Patents by Inventor Liqun Chen

Liqun Chen has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 8732481
    Abstract: A workflow order is created for the object. Public parameters are received from a key generation center at a computer associated with an object master. A public key is generated at the computer system based on a user identifier and the public parameters, wherein the user identifier is comprised of user related information. The object is encrypted using the public key such that the object cannot be opened without the a private key, wherein the object is a composite document comprising multiple elements of documents of different formats, and wherein the private key is generated in response to a request from an authenticated user using the user identifier at the key generation center. Access to the multiple elements of the object is controlled based on workflow order.
    Type: Grant
    Filed: January 30, 2012
    Date of Patent: May 20, 2014
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Helen Y. Balinsky, Liqun Chen, Steven J Simske
  • Publication number: 20140119540
    Abstract: Compliance to a policy about how to treat data in a computer network environment is ensured by checking that conditions in the policy are satisfied by the entity before access to the data is provided.
    Type: Application
    Filed: July 11, 2011
    Publication date: May 1, 2014
    Inventors: Siani Pearson, Archie Reed, Marco Casassa Mont, Gina L.D. Kounga, Liqun Chen
  • Patent number: 8689000
    Abstract: A method is described by which the possessor of a secret certified in a particular manner can prove to a party with which the possessor of a secret needs to interact that it does indeed possess a secret formed in the proper manner. In the context of trusted computing apparatus, this can be used to show that the secret has been provided by a legitimate manufacturer of such apparatus. A method and an architecture for revocation operable in this context is also described.
    Type: Grant
    Filed: May 21, 2004
    Date of Patent: April 1, 2014
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Liqun Chen, Wenbo Mao, Caroline Jessica Belrose, Graeme John Proudler
  • Patent number: 8670568
    Abstract: A computer platform is provided that comprises a processor and a cryptographic co-processor coupled to the processor. The computer platform further comprises a platform entity coupled to the processor. The platform entity establishes a secure relationship with the cryptographic co-processor that enables the platform entity to utilize cryptographic functions provided by the cryptographic co-processor.
    Type: Grant
    Filed: July 22, 2011
    Date of Patent: March 11, 2014
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Wael M. Ibrahim, Graeme J. Proudler, Liqun Chen, Manuel Novoa
  • Publication number: 20130326602
    Abstract: Apparatus and methods of creating digital signatures include storing a credential received from an external issuing entity at a host device associated with a signature engine. After agreeing on a message with a verifying entity, the host device may transmit a version of the credential with a signature from the associated signature engine for the message to the verifying entity. The verifying entity may determine from the version of the credential and the digital signature whether the credential originated from a trusted issuing entity.
    Type: Application
    Filed: May 2, 2011
    Publication date: December 5, 2013
    Applicant: HEWLETT-PACKARD DEVELOPMENT COMPANY, L.P.
    Inventor: Liqun Chen
  • Patent number: 8589679
    Abstract: Identifier-based signcryption methods and apparatus are disclosed both for signing and encrypting data, and for decrypting and verifying data. The signcryption methods use computable bilinear mappings and can be based, for example, on Weil or Tate pairings. A message sender associated with a first trusted authority carries out integrated signing/encryption processes to send a signed, encrypted message to an intended recipient associated with a second trusted authority. The recipient then carries out integrated decryption/verification processes to recover the original message and verify its origin.
    Type: Grant
    Filed: July 14, 2005
    Date of Patent: November 19, 2013
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Liqun Chen, Keith Alexander Harrison, John Malone-Lee
  • Patent number: 8566615
    Abstract: A document management system and method are disclosed herein. An example of the document management system includes a composite document generation module that generates a composite document and a secret seed that is associated with an owner or initiator of the composite document, and a key derivation module that derives, from the secret seed and using a key derivation function, at least one of a key for encryption, a key for decryption, a key for signature, or a key for verification for a participant of a workflow associated with the composite document.
    Type: Grant
    Filed: April 28, 2011
    Date of Patent: October 22, 2013
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Helen Balinsky, Liqun Chen, Steven J. Simske
  • Publication number: 20130227281
    Abstract: One example discloses a data manager of a data collector (DCDM) 8 executing on a virtual machine 6 for managing sensitive data. The DCDM 8 can have a conformance certificate that characterizes functionality of the DCDM 8. The DCDM 8 can request sensitive data from a data subject 16, wherein the request for the sensitive data includes the conformance certificate. The DCDM 8 can further receive, in response to the request, the sensitive data encrypted with an encrypted secret key. The secret key can be decrypt-able with a private key stored at a trusted platform module for the data collector (DCTPM) 12.
    Type: Application
    Filed: April 7, 2011
    Publication date: August 29, 2013
    Inventors: Gina Kounga, Liqun Chen
  • Publication number: 20130212391
    Abstract: A method includes generating a randomized base point and causing the randomized base point and a private key to be loaded into a signature engine device. The method also includes signing a message using the randomized base point and the private key as a base point as well as the private key in an elliptic curve cryptographic (ECC) signature.
    Type: Application
    Filed: February 9, 2012
    Publication date: August 15, 2013
    Inventors: Liqun Chen, Graeme John Proudler
  • Patent number: 8510789
    Abstract: Data to be output to a removable storage medium is encrypted for sending to an output device by an encryption process based on encryption parameters comprising public data of a trusted party and an encryption key string comprising a policy for allowing the output of the data. The trusted party provides a decryption key to the output device but only after being satisfied that the policy has been met. The decryption key is generated in dependence on the encryption key string and private data of the trusted party. The output device uses the decryption key in decrypting the data to be output. Embodiments are provided that involve multiple policies and trusted parties.
    Type: Grant
    Filed: September 16, 2003
    Date of Patent: August 13, 2013
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Cheh Goh, Liqun Chen, Stephen James Crane, Marco Casassa Mont, Keith Alexander Harrison
  • Publication number: 20130198255
    Abstract: Detecting a workflow termination. An object with embedded access control is sent to a next participant in a workflow, wherein the embedded access control is provided and enforced by placing a subset of access keys for individual content-parts into a unique key-map entry for each participant, wherein the object is a Publicly Posted Composite Document. A workflow termination is detected after failure to receive a confirmation token from the next participant after a specified condition is not met.
    Type: Application
    Filed: January 30, 2012
    Publication date: August 1, 2013
    Inventors: Helen Y. BALINSKY, Liqun Chen, Steven J. Simske
  • Publication number: 20130198524
    Abstract: A workflow order is created for the object. Public parameters are received from a key generation center at a computer associated with an object master. A public key is generated at the computer system based on a user identifier and the public parameters, wherein the user identifier is comprised of user related information. The object is encrypted using the public key such that the object cannot be opened without the a private key, wherein the object is a composite document comprising multiple elements of documents of different formats, and wherein the private key is generated in response to a request from an authenticated user using the user identifier at the key generation center. Access to the multiple elements of the object is controlled based on workflow order.
    Type: Application
    Filed: January 30, 2012
    Publication date: August 1, 2013
    Inventors: Helen Y. Balinsky, Liqun Chen, Steven J. Simske
  • Patent number: 8499149
    Abstract: Direct Anonymous Attestation involves a Signer using a credential supplied by an Issuer to anonymously prove to a Verifier, on the basis of a public key of the Issuer, the Issuer's attestation to the Signer's membership of a particular group. To facilitate membership revocation, the Issuer updates the public key at intervals, and also effects a complementary updating to the Signer's credential unless the Signer has ceased to be a legitimate group member. A non-updated credential is inadequate to enable the Signer to prove its Issuer attested group membership to a Verifier on the basis of the updated Issuer public key.
    Type: Grant
    Filed: February 19, 2009
    Date of Patent: July 30, 2013
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventor: Liqun Chen
  • Patent number: 8464058
    Abstract: A password-based cryptographic method is effected between a first party with a specified identity and secret password and a second party with a master secret. During a registration phase, a long-term password-based public key is generated for the first party from its password and the master secret of the second party. Subsequently, to generate matching keys, asymmetric or symmetric, for the parties for a specific interaction, the first party generates short-term secret x, and computes a short-term password-based public key that requires for its computation direct knowledge of the first party's password and secrets x; the second party then transforms this short-term password-based public key into an clement X, complimentary to x, by using its master secret and at least a first-party-specific constituent of the first party's long-term password-based public key. The secret x and element X are then used to provide matching keys for the parties.
    Type: Grant
    Filed: October 27, 2008
    Date of Patent: June 11, 2013
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Liqun Chen, Saugat Majumdar
  • Patent number: 8407092
    Abstract: A data processing system is described wherein use of resources in the system is metered. Metering evidence is generated which is difficult to forge and is, thus, relatively resistant to tampering. Such a system finds application, for example, in the field of metering the amount of time a person spends reading advertisement that are published on the World Wide Web. If reliable, such metering evidence may be used by the owner of the web server that contains the advertisement to bill the originator of the advertisement.
    Type: Grant
    Filed: October 30, 2001
    Date of Patent: March 26, 2013
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Wenbo Mao, Liqun Chen
  • Publication number: 20130061056
    Abstract: A method of extending an integrity measurement in a trusted device operating in an embedded trusted platform by using a set of policy commands to extend a list of Platform Configuration Registers (PCRs) for the device and the current values of the listed PCRs and an integrity value identifying the integrity measurement into a policy register, verify a signature over the integrity value extended into the policy register, and, if verification succeeds, extend a verification key of the trusted platform, plus an indication that it is a verification key, into the policy register, compare the integrity value extended into the policy register with a value stored in the trusted platform, and, if they are the same: extend the stored value, plus an indication that it is a stored value, into the policy register, and extend the integrity measurement in the trusted device if the value in the policy register matches a value stored with the integrity measurement.
    Type: Application
    Filed: May 12, 2011
    Publication date: March 7, 2013
    Inventors: Graeme John Proudler, Liqun Chen
  • Patent number: 8381267
    Abstract: A method of processing information to be confidentially transmitted from a first module to a second module provides that a first scalar multiplication may be carried out in order to obtain a first result [r]P. This first scalar multiplication comprises a plurality of generation steps of ordered factors from which a plurality of first partial sums are required to be built. The method also comprises the carrying out of a second scalar multiplication in order to obtain a second result. This second multiplication provides that a plurality of second partial sums may be built. A piece of encrypted information is obtained by processing the information based on the results of the scalar multiplications. The second partial sums of the second scalar multiplication use the same ordered factors obtained by the generation step of the first scalar multiplication.
    Type: Grant
    Filed: October 10, 2006
    Date of Patent: February 19, 2013
    Assignee: STMicroelectronics S.r.l.
    Inventors: Guido Marco Bertoni, Pasqualina Fragneto, Gerardo Pelosi, Keith Harrison, Liqun Chen
  • Patent number: 8364729
    Abstract: A document management system includes a document. One or more of a plurality of map-files of the document correspond(s) with a step of a multi-step workflow associated with the document. A random nonce is generated for each of the steps of the multi-step workflow except for an initial step of the multi-step workflow. Each of the random nonces i) is incorporated as a map-file entry into a respective one of the plurality of map-files corresponding with a step of the multi-step workflow that directly precedes the step of the multi-step workflow for which the random nonce is generated and ii) is used to perform a nonce-based initiating operation a respective one of the plurality of map-files corresponding with the step of the multi-step workflow for which the random nonce is generated.
    Type: Grant
    Filed: March 17, 2011
    Date of Patent: January 29, 2013
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Helen Balinsky, Liqun Chen, Steven J. Simske
  • Patent number: 8352736
    Abstract: An authentication method of a first module by a second module includes the steps of generating a first random datum by the second module to be sent to the first module, generating a first number by the first module starting from the first datum and by way of a private key, and generating a second number by the second module to be compared with the first number, so as to authenticate the first module. The step of generating the second number is performed starting from public parameters and is independent of the step of generating the first number.
    Type: Grant
    Filed: December 22, 2005
    Date of Patent: January 8, 2013
    Assignees: STMicroelectronics S.R.L., Hewlett-Packard Development Company, L.P.
    Inventors: Liqun Chen, Keith Harrison, Guido Marco Bertoni, Pasqualina Fragneto, Gerardo Pelosi
  • Patent number: 8341429
    Abstract: A data transfer device for transferring data to a removable data storage item. The data transfer device receives content data to be stored to the removable data storage item, encrypts the content data using an encryption key, and transforms at least one of predetermined reference data and the encryption key. The data transfer device also encrypts the transformed predetermined reference data using the encryption key or encrypts the predetermined reference data using the transformed encryption key, and then stores the encrypted content data and the encrypted transformed/predetermined reference data to the removable data storage item.
    Type: Grant
    Filed: September 28, 2008
    Date of Patent: December 25, 2012
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Jonathan Peter Buckingham, Liqun Chen, Christopher Williams