Abstract: Secure network location awareness is provided whereby a client is able to use appropriate settings when communicating with an access node of a communications network. In an embodiment a client receives a signed message from the access node, the signed message comprising at least a certificate chain having a public key. In some embodiments the certificate chain may be only a self-signed certificate and in other embodiments the certificate chain is two or more certificates in length. The client validates the certificate chain and verifies the signature of the signed message. If this is successful the client accesses stored settings for use with the access node. The stored settings are accessed at least using information about the public key. In another embodiment the signed message also comprises a location identifier which is, for example, a domain name system (DNS) suffix of the access node.

Abstract: Sharing of user preferences is described. In an embodiment a user preference associated with a user is shared with a group of users in order to improve the relevance of results they receive. A database is used to store information detailing a number of groups of users extracted from a social network graph, where the social network graph describes connections between users. On receipt of a user preference associated with a user, a group of users containing the user is selected and the user preference is then shared with everyone in the selected group. In a further embodiment, the groups of users in the database may comprise cohesive groups of users and an extended group associated with each cohesive group. When selecting a group to share preference data with, a cohesive group containing the user is first selected and then the preference data is shared with the corresponding extended group.

Abstract: To allow down-level devices to participate in a network controlled by a protocol including CGAS or ECGAs, the CGA or ECGA authentication may be made optional to allow the down-level devices to execute non-CGA or non-ECGA versions of network protocols, while at the same time allowing the use of CGA- and/or ECGA-authenticated versions of the same protocols. To identify non-cryptographic addresses (e.g., non-CGA and non-ECGA), the address bits of a non-CGA or non-ECGA such that the address cannot be or is probably not an encoding of the hash of a public key. In this manner, a receiving node may properly identify the capabilities of the sending node, perform an appropriate authentication of the message containing the non-cryptographic address, and/or prioritize processing of information contained in the message with the non-cryptographic address.

Abstract: Dynamic host configuration protocol (DHCP) is extended in order to assist with secure network location awareness. In an embodiment a DHCP client receives a signed DHCP response message from a DHCP server, the signed message comprising at least a certificate chain having a public key. In that embodiment the DHCP client validates the certificate chain and verifies the signature of the signed message. If this is successful the DHCP client accesses stored settings for use with the server. The stored settings are accessed at least using information about the public key. In some embodiments signed DHCPOFFER messages and signed DHCPACK messages are used. In another embodiment the signed DHCP message comprises a location identifier which is, for example, a domain name system (DNS) suffix of a DHCP server.

Abstract: Sharing of user preferences is described. In an embodiment a user preference associated with a user is shared with a group of users in order to improve the relevance of results they receive. A database is used to store information detailing a number of groups of users extracted from a social network graph, where the social network graph describes connections between users. On receipt of a user preference associated with a user, a group of users containing the user is selected and the user preference is then shared with everyone in the selected group. In a further embodiment, the groups of users in the database may comprise cohesive groups of users and an extended group associated with each cohesive group. When selecting a group to share preference data with, a cohesive group containing the user is first selected and then the preference data is shared with the corresponding extended group.

Abstract: An extensible cryptographically generated network address may be generated by forming at least a portion of the network address as a portion of a first hash value. The first hash value may be formed by generating a plurality of hash values by hashing a concatenation of a public key and a modifier using a second hash function until a stop condition. The stop condition may include computing the plurality of hash values for a period of time specified by a time parameter. A second hash value may be selected from the plurality of hash values, and the modifier used to compute that hash value may be stored. A hash indicator may be generated which indicates the selected second hash value. The first hash value may be generated as a hash of a concatenation of at least the public key and the modifier. At least a portion of the node-selectable portion of the network address may include at least a portion of the first hash value.

Abstract: The hash extension technique used to generate an ECGA may be used to increase the strength of one-way hash functions and/or decrease the number of bits in any situation where some external requirement limits the number of hash bits, and that limit is below what is (or may be in the future) considered secure against brute-force attacks. For example, to decrease the length of human entered security codes (and maintain the same security), and/or to increase the strength of a human entered security code (and maintain the length of the security code), the security code may be generated and/or authenticated using an extended hash method.

Abstract: Secure network location awareness is provided whereby a client is able to use appropriate settings when communicating with an access node of a communications network. In an embodiment a client receives a signed message from the access node, the signed message comprising at least a certificate chain having a public key. In some embodiments the certificate chain may be only a self-signed certificate and in other embodiments the certificate chain is two or more certificates in length. The client validates the certificate chain and verifies the signature of the signed message. If this is successful the client accesses stored settings for use with the access node. The stored settings are accessed at least using information about the public key. In another embodiment the signed message also comprises a location identifier which is, for example, a domain name system (DNS) suffix of the access node.

Abstract: Dynamic host configuration protocol (DHCP) is extended in order to assist with secure network location awareness. In an embodiment a DHCP client receives a signed DHCP response message from a DHCP server, the signed message comprising at least a certificate chain having a public key. In that embodiment the DHCP client validates the certificate chain and verifies the signature of the signed message. If this is successful the DHCP client accesses stored settings for use with the server. The stored settings are accessed at least using information about the public key. In some embodiments signed DHCPOFFER messages and signed DHCPACK messages are used. In another embodiment the signed DHCP message comprises a location identifier which is, for example, a domain name system (DNS) suffix of a DHCP server.

Abstract: A secure router protocol yields a secure router advertisement for inclusion in binding updates between a mobile node and a correspondent node. Inclusion of the mobile node's home address or other security data relating to the mobile node's identity in the secure routing advertisement allows a correspondent node to verify the identity of the mobile node. Furthermore, inclusion of the advertising access router's subnet prefix and signatures allows a correspondent node to verify that the mobile node that sent the binding update is located at the subnet prefix.

Abstract: Disclosed is an authentication mechanism that provides much of the security of heavyweight authentication mechanisms, but with lower administrative and communicative overhead while at the same time not being limited to a 64-bit limit on the length of a cryptographic hash value. Removal of this limitation is achieved by increasing the cost of both address generation and brute-force attacks by the same parameterized factor while keeping the cost of address use and verification constant. The address owner computes two hash values using its public key and other parameters. The first hash value is used by the owner to derive its network address. The purpose of the second hash is to artificially increase that computational complexity of generating new addresses and, consequently, the cost of brute-force attacks. As another measure against brute-force attacks, the routing prefix (i.e., the non-node selectable portion) of the address is included in the first hash input.

Abstract: Many examples exist of a mobile node moving between the operational zones of multiple network access points or base stations. To minimize delay in re-authenticating with the network through a new base station, an additional form authenticated access mode called “credential authenticated” access is provided. The mobile unit is fully authenticated in the first base station (e.g., the user has logged in and paid for service). Thereafter, the first base unit transmits a “credential” to the mobile node that may be used by other base stations to establish trust with the mobile node prior to full re-authentication. Upon entering the operational zone of the second base station, the mobile node can transmit the credential to the second base station, which may accept the credential and allow access by the mobile node to the network through the second base station before full authentication has completed.

Abstract: Systems and methods for trustworthy enforcement of privacy enhancing technologies within a data processing system enable data processing systems to communicate a believable statement that privacy is being protected in a trustworthy fashion. The invention includes providing for trustworthy enforcement of privacy enhancing technologies by establishing a standardized scheme for a privacy certification and routine inspection of data processing systems implementing privacy enhancing technologies. The regime of certification and inspection may be coupled with other technologies such as cryptography, tamper-evident computing, and runtime security enforcement.

Abstract: The hash extension technique used to generate an ECGA may be used to increase the strength of one-way hash functions and/or decrease the number of bits in any situation where some external requirement limits the number of hash bits, and that limit is below what is (or may be in the future) considered secure against brute-force attacks. For example, to decrease the length of human entered security codes (and maintain the same security), and/or to increase the strength of a human entered security code (and maintain the length of the security code), the security code may be generated and/or authenticated using an extended hash method.

Abstract: To allow down-level devices to participate in a network controlled by a protocol including CGAS or ECGAs, the CGA or ECGA authentication may be made optional to allow the down-level devices to execute non-CGA or non-ECGA versions of network protocols, while at the same time allowing the use of CGA- and/or ECGA-authenticated versions of he same protocols. To identify non-cryptographic addresses (e.g., non-CGA and non-ECGA), the address bits of a non-CGA or non-ECGA such that the address cannot be or is probably not an encoding of the hash of a public key. In this manner, a receiving node may properly identify the capabilities of the sending node, perform an appropriate authentication of the message containing the non-cryptographic address, and/or prioritize processing of information contained in the message with the non-cryptographic address.

Abstract: An extensible cryptographically generated network address may be generated by forming at least a portion of the network address as a portion of a first hash value. The first hash value may be formed by generating a plurality of hash values by hashing a concatenation of a public key and a modifier using a second hash function until a stop condition. The stop condition may include computing the plurality of hash values for a period of time specified by a time parameter. A second hash value may be selected from the plurality of hash values, and the modifier used to compute that hash value may be stored. A hash indicator may be generated which indicates the selected second hash value. The first hash value may be generated as a hash of a concatenation of at least the public key and the modifier. At least a portion of the node-selectable portion of the network address may include at least a portion of the first hash value.

Abstract: Many examples exist of a mobile node moving between the operational zones of multiple network access points or base stations. To minimize delay in re-authenticating with the network through a new base station, an additional form authenticated access mode called “credential authenticated” access is provided. The mobile unit is fully authenticated in the first base station (e.g., the user has logged in and paid for service). Thereafter, the first base unit transmits a “credential” to the mobile node that may be used by other base stations to establish trust with the mobile node prior to full re-authentication. Upon entering the operational zone of the second base station, the mobile node can transmit the credential to the second base station, which may accept the credential and allow access by the mobile node to the network through the second base station before full authentication has completed.

Abstract: Disclosed is an authentication mechanism that provides much of the security of heavyweight authentication mechanisms, but with lower administrative and communicative overhead while at the same time not being limited to a 64-bit limit on the length of a cryptographic hash value. Removal of this limitation is achieved by increasing the cost of both address generation and brute-force attacks by the same parameterized factor while keeping the cost of address use and verification constant. The address owner computes two hash values using its public key and other parameters. The first hash value is used by the owner to derive its network address. The purpose of the second hash is to artificially increase that computational complexity of generating new addresses and, consequently, the cost of brute-force attacks. As another measure against brute-force attacks, the routing prefix (i.e., the non-node selectable portion) of the address is included in the first hash input.

Abstract: In telecommunications systems, the traffic can be protected from eavesdropping and the use of a false identity can be prevented by verifying the authenticity of the terminal equipment by means of an authentication procedure. Verifying the authenticity of the terminal equipment is especially important in the mobile communications systems. In the authentication procedure, the network checks the authenticity of the identity stated by the subscriber device. Additionally, the subscriber device can check the authenticity of the network identity. In the systems in accordance with prior art, the secret information required for making the authentication must be transferred via unsecure transfer networks and given to the visited networks. The information makes it possible to make unlimited number of authentications in an unlimited time.

Abstract: Many examples exist of a mobile node moving between the operational zones of multiple network access points or base stations. To minimize delay in re-authenticating with the network through a new base station, an additional form authenticated access mode called “credential authenticated” access is provided. The mobile unit is fully authenticated in the first base station (e.g., the user has logged in and paid for service). Thereafter, the first base unit transmits a “credential” to the mobile node that may be used by other base stations to establish trust with the mobile node prior to full re-authentication. Upon entering the operational zone of the second base station, the mobile node can transmit the credential to the second base station, which may accept the credential and allow access by the mobile node to the network through the second base station before full authentication has completed.