Cellular Telephone Cryptographic Authentication Patents (Class 380/247)
  • Patent number: 7620997
    Abstract: When an authenticated wireless computer loses connectivity to a wireless access point of a network and roams to another access point, the wireless computer (e.g., a hypervisor in the computer) determines whether the new access point is authorized for secure communication and if so, releases access to secure data on the network through the new access point.
    Type: Grant
    Filed: December 22, 2003
    Date of Patent: November 17, 2009
    Assignee: Lenovo (Singapore) Pte. Ltd.
    Inventors: David Carroll Challener, Daryl Carvis Cromer, Howard Jeffrey Locker, Hernando Ovies, Randall Scott Springfield
  • Patent number: 7620386
    Abstract: A method of establishing a collaborative domain among a plurality of communication terminals can include having a communication terminal authenticate one or more other communication terminals based on personal information, which can be stored on a removable memory card in the other terminals, and/or based on the geographic location of the other terminals. A first communication terminal can determine the geographic location of a second communication terminal and can authenticate the second communication terminal in response to both the determined geographic location and personal information defined in the second communication terminal. In response to the authentication by the first communication terminal, communication of user and/or program information, which is unrelated to authentication, is allowed between at least the first and second communication terminals.
    Type: Grant
    Filed: June 8, 2006
    Date of Patent: November 17, 2009
    Assignee: AT&T Intellectual Property I, LP
    Inventor: James Wood, III
  • Patent number: 7620183
    Abstract: According to the inventive method, a message is transmitted from an operating mobile radio network (NW2) to a terminal (MS1a) that identifies coding techniques (UEA-NW) supported by the operating mobile radio network in order to establish a connection between the terminal (MS1a) that supports a number (UEA-MS) of coding techniques and the operating mobile radio network (NW2). The terminal selects, if available, a coding technique (UEA) that is supported by the terminal and the operating mobile radio network (NW2), and the connection is operated using the coding technique selected by the terminal. If no coding technique is available that is supported by the terminal and the operating mobile radio network, the connection is operated uncoded only upon prior authorization.
    Type: Grant
    Filed: April 3, 2001
    Date of Patent: November 17, 2009
    Assignee: Siemens Aktiengesellschaft
    Inventor: Bart Vinck
  • Patent number: 7613446
    Abstract: A wireless mobile phone is equipped to operate in an unauthenticated and an authenticated mode of operation, depending on whether a user has been authenticated. In one embodiment, the wireless mobile phone includes a finger print reader to enable a user's finger print to be inputted and be used for authentication. In one embodiment, the finger print reader includes a light source and sensors, and having complementary logic to process emitted light reflected off a user's finger into an input finger print. The user is authenticated using the inputted finger print. In one embodiment, the finger print reader is integrated with a power on/off switch, which may be disposed on an end surface, a side surface or a front surface of the body of the phone.
    Type: Grant
    Filed: March 26, 2004
    Date of Patent: November 3, 2009
    Assignee: Varia, LLC
    Inventors: G. Eric Engstrom, Peter Zatloukal
  • Patent number: 7613448
    Abstract: A Web access providing system that allows a user to access a Web page as if he or she is making a telephone call. When a user terminal B sends out a service request S1 and an originating connection request S12, a connection notification S4 is sent to a user terminal A through local Mobile multimedia switching system (L-MMS 1) and a gateway mobile multimedia switching system (G-MMS 2). When receiving the connection notification 4, the user terminal A performs authentication. The authentication verifies whether the telephone number of the user terminal B is contained in a telephone directory of the user terminal A. After the authentication, the user terminal A outputs a connection communication response S5 to the G-MMS 2. The connection communication response S5 contains the URL of a Web page associated with the user terminal A. The L-MMS 1 receives the URL and outputs a connection request S7. Thus, the user terminal B can access and browse the Web page implemented by a Web server 3.
    Type: Grant
    Filed: December 5, 2003
    Date of Patent: November 3, 2009
    Assignee: NTT DoCoMo, Inc.
    Inventors: Toshinori Yanagisawa, Hiroyuki Yamamoto, Manabu Fujita, Katsutoshi Murata
  • Patent number: 7614078
    Abstract: A method and apparatus for authorizing an access requester to access a data communication network is provided. A determination is made that a threshold access control server cannot process an access request associated with the access requester. Access requester history data, or data that describes the access history for an access requester, is analyzed to obtain a threshold access level. A threshold access level is an expression of how likely that a particular access requester is a legitimate access requester. A session profile is selected for the access requester based on the threshold access level. The session profile indicates one or more actions the access requester is authorized to perform in the network. The session profile may subsequently be transmitted to the access requester to allow the access requester access to the network to the extent appropriate in view of the access requester history data.
    Type: Grant
    Filed: April 2, 2003
    Date of Patent: November 3, 2009
    Assignee: Cisco Technology, Inc.
    Inventor: Jeremy Stieglitz
  • Patent number: 7610039
    Abstract: An International Mobile Equipment Identification (IMEI) is coded and then stored in a user equipment (UE), wherein an authorized user is allowed to change the existing IMEI. When an IMEI is inputted, the UE generates a security code and stores the IMEI and the generated security code in a memory. Thereafter, if a second security code and IMEI is inputted, the UE determines whether the inputted security code is identical with the pre-stored security code. If the two security codes are identical with each other, the UE generates a third security code and stores the IMEI and the generated third security code. Thus, unauthorized IMEI storage is prevented. Accordingly, the IMEI coding method of the mobile UE can prevent unauthorized use of the UE while allowing the IMEI to be re-coded without hardware alteration.
    Type: Grant
    Filed: March 4, 2005
    Date of Patent: October 27, 2009
    Assignee: LG Electronics Inc.
    Inventor: Min-Gyo Kim
  • Patent number: 7606370
    Abstract: A system, method and computer program product are provided. In use, a key is distributed to a plurality of nodes of a wireless network for use in securing the nodes during use of the wireless network. Further, the key is automatically updated at the nodes in the wireless network based on predetermined criteria.
    Type: Grant
    Filed: February 21, 2006
    Date of Patent: October 20, 2009
    Assignee: McAfee, Inc.
    Inventors: Terrance L. Lillie, Christian Wiedmann, Robert Zeljko, Richard P. Sneiderman, Ulrich Wiedmann, Gigi C. Chu, Sean R. Lynch
  • Patent number: 7607013
    Abstract: A method for Access Authentication in the High Rate Packet Data Network is proposed in the present invention comprising steps of the AN-AAA receiving the Radius Access Request message sent from the HRPD AN; the AN-AAA judging whether a terminal is a roaming one according to the Network Access ID and transmits the roaming terminal's authentication information to the terminal's home nerwork. If said terminal is a local one, the AN-AAA judges the type of the terminal according to the NAI value. If said terminal is a single-mode one, the AN-AAA works out the Result2 with the MD5 algorithm. if said terminal is in dual-mode, the AN-AAA calculates the Result2 with the CAVE algorithm to compare the Result1 with the Result2.
    Type: Grant
    Filed: February 28, 2005
    Date of Patent: October 20, 2009
    Assignees: Samsung Electronics Co., Ltd, Beijing Samsung Telecom R&D Center
    Inventors: Weimin Liu, Huajun Cao, Guang Yang
  • Patent number: 7606557
    Abstract: Provided are a mobile communication terminal having a tag read function and a method of providing genuine product authentication service. The mobile communication terminal having the tag read function specifies an encryption key corresponding to an encryption key stored in the tag from its own plurality of encryption keys based on a signal received from the tag. The mobile communication terminal receives an encrypted product code or product information from the tag and decrypts the received product code or product code using an encryption key. Also, the mobile communication terminal outputs a result of decryption on a liquid crystal display (LCD) window or as beep sounds or voices.
    Type: Grant
    Filed: March 31, 2004
    Date of Patent: October 20, 2009
    Inventors: Mi Kyoung Park, Kwang Chul Hyun
  • Publication number: 20090257590
    Abstract: A secure removable card has electrical connections for communication therewith. The card comprises a first integrated circuit die, with the first die including a processor. The card has a second integrated circuit die, with the second die including a non-volatile memory for storing a secret key, and a controller for controlling the operation of the non-volatile memory. A bus connects the first die with the second die. The processor can generate a key pair, having a public key portion and a private key portion upon power up, and transfers the public key portion across the bus to the second die. The controller can receive the public key and encrypt the secret key with the public key to generate a first encrypted key, and can transfer the first encrypted key across the bus to the first die.
    Type: Application
    Filed: April 9, 2008
    Publication date: October 15, 2009
    Inventor: Zhimin Ding
  • Patent number: 7603697
    Abstract: A method and system for providing secure communications for transmitting data to and from a wireless device includes components that facilitate sending authentication-related data to a wireless device using a secure channel of a first protocol; and utilizing the authentication-related data to facilitate secure communications between the wireless device and an enhanced wireless service. The secure communications between the wireless device and the enhanced wireless service utilizes a second protocol.
    Type: Grant
    Filed: May 30, 2003
    Date of Patent: October 13, 2009
    Assignee: Cellco Partnership
    Inventors: Jerry Kupsh, Xuming Chen
  • Patent number: 7599681
    Abstract: Methods and apparatus for secure over-the-air (OTA) programming, and particularly, activation, of a wireless unit in a particular communications system. The unit stores a stored key having been generated by using a key algorithm (K-algorithm) with an identifier associated with the unit as an input to the K-algorithm. The unit may receive information such as parameters and a verification number from a communications system for the purpose of programming the unit. The verification number is generated by using an authorization algorithm (A-algorithm) having the parameters and a key as A-algorithm inputs. They key is generated by the K-algorithm having the identifier associated with the K-algorithm input. In response to the receipt of the parameters and the verification number, the wireless unit generates a trial verification number by using the A-algorithm with the parameters and the stored key as trial inputs. The unit compares the verification number to the trial verification number for a match.
    Type: Grant
    Filed: December 14, 2006
    Date of Patent: October 6, 2009
    Assignee: AT&T Intellectual Property I, L.P.
    Inventors: Charles M. Link, II, Stephen Thomas Hardin, Megan Koch Klenzak
  • Patent number: 7596699
    Abstract: An authentication process for authenticating a battery to a cellular telephone includes the step of receiving a challenge from the cellular telephone at the battery over a single wire conductor. In response to the challenge, the seed values are retrieved from the memory and a response is generated based upon the challenge and the seed values. The response is transmitted back to the cellular telephone from the battery over the single conductor so that a comparison with a similar response generated by the cellular telephone may be made.
    Type: Grant
    Filed: June 24, 2004
    Date of Patent: September 29, 2009
    Assignee: Intersil Americas Inc.
    Inventor: Chung Y. Kwok
  • Patent number: 7596368
    Abstract: A wireless network is connectable to an authentication server. Each access point in the wireless network includes a supplicant processing unit, an authenticator processing unit, and a function selector. When an access point is detected within communication range, the function selector selects either the supplicant processing unit or the authenticator processing unit. The selected unit operates to carry out or mediate an authentication protocol and establish a secure wireless link, protected by a pairwise encryption key, between the two access points. Because every access point can operate as either an authenticator or a supplicant, it is not necessary to invoke the services of a master authenticator. If an encryption key is compromised, the effect is limited and does not force the entire network to be shut down.
    Type: Grant
    Filed: February 16, 2006
    Date of Patent: September 29, 2009
    Assignee: Oki Electric Industry Co., Ltd.
    Inventors: Katsuhiko Yamada, Azuma Tsubota
  • Patent number: 7594274
    Abstract: By using a unique ID generated by considering the hardware characteristic of PC in PDA where an application program, etc. distributed based on PC is installed, it makes possible to generate and authenticate a virtual unique ID in PDA so as to authenticate drive of the application in PDA. As such, the file size of a distributed edition is small in its characteristic and it is difficult to have a protecting means such as security, etc. in view of the characteristic of device. Hence, illegal distribution is easy and a more certain solution is provided so as to prevent illegal copy of the application in PDA having a feasible characteristic in protecting copyright.
    Type: Grant
    Filed: February 25, 2003
    Date of Patent: September 22, 2009
    Assignee: Markany, Inc.
    Inventors: Jong-Won Kim, Jong-Uk Choi, Byung-Keun Jeon
  • Patent number: 7590741
    Abstract: A Gateway 3 receives mobile station data corresponding to a mobile station 2 from a switching center in a mobile packet communication network 1. The mobile station data may be communicated with a communication protocol such as Network Management Protocol (NWMP). Mobile station 2 transmits and receives user data, such as Hypertext Transfer Protocol (HTTP) data, in a protocol, such as HTTP, via gateway 3. In transmitting user data from mobile station 2 to a server 5, gateway 3 may add the mobile station data corresponding to mobile station 2 to the data. Mobile station 2 cannot falsify the mobile station data because the added mobile station data corresponds to identification data used in establishing a wireless connection between mobile station 2 and mobile packet communication network 1. As a result, server 5 may trust mobile station data added by gateway 3 to the user data transmitted from mobile station 2.
    Type: Grant
    Filed: July 24, 2002
    Date of Patent: September 15, 2009
    Assignee: NTT DoCoMo, Inc.
    Inventors: Hiromitsu Sumino, Hideharu Suzuki
  • Patent number: 7590843
    Abstract: A key exchange for a network architecture. A mobile node that roams over a foreign domain transmits a registration request to a home domain using the foreign domain. The identity of the mobile node within the registration request is encrypted. The home domain receives the registration request and decrypts the mobile node identity. The home domain generates a registration reply that includes encryption keys for encrypting information to be transmitted between and among the home domain, the foreign domain, and the mobile node.
    Type: Grant
    Filed: October 4, 2000
    Date of Patent: September 15, 2009
    Assignee: Nortel Networks Limited
    Inventors: Mohamed Khalil, Raja P. Narayanan, Haseeb Akhtar, Emad A. Qaddoura
  • Patent number: 7574198
    Abstract: The present invention prevents a third party's impersonation while wireless communication is established for security setting. An access point, which performs a security setting process for wireless communication with a wireless LAN terminal by means of wireless communication, receives a start instruction for the security setting process and wirelessly receives start instruction data that indicates the start of the security setting process. The security setting process is not performed if the start instruction data is received before the receipt of the start instruction. The security setting process is performed if the start instruction data is not received before the receipt of the start instruction.
    Type: Grant
    Filed: August 5, 2005
    Date of Patent: August 11, 2009
    Assignee: Buffalo Inc.
    Inventor: Takashi Ishidoshiro
  • Patent number: 7571317
    Abstract: A method for providing user notification signals in digital phone such as IP phones or cell phones that use encryption. In one embodiment, a digital phone receives an encrypted data packet. The phone determines that the encrypted data packet satisfies a criterion. The phone generates a user notification signal that is perceivable by a user of the phone in response to determining that the encrypted data packet does not satisfy the criterion. The user notification signal may comprise a tone, synthesized speech, or other signal that is audible in a handset or speaker of the phone. Alternatively, the user notification signal is visually displayed in an electronic display of the phone. The criterion may comprise a failure to authenticate one or more encrypted data packets that are provided to the phone in a secure protocol. The process may be performed at a voice gateway or cellular base station.
    Type: Grant
    Filed: September 11, 2002
    Date of Patent: August 4, 2009
    Assignee: Cisco Technology, Inc.
    Inventor: Jan Vilhuber
  • Patent number: 7570764
    Abstract: In a mobile communications system, a batch of sequence numbers is generated via an algorithm wherein each sequence number comprises a suffix and a prefix. The method comprises; calculating a new sequence number suffix from an existing sequence number suffix, calculating a prefix of a first new sequence number of the batch by addition to the prefix of the existing sequence number if the new suffix is not equal to a predetermined value or by a randomizing process if the new suffix is equal to said predetermined value, and calculating prefixes for the other sequence numbers of the batch by modular addition of integers to the prefix of said first new sequence number. The sequence numbers are used in the authentication procedure.
    Type: Grant
    Filed: June 20, 2002
    Date of Patent: August 4, 2009
    Assignee: Nortel Networks Limited
    Inventor: Anne Morgan
  • Patent number: 7564975
    Abstract: A system and method of controlling ciphering of call information between a mobile communication terminal and a network initiates the transmission of a ciphering request from the terminal to the network. The network then transmits a ciphering authentication request message to the terminal and the terminal responds by transmitting a ciphering authentication response message to the network. The network then transmits a ciphering activation completion message to the terminal in accordance with the ciphering authentication response message. A system and method for controlling deactivation of ciphering of call information initiates transmission of a ciphering deactivation request from the mobile terminal to the network. The network then performs the ciphering deactivation and transmits a ciphering deactivation completion message to the terminal. Through these systems and methods, the user terminal controls ciphering and deciphering of call information instead of the network.
    Type: Grant
    Filed: September 25, 2003
    Date of Patent: July 21, 2009
    Assignee: LG Electronics Inc.
    Inventor: Myung Dae Oh
  • Patent number: 7564825
    Abstract: A method of validated communication The present invention provides a method of validated communication between a mobile network node (MNN) and a correspondent node (CN) via at least a first mobile router (MR). The method is characterized by employing an extended return routability checking procedure (XRRP) wherein an MNN test initiation (MNNTI) message is sent by the MR, and a MNN test (MNNT) message is sent by the CN. This adds to the security of requiring the home and care-of addresses being consistent as noted previously in standard RRPs, by enabling the generation of binding update validation keys based on receipt on any or all of the three HoT, CoT and MNNT test messages. The method is further characterized by sending from the MR an extended binding update (XBU), comprising the MNN's address (MNNA). By extending the binding update to include the MNNA in this manner, validated CN/MNN route optimization can be achieved.
    Type: Grant
    Filed: January 24, 2006
    Date of Patent: July 21, 2009
    Assignee: Motorola, Inc.
    Inventors: Alexis Olivereau, Christophe Janneteau, Alexandru Petrescu
  • Patent number: 7565135
    Abstract: A method and apparatus for performing authentication in a communications system is provided. The method includes receiving a request for authentication from a server, the request for authentication including a first and a second random challenge, and comparing the first random challenge and the second random challenge. The method further includes denying the request for authentication in response to determining that the first random challenge is substantially the same as the second random challenge, and transmitting an encoded value to the server in response to determining that the first random challenge is different from the second random challenge, wherein the encoded value is generated based on the first and second random challenge and a key that is not shared with the server.
    Type: Grant
    Filed: September 26, 2006
    Date of Patent: July 21, 2009
    Assignee: Alcatel-Lucent USA Inc.
    Inventor: Sarvar M. Patel
  • Patent number: 7561691
    Abstract: A system and method for providing secured access of a mobile device is disclosed herein. Access to data included in the mobile device is permitted when the presence of an authentication device having the proper authentication information is received by the mobile device.
    Type: Grant
    Filed: November 12, 2001
    Date of Patent: July 14, 2009
    Assignee: Palm, Inc.
    Inventors: David C. Blight, Yoon Kean Wong
  • Patent number: 7561692
    Abstract: A method for authenticating a mobile terminal in a wireless network is disclosed. The method includes transmitting a request for authenticating the mobile terminal in that wireless network operative to provide services at a location where the mobile terminal is currently present, receiving the request at a base station associated with that wireless network, and determining an entity associated with the wireless network to be operative as a single authentication access entity for that mobile terminal, as long as the mobile terminal location remains within that wireless network and traffic is directed through any location associated with that wireless network.
    Type: Grant
    Filed: February 27, 2006
    Date of Patent: July 14, 2009
    Assignee: Alvarion Ltd.
    Inventors: Mark Altshuller, Oleg Marinchenco, Leonid Shousterman
  • Patent number: 7562221
    Abstract: A single sign-on technique allows multiple accesses to one or more applications or other resources using a proof-of-authentication module operating in conjunction with a standard authentication component. The application or other resource issues an authentication information request to the standard authentication component responsive to an access request from the user. The application or other resource receives, responsive to the authentication information request, a proof-of-authentication value from the standard authentication component, and authenticates the user based on the proof-of-authentication value. The standard authentication component interacts with the proof-of-authentication module to obtain the proof-of-authentication value. The proof-of-authentication module is configured to generate multiple proof-of-authentication values for authentication of respective access requests of the user.
    Type: Grant
    Filed: September 12, 2006
    Date of Patent: July 14, 2009
    Assignee: RSA Security Inc.
    Inventors: Magnus Nyström, Anders Rundgren, William M. Duane
  • Patent number: 7555285
    Abstract: A method (FIG. 3), corresponding call screening unit, and base station (FIG. 2), suitable for detecting cloned communication units (111 or 113), are operable to receive a first response message and a second response message (305); determine whether identification fields (ESNs, MINs) corresponding to the response messages are equivalent (307); and if so, assess whether message contents or message properties corresponding to the response messages are not correlated (311) thus indicating the response messages are from different communication units; and when not correlated, decide that one of the response messages corresponds to a cloned communication unit (313).
    Type: Grant
    Filed: August 25, 2005
    Date of Patent: June 30, 2009
    Assignee: Motorola, Inc.
    Inventors: Dean E. Thorson, Wayne A. Keels
  • Patent number: 7555781
    Abstract: A security component determines whether a request for a resource poses a security risk to a computing device and verifies the integrity of the requested resource before the request is allowed. For a request having arguments and a resource path with a filename that identifies the resource, the security component determines that the request does not pose a security risk if the resource path does not exceed a maximum number of characters, individual arguments do not exceed a maximum number of characters, the arguments combined do not exceed a maximum number of characters, and the filename has a valid extension. The security component verifies the integrity of a requested resource by formulating a descriptor corresponding to the resource and comparing the descriptor with a cached descriptor corresponding to the resource.
    Type: Grant
    Filed: March 10, 2006
    Date of Patent: June 30, 2009
    Assignee: Microsoft Corporation
    Inventors: Yehuda Feuerstein, Jared E. Pfost, Stephen J. Purpura
  • Patent number: 7551913
    Abstract: Methods and apparatus for providing personalized content to a user of a wireless network include establishing an anonymous user identifier and delivering the user identifier to a content provider. Based on the user identifier, communication with a predetermined data source is established or predetermined data content is selected. In some embodiments, a device identifier is provided in addition to the user identifier and device specific, personalized content is delivered to the user. In one example, a device identifier and a user identifier are based on a mobile station serial number and a subscriber identity module, respectively, and are used in an HTTP header. The anonymous user identifier can be based on a subscriber identity module (SIM) serial number, or a hash of the SIM serial number so that user information such as a user phone numbers is not available to content providers.
    Type: Grant
    Filed: December 5, 2001
    Date of Patent: June 23, 2009
    Assignee: AT&T Mobility II LLC
    Inventor: Herman Chien
  • Patent number: 7551915
    Abstract: A mobile node that is in communication with a correspondent node via a home agent initiates a process for establishing a route optimized mode of communication between the mobile node and the correspondent node. The mobile node sends a first initiating message to the home agent for delivery to the correspondent node and sends a second initiating message directly to the correspondent node. The mobile node secures the first initiating message by including an initiating-message authentication code that can be validated by the home agent or by an authentication server. The correspondent node responds by sending a first responsive message to the home agent for delivery to the mobile node and by sending a second responsive message directly to the mobile node. The home agent secures the first responsive message by adding a responsive-message authentication code that can be validated by the mobile node.
    Type: Grant
    Filed: April 24, 2006
    Date of Patent: June 23, 2009
    Assignee: Sprint Spectrum L.P.
    Inventors: Serge M. Manning, Charles Brent Hirschman, Mark A. Lipford
  • Patent number: 7542569
    Abstract: The invention concerns the security of the data connections of a telephone user. The basic idea of the invention is to forward the authentication of a telephone system to the leg between two private data networks connected via an arbitrating network. When establishing the connection, the private network connected to the telephone system forwards the authenticated subscriber identity to the other private network. To provide the identity forwarded with authenticity, the message containing the identity is signed. To provide encryption of the subscriber identity, the message is encrypted using a public key method. In response the second private network generates a session key to be used in the connection. This key is signed and encrypted using a public key method and sent to the first private network. During the connection, a symmetrical encryption method with the session key is used.
    Type: Grant
    Filed: May 17, 2000
    Date of Patent: June 2, 2009
    Assignee: Nokia Siemens Networks OY
    Inventor: Jussipekka Leiwo
  • Patent number: 7536173
    Abstract: Methods and apparatus for secure over-the-air (OTA) programming, and particularly, activation, of a wireless unit in a particular communications system. The unit stores a stored key having been generated by using a key algorithm (K-algorithm) with an identifier associated with the unit as an input to the K-algorithm. The unit may receive information such as parameters and a verification number from a communications system for the purpose of programming the unit. The verification number is generated by using an authorization algorithm (A-algorithm) having the parameters and a key as A-algorithm inputs. The key is generated by the K-algorithm having the identifier associated with the as K-algorithm input. In response to receipt of the parameters and the verification number, the wireless unit generates a trial verification number by using the A-algorithm with the parameters and the stored key as trial inputs. The unit compares the verification number to the trial verification number for a match.
    Type: Grant
    Filed: June 15, 1999
    Date of Patent: May 19, 2009
    Assignee: AT&T Intellectual Property I, L.P.
    Inventors: Charles M. Link, II, Stephen Thomas Hardin, Megan Koch Klenzak
  • Publication number: 20090122984
    Abstract: An system for and method of providing end-to-end encrypted real-time phone calls using a commodity mobile phone and without requiring service provider cooperation is presented. The system and method improve upon prior art techniques by omitting any requirement for mobile phones that are specially manufactured to include end-to-end encryption functionality.
    Type: Application
    Filed: December 5, 2007
    Publication date: May 14, 2009
    Applicant: KOOLSPAN, INC.
    Inventors: Anthony C. Fascenda, Emil Sturniolo, Paul Benware, Robert Cichielo
  • Patent number: 7532876
    Abstract: A reception intensity measuring unit measures a reception intensity of a radio wave received by a radio reception unit under control of a connection control unit. When it is judged that the reception intensity of the received radio wave is larger than a reception intensity set in advance, the reception intensity measuring unit controls a transmission intensity changing unit to lower a transmission intensity of a radio wave to be transmitted from a radio transmission unit. When the transmission intensity of the radio wave to be transmitted from the radio transmission unit is lowered by the transmission intensity changing unit, an authentication processing unit executes authentication processing with another apparatus via the radio reception unit and the radio transmission unit and controls an authentication data registering unit to register authentication data, which is obtained as a result of the authentication processing, in a memory.
    Type: Grant
    Filed: September 27, 2004
    Date of Patent: May 12, 2009
    Assignee: Sony Corporation
    Inventors: Kazuyuki Yamamoto, Shin Iima
  • Patent number: 7529371
    Abstract: Authentication of cellular telephone device by providing a first one-time pad cryptological table to a security server which has multiple sequenced One Time Pad value entries including a previous use indicator initialized as “unused”, and providing a second one-time pad cryptological table to an authentic device initially synchronized with the first table. A cloned copy of the second table is stored in an inauthentic cellular telephone device, these third table being initially synchronized with the second table. The authentic device selects an unused entry in the second table and transmits it to the server when requesting service. If the received entry matches a next sequential unused entry in the first table, the server grants service, and both server and authentic device mark that entry as used. If the received entry does not match a sequentially next unused entry in the first table, service is denied to the requesting device.
    Type: Grant
    Filed: April 22, 2004
    Date of Patent: May 5, 2009
    Assignee: International Business Machines Corporation
    Inventors: Yen-Fu Chen, John Hans Handy-Bosma, Jun Sawada, Mei Yang Selvage, Keith Raymond Walker
  • Patent number: 7526642
    Abstract: In order to enable a home network operator to also control the issuing of certificates to a roaming subscriber, first information indicating whether or not it is allowed to issue a certificate to the subscriber is maintained in the subscription information. The first information is checked in response to a subscriber's certificate request received from the subscriber and the certificate is generated and delivered to the subscriber only if certificate issuance is allowed.
    Type: Grant
    Filed: January 9, 2003
    Date of Patent: April 28, 2009
    Assignee: Nokia Corporation
    Inventors: Tuija Hurtta, Nadarajah Asokan, Philip Ginzboorg, Valtteri Niemi, Miikka Poikselkä, Timo M. Rantalainen
  • Publication number: 20090103728
    Abstract: In one embodiment, the method performed by mobile equipment to authenticate communication with a network includes generating keys using cellular authentication and voice encryption, and then generating an authentication key based on these keys. The authentication key is used to generate an expected message authentication code used in authenticating the network according to authentication and key agreement security protocol.
    Type: Application
    Filed: October 2, 2008
    Publication date: April 23, 2009
    Inventor: Sarvar Patel
  • Patent number: 7522728
    Abstract: A wireless device includes a data capture system, a radiant-energy data transmission system, and a steganographic encoder that hides a plural-bit auxiliary code within data captured by the data capture system prior to its transmission by the data transmission system. An illustrative system, operable with audio input data, is a cell phone that steganographically encodes a user's voice.
    Type: Grant
    Filed: January 6, 2000
    Date of Patent: April 21, 2009
    Assignee: Digimarc Corporation
    Inventor: Geoffrey B. Rhoads
  • Patent number: 7522727
    Abstract: A method includes receiving an authentication request from a mobile station (401) and determining whether to forward the request to an authentication agent. When it is determined to forward the request, the request is forwarded to the authentication agent (107). A random number and a random seed are received from the authentication agent (107). The random number and the random seed are forwarded to the mobile station (401). A response to the random number and the random seed from the mobile station (401) is received and forwarded to the authentication agent (107). The authentication agent (107) compares the response with an expected response. When the authentication agent (107) authenticates the mobile station (401), a derived cipher key is received from the authentication agent (107).
    Type: Grant
    Filed: August 31, 2006
    Date of Patent: April 21, 2009
    Assignee: Motorola, Inc.
    Inventors: Hans Christopher Sowa, Daniel J. McDonald, David J. Chater-Lea, Scott J. Pappas, Jason Johur, Dennis Newkirk, Randy Kremske, Walter F. Anderson
  • Patent number: 7515901
    Abstract: Mechanisms and techniques provide for authenticating devices in a network such as a Radio Frequency Identification (RFID) Network between control stations and one or more transceivers. A transceiver receives transceiver configuration information including a network address and transceiver authentication credentials and receives an authentication request from the control station. The transceiver applies authentication processing to request information within the authentication request in conjunction with the transceiver authentication credentials to produce an authentication response and transmits the authentication response to the control station to allow the control station to determine if the transceiver is authorized to communicate within the remote identification system.
    Type: Grant
    Filed: February 25, 2004
    Date of Patent: April 7, 2009
    Assignee: Sun Microsystems, Inc.
    Inventor: Murali P. Kaundinya
  • Publication number: 20090086971
    Abstract: Systems and/or methods of selectively terminating security in mobile networks are presented. User equipment (UE) can specify cipher termination location capabilities for encrypting/decrypting data packets to a base station in a mobile network. The mobile network can subsequently determine at which node in the network to terminate the cipher in part according to the capabilities provided and deliver the determined location to the UE. The determined cipher termination location can be provided in response to a request to initiate communications, the initial request can specify the capabilities. The UE can utilize the location to support disparate types of networks and to intelligently deal with hand-offs and other functions of the mobile network.
    Type: Application
    Filed: September 28, 2007
    Publication date: April 2, 2009
    Applicant: CISCO TECHNOLOGY, INC.
    Inventors: Mark Grayson, Vojislav Vucetic
  • Patent number: 7512234
    Abstract: Location data about a mobile entity (20) is provided in encrypted form by a location server (79) to a recipient that is one of the mobile entity (20) or a service system (40) usable by the mobile entity. The location data (P) is encrypted such that it can only to be decrypted using a secret available to a decryption entity (80) that is not under the control of the recipient. This permits location data (P) to be provided in a confidential manner to service systems (40) and also protects billing relationships between participants. A mechanism is also described for limiting the accuracy of decrypted location data (L) made available to a service system (40).
    Type: Grant
    Filed: March 23, 2001
    Date of Patent: March 31, 2009
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: James Thomas Edward McDonnell, Andrew Thomas, Michael P. Spratt, John Deryk Waters, Simon E. Crouch
  • Patent number: 7509675
    Abstract: Systems for the non-invasive monitoring of the effectiveness of a customer's electronic security services include a test generation engine for generating and launching a denatured attack towards a customer's network. A monitoring and evaluation agent is operatively coupled to the test generation engine and is adapted to monitor and evaluate the denatured attack. A recording and analysis engine is adapted to record and analyze the results of the denatured attack. Other systems and methods are also provided.
    Type: Grant
    Filed: May 29, 2002
    Date of Patent: March 24, 2009
    Assignee: AT&T Intellectual Property I, L.P.
    Inventor: Jeffrey A. Aaron
  • Publication number: 20090075630
    Abstract: Method and systems for protecting data on a mobile handset when remotely activated by a user involve encrypting the data using an encryption key, storing the encrypted data, and deleting the non-encrypted data along with the encryption key. Data may also be uploaded to a server to via a cellular data call for use in backing up the mobile handset. A mobile handset application configures the handset to receive activation commands from a server to encrypt, upload or download data. The encryption key is either received from the server or generated by the mobile handset and communicated to the server. Mock data files may be generated and stored on the mobile handset to enable handset applications to function normally after the data files have been encrypted.
    Type: Application
    Filed: September 18, 2007
    Publication date: March 19, 2009
    Inventor: Ivan H. MCLEAN
  • Patent number: 7505597
    Abstract: A communications arrangement that provides multiple levels of security is described. In one embodiment, a plurality of seedable code generators is configured to generate different sets of codes. A plurality of CDMA encoders are respectively coupled to the code generators, and each encodes input data using the set of codes generated by the coupled code generator. A plurality of CDMA decoders are similarly arranged for decoding input data. A node controller provides respective input seeds to the code generators and provides respective sets of codes from the code generators to paired encoders and decoders. An interconnect combines encoded data from the encoders into an output signal and transmits the output signal. An input signal received by the interconnect interface is provided to each decoder.
    Type: Grant
    Filed: March 17, 2004
    Date of Patent: March 17, 2009
    Assignee: Lockheed Martin Corporation
    Inventors: Rick C. Stevens, Nagarajan M. Rao
  • Publication number: 20090067628
    Abstract: Various advantageous arrangements for use with the proposed SAE/LTE or 4G mobile telecommunications system are disclosed. An arrangement for allowing a mobile terminal/UE (1) to transmit data packets to duplicate access points (5) is disclosed. An IP combiner (20) receives the duplicate data packets from the respective access points (5), together with quality indicators, and determines which data packet should be passed onwardly to the network. An arrangement is also disclosed which allows a particular MME (7) (corresponding to the 3G SGSN) to be selected for a particular access point (5). A particular MME may be selected depending on various criteria, such as to distribute the load evenly between the MMEs (7) of the network or to take a particular MME (7) out of service temporarily in a managed manner. Further, an arrangement is disclosed which enables the more rapid establishment of the user plane bearer between the mobile terminal/UE (1) and the network.
    Type: Application
    Filed: April 26, 2006
    Publication date: March 12, 2009
    Applicant: VODAFONE GROUP PLC
    Inventors: Christopher Pudney, David Fox, Peter Howard
  • Patent number: 7503066
    Abstract: A deactivation method is for a system including a communication terminal, a secure device, and a management apparatus. An identification number and communication identification code are notified to the management apparatus while the secure device is attached to the communication terminal. The management apparatus holds the identification number and the communication identification code by correlating them, acquires an identification number of a secure device to be deactivated, when instructed to deactivate the secure device by an authentic owner of a right to use the secure device, extracts the communication identification code in accordance with the identification number, and transmits the deactivation authentication code to an apparatus identified by the extracted communication identification code. If the communication terminal receives the deactivation authentication code while the secure device is attached to it, the secure device is deactivated.
    Type: Grant
    Filed: April 15, 2003
    Date of Patent: March 10, 2009
    Assignee: Panasonic Corporation
    Inventors: Makoto Tatebayashi, Natsume Matsuzaki
  • Patent number: 7499547
    Abstract: A system and method of security authentication and key management scheme in a multi-hop wireless network is provided herein with a hop-by-hop security model. The scheme adapts the 802.11r key hierarchy into the meshed AP network. In this approach, a top key holder (R0KH) derives and holds the top Pairwise Master Key (PMK—0) for each supplicant wireless device after the authentication process. All authenticator AP take the level one key holder (R1KH) role and receive the next level Pairwise Master Key (PMK—1) from R0KH. The link level data protection key is derived from PMK—1 via the 802.11i 4-way handshaking.
    Type: Grant
    Filed: September 7, 2006
    Date of Patent: March 3, 2009
    Assignee: Motorola, Inc.
    Inventors: Heyun Zheng, Charles R. Barker, Jr., Amit Gandhi, Keith J. Goldberg, Samer S. Hanna, Surong Zeng
  • Patent number: RE40791
    Abstract: In the method and the arrangement for checking the authenticity of a first communication subscriber in a communications network, a first fault information item is formed in the first communication subscriber using a fault detection data item of the first communication subscriber and an information item relating to a random data item. In a second communication subscriber in the communications network, a second fault information item is formed using a fault detection data item of the second communication subscriber and the information relating to the random data item. The authenticity of the first communication subscriber is checked using the first fault information and the second fault information.
    Type: Grant
    Filed: May 31, 2000
    Date of Patent: June 23, 2009
    Assignee: Siemens Aktiengesellschaft
    Inventors: Jorge Cuellar, Guenther Horn