Patents by Inventor Matthew A. Blaze
Matthew A. Blaze has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 7996325Abstract: The present invention provides a microbilling system that integrates with existing billing systems and existing devices. In a preferred embodiment of the invention, the devices store digital certificates with short-lived expiration dates and specifying transaction limits, preferably using a trust management system. A provisioning agent periodically (e.g., once a day) issues the certificates over a secure channel to the devices. When conducting a purchase transaction, the devices exchange certificates via a communication channel (that need not be secure) and the purchasing device issues a digitally signed electronic check which is periodically deposited over an advantageously secure channel with a clearing service. The present invention enables microbilling transactions by embedding liability in the certificates.Type: GrantFiled: December 7, 2009Date of Patent: August 9, 2011Assignee: AT&T Intellectual Property II, LPInventors: Matthew A. Blaze, John Ioannidis, Angelos Keromytis
-
Publication number: 20100094644Abstract: The present invention provides a microbilling system that integrates with existing billing systems and existing devices. In a preferred embodiment of the invention, the devices store digital certificates with short-lived expiration dates and specifying transaction limits, preferably using a trust management system. A provisioning agent periodically (e.g., once a day) issues the certificates over a secure channel to the devices. When conducting a purchase transaction, the devices exchange certificates via a communication channel (that need not be secure) and the purchasing device issues a digitally signed electronic check which is periodically deposited over an advantageously secure channel with a clearing service. The present invention enables microbilling transactions by embedding liability in the certificates.Type: ApplicationFiled: December 7, 2009Publication date: April 15, 2010Applicant: AT&T Corp.Inventors: Matthew A. Blaze, John Ioannidis, Angelos Keromytis
-
Patent number: 7650313Abstract: The present invention provides a microbilling system that integrates with existing billing systems and existing devices. In a preferred embodiment of the invention, the devices store digital certificates with short-lived expiration dates and specifying transaction limits, preferably using a trust management system. A provisioning agent periodically (e.g., once a day) issues the certificates over a secure channel to the devices. When conducting a purchase transaction, the devices exchange certificates via a communication channel (that need not be secure) and the purchasing device issues a digitally signed electronic check which is periodically deposited over an advantageously secure channel with a clearing service. The present invention enables microbilling transactions by embedding liability in the certificates.Type: GrantFiled: June 12, 2004Date of Patent: January 19, 2010Assignee: AT&T Corp.Inventors: Matthew A. Blaze, John Ioannidis, Angelos Keromytis
-
Patent number: 6789068Abstract: The present invention provides a microbilling system that integrates with existing billing systems and existing devices. In a preferred embodiment of the invention, the devices store digital certificates with short-lived expiration dates and specifying transaction limits, preferably using a trust management system. A provisioning agent periodically (e.g., once a day) issues the certificates over a secure channel to the devices. When conducting a purchase transaction, the devices exchange certificates via a communication channel (that need not be secure) and the purchasing device issues a digitally signed electronic check which is periodically deposited over an advantageously secure channel with a clearing service. The present invention enables microbilling transactions by embedding liability in the certificates.Type: GrantFiled: November 8, 1999Date of Patent: September 7, 2004Assignee: AT&T Corp.Inventors: Matthew A. Blaze, John Ioannidis, Angelos Keromytis
-
Patent number: 6625158Abstract: Provided are a method and system for achieving enhanced performance in communications between a plurality of emulated networks overlaid onto at least one base network, wherein the communications involve one or more source route bridges. The method and system accomplish their objects via the following. Determining when communication is to occur, through the one or more source route bridges, and between at least two entities where a first of the at least two entities is a member of a first emulated network and where a second of the at least two entities is a member of another of the plurality of emulated networks. Informing the at least one of the at least two entities of one or more addresses consonant with the protocols of the at least one base network wherein the one or more addresses identify one or more base network entities closely correspondent to at least one of the at least two entities.Type: GrantFiled: July 31, 1997Date of Patent: September 23, 2003Assignee: International Business Machines CorporationInventors: Cedell Adam Alexander, Jr., Charles Allen Carriker, Jr., Jim Philip Ervin, John Kevin Frick, Matthew Blaze Squire, Deepak Vig
-
Patent number: 6324163Abstract: A method of alleviating network congestion in an emulated Local Area Network (ELAN) within an Asynchronous Transfer Mode (ATM) network is implemented. The method mitigates network congestion by distributing the connection times of Local Area Network (LAN) Emulation Client (LEC) to an ELAN over random periods of time. When a LAN Emulation Server (LES) or Broadcast and Unknown Server (BUS) attempts to build point-to-multipoint connections to the LEC, it issues control messages to network switches. If the messages are dropped or rejected the LES or BUS recognizes the network is in a congested state and randomly retries to attempt connection.Type: GrantFiled: November 24, 1997Date of Patent: November 27, 2001Assignee: International Business Machines CorporationInventors: Cedell Adam Alexander, Jr., Jim P. Ervin, Edward Joel Rovner, Matthew Blaze Squire, Mark Alan Tippens
-
Publication number: 20010018675Abstract: A method and apparatus are provided for compliance checking in a trust-management system. A request r, a policy assertion (ƒ0, POLICY), and n−1 credential assertions (ƒ1, s1) . . . , (ƒn−1, sn-1) are received, each credential assertion comprising a credential function ƒi and a credential source si. Each assertion may be monotonic, authentic, and locally bounded. An acceptance record set S is initialized to {(&Lgr;, &Lgr;, R)}, where &Lgr; represents a distinguished null string, and R represents the request r. Each assertion (ƒi, si), where i represents the integers from n−1 to 0, is run and the result is added to the acceptance record set S. This is repeated mn times, where m represents a number greater than 1, and an acceptance is output if any of the results in the acceptance record set S comprise an acceptance record (0, POLICY, R).Type: ApplicationFiled: February 9, 2001Publication date: August 30, 2001Inventors: Matthew A. Blaze, Joan Feigenbaum, Martin J. Strauss
-
Patent number: 6256734Abstract: A method and apparatus are provided for compliance checking in a trust-management system A request r, a policy assertion (ƒ0, POLICY), and n−1 credential assertions (ƒ1, s1) , . . . , (ƒn−1, sn−1) are received, each credential assertion comprising a credential function ƒi and a credential source si. Each assertion may be monotonic, authentic, and locally bounded. An acceptance record set S is initialized to {(&Lgr;, &Lgr;, R)}, where A represents a distinguished null string, and R represents the request r. Each assertion (ƒi, si), where i represents the integers from n−1 to 0, is run and the result is added to the acceptance record set S. This is repeated mn times, where m represents a number greater than 1, and an acceptance is output if any of the results in the acceptance record set S comprise an acceptance record (0, POLICY, R).Type: GrantFiled: October 8, 1999Date of Patent: July 3, 2001Assignee: AT&TInventors: Matthew A. Blaze, Joan Feigenbaum, Martin J Strauss
-
Patent number: 6178171Abstract: A method is implemented to enable networks employing source-route bridging to participate in route switched, Asynchronous Transfer Mode (ATM), networks. Such source-routed networks, for example, Token-Ring LANs, incorporate an end-to-end route description in the data packets transmitted by the source station. The end-to-end route description is contained in a Route Information Field (RIF). The method implemented herein associates an RIF with the ATM address corresponding to a destination station. This permits the source-route bridged network to exploit the efficiencies of layer-2 connections and the high-speed switching characteristics of the ATM network.Type: GrantFiled: November 24, 1997Date of Patent: January 23, 2001Assignee: International Business Machines CorporationInventors: Cedell Adam Alexander, Jr., Brahmanand Gorti, Matthew Blaze Squire
-
Patent number: 6064675Abstract: An ATM communications network with several ELANs allows steady-state data to be passed between ATM attached devices which bypasses intermediate LECs and bridges. Connected to the ATM communications network is a bridge unit which includes a bridge and associated LECs. Also, an origination ATM attached device and a destination ATM attached device are attached to the ATM communications network via a first by a first ELAN and a second ELAN, respectively. The origination ATM attached device sends a request for an ATM address associated with the destination ATM attached device to the bridge, via the first ELAN. After some processing, the bridge returns the ATM address associated with the destination ATM attached device to the origination ATM attached device. This allows the origination ATM attached device to establish a shortcut VCC with the destination ATM attached device using the ATM address associated with the destination ATM attached device, thereby bypassing intermediate bridges and LECs.Type: GrantFiled: April 11, 1997Date of Patent: May 16, 2000Assignee: International Business Machines CorporationInventors: Cedell Adam Alexander, Jr., Charles Allen Carriker, Jr., John Kevin Frick, Edward Joel Rovner, Matthew Blaze Squire, Deepak Vig
-
Patent number: 6005944Abstract: An efficient block cipher that operates on blocks of arbitrarily large size. A block is permuted by recursively using relatively small random functions in an N-round Feistel construction, where N is an integer. The security of the invention is closely related to the difficulty of solving the Numerical Matching with Target Sums problem, an NP Complete problem which cannot presently be solved analytically using known mathematical techniques. The memory required for the cipher's random functions increases linearly with block size, rather than exponentially as with known Feistel constructions. The invention can be efficiently and practically implemented in software at speeds comparable to the speeds of known ciphers.Type: GrantFiled: February 14, 1997Date of Patent: December 21, 1999Assignee: AT&T CorpInventor: Matthew A. Blaze
-
Patent number: 5949753Abstract: An ELAN having redundant default gateways is attached to an asynchronous transfer mode (ATM) communications network. The ELAN's redundant default gateways are comprised of a first and second routers. The first router is associated with a primary default gateway and the second router is associated with a backup default gateway. Both the primary and backup default gateways are connected to the ELAN and both the primary and backup default gateways are configured with a default gateway IP address and associated MAC address. Initially, the primary default gateway registers the default gateway MAC address, thereby becoming the active default gateway. While the primary default gateway is active, the backup default gateway continually attempts to register the default gateway MAC address.Type: GrantFiled: April 11, 1997Date of Patent: September 7, 1999Assignee: International Business Machines CorporationInventors: Cedell Adam Alexander, Jr., John Lloyd, Matthew Blaze Squire
-
Patent number: 5909494Abstract: A pseudo-random bit generator using at least one N-round Feistel construction that uses random functions. A block of data is permuted and divided into a stream word and a modification word. The stream word is used to build the pseudo-random bitstream. The modification word is used to modify a selected element of a random function used in a Feistel construction. When a single Feistel construction is used, its random functions are dynamically changed by the modification words as they are generated. When a plurality of Feistel constructions are used, the random functions of a selected inactive construction are modified by modification words generated by an active construction. When all of the elements of all of the functions of the inactive construction have been modified, the active and inactive functions are exchanged.Type: GrantFiled: February 14, 1997Date of Patent: June 1, 1999Assignee: AT&T Corp.Inventor: Matthew A. Blaze
-
Patent number: 5870589Abstract: Provided are a method and system for achieving enhanced performance in communications involving one or more emulated networks overlaid onto at least one base network, where the emulation is performed by one or more network emulation servers-broadcast and unknown servers. The objects of the method and system are achieved via the following. Monitoring addresses of data transiting the one or more network emulation servers-broadcast and unknown servers where such monitored addresses are indicative of one or more functions provided by the one or more emulated networks. Tracking the monitored addresses. Comparing the tracked addresses, indicative of on or more functions provided by the one more emulated networks, with one or more prespecified thresholds indicative of monopolization of resources of the at least one emulated network.Type: GrantFiled: July 23, 1997Date of Patent: February 9, 1999Assignee: International Business Machines CorporationInventors: Cedell Adam Alexander, Jr., John Kevin Frick, Matthew Blaze Squire, Edward Joel Rovner
-
Patent number: 5721777Abstract: A cryptographic module, such as a smartcard, is designed to a) store decrypting software programs, and information indicative of predetermined conditions under which an escrow agent is enabled to use the software programs stored on the module to decrypt encrypted data files, and b) records for audit purposes, information indicating every time the software programs are used for decryption.Type: GrantFiled: December 29, 1994Date of Patent: February 24, 1998Assignee: Lucent Technologies Inc.Inventor: Matthew A. Blaze
-
Patent number: 5696823Abstract: A cryptographic system enables a secure, but low-bandwidth, cryptographic module, such as a smartcard or PCMCIA device, to serve as a high-bandwidth secret-key encryption decryption engine which uses the processing power of an untrusted, but fast, host processor without revealing the secret key to that host processor.Type: GrantFiled: March 31, 1995Date of Patent: December 9, 1997Assignee: Lucent Technologies Inc.Inventor: Matthew A. Blaze
-
Patent number: 5574781Abstract: A communications system is arranged to route a database-queried call (900-number or 800-number call) to a subscriber (pay-per-call sponsor or 800-number customer), and to deliver to the subscriber information identifying the call as a database-queried call, as opposed to a switched-line or POTS call.Type: GrantFiled: December 8, 1994Date of Patent: November 12, 1996Assignee: AT&TInventor: Matthew A. Blaze