Patents by Inventor Kai Nyman
Kai Nyman has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 9111094Abstract: First data relating to a selected file is obtained. Based upon the first data it is determined if malware detection processing can be selected. Malware detection processing of the file is selected based upon said first data if it is determined that malware detection processing can be selected based upon the first data. If it is determined that, based upon the first data, malware detection processing cannot be selected based upon the first data, second data relating to the selected file is obtained and malware detection processing of the file is selected based upon said first and second obtained data. The selected malware detection processing is applied to said selected file. In an exemplary embodiment the first data is metadata and represents a faster scan of the file, and the second data is content of the file's header and represents a more in-depth scan of the file.Type: GrantFiled: January 21, 2011Date of Patent: August 18, 2015Assignee: F-Secure CorporationInventors: Pavel Turbin, Jari Lehtonen, Mika Ståhlberg, Kai Nyman, Andrew Patel
-
Patent number: 8931100Abstract: A method for determining appropriate actions to remedy potential security lapses following infection of a device by malware. Following detection of infection of the device the device undergoes a cleaning operation. As part of the cleaning operation infected electronic files and any other associated files or objects are removed from the device. From timestamps associated with the infected files and associated files and objects, either directly or from another source such as an anti-virus trace program, the time of infection can be estimated. This allows the system to reference timestamps on the device to determine the source of the infection. Additionally, if the type of infection is identified timestamps on the device can be used to determine where there are particular areas of vulnerability due to user actions on the device.Type: GrantFiled: December 14, 2011Date of Patent: January 6, 2015Assignee: F-Secure CorporationInventors: Mika Ståhlberg, Mikko Hyppönen, Kimmo Kasslin, Veli-Jussi Kesti, Kai Nyman, Timo Harmonen
-
Patent number: 8631135Abstract: A method connects one of several customer premises equipment (CPE) via an ATM network to one of several service providers (SP). Each CPE is connected to the ATM network via a corresponding network termination point (NT). There is an access server function (ASF), having a permanent virtual connection (PVC) to each NT and a connection to each SP. A tunneling protocol is established on the permanent virtual connection between each NT and the ASF. The tunneling protocol is able to support an integrated signaling protocol. The CPE or its user select selects an appropriate SP by using the integrated signaling protocol. Routing from the CPE to the selected SP is performed by the ASF. The ASF connects the CPE to the selected SP using the integrated signaling protocol.Type: GrantFiled: May 28, 2009Date of Patent: January 14, 2014Assignee: Wi-LAN, Inc.Inventors: Mika M Aalto, Maria L Lakso, Kai Nyman
-
Publication number: 20130160124Abstract: A method for determining appropriate actions to remedy potential security lapses following infection of a device by malware. Following detection of infection of the device the device undergoes a cleaning operation. As part of the cleaning operation infected electronic files and any other associated files or objects are removed from the device. From timestamps associated with the infected files and associated files and objects, either directly or from another source such as an anti-virus trace program, the time of infection can be estimated. This allows the system to reference timestamps on the device to determine the source of the infection. Additionally, if the type of infection is identified timestamps on the device can be used to determine where there are particular areas of vulnerability due to user actions on the device.Type: ApplicationFiled: December 14, 2011Publication date: June 20, 2013Inventors: Mika STÅHLBERG, Mikko Hyppönen, Kimmo Kasslin, Veli-Jussi Kesti, Kai Nyman, Timo Harmonen
-
Publication number: 20120192273Abstract: First data relating to a selected file is obtained. Based upon the first data it is determined if malware detection processing can be selected. Malware detection processing of the file is selected based upon said first data if it is determined that malware detection processing can be selected based upon the first data. If it is determined that, based upon the first data, malware detection processing cannot be selected based upon the first data, second data relating to the selected file is obtained and malware detection processing of the file is selected based upon said first and second obtained data. The selected malware detection processing is applied to said selected file. In an exemplary embodiment the first data is metadata and represents a faster scan of the file, and the second data is content of the file's header and represents a more in-depth scan of the file.Type: ApplicationFiled: January 21, 2011Publication date: July 26, 2012Inventors: Pavel Turbin, Jari Lehtonen, Mika Stâhlberg, Kai Nyman, Andrew Patel
-
Patent number: 7606907Abstract: A method connects one of several customer premises equipment (CPE) via an ATM network to one of several service providers (SP). Each CPE is connected to the ATM network via a corresponding network termination point (NT). There is an access server function (ASF), having a permanent virtual connection (PVC) to each NT and a connection to each SP. A tunneling protocol is established on the permanent virtual connection between each NT and the ASF. The tunneling protocol is able to support an integrated signaling protocol. The CPE or its user select selects an appropriate SP by using the integrated signaling protocol. Routing from the CPE to the selected SP is performed by the ASF. The ASF connects the CPE to the selected SP using the integrated signaling protocol.Type: GrantFiled: August 5, 1999Date of Patent: October 20, 2009Assignee: Wi-Lan Inc.Inventors: Mika Aalto, Marja Lakso, Kai Nyman
-
Publication number: 20090232145Abstract: A method connects one of several customer premises equipment (CPE) via an ATM network to one of several service providers (SP). Each CPE is connected to the ATM network via a corresponding network termination point (NT). There is an access server function (ASF), having a permanent virtual connection (PVC) to each NT and a connection to each SP. A tunneling protocol is established on the permanent virtual connection between each NT and the ASF. The tunneling protocol is able to support an integrated signaling protocol. The CPE or its user select selects an appropriate SP by using the integrated signaling protocol. Routing from the CPE to the selected SP is performed by the ASF. The ASF connects the CPE to the selected SP using the integrated signaling protocol.Type: ApplicationFiled: May 28, 2009Publication date: September 17, 2009Applicant: WI-LAN INC.Inventors: Mika Aalto, Maria L. Lakso, Kai Nyman
-
Patent number: 7590086Abstract: When an ad hoc network is formed between short range wireless devices, at least one device assumes the role of an ad hoc network information provider for the new piconet. In this role, the device allocates a browsing hierarchy of service classes in its service registry. The service classes will provide a record to characterize the ad hoc network. When a new wireless device arrives within the communication range of any member of the ad hoc network, its inquiry signals are answered by the first member detecting the inquiry. If that first member is an ad hoc network information provider, it responds with information accessed from its service registry characterizing the ad hoc network. If, instead, an ordinary device in the ad hoc network is the first to respond to the inquiry signals of the arriving device, the device responds with the address of the ad hoc network information provider. The arriving device then pages the ad hoc network information provider to obtain information characterizing the ad hoc network.Type: GrantFiled: November 3, 2004Date of Patent: September 15, 2009Assignee: Nokia CorporationInventors: Mikko Olkkonen, Kai Nyman, Stephane Bouet
-
Patent number: 7444513Abstract: A client 110 may be authenticated by transmitting or beaming a telecommunication network subscriber's authentication to the client from a device 120, over a wireless link. For example, a GSM telephone 120 may authenticate an electronic book 110 to a content providing service within the Internet. The service verifies the authentication using the subscriber's GSM network operator's Authentication Center 161 to generate an authenticator and the client correspondingly generates a local copy of the authenticator using a GSM SIM over the wireless local link. The authentication is then determined by checking that these authenticators match and thereafter the authenticator can be used as a session key to encrypt data in the service.Type: GrantFiled: May 29, 2001Date of Patent: October 28, 2008Assignee: Nokia CorporiationInventors: Kai Nyman, Mikko Olkkonen, Jari T. Malinen
-
Patent number: 7089298Abstract: Device name conflicts are resolved when adding devices to existing ad hoc networks or when joining two ad hoc networks together. After a connection has been established between a new device to be added and a first member device in the ad hoc network, a name distribution message is transferred by the new device to the first member device. The name distribution message will be passed from member device to member device in the ad hoc network, and at each member device a name conflict check is performed. Device name conflicts are also resolved when joining two ad hoc networks together. The contents of name manager tables of the two respective ad hoc networks must be exchanged. This is accomplished by forming a name distribution message for each name record in the name manager tables of the two devices establishing the connection on behalf of their respective ad hoc networks. Then the name distribution messages formed in each respective ad hoc network are distributed to the other ad hoc network.Type: GrantFiled: August 20, 2001Date of Patent: August 8, 2006Assignee: Nokia CorporationInventors: Kai Nyman, Mikko Olkkonen, Juhani Murto, Kari Oinonen
-
Publication number: 20050088980Abstract: When an ad hoc network is formed between short range wireless devices, at least one device assumes the role of an ad hoc network information provider for the new piconet. In this role, the device allocates a browsing hierarchy of service classes in its service registry. The service classes will provide a record to characterize the ad hoc network. When a new wireless device arrives within the communication range of any member of the ad hoc network, its inquiry signals are answered by the first member detecting the inquiry. If that first member is an ad hoc network information provider, it responds with information accessed from its service registry characterizing the ad hoc network. If, instead, an ordinary device in the ad hoc network is the first to respond to the inquiry signals of the arriving device, the device responds with the address of the ad hoc network information provider. The arriving device then pages the ad hoc network information provider to obtain information characterizing the ad hoc network.Type: ApplicationFiled: November 3, 2004Publication date: April 28, 2005Inventors: Mikko Olkkonen, Kai Nyman, Stephane Bouet
-
Patent number: 6842460Abstract: When an ad hoc network is formed between short range wireless devices, at least one device assumes the role of an ad hoc network information provider for the new piconet. In this role, the device allocates a browsing hierarchy of service classes in its service registry. The service classes will provide a record to characterize the ad hoc network. When a new wireless device arrives within the communication range of any member of the ad hoc network, its inquiry signals are answered by the first member detecting the inquiry. If that first member is an ad hoc network information provider, it responds with information accessed from its service registry characterizing the ad hoc network. If, instead, an ordinary device in the ad hoc network is the first to respond to the inquiry signals of the arriving device, the device responds with the address of the ad hoc network information provider. The arriving device then pages the ad hoc network information provider to obtain information characterizing the ad hoc network.Type: GrantFiled: June 27, 2001Date of Patent: January 11, 2005Assignee: Nokia CorporationInventors: Mikko Olkkonen, Kai Nyman, Stephane Bouet
-
Publication number: 20030037033Abstract: Device name conflicts are resolved when adding devices to existing ad hoc networks or when joining two ad hoc networks together. After a connection has been established between a new device to be added and a first member device in the ad hoc network, a name distribution message is transferred by the new device to the first member device. The name distribution message will be passed from member device to member device in the ad hoc network, and at each member device a name conflict check is performed. Device name conflicts are also resolved when joining two ad hoc networks together. The contents of name manager tables of the two respective ad hoc networks must be exchanged. This is accomplished by forming a name distribution message for each name record in the name manager tables of the two devices establishing the connection on behalf of their respective ad hoc networks. Then the name distribution messages formed in each respective ad hoc network are distributed to the other ad hoc network.Type: ApplicationFiled: August 20, 2001Publication date: February 20, 2003Inventors: Kai Nyman, Mikko Olkkonen, Juhani Murto, Kari Oinonen
-
Publication number: 20020169958Abstract: A client 110 may be authenticated by transmitting or beaming a telecommunication network subscriber's authentication to the client from a device 120, over a wireless link. For example, a GSM telephone 120 may authenticate an electronic book 110 to a content providing service within the Internet. The service verifies the authentication using the subscriber's GSM network operator's Authentication Center 161 to generate an authenticator and the client correspondingly generates a local copy of the authenticator using a GSM SIM over the wireless local link. The authentication is then determined by checking that these authenticators match and thereafter the authenticator can be used as a session key to encrypt data in the service.Type: ApplicationFiled: May 14, 2001Publication date: November 14, 2002Inventors: Kai Nyman, Mikko Olkkonen, Jari T. Malinen
-
Publication number: 20020169966Abstract: A client 110 may be authenticated by transmitting or beaming a telecommunication network subscriber's authentication to the client from a device 120, over a wireless link. For example, a GSM telephone 120 may authenticate an electronic book 110 to a content providing service within the Internet. The service verifies the authentication using the subscriber's GSM network operator's Authentication Center 161 to generate an authenticator and the client correspondingly generates a local copy of the authenticator using a GSM SIM over the wireless local link. The authentication is then determined by checking that these authenticators match and thereafter the authenticator can be used as a session key to encrypt data in the service.Type: ApplicationFiled: May 29, 2001Publication date: November 14, 2002Inventors: Kai Nyman, Mikko Olkkonen, Jari T. Malinen