Patents by Inventor Matthew A. Blaze

Matthew A. Blaze has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Patent number: 7996325
    Abstract: The present invention provides a microbilling system that integrates with existing billing systems and existing devices. In a preferred embodiment of the invention, the devices store digital certificates with short-lived expiration dates and specifying transaction limits, preferably using a trust management system. A provisioning agent periodically (e.g., once a day) issues the certificates over a secure channel to the devices. When conducting a purchase transaction, the devices exchange certificates via a communication channel (that need not be secure) and the purchasing device issues a digitally signed electronic check which is periodically deposited over an advantageously secure channel with a clearing service. The present invention enables microbilling transactions by embedding liability in the certificates.
    Type: Grant
    Filed: December 7, 2009
    Date of Patent: August 9, 2011
    Assignee: AT&T Intellectual Property II, LP
    Inventors: Matthew A. Blaze, John Ioannidis, Angelos Keromytis
  • Publication number: 20100094644
    Abstract: The present invention provides a microbilling system that integrates with existing billing systems and existing devices. In a preferred embodiment of the invention, the devices store digital certificates with short-lived expiration dates and specifying transaction limits, preferably using a trust management system. A provisioning agent periodically (e.g., once a day) issues the certificates over a secure channel to the devices. When conducting a purchase transaction, the devices exchange certificates via a communication channel (that need not be secure) and the purchasing device issues a digitally signed electronic check which is periodically deposited over an advantageously secure channel with a clearing service. The present invention enables microbilling transactions by embedding liability in the certificates.
    Type: Application
    Filed: December 7, 2009
    Publication date: April 15, 2010
    Applicant: AT&T Corp.
    Inventors: Matthew A. Blaze, John Ioannidis, Angelos Keromytis
  • Patent number: 7650313
    Abstract: The present invention provides a microbilling system that integrates with existing billing systems and existing devices. In a preferred embodiment of the invention, the devices store digital certificates with short-lived expiration dates and specifying transaction limits, preferably using a trust management system. A provisioning agent periodically (e.g., once a day) issues the certificates over a secure channel to the devices. When conducting a purchase transaction, the devices exchange certificates via a communication channel (that need not be secure) and the purchasing device issues a digitally signed electronic check which is periodically deposited over an advantageously secure channel with a clearing service. The present invention enables microbilling transactions by embedding liability in the certificates.
    Type: Grant
    Filed: June 12, 2004
    Date of Patent: January 19, 2010
    Assignee: AT&T Corp.
    Inventors: Matthew A. Blaze, John Ioannidis, Angelos Keromytis
  • Patent number: 6789068
    Abstract: The present invention provides a microbilling system that integrates with existing billing systems and existing devices. In a preferred embodiment of the invention, the devices store digital certificates with short-lived expiration dates and specifying transaction limits, preferably using a trust management system. A provisioning agent periodically (e.g., once a day) issues the certificates over a secure channel to the devices. When conducting a purchase transaction, the devices exchange certificates via a communication channel (that need not be secure) and the purchasing device issues a digitally signed electronic check which is periodically deposited over an advantageously secure channel with a clearing service. The present invention enables microbilling transactions by embedding liability in the certificates.
    Type: Grant
    Filed: November 8, 1999
    Date of Patent: September 7, 2004
    Assignee: AT&T Corp.
    Inventors: Matthew A. Blaze, John Ioannidis, Angelos Keromytis
  • Patent number: 6625158
    Abstract: Provided are a method and system for achieving enhanced performance in communications between a plurality of emulated networks overlaid onto at least one base network, wherein the communications involve one or more source route bridges. The method and system accomplish their objects via the following. Determining when communication is to occur, through the one or more source route bridges, and between at least two entities where a first of the at least two entities is a member of a first emulated network and where a second of the at least two entities is a member of another of the plurality of emulated networks. Informing the at least one of the at least two entities of one or more addresses consonant with the protocols of the at least one base network wherein the one or more addresses identify one or more base network entities closely correspondent to at least one of the at least two entities.
    Type: Grant
    Filed: July 31, 1997
    Date of Patent: September 23, 2003
    Assignee: International Business Machines Corporation
    Inventors: Cedell Adam Alexander, Jr., Charles Allen Carriker, Jr., Jim Philip Ervin, John Kevin Frick, Matthew Blaze Squire, Deepak Vig
  • Patent number: 6324163
    Abstract: A method of alleviating network congestion in an emulated Local Area Network (ELAN) within an Asynchronous Transfer Mode (ATM) network is implemented. The method mitigates network congestion by distributing the connection times of Local Area Network (LAN) Emulation Client (LEC) to an ELAN over random periods of time. When a LAN Emulation Server (LES) or Broadcast and Unknown Server (BUS) attempts to build point-to-multipoint connections to the LEC, it issues control messages to network switches. If the messages are dropped or rejected the LES or BUS recognizes the network is in a congested state and randomly retries to attempt connection.
    Type: Grant
    Filed: November 24, 1997
    Date of Patent: November 27, 2001
    Assignee: International Business Machines Corporation
    Inventors: Cedell Adam Alexander, Jr., Jim P. Ervin, Edward Joel Rovner, Matthew Blaze Squire, Mark Alan Tippens
  • Publication number: 20010018675
    Abstract: A method and apparatus are provided for compliance checking in a trust-management system. A request r, a policy assertion (ƒ0, POLICY), and n−1 credential assertions (ƒ1, s1) . . . , (ƒn−1, sn-1) are received, each credential assertion comprising a credential function ƒi and a credential source si. Each assertion may be monotonic, authentic, and locally bounded. An acceptance record set S is initialized to {(&Lgr;, &Lgr;, R)}, where &Lgr; represents a distinguished null string, and R represents the request r. Each assertion (ƒi, si), where i represents the integers from n−1 to 0, is run and the result is added to the acceptance record set S. This is repeated mn times, where m represents a number greater than 1, and an acceptance is output if any of the results in the acceptance record set S comprise an acceptance record (0, POLICY, R).
    Type: Application
    Filed: February 9, 2001
    Publication date: August 30, 2001
    Inventors: Matthew A. Blaze, Joan Feigenbaum, Martin J. Strauss
  • Patent number: 6256734
    Abstract: A method and apparatus are provided for compliance checking in a trust-management system A request r, a policy assertion (ƒ0, POLICY), and n−1 credential assertions (ƒ1, s1) , . . . , (ƒn−1, sn−1) are received, each credential assertion comprising a credential function ƒi and a credential source si. Each assertion may be monotonic, authentic, and locally bounded. An acceptance record set S is initialized to {(&Lgr;, &Lgr;, R)}, where A represents a distinguished null string, and R represents the request r. Each assertion (ƒi, si), where i represents the integers from n−1 to 0, is run and the result is added to the acceptance record set S. This is repeated mn times, where m represents a number greater than 1, and an acceptance is output if any of the results in the acceptance record set S comprise an acceptance record (0, POLICY, R).
    Type: Grant
    Filed: October 8, 1999
    Date of Patent: July 3, 2001
    Assignee: AT&T
    Inventors: Matthew A. Blaze, Joan Feigenbaum, Martin J Strauss
  • Patent number: 6178171
    Abstract: A method is implemented to enable networks employing source-route bridging to participate in route switched, Asynchronous Transfer Mode (ATM), networks. Such source-routed networks, for example, Token-Ring LANs, incorporate an end-to-end route description in the data packets transmitted by the source station. The end-to-end route description is contained in a Route Information Field (RIF). The method implemented herein associates an RIF with the ATM address corresponding to a destination station. This permits the source-route bridged network to exploit the efficiencies of layer-2 connections and the high-speed switching characteristics of the ATM network.
    Type: Grant
    Filed: November 24, 1997
    Date of Patent: January 23, 2001
    Assignee: International Business Machines Corporation
    Inventors: Cedell Adam Alexander, Jr., Brahmanand Gorti, Matthew Blaze Squire
  • Patent number: 6064675
    Abstract: An ATM communications network with several ELANs allows steady-state data to be passed between ATM attached devices which bypasses intermediate LECs and bridges. Connected to the ATM communications network is a bridge unit which includes a bridge and associated LECs. Also, an origination ATM attached device and a destination ATM attached device are attached to the ATM communications network via a first by a first ELAN and a second ELAN, respectively. The origination ATM attached device sends a request for an ATM address associated with the destination ATM attached device to the bridge, via the first ELAN. After some processing, the bridge returns the ATM address associated with the destination ATM attached device to the origination ATM attached device. This allows the origination ATM attached device to establish a shortcut VCC with the destination ATM attached device using the ATM address associated with the destination ATM attached device, thereby bypassing intermediate bridges and LECs.
    Type: Grant
    Filed: April 11, 1997
    Date of Patent: May 16, 2000
    Assignee: International Business Machines Corporation
    Inventors: Cedell Adam Alexander, Jr., Charles Allen Carriker, Jr., John Kevin Frick, Edward Joel Rovner, Matthew Blaze Squire, Deepak Vig
  • Patent number: 6005944
    Abstract: An efficient block cipher that operates on blocks of arbitrarily large size. A block is permuted by recursively using relatively small random functions in an N-round Feistel construction, where N is an integer. The security of the invention is closely related to the difficulty of solving the Numerical Matching with Target Sums problem, an NP Complete problem which cannot presently be solved analytically using known mathematical techniques. The memory required for the cipher's random functions increases linearly with block size, rather than exponentially as with known Feistel constructions. The invention can be efficiently and practically implemented in software at speeds comparable to the speeds of known ciphers.
    Type: Grant
    Filed: February 14, 1997
    Date of Patent: December 21, 1999
    Assignee: AT&T Corp
    Inventor: Matthew A. Blaze
  • Patent number: 5949753
    Abstract: An ELAN having redundant default gateways is attached to an asynchronous transfer mode (ATM) communications network. The ELAN's redundant default gateways are comprised of a first and second routers. The first router is associated with a primary default gateway and the second router is associated with a backup default gateway. Both the primary and backup default gateways are connected to the ELAN and both the primary and backup default gateways are configured with a default gateway IP address and associated MAC address. Initially, the primary default gateway registers the default gateway MAC address, thereby becoming the active default gateway. While the primary default gateway is active, the backup default gateway continually attempts to register the default gateway MAC address.
    Type: Grant
    Filed: April 11, 1997
    Date of Patent: September 7, 1999
    Assignee: International Business Machines Corporation
    Inventors: Cedell Adam Alexander, Jr., John Lloyd, Matthew Blaze Squire
  • Patent number: 5909494
    Abstract: A pseudo-random bit generator using at least one N-round Feistel construction that uses random functions. A block of data is permuted and divided into a stream word and a modification word. The stream word is used to build the pseudo-random bitstream. The modification word is used to modify a selected element of a random function used in a Feistel construction. When a single Feistel construction is used, its random functions are dynamically changed by the modification words as they are generated. When a plurality of Feistel constructions are used, the random functions of a selected inactive construction are modified by modification words generated by an active construction. When all of the elements of all of the functions of the inactive construction have been modified, the active and inactive functions are exchanged.
    Type: Grant
    Filed: February 14, 1997
    Date of Patent: June 1, 1999
    Assignee: AT&T Corp.
    Inventor: Matthew A. Blaze
  • Patent number: 5870589
    Abstract: Provided are a method and system for achieving enhanced performance in communications involving one or more emulated networks overlaid onto at least one base network, where the emulation is performed by one or more network emulation servers-broadcast and unknown servers. The objects of the method and system are achieved via the following. Monitoring addresses of data transiting the one or more network emulation servers-broadcast and unknown servers where such monitored addresses are indicative of one or more functions provided by the one or more emulated networks. Tracking the monitored addresses. Comparing the tracked addresses, indicative of on or more functions provided by the one more emulated networks, with one or more prespecified thresholds indicative of monopolization of resources of the at least one emulated network.
    Type: Grant
    Filed: July 23, 1997
    Date of Patent: February 9, 1999
    Assignee: International Business Machines Corporation
    Inventors: Cedell Adam Alexander, Jr., John Kevin Frick, Matthew Blaze Squire, Edward Joel Rovner
  • Patent number: 5721777
    Abstract: A cryptographic module, such as a smartcard, is designed to a) store decrypting software programs, and information indicative of predetermined conditions under which an escrow agent is enabled to use the software programs stored on the module to decrypt encrypted data files, and b) records for audit purposes, information indicating every time the software programs are used for decryption.
    Type: Grant
    Filed: December 29, 1994
    Date of Patent: February 24, 1998
    Assignee: Lucent Technologies Inc.
    Inventor: Matthew A. Blaze
  • Patent number: 5696823
    Abstract: A cryptographic system enables a secure, but low-bandwidth, cryptographic module, such as a smartcard or PCMCIA device, to serve as a high-bandwidth secret-key encryption decryption engine which uses the processing power of an untrusted, but fast, host processor without revealing the secret key to that host processor.
    Type: Grant
    Filed: March 31, 1995
    Date of Patent: December 9, 1997
    Assignee: Lucent Technologies Inc.
    Inventor: Matthew A. Blaze
  • Patent number: 5574781
    Abstract: A communications system is arranged to route a database-queried call (900-number or 800-number call) to a subscriber (pay-per-call sponsor or 800-number customer), and to deliver to the subscriber information identifying the call as a database-queried call, as opposed to a switched-line or POTS call.
    Type: Grant
    Filed: December 8, 1994
    Date of Patent: November 12, 1996
    Assignee: AT&T
    Inventor: Matthew A. Blaze