypto hardware (CH) token belonging to a user, untrusted software, a quoting enclave, and a PSE for generating a provisioning request for a device key set. An attestation proxy server (APS) receives the provisioning message using a first network connection, and transmits the provisioning message to an online provisioning server (OPS) using a second network connection. The OPS constructs a provisioning response and an encrypted device key set, and delivers the provisioning response to the untrusted software using the first and second network connections. The PSE decrypts the encrypted device key set to obtain the device key set, re-encrypts the device key set with a local chip-specific key, and stores the re-encrypted device key set.Type: ApplicationFiled: March 20, 2019Publication date: September 24, 2020Inventors: Alexander Medvinsky, Jinsong Zheng, Jason A. Pasion, Xin Qiu, Tat Keung Chan, Eric Eugene Berry, Michael Ryan Pilquist, Douglas M. Petty
-
Patent number: 10515193Abstract: Disclosed is a manufacturing process and feature licensing system for provisioning personalized (device-unique) licenses to devices, with the following characteristics. The system is secure in that it uses a secure key wrapping mechanism to deliver the LSK to LPS. Another feature is that various network communication links are secured using standard security protocol. Further, application messages, license templates, licenses are digitally signed. The system is also flexible because it is configured to allow multiple manufacturers and to allow various feature configurations via the use of License Template. The system is also scalable, as it is possible to use multiple LPS hosts to serve multiple programming stations. The system is available in that the delegation of license signing capability from CLS to LPS eliminates the dependency on unreliable Internet connections. Redundant LPS hosts provide high level of availability required for high volume license provisioning.Type: GrantFiled: April 13, 2017Date of Patent: December 24, 2019Assignee: GOOGLE TECHNOLOGY HOLDINGS LLCInventors: Jinsong Zheng, Tat Keung Chan, Liqiang Chen, Greg N. Nakanishi, Jason A. Pasion, Xin Qiu, Ting Yao
-
Publication number: 20190347435Abstract: A method is provided that permits user to submit a password to the private key that is to be used to decrypt files either at the time of user account setup or at the time of submitting the files. The password is stored securely in the system, permanently or temporarily, and is used later to decrypt the files right before the system is ready to process the files.Type: ApplicationFiled: May 10, 2019Publication date: November 14, 2019Inventors: Jinsong Zheng, Alexander Medvinsky, Tat Keung Chan, Ting Yao, Jason A. Pasion
-
Publication number: 20190245701Abstract: A system for generating unique digital certificates is provided that generates computed hashes public keys and compares them. The system method computes a hash of a public key, compares the computed hash of the public key with hashes of public keys previously generated, generates the digital certificate having the public key and a device identifier only if the computed hash of the public key does not match any of the hashes of public keys previously generated, and provides the digital certificate.Type: ApplicationFiled: January 29, 2019Publication date: August 8, 2019Inventors: Ying Chen, Jinsong Zheng, Oscar Jiang, Xin Qiu, Ting Yao
-
Patent number: 10341360Abstract: A method and apparatus is provided for managing the eligibility of data signing in an online code signing system. The method is used by a plurality of data publishers in an online code signing system. The method includes defining, by an administrator of the system, a hierarchy of a plurality of entities, and managing, by an administrator of the system, eligibility to designate at least one of a plurality of users to access the at least one configuration entity to sign the data via a plurality of accounts and eligibility to designate at least one of a plurality of managers via owner account to manage user access to sign data for at least one model entity.Type: GrantFiled: March 6, 2017Date of Patent: July 2, 2019Assignee: ARRIS Enterprises LLCInventors: Ting Yao, Xin Qiu, Jinsong Zheng, Patrick Dizon, Aye Myint, Annie C. Kuramoto, Reshma Shahabuddin, Thomas J. Barbour
-
Publication number: 20180034646Abstract: A method is provided for automatically renewing digital certificates in advance of their expiration in field deployed devices. The method includes generating a certificate renewal request comprising a request for at least one renewed digital certificate according to a renewal paradigm in which the at least one renewed digital certificate is generated before the at least one of the digital certificates expires, providing the certificate renewal request to the offline domain, obtaining, in the online domain from the offline domain, the at least one renewed digital certificate, and transmitting the least one renewed digital certificate to the client domain for storage in the HSM in place of the at least one of the subset of the plurality of digital certificates.Type: ApplicationFiled: July 27, 2017Publication date: February 1, 2018Inventors: Annie C. Kuramoto, Ting Yao, Jason A. Pasion, Jinsong Zheng, Fan Wang, Oscar Jiang, Xin Qiu
-
Publication number: 20170257380Abstract: A method and apparatus is provided for managing the eligibility of data signing in an online code signing system. The method is used by a plurality of data publishers in an online code signing system. The method includes defining, by an administrator of the system, a hierarchy of a plurality of entities, and managing, by an administrator of the system, eligibility to designate at least one of a plurality of users to access the at least one configuration entity to sign the data via a plurality of accounts and eligibility to designate at least one of a plurality of managers via owner account to manage user access to sign data for at least one model entity.Type: ApplicationFiled: March 6, 2017Publication date: September 7, 2017Inventors: Ting Yao, Xin Qiu, Jinsong Zheng, Patrick Dizon, Aye Myint, Annie C. Kuramoto, Reshma T. Shahabuddin, Thomas J. Barbour
-
Publication number: 20170220780Abstract: Disclosed is a manufacturing process and feature licensing system for provisioning personalized (device-unique) licenses to devices, with the following characteristics. The system is secure in that it uses a secure key wrapping mechanism to deliver the LSK to LPS. Another feature is that various network communication links are secured using standard security protocol. Further, application messages, license templates, licenses are digitally signed. The system is also flexible because it is configured to allow multiple manufacturers and to allow various feature configurations via the use of License Template. The system is also scalable, as it is possible to use multiple LPS hosts to serve multiple programming stations. The system is available in that the delegation of license signing capability from CLS to LPS eliminates the dependency on unreliable Internet connections. Redundant LPS hosts provide high level of availability required for high volume license provisioning.Type: ApplicationFiled: April 13, 2017Publication date: August 3, 2017Inventors: Jinsong Zheng, Tat Keung Chan, Liqiang Chen, Greg N. Nakanishi, Jason A. Pasion, Xin Qiu, Ting Yao
-
Patent number: 9646332Abstract: Disclosed is a manufacturing process and feature licensing system for provisioning personalized (device-unique) licenses to devices. The secure system uses a secure key wrapping mechanism to deliver the LSK to LPS. Another feature is that various network communication links are secured using standard security protocol. Application messages, license templates, licenses are digitally signed. The system is flexible, configured to allow multiple manufacturers and to allow various feature configurations via the use of License Template; scalable, as it is possible to use multiple LPS hosts to serve multiple programming stations; and available in that the delegation of license signing capability from CLS to LPS eliminates the dependency on unreliable Internet connections. Redundant LPS hosts provide high level of availability required for high volume license provisioning.Type: GrantFiled: September 21, 2011Date of Patent: May 9, 2017Assignee: Google Technology Holdings LLCInventors: Jinsong Zheng, Tat Keung Chan, Liqiang Chen, Greg N. Nakanishi, Jason A. Pasion, Xin Qiu, Ting Yao
-
Patent number: 9477821Abstract: Disclosed is an arrangement to enable customers to provision devices with feature licenses that enable specified features in the devices. The arrangement includes a feature-licensing system for performing feature-licensing processes to provision the devices with feature licenses and a feature-licensing process configuration system.Type: GrantFiled: September 3, 2013Date of Patent: October 25, 2016Assignee: GOOGLE TECHNOLOGY HOLDINGS LLCInventors: Cheng Li, Ying Chen, Xiaozhou Fu, Xin Qiu, Ting Yao, Jinsong Zheng
-
Patent number: 9460272Abstract: Methods and systems for group licensing of homogeneous and heterogeneous devices features are disclosed. Licensing servers manage the generation and distribution of licenses to devices, and enforce validation rules that prevent granting devices licenses that do not comply with group licensing limits.Type: GrantFiled: March 14, 2014Date of Patent: October 4, 2016Assignee: ARRIS Enterprises, Inc.Inventors: Jinsong Zheng, Tat Keung Chan, David B Prickett
-
Patent number: 9336361Abstract: A system and method for issuing a license for a device through a license server is provided. A server receives identification information for a device that communicates to the server if a first license binding identity and/or a first display identity has changed. A previous license for the device is revoked and a previous license credit is returned to a user's credit pool if the first license binding identity and/or the first display identity has changed. A license request is received, which includes a second license binding identity identifying the device. If the second license binding identity is the same as the first license binding identity, the previous license for the device is issued. If the second license binding identity is not the same as the first license binding identity, a new license for the device is issued and a new license credit is deducted from the user's credit pool.Type: GrantFiled: March 14, 2013Date of Patent: May 10, 2016Assignee: ARRIS Enterprises, Inc.Inventors: Tat Keung Chan, Paul D Baker, Christopher P Gardner, Xin Qiu, Jinsong Zheng
-
Publication number: 20160048774Abstract: Methods and systems are provided for managing feature licenses for pools or groups of devices. In an embodiment, a method of licensing features for a device in a license pool or group includes receiving, at the device, a license capacity request; determining, based on the reply to the license capacity request, if the device in the license pool or group is compliant with the feature license configuration; if the device is noncompliant with the feature license configuration: transmitting a generate license request message having a desired feature license configuration; receiving a feature license request from the device; and updating the noncompliant device with a compliant feature license.Type: ApplicationFiled: August 18, 2014Publication date: February 18, 2016Inventors: David B. Prickett, Jinsong Zheng
-
Publication number: 20150013015Abstract: Methods and systems for group licensing of homogeneous and heterogeneous devices features is disclosed. Licensing servers manage the generation and distribution of licenses to devices, and enforce validation rules that prevent granting devices licenses that do not comply with group licensing limits.Type: ApplicationFiled: March 14, 2014Publication date: January 8, 2015Applicant: General Instrument CorporationInventors: Jinsong Zheng, Tat Keung Chan, David B. Prickett
-
Patent number: 8898469Abstract: A method enables selected features of a software product residing on an end user electronic device with a license delivered from a licensing provider to a service provider of the end user electronic device. The method includes requesting at least one license to authorize a first service provider. An encrypted installation key uniquely associated with the first service provider is received as well as an authorization agent module for installation on one or more authorization agent devices associated with the first service provider. The encrypted installation key and the authorization agent module are installed on the authorization agent devices. A device-unique identifier (DUID) is generated for each authorization agent device based on hardware characteristics of the respective authorization agent devices. The DUID and the encrypted installation key are sent from the authorization agent device to a licensing provider to obtain the requested license.Type: GrantFiled: February 4, 2011Date of Patent: November 25, 2014Assignee: Motorola Mobility LLCInventors: Tat Keung Chan, Paul D. Baker, Christopher P. Gardner, Mark E. Gregotski, Ted R. Michaud, Xin Qiu, Jinsong Zheng
-
Publication number: 20140280828Abstract: A system and method for issuing a license for a device through a license server is provided. A server receives identification information for a device that communicates to the server if a first license binding identity and/or a first display identity has changed. A previous license for the device is revoked and a previous license credit is returned to a user's credit pool if the first license binding identity and/or the first display identity has changed. A license request is received, which includes a second license binding identity identifying the device. If the second license binding identity is the same as the first license binding identity, the previous license for the device is issued. If the second license binding identity is not the same as the first license binding identity, a new license for the device is issued and a new license credit is deducted from the user's credit pool.Type: ApplicationFiled: March 14, 2013Publication date: September 18, 2014Applicant: GENERAL INSTRUMENT CORPORATIONInventors: Tat Keung Chan, Paul D. Baker, Christopher P. Gardner, Xin Qiu, Jinsong Zheng
-
Publication number: 20140141762Abstract: Disclosed is an arrangement to enable customers to provision devices with feature licenses that enable specified features in the devices. The arrangement includes a feature-licensing system for performing feature-licensing processes to provision the devices with feature licenses and a feature-licensing process configuration system.Type: ApplicationFiled: September 3, 2013Publication date: May 22, 2014Applicant: MOTOROLA MOBILITY LLCInventors: Cheng Li, Ying Chen, Xiaozhou Fu, Xin Qiu, Ting Yao, Jinsong Zheng
-
Publication number: 20130185173Abstract: A method and apparatus for provisioning devices. One method includes authenticating a first customer as an authenticated user and receiving from a first customer a first request to establish a credit record for a specified number of upgraded feature licenses. The upgraded feature licenses are obtainable from a third party supplier and are associated with components available from the third party supplier. The credit record includes feature credits to be made available to the first customer to obtain the upgraded feature licenses from the third party supplier. A second request is received from the first customer to release the feature credits to a credit pool associated with the first customer so that the feature credits are available to the first customer. The upgraded feature licenses are generated and the credit pool associated with the first customer is debited for the number of credits needed to obtain the upgraded feature licenses.Type: ApplicationFiled: January 18, 2012Publication date: July 18, 2013Applicant: GENERAL INSTRUMENT CORPORATIONInventors: Jinsong Zheng, Tat Keung Chan, David B. Prickett, Xin Qiu
-
Publication number: 20120204269Abstract: A method for providing a secure automated feature license update is disclosed. This method may be performed at a central license server. A license template including features for enablement on a device is generated. The license template is sent to an authorized user. A license update request is received from an entity. An updated license is generated by the central license server. A response is sent to the entity. A method for providing a secure automated feature license update is disclosed. This method may be performed at a device, e.g. an end-user device. A first feature set of a current license of a device is compared with a second feature set of a license template received by the device. A license update request is generated when there is a difference between the first feature set and the second feature set. The license update request is sent to a license server.Type: ApplicationFiled: February 2, 2012Publication date: August 9, 2012Applicant: General Instrument CorporationInventors: Christopher P. Gardner, Paul D. Baker, Tat Keung Chan, Ted R. Michaud, Xin Qiu, Jinsong Zheng
-
Publication number: 20120143766Abstract: Disclosed is a manufacturing process and feature licensing system for provisioning personalized (device-unique) licenses to devices. The secure system uses a secure key wrapping mechanism to deliver the LSK to LPS. Another feature is that various network communication links are secured using standard security protocol. Application messages, license templates, licenses are digitally signed. The system is flexible, configured to allow multiple manufacturers and to allow various feature configurations via the use of License Template; scalable, as it is possible to use multiple LPS hosts to serve multiple programming stations; and available in that the delegation of license signing capability from CLS to LPS eliminates the dependency on unreliable Internet connections. Redundant LPS hosts provide high level of availability required for high volume license provisioning.Type: ApplicationFiled: September 21, 2011Publication date: June 7, 2012Applicant: GENERAL INSTRUMENT CORPORATIONInventors: Jinsong Zheng, Tat Keung Chan, Liqiang Chen, Greg N. Nakanishi, Jason A. Pasion, Xin Qiu, Ting Yao