Patents by Inventor John Okimoto
John Okimoto has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11962698Abstract: A system and method for receiving secure data in a client device. In one embodiment, the method comprises (a) receiving a token having a token ID and a digital certificate generated by a certificate authority (CA) having client device fingerprint data generated from client device parameters, (b) accepting a request in the client device to provide secure data to the client device, (c) regenerating the client device fingerprint data from the client device parameters, (d) determining, in the client device, differences between the client device fingerprint data of the digital certificate from the regenerated client device fingerprint data, and (e) transmitting a request to a secure data service to provide secure data based upon the determination.Type: GrantFiled: March 17, 2021Date of Patent: April 16, 2024Assignee: ARRIS Enterprises LLCInventors: Jason A. Pasion, John Okimoto, Xin Qiu, Alexander Medvinsky, Ting Yao, Jinsong Zheng, Oscar Jiang
-
Patent number: 11777732Abstract: A system and method for providing secure data to a client device having a token is disclosed. In one embodiment, the method comprises (a) binding the token to the client device according to first token binding information comprising a first token identifier (ID), first client device fingerprint data, and a first timestamp, (b) receiving a request to provide secure data to the client device in a secure data service, (c) determining if the request to provide the secure data to the client device was received within an acceptable temporal range of the stored timestamp, and (d) providing the requested secure data according to the determination.Type: GrantFiled: March 17, 2021Date of Patent: October 3, 2023Assignee: ARRIS Enterprises LLCInventors: Jason A. Pasion, John Okimoto, Xin Qiu, Alexander Medvinsky, Ting Yao, Jinsong Zheng, Oscar Jiang
-
Patent number: 11757637Abstract: A system and method for providing secure data to a client device having a token is disclosed. In one embodiment, the method comprises: (a) binding the token to the client device according to first token binding information comprising a first token identifier (ID), first client device fingerprint data, and a first timestamp, (b) receiving a request to provide secure data to the client device in a service, the request comprising the signed first token binding information and timestamp, (c) determining if the request to provide the secure data to the client device was received within an acceptable temporal range of the stored timestamp; and (d) providing the requested secure data according to the determination.Type: GrantFiled: March 17, 2021Date of Patent: September 12, 2023Assignee: ARRIS Enterprises LLCInventors: Jason A. Pasion, John Okimoto, Xin Qiu, Alexander Medvinsky, Ting Yao, Jinsong Zheng, Oscar Jiang
-
Publication number: 20210297269Abstract: A system and method for receiving secure data in a client device. In one embodiment, the method comprises (a) receiving a token having a token ID and a digital certificate generated by a certificate authority (CA) having client device fingerprint data generated from client device parameters, (b) accepting a request in the client device to provide secure data to the client device, (c) regenerating the client device fingerprint data from the client device parameters, (d) determining, in the client device, differences between the client device fingerprint data of the digital certificate from the regenerated client device fingerprint data, and (e) transmitting a request to a secure data service to provide secure data based upon the determination.Type: ApplicationFiled: March 17, 2021Publication date: September 23, 2021Applicant: ARRIS Enterprises LLCInventors: Jason A. Pasion, John Okimoto, Xin Qiu, Alexander Medvinsky, Ting Yao, Jinsong Zheng, Oscar Jiang
-
Publication number: 20210297449Abstract: A system and method for providing secure data to a client device having a token is disclosed. In one embodiment, the method comprises (a) binding the token to the client device according to first token binding information comprising a first token identifier (ID) , first client device fingerprint data, and a first timestamp, (b) receiving a request to provide secure data to the client device in a secure data service, (c) determining if the request to provide the secure data to the client device was received within an acceptable temporal range of the stored timestamp, and (d) providing the requested secure data according to the determination.Type: ApplicationFiled: March 17, 2021Publication date: September 23, 2021Applicant: ARRIS Enterprises LLCInventors: Jason A. Pasion, John Okimoto, Xin Qiu, Alexander Medvinsky, Ting Yao, Jinsong Zheng, Oscar Jiang
-
Publication number: 20210297254Abstract: A system and method for providing secure data to a client device having a token is disclosed. In one embodiment, the method comprises: (a) binding the token to the client device according to first token binding information comprising a first token identifier (ID), first client device fingerprint data, and a first timestamp, (b) receiving a request to provide secure data to the client device in a service, the request comprising the signed first token binding information and timestamp, (c) determining if the request to provide the secure data to the client device was received within an acceptable temporal range of the stored timestamp; and (d) providing the requested secure data according to the determination.Type: ApplicationFiled: March 17, 2021Publication date: September 23, 2021Applicant: ARRIS Enterprises LLCInventors: Jason A. Pasion, John Okimoto, Xin Qiu, Alexander Medvinsky, Ting Yao, Jinsong Zheng, Oscar Jiang
-
Publication number: 20080101614Abstract: A method and apparatus for providing secured content distribution using a media hub is disclosed. In one embodiment, conditional access encrypted content is received at the media hub. The conditional access encrypted content is decrypted. The content is re-encrypted in accordance with a unique tier associated with the media hub and one or more devices in response to a request from at least one device associated with the unique tier. The re-encrypted content is provided to the at least one device in response to the request from the at least one device associated with the unique tier. A method and apparatus for providing secured content distribution is disclosed. In one embodiment, unit addresses (UAs) of all components within a home media architecture are obtained. A unique key is generated for the home media architecture using public information from the UA of each component. A message including the unique key is distributed to each component of the home media architecture.Type: ApplicationFiled: December 12, 2007Publication date: May 1, 2008Applicant: GENERAL INSTRUMENT CORPORATIONInventors: Annie Chen, John Okimoto, Lawrence Tang
-
Patent number: 7080397Abstract: A transaction protocol for communicating between an encryption renewal system communicably coupled to one or more video on demand systems via a communication network. The encryption renewal system permits pre-encrypted content to be accessed by clients of the video on demand systems. The protocol comprises, receiving, by the encryption renewal system, a request transaction document having a first format from the video on demand system; parsing the request transaction document to retrieve data from the request transaction document; generating a request object code in a second format for processing by encryption renewal system, the request object code based on the data in the request transaction document; responsive to processing of the request object code, generating a response object code having the second format; converting the response object code to a response transaction document having the first format; and forwarding the response transaction document to the video on demand system.Type: GrantFiled: July 3, 2001Date of Patent: July 18, 2006Assignee: General Instrument CorporationInventors: Keith R. Cochran, John Okimoto
-
Publication number: 20060146885Abstract: The present invention discloses a system and method for providing a secured system time reference to a subscriber device, e.g., a set top box or a receiver. In one embodiment, the system time reference is provided in a secure system time message that is broadcasted to a plurality of subscriber devices. Each subscriber device has a security device or software application that is capable of determining whether the received system time reference is legitimate. If the system time reference is determined to be legitimate, a local time reference is synchronized with said received system time reference.Type: ApplicationFiled: December 30, 2004Publication date: July 6, 2006Inventors: Bridget Kimball, Michael Habrat, John Okimoto, Douglas Petty, Eric Sprunk, Lawrence Tang
-
Publication number: 20060150252Abstract: The present invention discloses an apparatus and method for defining and enforcing rules of transition between two security domains, e.g., a transport domain and a persistent security domain. In turn, a border guard, e.g., a security device, is provided between these two domains that enforce rules for transition between the two security domains. This novel approach of defining a transport domain and a persistent security domain simplifies the classification of the digital content and its movement through the system. Namely, the border guard once established between the two systems can enforce DRM rules associated with how contents are moved between the two domains.Type: ApplicationFiled: December 30, 2004Publication date: July 6, 2006Inventors: John Okimoto, Bridget Kimball, Annie Chen, Michael Habrat, Douglas Petty, Eric Sprunk, Lawrence Tang
-
Publication number: 20060069645Abstract: A method and apparatus for providing secured content distribution using a media hub is disclosed. In one embodiment, conditional access encrypted content is received at the media hub. The conditional access encrypted content is decrypted. The content is re-encrypted in accordance with a unique tier associated with the media hub and one or more devices in response to a request from at least one device associated with the unique tier. The re-encrypted content is provided to the at least one device in response to the request from the at least one device associated with the unique tier. A method and apparatus for providing secured content distribution is disclosed. In one embodiment, unit addresses (UAs) of all components within a home media architecture are obtained. A unique key is generated for the home media architecture using public information from the UA of each component. A message including the unique key is distributed to each component of the home media architecture.Type: ApplicationFiled: August 31, 2005Publication date: March 30, 2006Inventors: Annie Chen, John Okimoto, Lawrence Tang
-
Publication number: 20050251488Abstract: A method for authorizing a computer program having a number of features for use with a product includes: receiving license data generated using a first key, the license data specifying a unique identifier associated with the product and specifying at least one feature authorized for use with the product; using a second key associated with the first key, obtaining the unique identifier from the license data; retrieving a product identifier from the product; determining whether the unique identifier corresponds to the product identifier; and based on the determination, authorizing use of the at least one feature with the product.Type: ApplicationFiled: May 4, 2004Publication date: November 10, 2005Inventors: Jeri Saunders, Annie Chen, Erik Elstermann, John Okimoto
-
Publication number: 20020112175Abstract: The invention relates to controlling functional units within a conditional access system. In one embodiment, a method for controlling access to a functional unit within a set top box is described. In one step, first information comprising a plurality of functional unit identifiers and one or more tier requirements respectively related to each functional unit identifier is received. Second information comprising tier rights is also received. The functional unit identifiers are correlated to their respective tier requirements. The functional unit is interacted with. It is determined if the respective tier requirements are satisfied by the tier rights. Further interaction with the functional unit is authorized.Type: ApplicationFiled: December 13, 2000Publication date: August 15, 2002Inventors: Douglas S. Makofka, John Okimoto
-
Publication number: 20020087971Abstract: A transaction protocol for communicating between an encryption renewal system communicably coupled to one or more video on demand systems via a communication network. The encryption renewal system permits pre-encrypted content to be accessed by clients of the video on demand systems. The protocol comprises, receiving, by the encryption renewal system, a request transaction document having a first format from the video on demand system; parsing the request transaction document to retrieve data from the request transaction document; generating a request object code in a second format for processing by encryption renewal system, the request object code based on the data in the request transaction document; responsive to processing of the request object code, generating a response object code having the second format; converting the response object code to a response transaction document having the first format; and forwarding the response transaction document to the video on demand system.Type: ApplicationFiled: July 3, 2001Publication date: July 4, 2002Inventors: Keith R. Cochran, John Okimoto