Patents by Inventor Manuel Leone
Manuel Leone has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 8490159Abstract: A method for security in a passive optical network is disclosed. The method includes, at an optical line termination (OLT): detecting an optical termination device and establishing a connection with the device; generating a first authentication message including a first random number; and transmitting the first authentication message through the established connection. At the optical termination device, the method may include: receiving the first authentication message; calculating a first authentication code by using the first random number and a secret code stored at the device; and generating and transmitting to the OLT a second authentication message including the first authentication code.Type: GrantFiled: November 3, 2008Date of Patent: July 16, 2013Assignee: Telecom Italia S.p.A.Inventors: Luciana Costa, Roberta D'Amico, Paolo De Lutiis, Manuel Leone, Maurizio Valvo, Paolo Solina
-
Patent number: 8474004Abstract: A system includes at least one telecommunications terminal having data processing capabilities, the telecommunications terminal being susceptible of having installed thereon software applications, wherein each software application has associated therewith a respective indicator adapted to indicate a level of security of the software application, the level of security being susceptible of varying in time; a software agent executed by the at least one telecommunications terminal, the software agent being adapted to conditionally allow the installation of software applications on the telecommunications terminal based on the respective level of security; a server in communications relationship with the software agent, the server being adapted to dynamically calculate the level of security of the software applications, and to communicate to the software agent the calculated level of security of the software applications to be installed on the telecommunications terminal.Type: GrantFiled: July 31, 2006Date of Patent: June 25, 2013Assignee: Telecom Italia S.p.A.Inventor: Manuel Leone
-
Patent number: 8458468Abstract: A system includes a sending terminal and at least one receiving terminal, the terminals capable of being connected to a communication network for transmitting an information item from the sending terminal to the at least one receiving terminal. The sending terminal is linked via a secure channel to a unit adapted to encrypt sensitive data using a first encryption/decryption mechanism, the sensitive data being used to protect the information item, and the at least one receiving terminal capable of interacting with a SIM module storing a second encryption/decryption mechanism identical to the first encryption/decryption mechanism, for decrypting the sensitive data.Type: GrantFiled: June 25, 2004Date of Patent: June 4, 2013Assignee: Telecom Italia S.p.A.Inventors: Manuel Leone, Ettore Elio Caprella
-
Patent number: 8413209Abstract: A system for enforcing security policies on mobile communications devices is adapted to be used in a mobile communications network in operative association with a subscriber identity module. The system having a client-server architecture includes a server operated by a mobile communications network operator and a client resident on a mobile communications device on which security policies are to be enforced. The server is adapted to determine security policies to be applied on said mobile communications device, and to send thereto a security policy to be applied. The client is adapted to receive the security policy to be applied from the server, and to apply the received security policy.Type: GrantFiled: March 27, 2006Date of Patent: April 2, 2013Assignee: Telecom Italia S.p.A.Inventors: Carlo Aldera, Paolo De Lutiis, Maria Teresa Grillo, Manuel Leone, Alessandro Basso, Michele Miraglia
-
Patent number: 8296825Abstract: A system for enabling a user to communicate on a virtual private network through a public communication network, the possibility of communicating on the private network depending on the availability to the user of at least one enabling credential sent to the user in encrypted form. The system includes at least one SIM type module available to the user and bearing an encryption mechanism and it is configured to decrypt the enabling credential at the user exploiting the encryption mechanism home by the SIM type module, the SIM type module being able to interact with at least one additional communication network to activate the encryption mechanism.Type: GrantFiled: May 31, 2004Date of Patent: October 23, 2012Assignee: Telecom Italia S.p.A.Inventors: Manuel Leone, Ettore Elio Caprella
-
Patent number: 8245047Abstract: A method for managing a group signature scheme includes in a setup procedure for group initialization, generating, by a group manager, a group public key. In a join procedure for the group manager to add a new member to the group, the method includes generating by the new member, user information, and providing the generated user information to the group manager, and computing, by the group manager, membership information for the new member based on the user information received by the new member and on the group public key, and providing to the new member the computed membership information. In particular, the membership information is computed, by the group manager, as a function of the inverse of a given hash function of the user information. In a signing procedure for a group member to sign a message on behalf of the group, the method includes: using, by the group member, the membership information and the user information.Type: GrantFiled: December 19, 2005Date of Patent: August 14, 2012Assignee: Telecom Italia S.p.A.Inventors: Pier Luigi Zaccone, Manuel Leone, Ettore Caprella, Francesco Bergadano, Davide Cavagnino, Paolo Dal Checco
-
Publication number: 20110214160Abstract: A method for security in a passive optical network is disclosed. The method includes, at an optical line termination (OLT): detecting an optical termination device and establishing a connection with the device; generating a first authentication message including a first random number; and transmitting the first authentication message through the established connection. At the optical termination device, the method may include: receiving the first authentication message; calculating a first authentication code by using the first random number and a secret code stored at the device; and generating and transmitting to the OLT a second authentication message including the first authentication code.Type: ApplicationFiled: November 3, 2008Publication date: September 1, 2011Applicant: TELECOM ITALIA S.P.A.Inventors: Luciana Costa, Roberta D'Amico, Paolo De Lutiis, Manuel Leone, Maurizio Valvo, Paolo Solina
-
Patent number: 7913096Abstract: An arrangement for the cipher controlled exploitation of data resources (e.g., securely storing and retrieving sensitive data or securely registering and logging on a computer system) includes the steps of providing a subscriber identity module carrying a security algorithm; generating at least one, e.g., two, random values; subjecting the random value to the at least one security algorithm to generate at least one, e.g., two, session keys; processing the session keys via a mixer function such as a hash function to produce a cipher key; and using the cipher key thus produced for exploiting the data resources.Type: GrantFiled: December 30, 2003Date of Patent: March 22, 2011Assignee: Telecom Italia S.p.A.Inventors: Manuel Leone, Ettore Elio Caprella
-
Patent number: 7844834Abstract: A method for securely storing at least one user's private information item, such as a private key for cipher processing, includes the steps of providing a communication network wherein the user is allotted a respective subscriber identity module and the subscriber identity module stores at least one security algorithm; producing a cipher key via the at least one security algorithm; and providing a remote storing location accessible by the user via the communication network wherein the user's private information items are stored as files encrypted via the cipher key.Type: GrantFiled: December 30, 2003Date of Patent: November 30, 2010Assignee: Telecom Italia S.p.A.Inventors: Manuel Leone, Ettore Elio Caprella
-
Patent number: 7636848Abstract: Communication between an administrator device and an administered device in a network is arranged in the form of a chain of digitally signed communication items including messages sent from an originator device to a recipient device. Each message has an associated respective digitally signed receipt, and the originator device is configured not to send a new item toward the recipient device in the absence of a respective digitally signed receipt for a previously sent item. With at least one, and preferably by both of the administrator device and the administered device, there is stored a history record of communication items exchanged therebetween. The history record is agreed upon and signed by both the administrator device and the administered device.Type: GrantFiled: November 27, 2003Date of Patent: December 22, 2009Assignee: Telecom Italia S.p.A.Inventors: Ettore Elio Caprella, Paolo De Lutiis, Manuel Leone, Pier Luigi Zaccone
-
Publication number: 20090254993Abstract: A system includes at least one telecommunications terminal having data processing capabilities, the telecommunications terminal being susceptible of having installed thereon software applications, wherein each software application has associated therewith a respective indicator adapted to indicate a level of security of the software application, the level of security being susceptible of varying in time; a software agent executed by the at least one telecommunications terminal, the software agent being adapted to conditionally allow the installation of software applications on the telecommunications terminal based on the respective level of security; a server in communications relationship with the software agent, the server being adapted to dynamically calculate the level of security of the software applications, and to communicate to the software agent the calculated level of security of the software applications to be installed on the telecommunications terminal.Type: ApplicationFiled: July 31, 2006Publication date: October 8, 2009Inventor: Manuel Leone
-
Publication number: 20090222668Abstract: A method for managing a group signature scheme includes in a setup procedure for group initialization, generating, by a group manager, a group public key. In a join procedure for the group manager to add a new member to the group, the method includes generating by the new member, user information, and providing the generated user information to the group manager, and computing, by the group manager, membership information for the new member based on the user information received by the new member and on the group public key, and providing to the new member the computed membership information. In particular, the membership information is computed, by the group manager, as a function of the inverse of a given hash function of the user information. In a signing procedure for a group member to sign a message on behalf of the group, the method includes: using, by the group member, the membership information and the user information.Type: ApplicationFiled: December 19, 2005Publication date: September 3, 2009Inventors: Pier Luigi Zaccone, Manuel Leone, Ettore Caprella, Francesco Bergadano, Davide Cavagnino, Paolo Dal Checco
-
Publication number: 20080052769Abstract: A system for enabling a user to communicate on a virtual private network through a public communication network, the possibility of communicating on the private network depending on the availability to the user of at least one enabling credential sent to the user in encrypted form. The system includes at least one SIM type module available to the user and bearing an encryption mechanism and it is configured to decrypt the enabling credential at the user exploiting the encryption mechanism home by the SIM type module, the SIM type module being able to interact with at least one additional communication network to activate the encryption mechanism.Type: ApplicationFiled: May 31, 2004Publication date: February 28, 2008Inventors: Manuel Leone, Ettore Caprella
-
Publication number: 20070234034Abstract: A system includes a sending terminal and at least one receiving terminal, the terminals capable of being connected to a communication network for transmitting an information item from the sending terminal to the at least one receiving terminal. The sending terminal is linked via a secure channel to a unit adapted to encrypt sensitive data using a first encryption/decryption mechanism, the sensitive data being used to protect the information item, and the at least one receiving terminal capable of interacting with a SIM module storing a second encryption/decryption mechanism identical to the first encryption/decryption mechanism, for decrypting the sensitive data.Type: ApplicationFiled: June 25, 2004Publication date: October 4, 2007Inventors: Manuel Leone, Ettore Caprella
-
Publication number: 20070107052Abstract: Apparatus for monitoring operation of a processing system includes a set of modules for monitoring operation of a set of system primitives that allocate or release the system resources and are used by different processes running on the system. Preferably, the modules include at least one application knowledge module tracking the processes running on the system and monitoring the resources used thereby, a network knowledge module monitoring connections by the processes running on the system, a file-system analysis module monitoring the file-related operations performed within the system, and a device monitoring module monitoring operation of commonly used modules with the system. A preferred field of application is in host-based intrusion detection systems.Type: ApplicationFiled: December 17, 2003Publication date: May 10, 2007Inventors: Gianluca Cangini, Gerardo Lamastra, Francesco Coda Zabetta, Paolo Abeni, Madalina Baltatu, Rosalia D'Alessandro, Stefano Brusotti, Sebastiano Di Paola, Manuel Leone, Federico Frosali
-
Publication number: 20070079142Abstract: An arrangement for the cipher controlled exploitation of data resources (e.g., securely storing and retrieving sensitive data or securely registering and logging on a computer system) includes the steps of providing a subscriber identity module carrying a security algorithm; generating at least one, e.g., two, random values; subjecting the random value to the at least one security algorithm to generate at least one, e.g., two, session keys; processing the session keys via a mixer function such as a hash function to produce a cipher key; and using the cipher key thus produced for exploiting the data resources.Type: ApplicationFiled: December 30, 2003Publication date: April 5, 2007Inventors: Manuel Leone, Ettore Caprella
-
Publication number: 20070071241Abstract: Communication between an administrator device and an administered device in a network is arranged in the form of a chain of digitally signed communication items including messages sent from an originator device to a recipient device. Each message has an associated respective digitally signed receipt, and the originator device is configured not to send a new item toward the recipient device in the absence of a respective digitally signed receipt for a previously sent item. With at least one, and preferably by both of the administrator device and the administered device, there is stored a history record of communication items exchanged therebetween. The history record is agreed upon and signed by both the administrator device and the administered device.Type: ApplicationFiled: November 27, 2003Publication date: March 29, 2007Inventors: Ettore Caprella, Paolo De Lutiis, Manuel Leone, Pier Zaccone
-
Publication number: 20070055873Abstract: A method for securely storing at least one user's private information item, such as a private key for cipher processing, includes the steps of providing a communication network wherein the user is allotted a respective subscriber identity module and the subscriber identity module stores at least one security algorithm; producing a cipher key via the at least one security algorithm; and providing a remote storing location accessible by the user via the communication network wherein the user's private information items are stored as files encrypted via the cipher key.Type: ApplicationFiled: December 30, 2003Publication date: March 8, 2007Inventors: Manuel Leone, Ettore Caprella