Synchronization Patents (Class 380/244)
  • Patent number: 9712528
    Abstract: Multiple authentication procedures enhance security of Internet transactions. For example, a request is received from a customer to access a service. A first authentication request is sent to the customer for first authentication information. A second authentication request may be sent to the customer for second authentication information. The method then enables the customer to proceed with accessing the service if the second authentication information is received.
    Type: Grant
    Filed: May 31, 2016
    Date of Patent: July 18, 2017
    Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.
    Inventor: Christopher P. Gilboy
  • Patent number: 9678895
    Abstract: Embodiments of techniques and systems associated with roots-of-trust (RTMs) for measurement of virtual machines (VMs) are disclosed. In some embodiments, a computing platform may provide a virtual machine RTM (vRTM) in a first secure enclave of the computing platform. The computing platform may be configured to perform an integrity measurement of the first secure enclave. The computing platform may provide a virtual machine trusted platform module (vTPM), for a guest VM, outside the first secure enclave of the computing platform. The computing platform may initiate a chain of integrity measurements between the vRTM and a resource of the guest VM. Other embodiments may be described and/or claimed.
    Type: Grant
    Filed: May 29, 2015
    Date of Patent: June 13, 2017
    Assignee: Intel Corporation
    Inventor: Mark E. Scott-Nash
  • Patent number: 9665722
    Abstract: Embodiments of the invention relate to systems and methods for providing an anonymization engine. One embodiment of the present invention relates to a method comprising receiving a message directed at a recipient computer located outside a secure area by a privacy computer located within a secure area. The privacy computer may identify private information using a plurality of privacy rules and anonymize the message according to the plurality of privacy rules. Another embodiment may be directed to a method comprising receiving a request for sensitive data from a requesting computer. An anonymization computer may determine a sensitive data record associated with the request and may anonymize the sensitive data record by performing at least two of: removing unnecessary sensitive data entries from the sensitive data record, masking the sensitive data entries to maintain format, separating the sensitive data entries into associated data groupings, and de-contexting the data.
    Type: Grant
    Filed: August 12, 2013
    Date of Patent: May 30, 2017
    Assignee: Visa International Service Association
    Inventors: Sekhar Nagasundaram, Selim Aissi
  • Patent number: 9619667
    Abstract: The described embodiments relate to methods, systems, and products for providing data protection and encryption on a plurality of devices configured for electronic communication with a server. Specifically, the methods, systems, and products can automatically and securely synchronize a user's file encryption/decryption keys across a plurality of devices, authenticating the user on each device before receiving and processing information from the server necessary to recreate the user's file encryption/decryption keys.
    Type: Grant
    Filed: June 12, 2015
    Date of Patent: April 11, 2017
    Assignee: BICDROID INC.
    Inventors: En-Hui Yang, Xiang Yu, Jin Meng
  • Patent number: 9380045
    Abstract: A method and apparatus for providing authentication are disclosed. For example, the method receives a request from a customer to access a service via a first user endpoint device, and sends a first authentication request to the customer for first authentication information. The method then sends a second authentication request to the customer for second authentication information via a second user endpoint device if the first authentication information is received, wherein the first user endpoint device is different from the second user endpoint device. The method then enables the customer to proceed with accessing the service if the second authentication information is received.
    Type: Grant
    Filed: September 15, 2014
    Date of Patent: June 28, 2016
    Assignee: AT&T INTELLECTUAL PROPERTY I, L.P.
    Inventor: Christopher P. Gilboy
  • Patent number: 8948385
    Abstract: An electronic document encrypting system 200, for accomplishing an object of providing a system capable of distributing an electronic document containing important information with a browsing restriction being set and information with none of the browsing restriction being set without removing the important information, includes: an encryption area extracting unit 19 extracting an encryption target area from an electronic document; a digital image generating unit generating a digital image on the basis of the area extracted by the encryption area extracting unit in the electronic document; an encrypting unit 11 encrypting the digital image generated by the digital image generating unit 15 on the basis of an encryption key; and an encrypted electronic document generating unit 12 generating an encrypted electronic document in which when the electronic document is output, in place of the extracted information, an encrypted image encrypted by the encrypting unit 11 is output to an area to which the information ex
    Type: Grant
    Filed: May 31, 2007
    Date of Patent: February 3, 2015
    Assignee: PFU Limited
    Inventors: Hitoshi Yoshio, Seishi Sanada
  • Patent number: 8897453
    Abstract: In accordance with an example embodiment of the present invention, a first bit sequence of a first length is assigned to a first group of signaling bits. Further, a second bit sequence of a second length is assigned to a second group of signaling bits. The first bit sequence is scrambled with a first scrambling sequence, and the second bit sequence is scrambled with a second scrambling sequence different from the first scrambling sequence. A first and a second orthogonal frequency-division multiplexing (OFDM) symbol are assigned to the first and the second scrambled bit sequences respectively, and the first and second orthogonal frequency-division multiplexing (OFDM) symbols are transmitted as synchronization symbols of a data frame. Further, a corresponding method for receiving the data frame, and apparatuses for transmission and reception are disclosed.
    Type: Grant
    Filed: August 10, 2010
    Date of Patent: November 25, 2014
    Assignee: Nokia Corporation
    Inventor: Miika Tupala
  • Patent number: 8824686
    Abstract: Apparatus and method for synchronizing encryption keys among a cluster of security appliances and stand alone lifetime key management, LKM, appliances. The cluster includes security appliances where new encryption keys are generated and assigned to an SNS ID with an SNS CTR (counter). The security appliances inside a cluster have local sequence counters and share their keys. One security appliance is a coordinator with which the LKMs will synchronize. Each LKM also has a SNS ID and local sequence counter from which increasing sequence numbers are generated. In each security appliance in a cluster, the up-to-date stored sets of keys are organized with respect to SNS IDs and SNS CTRs associated with the other cluster members. The object keys are stored in the SNS space and a peer map associates a given peer with a given SNS ID, and version numbers are assigned and incremented when a key is modified.
    Type: Grant
    Filed: April 27, 2007
    Date of Patent: September 2, 2014
    Assignee: NetApp, Inc.
    Inventors: Hiroshi Ishii, Hristo Bojinov, Ananthan Subramanian
  • Patent number: 8719945
    Abstract: A method for capturing a user's view of an electronic screen having an error message in a health management application without showing private information of the user includes receiving an error message from a web service responding to a request for a web page by the user. The method includes receiving an electronic file of the web page with the error message, redacting private information of the user from the electronic file to create a redacted electronic file, and storing the redacted electronic file in a support log module.
    Type: Grant
    Filed: February 20, 2012
    Date of Patent: May 6, 2014
    Assignee: Roche Diagnostics Operations, Inc.
    Inventors: Daniel P. Birtwhistle, Robert E. Reinke
  • Patent number: 8621646
    Abstract: A method and system for authenticating a user receiving device to communicate with a partner service device includes a primary service provider. A user receiving device generates a request for a first encrypted token. The user receiving device communicates the request for the first encrypted token to an authentication web service of the primary service provider. The authentication web service generates the first encrypted token. The primary service provider communicates the first encrypted token to the user receiving device. The user receiving device communicates the first encrypted token to the partner service provider. The partner service provider communicates data to the user receiving device after receiving the first encrypted token.
    Type: Grant
    Filed: December 19, 2007
    Date of Patent: December 31, 2013
    Assignee: The DIRECTV Group, Inc.
    Inventor: Kapil Chaudhry
  • Patent number: 8582767
    Abstract: A self-synchronizing cryptographic device can be shared among a plurality of communications links. Blocks of data can be transferred to the cryptographic device, wherein each block of data includes a head portion which is the tail portion of a previous block of data for the same communication link. The head/tail portion is sufficient to reestablish cryptographic synchronization of the cryptographic device.
    Type: Grant
    Filed: September 27, 2010
    Date of Patent: November 12, 2013
    Inventors: Charles C. Hardy, Thomas R. Giallorenzi, Jami R. Smith, Ralph E. Carson, Scott A. Jansa
  • Patent number: 8533852
    Abstract: A method and system for authenticating a partner service provider and a primary service provider includes a network and, a partner service provider generating a request for a first encrypted token from a partner service provider and communicating the request to the network. An authentication web service receives the request for the first encrypted token from the network and generates the first encrypted token. The partner service provider generates a request for data with the first encrypted token and communicates the request for data to the network. A data web service receives the request for data and communicates the request for data from the data web service to the authentication web service. The authentication web service validates the request for data and communicates a validation result to the data web service. The data web service communicates data to the partner service provider from the data web service after validating.
    Type: Grant
    Filed: December 19, 2007
    Date of Patent: September 10, 2013
    Assignee: The DIRECTV Group, Inc.
    Inventor: Kapil Chaudhry
  • Patent number: 8453251
    Abstract: A system and method is set forth for communicating between a user network device, a partner service provider, a primary service provider and a user network device. The user network device initiates an account set-up page from the partner service provider, provides primary service account data in response to the account setup page and communicates the primary service account data to the primary service provider setup web service. The primary service provider validates the primary service account data and generates an encrypted token in response to validating the primary service account data. The user network device generates a request for data through a partner service provider. The partner service provider communicates the request for data with the encrypted token to the primary service provider. The primary service provider validates the request for data at the authentication web service and communicates data to the client device from a data web service through the partner service provider after validating.
    Type: Grant
    Filed: December 19, 2007
    Date of Patent: May 28, 2013
    Assignee: The DIRECTV Group, Inc.
    Inventor: Kapil Chaudhry
  • Patent number: 8447035
    Abstract: A method of displaying an image includes generating a contract in the display engine, transferring the contract to the memory controller before the end of a sweep, generating a contract amendment in response to changes in the display engine, transferring the contract amendment to the memory controller, making a decision whether the contract amendment can be processed, fetching data from the memory controller according to the contract incorporating the contract amendment if the decision is that the contract amendment can be processed, sending the fetched data to the display engine in an isochronous stream; and processing the fetched data using the display engine.
    Type: Grant
    Filed: April 5, 2012
    Date of Patent: May 21, 2013
    Assignee: NVIDIA Corporation
    Inventors: Duncan A. Riach, Brijesh Tripathi
  • Patent number: 8438633
    Abstract: Systems and methods for authenticating access to multiple data stores substantially in real-time are disclosed. The system may include a server coupled to a network, a client device in communication with the server via the network and a plurality of data stores. The server may authenticate access to the data stores and forward information from those stores to the client device. An exemplary authentication method may include receipt of a request for access to data. Information concerning access to that data is stored and associated with an identifier assigned to a client device. If the identifier is found to correspond to the stored information during a future request for access to the store, access to that store is granted.
    Type: Grant
    Filed: December 18, 2006
    Date of Patent: May 7, 2013
    Assignee: Seven Networks, Inc.
    Inventors: Ari Backholm, Parvinder Sawney
  • Patent number: 8320565
    Abstract: The present invention relates to a method of generating a downlink frame. The method of generating the downlink frame includes: generating a first short sequence and a second short sequence indicating cell group information; generating a first scrambling sequence and a second scrambling sequence determined by the primary synchronization signal; generating a third scrambling sequence determined by the first short sequence; scrambling the first short sequence with the first scrambling sequence and scrambling the second short sequence with the second scrambling sequence and the third scrambling sequence; and mapping the secondary synchronization signal that includes the scrambled first short sequence and the scrambled second short sequence to a frequency domain.
    Type: Grant
    Filed: June 19, 2009
    Date of Patent: November 27, 2012
    Assignee: Electronics and Telecommunications Research Institute
    Inventors: Kap Seok Chang, Il Gyu Kim, Hyeong Geun Park, Young Jo Ko, Hyo Seok Yi, Chan Bok Jeong, Young Hoon Kim, Seung Chan Bang
  • Patent number: 8316231
    Abstract: Methods, systems, and products are disclosed for specifying a signature for an encrypted packet stream. One method receives the encrypted stream of packets, and encryption obscures the contents of a packet. A signature for insertion into the stream of packets is specified, and the signature identifies a type of data encrypted within the stream of packets. The signature identifies the contents of the packet despite the encryption obscuring the contents.
    Type: Grant
    Filed: November 10, 2008
    Date of Patent: November 20, 2012
    Assignee: AT&T Intellectual Property I, L.P.
    Inventors: Jeffrey A. Aaron, Edgar Vaughan Shrum, Jr.
  • Patent number: 8295482
    Abstract: An image scanning system includes an image scanner and a terminal device connected with the image scanner. The terminal device accepts a password, stores an image encryption key, encrypts the image encryption key with the password, sends the encrypted image encryption key to the image scanner, receives image data encrypted from the image scanner, and decrypts the image data encrypted using one of the image encryption key and an image decryption key corresponding to the image encryption key. The image scanner receives the encrypted image encryption key from the terminal device, accepts a password, decrypts the encrypted image encryption key with the password, performs document scanning to create image data, encrypts the image data using the image encryption key decrypted, and sends the image data encrypted to the terminal device.
    Type: Grant
    Filed: September 14, 2009
    Date of Patent: October 23, 2012
    Assignee: Brother Kogyo Kabushiki Kaisha
    Inventor: Kiyotaka Ohara
  • Patent number: 8184812
    Abstract: A secure computing device (14) includes a secure processing section (30) having a tamper detection circuit (58) and a monotonic counter (68). The tamper detection circuit (58) detects an event which suggests that the trust associated with the secure processing section (30) may have been compromised. When such an event is detected, a security breach is declared and trusted software (38) is disabled. After a security breach is declared, the monotonic counter (68) may be reclaimed. The monotonic counter (68) provides a monotonic count value (70) that includes an LSB portion (80) and an MSB portion (82). The LSB portion (80) is obtained from a binary counter (72). The MSB portion (82) is obtained from a register (84) of independent one-time-programmable bits. The monotonic counter (68) is reclaimed by programming one of the one-time programmable bits to guarantee that future counting of the monotonic counter will be monotonic relative to all past counting.
    Type: Grant
    Filed: June 3, 2009
    Date of Patent: May 22, 2012
    Assignee: Freescale Semiconductor, Inc.
    Inventors: Evgeni Margolis, Thomas E. Tkacik
  • Patent number: 8155316
    Abstract: A method of displaying an image includes generating a contract in the display engine, transferring the contract to the memory controller before the end of a sweep, generating a contract amendment in response to changes in the display engine, transferring the contract amendment to the memory controller, making a decision whether the contract amendment can be processed, fetching data from the memory controller according to the contract incorporating the contract amendment if the decision is that the contract amendment can be processed, sending the fetched data to the display engine in an isochronous stream; and processing the fetched data using the display engine.
    Type: Grant
    Filed: February 26, 2007
    Date of Patent: April 10, 2012
    Assignee: NVIDIA Corporaton
    Inventors: Duncan A. Riach, Brijesh Tripathi
  • Patent number: 8112812
    Abstract: In a recording medium, a device administration program for making a computer execute the following steps using a usage restriction definition file is recorded. The usage restriction definition file is capable of defining at least one administration function among a plurality of administration functions of a device and includes a device password for obtaining an authentication of the device. The steps comprises a step of reading a usage availability definition information of the administration functions and the device password from the usage restriction definition file, a step of transmitting the read device password to the device, a step of recognizing usage availabilities of a plurality of administration functions of the device based on the read definition information, and a step of executing processing for using only usage available administration function based on the recognized results.
    Type: Grant
    Filed: May 18, 2006
    Date of Patent: February 7, 2012
    Assignee: Konica Minolta Business Technologies, Inc.
    Inventor: Akira Murakawa
  • Patent number: 7747017
    Abstract: A communication system provides a clear channel link for transport of encrypted payload across a network of the communication system. When a source access network receives, via an air interface, a frame that is formatted pursuant to an air interface protocol and that comprises encrypted payload, the source access network demultiplexes the frame to separate the encrypted payload and assembles an Intersystem Link Protocol (ISLP) frame that comprises the encrypted payload. The source access network adds a link layer header to the ISLP frame that identifies one or more of frame type information and a sequence value associated with the frame and conveys the ISLP frame and added header across the network, for example, to a destination access network. Based on the added header, the source and destination access networks are able to perform clear channel synchronization.
    Type: Grant
    Filed: November 30, 2005
    Date of Patent: June 29, 2010
    Assignee: Motorola, Inc.
    Inventors: Matthew F. Valentine, John D. Brophy, Michael J. Kirk, Harn-Jier Lin, Lee M. Proctor, Christopher R. Schmidt
  • Patent number: 7668314
    Abstract: An encrypted data communication system for communicating an encrypted stream as an encrypted data stream from a device at transmitting end to a device at receiving end to suppress the effect of an erroneous detection of a dummy code is disclosed. A device at transmitting end generates a data stream having the bit sequence of a marker for determination, a synchronization marker and a location identification code after the data, encrypts the bit sequence of the data and the marker for determination and transmits the encrypted stream. A device at receiving end receives the encrypted stream, detects the bit sequence of the synchronization marker and the location identification code and decrypts the encrypted stream. In the case where the bit sequence of the data and the marker for determination is decrypted, the detection of the valid bit sequence is determined, while the detection of a dummy bit sequence is determined otherwise.
    Type: Grant
    Filed: February 27, 2006
    Date of Patent: February 23, 2010
    Assignee: Hitachi Kokusai Electric, Inc.
    Inventors: Munemitsu Kuwabara, Sumie Nakabayashi
  • Patent number: 7293292
    Abstract: A method and system of selectively and securely enabling an added or premium functionality in a printer can be created by transmitting or inputting to the printer an electronic key correlated to the unique serial number stored in that printer. In this way, the key used to activate an added or premium functionality in a particular printer cannot be used to activate the same functionality in any other printer. This prevents the unauthorized activation of added or premium functions in other printers.
    Type: Grant
    Filed: September 19, 2001
    Date of Patent: November 6, 2007
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Stephen L. Testardi, Joseph Savola, Virginia K. Capps
  • Patent number: 7280662
    Abstract: A satellite-based digital audio radio (SDAR) receiver is configured to temporarily store data that may be transmitted to the SDAR receiver at a time inconvenient to the subscriber. A memory arrangement buffers data output by a channel decoder. The SDAR receiver can use the buffered data prior to using any currently transmitted data. The buffered data is associated with buffered timing information that lags behind the current timing information associated with the currently transmitted data. The buffered data is available for use only once before a decryption subsystem receives the current timing information. If the subscriber uses the currently transmitted data, the decryption subsystem receives the current timing information. The decryption subsystem decrypts only data that is associated with timing information that is no earlier than the latest timing information received by the decryption subsystem.
    Type: Grant
    Filed: November 3, 2003
    Date of Patent: October 9, 2007
    Assignee: Delphi Technologies, Inc.
    Inventors: Glenn A. Walker, Jerral A. Long, William E. Dyson
  • Patent number: 7133525
    Abstract: Encryption and decryption sites are initially assigned identical one time Vernam like pads, (OTP), and each site is provided with identical compendiums of byte modifying instructions identified by instruction IDs. Encryption is implemented by a random first subset of instructions applied to the current OTP to generate a new OTP. A second subset of random instructions is applied to the message for encryption. The list of IDs of the first subset of instructions is XORed with the current OTP. The list of IDs of the second subset of instructions and the encrypted message are each XORed with the new OTP and all XORed outputs are concatenated into the payload. Decryption is implemented by applying the encryption steps to the payload in reverse order to recover the message and new OTP. A secure, new OTP is therefore available both at the encryption and decryption sites without having been transmitted.
    Type: Grant
    Filed: February 4, 2003
    Date of Patent: November 7, 2006
    Assignee: Communication Security Apparatus Corp.
    Inventors: Neal J. DeGregorio, Daniel R. Seeley
  • Patent number: 6317838
    Abstract: A method and architecture allowing a remote user, especially an Internet remote user, to securely access private resources protected by a firewall. The architecture comprises a computer facility and many remote user terminals connected via the Internet. The computer facility comprises a security server that controls a security database. The firewall comprises a centralized security means, which is under the control of a security server and is arranged to authenticate remote users and to provide a security profile describing all resources a user may access with a single sign-on data during a single session. A user's terminal further includes a device to generate one-time passwords and the computer includes a device to decode the passwords. The accessed resources may be servers or logical units acceded though protocols having a notion of authentication.
    Type: Grant
    Filed: April 29, 1998
    Date of Patent: November 13, 2001
    Assignee: Bull S.A.
    Inventor: Eric Baize
  • Patent number: RE38739
    Abstract: A facsimile apparatus is provided with changeover means that makes it possible to pass signals through or to bypass a coder, which encrypts transmission information, and a decoder, which decodes encrypted information that has been received. Whether or not a facsimile apparatus belonging to another party has an encrypting/decoding processing function is verified by a pre-procedure signal. If the other party's apparatus possesses an encrypting/decoding processing function, control is performed in such a manner that encrypting/decoding processing is applied solely to an image signal and a training-check signal transmitted before transmission/reception of the image signal, and encrypting/decoding processing is not applied to a procedure signal which accompanies transmission reception transmission/reception of the image signal.
    Type: Grant
    Filed: April 16, 1998
    Date of Patent: May 31, 2005
    Assignee: Canon Kabushiki Kaisha
    Inventor: Shigeo Miura