Cellular Telephone Cryptographic Authentication Patents (Class 380/247)
  • Patent number: 9215591
    Abstract: A method, computer readable medium and apparatus for obtaining cellular network load information in a secure manner are disclosed. For example, the method receives the cellular network load information, where the cellular network load information is encrypted. The method then decrypts the cellular network load information using a decryption key and performs a task responsive to the network load information that is decrypted.
    Type: Grant
    Filed: December 6, 2012
    Date of Patent: December 15, 2015
    Assignee: AT&T Intellectual Property I, L.P.
    Inventors: Farooq Bari, Zhi Cui
  • Patent number: 9215593
    Abstract: Methods and systems are provided that use smartcards, such as subscriber identity module (SIM) cards to provide secure functions for a mobile client. One embodiment of the invention provides a mobile communication network system that includes a mobile network, a mobile terminal, a server coupled to the mobile terminal via the mobile network, and a subscriber identity module (SIM) card coupled to the mobile terminal. The SIM card includes a first key and a second key. The first key is used to authenticate an intended user of the mobile terminal to the mobile network. Upon successful authentication of the intended user to the mobile network, the mobile terminal downloads a function offered from the server through the mobile network. The second key is then used by the mobile terminal to authenticate the intended user to the downloaded function so that the intended user can utilize the function.
    Type: Grant
    Filed: May 14, 2013
    Date of Patent: December 15, 2015
    Inventors: Edward H. Frank, Mark Buer, Jeyhan Karaoguz
  • Patent number: 9203846
    Abstract: A user may access a subscription-based service via a system comprising one or more devices with one or more separate domains where each domain may be owned or controlled by one or more different local or remote owners. Each domain may have a different owner, and a remote owner offering a subscription-based service may have taken ownership of a domain, which may be referred to as a remote owner domain. Further, the user may have taken ownership of a domain, which may be referred to as a user domain. In order for the user to access the subscription-based service, registration and credential roll-out may be needed. An exemplary registration and credential roll-out process may comprise registration of the user, obtaining credentials from the remote owner and storing the credentials.
    Type: Grant
    Filed: October 15, 2010
    Date of Patent: December 1, 2015
    Assignee: InterDigital Patent Holdings, Inc.
    Inventors: Louis J. Guccione, Inhyok Cha
  • Patent number: 9159187
    Abstract: Systems and methods for verifying user identity in a virtual environment are provided that may include periodic transmitting/monitoring of biometric data and geographic location data. Integrated systems may include anti-tamper devices that automatically delete biometric data in the event if tampering and/or power loss. Thus, the present invention helps to prevent tampering with player identity information, as well as helping to prevent access by a player to the software, graphics or other content associated with selected online activities. Such systems and methods may find particular applicability in fields related to online gambling by verifying the identity and location of an on-line player.
    Type: Grant
    Filed: November 23, 2011
    Date of Patent: October 13, 2015
    Assignee: Concierge Holdings, Inc.
    Inventor: James D. Thackston
  • Patent number: 9154568
    Abstract: An intermediate server can receive a request from a mobile device to authorize a software application, transmit a secure ID included in the request to a social-networking system, receive an access token from the social-networking system indicating that the software application has been authorized, evaluate the access token for validity, and transmit a response to the mobile device indicating the software application is authorized. The secure ID can indicate that a user of the mobile device has been authenticated by the social-networking system. The access token can be valid when the access token and the secure ID both correspond to the user of the mobile device.
    Type: Grant
    Filed: March 20, 2012
    Date of Patent: October 6, 2015
    Assignee: Facebook, Inc.
    Inventors: Thomas Alison, Micha Berdichevsky, Bosmat Eldar, Shashank Pandit
  • Patent number: 9154464
    Abstract: Techniques for concealing temporary identifiers (IDs) assigned to user equipments (UEs) by a wireless communication system are described. At a network entity, a first ID Assigned to a UE and possibly a salt value are transformed, e.g., based on a hash function, to obtain a second ID for the UE. An output message directed to the UE is generated based on an input message, the second ID, and the salt value (if present). The output message is sent via a common channel shared by the UE and other UEs. At the UE, a message is received via the common channel, and a salt value (if sent) is obtained from the received message. The first ID and the salt value are transformed to obtain the second ID, which is used to determine whether the received message is intended for the UE.
    Type: Grant
    Filed: February 9, 2007
    Date of Patent: October 6, 2015
    Assignee: QUALCOMM Incorporated
    Inventor: Nathan Edward Tenny
  • Patent number: 9148420
    Abstract: Methods and systems are provided for single sign-on process for remote-access to remote servers, using user equipment associated with a user. An intermediate device (e.g., smart-card) associated with the user equipment may be activated using local-access authentication information provided by the user. The local-access authentication data may be provided by the user in response to requests by the user equipment. Once activated, the intermediate device may support remote-access operations, by providing, in response to authentication requests received from remote servers, remote-access authentication data, which may be used in authenticating the user at the remote servers. The authentication requests may be sent by the remote server to the user equipment in response to the user requesting remote access. The remote-access authentication data may be provided without requiring user input, once the intermediate device is activated.
    Type: Grant
    Filed: July 29, 2014
    Date of Patent: September 29, 2015
    Assignee: SWISSCOM AG
    Inventors: Azim Ferchichi, Eric Lauper
  • Patent number: 9137649
    Abstract: Techniques for managing assignment and reassignment of short codes are described herein. One or more computing devices may assign a short code to a first messaging campaign for a first time period. After expiration of the first time period, the one or more computing devices may then reassign the short code to a second messaging campaign for a second time period.
    Type: Grant
    Filed: July 31, 2013
    Date of Patent: September 15, 2015
    Assignee: T-Mobile USA, Inc.
    Inventors: Poornima Magadevan, Abha Bhatia
  • Patent number: 9131047
    Abstract: A method of displaying a tutorial to a user of a mobile device is disclosed. In some examples, the mobile device receives an input associated with one or more user functions of the mobile device and launches a locally based application in response to the received input. The locally based application may output instructions to the user explaining to the user how to implement the one or more user functions.
    Type: Grant
    Filed: November 19, 2013
    Date of Patent: September 8, 2015
    Assignee: Nuance Communications, Inc.
    Inventors: Brian Roundtree, Kevin Allan, Thomas Trinneer
  • Patent number: 9130742
    Abstract: A network and related methods for transmitting processes in a network secretly and securely is described. The network use keys, through path-key establishment and a key pool bootstrapping, to ensure that packets are transmitted and received properly and secretly in the presence of one or more adversarial nodes.
    Type: Grant
    Filed: March 29, 2013
    Date of Patent: September 8, 2015
    Inventors: Hongyi Yao, Tracey C. Ho, Cristina Nita-Rotaru
  • Patent number: 9130928
    Abstract: A method for updating network-enabled devices with new identity data includes generating a plurality of new identity data records and loading the new identity data records onto an update server. A request is received at the update server for new identity data from at least one network-enabled device having a previously assigned identity linked to an identifier. The previously assigned identifier is linked to a new identifier that is linked to one of the new identity data records. One or more new identity data records are securely delivered to the network-enabled device.
    Type: Grant
    Filed: April 15, 2011
    Date of Patent: September 8, 2015
    Assignee: Google Technology Holdings LLC
    Inventors: Xin Qiu, Alexander Medvinsky, Stuart P. Moskovics, Jason A. Pasion, Eric J. Sprunk, Fan Wang, Ting Yao
  • Patent number: 9124561
    Abstract: A method is provided for transferring control of a security module from a first entity to a second entity. The security module has a first security domain controlled by the first entity by at least one first secret control key specific to the first entity, and a second security domain, the second domain containing a private key and a certificate of a public key of a controlling authority. The method includes: receiving a request to obtain the certificate; sending the certificate; receiving data encrypted by the public key of the certificate, the data including at least one second secret control key specific to the second entity; decrypting the data; verifying the data; and if the verification is positive, replacing the at least one first secret control key by the at least one second secret control key.
    Type: Grant
    Filed: October 12, 2012
    Date of Patent: September 1, 2015
    Assignee: Orange
    Inventors: Ahmad Saif, Bertrand Pladeau
  • Patent number: 9088552
    Abstract: An apparatus and method to provision and distribute a traffic key amongst a plurality of radios enables secure communication, for a predetermined group or a predetermined event. Each radio has a controller, a radio transceiver for electromagnetic radio communications, and a near-field transceiver for near-field communications (NFC). The traffic key (or traffic keys) is provisioned locally at one radio and distributed to the remaining radios utilizing the NFC over a non propagating link. The same traffic key is distributed amongst all radios, and additional restrictions may be applied if desired. The same radios can later be re-provisioned for a different group or event. The local provisioning and distribution is highly advantageous for markets that do not require permanent assignment of radios.
    Type: Grant
    Filed: November 30, 2011
    Date of Patent: July 21, 2015
    Inventor: Ellis A. Pinder
  • Patent number: 9087183
    Abstract: A method and system of securing account is provided. When a client computer requests access to an account accessible via a server, the server determines a MAC address associated with the client computer and compares it to a MAC address associated with the account. If the MAC address of the client computer is not the same as the MAC address associated with the account, the server initially denies access to the client computer, but may allow access after verification of the client computer by the user associated with the account.
    Type: Grant
    Filed: June 21, 2012
    Date of Patent: July 21, 2015
    Inventor: Rob Bartlett
  • Patent number: 9078289
    Abstract: Embodiments of the present disclosure provide systems and methods to allow a multimedia device to operate in multiple modes of configuration simultaneously. The disclosed multimedia system includes a first communications circuitry having an access point connected to an external network and a number of devices. The first communications circuitry can receive and distribute media content over a wireless network, the wireless circuitry facilitating multi-modal simultaneous configuration of the multimedia device. The multi-modal simultaneous configuration includes a first mode and a second mode. The first mode facilitates exchange of data between the multimedia device and the other devices through the access point such as a wireless access point. The second mode facilitates direct exchange of data between the multimedia device and other devices in the wireless network without utilization of the access point. The multimedia device can change its mode of configuration based on a predefined trigger.
    Type: Grant
    Filed: February 29, 2012
    Date of Patent: July 7, 2015
    Assignee: SMSC HOLDINGS S.A.R.L.
    Inventors: Ramanathan Subramaniam, Hooman Kashef Hamadani
  • Patent number: 9078117
    Abstract: A method and a wireless transmit/receive unit (WTRU), including a universal subscriber identity module (USIM), for identifying a closed subscriber group (CSG) cell are disclosed. The WTRU receives a broadcast from a cell including a cell identifier (ID). If the cell ID is associated with a CSG cell, the WTRU determines whether the CSG ID is programmed in the USIM. The cell broadcast may include a single bit information element (IE) indicating that the cell is a CSG cell. If the cell ID is a CSG ID, the cell ID may further include a plurality of fields which indicate at least one of a country, a region, an operator, and a home evolved Node-B (HeNB) number. The cell broadcast may further include a bit indicating whether the CSG cell is public or private. The cell broadcast may further include a bit indicating that emergency calls are allowed from all users.
    Type: Grant
    Filed: November 19, 2013
    Date of Patent: July 7, 2015
    Assignee: InterDigital Technology Corporation
    Inventors: Jin Wang, Shankar Somasundaram, Mohammed Sammour, Rajat P. Mukherjee, James M. Miller
  • Patent number: 9069510
    Abstract: A touch sensitive screen mobile information apparatus having a wireless communication unit for wireless device discovery is herein disclosed. Close proximity wireless device discovery is enabled by wireless searching near distance via radio frequency field for a wireless device, receiving information from the wireless device over the near distance wireless communication, and storing the received information at the information apparatus for future wireless connections. Authentication or pairing of devices may be eliminated due to close proximity of the direct wireless device discovery. After wireless device discovery, the information apparatus and the wireless device may become locked or paired for subsequent wireless communication over any number of wireless communication protocols or standards (e.g., Bluetooth, IEEE 802.11, 2.4GHz) without the need to repeat wireless discovery or pairing. Examples of information apparatus include smart phones, digital camera, laptops, or information pads.
    Type: Grant
    Filed: May 19, 2010
    Date of Patent: June 30, 2015
    Assignee: Flexiworld Technologies, Inc.
    Inventors: William Ho Chang, Christina Ying Liu
  • Patent number: 9064135
    Abstract: A hardware implemented system and method of encryption key management may facilitate access to a connected device. In some embodiments, an Input/Output (I/O) controller coupled to a host system may comprise a cryptocontext memory that is only accessible via state machines running on the controller and a key unwrap engine to decrypt wrapped keys associated with commands received from the host system.
    Type: Grant
    Filed: December 12, 2007
    Date of Patent: June 23, 2015
    Assignee: Marvell International Ltd.
    Inventors: Tze Lei Poo, David Geddes
  • Patent number: 9043599
    Abstract: A method and authentication server provide a mobile key. According to the method, upon receipt of an authentication message (access authentication) that is transmitted when a subscriber logs on to the network, the authentication server extracts a subscriber identification contained in said message and generates a corresponding mobile key, which is stored together with the respective extracted subscriber identification. Upon subsequent receipt of a key request message (key request) that is transmitted when a subscriber registers, the authentication server extracts a mobile identification of the subscriber contained in said message and searches for an identical mobile identification, which can be derived in accordance with a configurable derivation function from a subscriber identification that is stored in the authentication server.
    Type: Grant
    Filed: October 31, 2006
    Date of Patent: May 26, 2015
    Inventors: Rainer Falk, Christian Günther, Dirk Kröselberg
  • Patent number: 9025769
    Abstract: A method for registering a Smartphone when accessing security authentication device and a method for access authentication of a registered Smartphone are provided. When a Smartphone based application searches for a device and attempts an access to the found device, the search and access for the device is limited according to a result of authentication using an activation code.
    Type: Grant
    Filed: August 3, 2011
    Date of Patent: May 5, 2015
    Assignee: Suprema Inc.
    Inventors: Yeon Gil Choi, Seong Jik Lee, Jae Won Lee
  • Publication number: 20150110270
    Abstract: Secure virtualizing of a mobile cellular device uses a cellular communication network having base transceiver station edge node servers. A virtualized-instance host server contains a virtualized instance of an enterprise environment. Base station controllers are in communication with and control the base transceiver stations. A mobile switching center in communication with the base station controllers contains the virtualized-instance host server. A cellular communication device is in communication with an edge node server, and an auxiliary data display entry device is in communication with the cellular communication device such that the virtualized instance of the enterprise environment is on the edge node server. Communications between the auxiliary display and data entry device are encrypted.
    Type: Application
    Filed: October 21, 2013
    Publication date: April 23, 2015
    Inventors: Dakshi Agrawal, Bruce O. Anthony, JR., Chatschik Bisdikian, Mudhakar Srivatsa, Dinesh C. Verma
  • Patent number: 9014680
    Abstract: An apparatus, and an associated method, for providing secured effectuation of a communication service at a substitute mobile station. A user desiring temporarily to use a substitute mobile station to carry out the communication service initiates a request at the mobile station for its use. The communication service is available to be performed at the substitute mobile station for a selected period. Upon termination of the selected period, the communication service session ends, and data associated with the communication service session is deleted from the substitute mobile station.
    Type: Grant
    Filed: August 12, 2010
    Date of Patent: April 21, 2015
    Assignee: BlackBerry Limited
    Inventors: Daryl Joseph Martin, James Andrew Godfrey, John Ferguson Wilson
  • Patent number: 9008619
    Abstract: A mobile terminal that may be able to access a wireless communication network and a control method thereof are provided. The mobile terminal includes: a wireless communication unit configured to access a wireless communication network; a detection unit configured to detect a connectable wireless communication network through the wireless communication unit; and a controller outputting icons each corresponding to one or more wireless communication networks detected by the detection unit to a locked screen displayed in a locked state in which inputting of a control command with respect to an application is limited, releasing the locked state when selecting of any one of the output icons is detected, and controlling the wireless communication unit to access a wireless communication network corresponding to the selected icon.
    Type: Grant
    Filed: August 21, 2012
    Date of Patent: April 14, 2015
    Assignee: LG Electronics Inc.
    Inventors: Sanghyuck Lee, Eunju Lee, Byeongwook Kim
  • Patent number: 9008309
    Abstract: According to various aspects of this disclosure, a circuit arrangement is provided. The circuit arrangement may include: a memory configured to store a first encryption key for generating a first authentication vector for authentication between a mobile station and a home network of the mobile station; and a key-generator configured to derive a second encryption key from the first encryption key, the second encryption key for generating a second authentication vector for authentication between the mobile station and a visited network.
    Type: Grant
    Filed: July 2, 2012
    Date of Patent: April 14, 2015
    Assignee: Intel Mobile Communications GmbH
    Inventors: Achim Luft, Martin Hans
  • Patent number: 9003488
    Abstract: Described are various embodiments of a system and method in which device-identifying data can be used to uniquely recognize and optionally track and report on device activity at one or more hotspot locations by way of the creation and management of a device profile uniquely associated with such devices and stored in a network accessible knowledge base.
    Type: Grant
    Filed: November 1, 2012
    Date of Patent: April 7, 2015
    Assignee: Datavalet Technologies
    Inventors: Ron Spencer, Tom Camps, Chris Burchett, Brad Gagne, Rob Madge, Ray Scobie
  • Patent number: 9001642
    Abstract: A method and apparatus for a satellite system. A satellite system is comprised of a communications system in a satellite and a number of computers associated with the satellite. The communications system is configured to receive first information and transmit second information from the satellite to a remote platform over a number of communications links. The number of computers is configured to identify a block of information for encryption from instructions in the first information. The number of computers is further configured to generate a key from a portion of the block of information based on the instructions. The number of computers is further configured to perform an exclusive OR operation on the block of information using the key to form a block of encrypted information. The number of computers is further configured to transmit the block of encrypted information.
    Type: Grant
    Filed: February 23, 2012
    Date of Patent: April 7, 2015
    Assignee: The Boeing Company
    Inventors: Duane L. Blanchard, Angelia Mae Corbett
  • Patent number: 9003491
    Abstract: Systems and methods of authentication and authorization between a client, a server, and a gateway to facilitate communicating a message between a client and a server through a gateway. The client has a trusted relationship with each of the gateway and the server. A method includes registering the client with the gateway. The client also constructs the address space identifying the gateway and the client. The client communicates the address space to the server. The client receives an identity identifying the server. If the client authorizes to receive a message from the server through the gateway, the client informs the authorization to the gateway. The client puts the identity identifying the server on a list of servers which are authorized to send messages to the client. In addition, the client communicates the list of servers to the gateway.
    Type: Grant
    Filed: December 13, 2011
    Date of Patent: April 7, 2015
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Shai Herzog, Johannes Klein, Alexandru Gavrilescu
  • Patent number: 8984278
    Abstract: A novel code signing system, computer readable media, and method are provided. The code signing method includes receiving a code signing request from a requestor in order to gain access to one or more specific application programming interfaces (APIs). A digital signature is provided to the requestor. The digital signature indicates authorization by a code signing authority for code of the requestor to access the one or more specific APIs. In one example, the digital signature is provided by the code signing authority or a delegate thereof. In another example, the code signing request may include one or more of the following: code, an application, a hash of an application, an abridged version of the application, a transformed version of an application, a command, a command argument, and a library.
    Type: Grant
    Filed: January 30, 2013
    Date of Patent: March 17, 2015
    Assignee: BlackBerry Limited
    Inventors: David Paul Yach, Michael Stephen Brown, Herbert Anthony Little
  • Patent number: 8976962
    Abstract: An apparatus and method for generating a group key using the status of a wireless channel are provided. The apparatus includes a representative channel response selection unit for selecting a representative channel response signal from among pilot signals received from slave terminals. A key generation unit generates a group key based on a representative channel response value of the representative channel response signal. A hash value generation unit generates a hash value corresponding to the group key. A transmission pilot control unit adjusts power intensities of transmission pilots of the respective slave terminals using the channel response value of the representative channel response signal and channel response values and transmission power intensities of the slave terminals. A communication unit is individually connected to the slave terminals and configured to transmit pilot signals, power intensities of which have been adjusted, and the hash value to the slave terminals.
    Type: Grant
    Filed: September 3, 2012
    Date of Patent: March 10, 2015
    Assignee: Electronics and Telecommunications Research Institute
    Inventors: Seon-Yeob Baek, Sang-Kyung Yoo, Seok Ryu, Sang-Han Lee
  • Patent number: 8965342
    Abstract: Methods and apparatus for verifying authenticity of device information of an end-user device are provided herein. In some embodiments, a method for verifying authenticity of device information of an end-user device may include sending a request to verify device information of an end-user device receiving, responsive to the request, verification information regarding the device information sent, and performing a verification analysis on the verification information received.
    Type: Grant
    Filed: August 8, 2013
    Date of Patent: February 24, 2015
    Assignee: Vonage Network LLC
    Inventors: Tzahi Efrati, Jaya Meghani
  • Patent number: 8959620
    Abstract: A method for composing an authentication password associated with an electronic device is implemented by a password composing system including a display, a receiving unit, and a processing unit. In the method, the display is configured to display a start point, and a plurality of displayed paths. The receiving unit is configured to detect a set of user-input movements of a contact point at the display. The processing unit is configured to determine whether the user-input movements conform with a predefined valid user-input gesture, store a plurality of codes corresponding to the valid user-input gestures, and to compose the authentication password according to valid ones of the series of the user-input movements.
    Type: Grant
    Filed: March 14, 2013
    Date of Patent: February 17, 2015
    Assignee: Mitac International Corp.
    Inventors: Ching-Teng Hsueh, Hui-Chun Yang
  • Patent number: 8958559
    Abstract: A system and method for secure instant messaging are described. For example, in one embodiment, a first user identifies a second user for an instant messaging session with the ID code of the second user. The first user is provided with network information for the second user and a public key associated with the second user. The first user encrypts an instant message using the public key of the second user and a private key. In one embodiment, the first user encrypts the content of the instant message (e.g., any text and/or attachments) using the public key of the second user and signs the content using the private key of the first user. The encrypted message is transmitted from the first user to the second user. The second user decrypts the instant message using the second user's private key and verifies the signature with the first user's public key.
    Type: Grant
    Filed: September 2, 2011
    Date of Patent: February 17, 2015
    Assignee: Apple Inc.
    Inventors: Alexander A. Medina, Andrew H. Vyrros, Darryl N. Bleau, Jeffrey T. Davey, Justin E. Santamaria, Justin N. Wood
  • Patent number: 8953798
    Abstract: Enhanced cryptographically generated addresses (ECGAs) for MIPv6 incorporate a built-in backward key chain and offer support to bind multiple logically-linked CGAs together. Enhanced CGAs may be used to implement a secure and efficient route optimization (RO) for MIPv6.
    Type: Grant
    Filed: December 15, 2010
    Date of Patent: February 10, 2015
    Assignee: Telefonaktiebolaget L M Ericsson (publ)
    Inventor: Angelo Rossi
  • Patent number: 8955062
    Abstract: A method including: assigning identifiers to respective domains, where each of the domains is allocated a corresponding set of resources, and where the resources in the sets of resources are accessible at respective physical addresses; storing permissions to access the physical addresses, where each of the permissions indicates which of the physical addresses one or more of the domains are permitted to access. The method also includes: assigning a code to a first domain, where the code includes instructions, and where each of the instructions includes a corresponding one of the physical addresses; tagging each of the instructions by adding the identifier assigned to the first domain to each of the instructions; and during execution of each of the instructions, comparing the identifier included in the corresponding instruction to one of the permissions; and based on the comparison, permitting access to the set of resources allocated to the first domain.
    Type: Grant
    Filed: March 17, 2014
    Date of Patent: February 10, 2015
    Assignee: Marvell World Trade Ltd.
    Inventor: Mark N. Fullerton
  • Patent number: 8948386
    Abstract: There are disclosed systems and methods for authenticating a mobile device by a network and/or for generating one or more keys that can be used for securely transmitting data between the mobile device and the network. In one embodiment, the following operations are performed by a mobile device: (i) the mobile device participates in at least a portion of a key agreement protocol with a network to compute a secret value; (ii) the mobile device obtains a response value derived from the secret value; and (iii) the mobile device sends the response value to a verification entity for use in authenticating the mobile device. There are also disclosed systems and methods for authenticating a network by a mobile device.
    Type: Grant
    Filed: June 27, 2012
    Date of Patent: February 3, 2015
    Assignee: Certicom Corp.
    Inventors: Matthew John Campagna, Robert John Lambert, Anthony Rosati
  • Patent number: 8950000
    Abstract: A method, system, and medium are provided for operating a computing device and a mobile device to access computer software with a secure access and to access a packet network, and for operating a computer software on a mobile device with different computing devices. A mobile device is used to authenticate a user's access to computer software. The computer software may reside on the mobile device, the user's computing device, or another computing device. A unique identifier is stored in the mobile device associated with the computer software to enable the authentication.
    Type: Grant
    Filed: November 15, 2012
    Date of Patent: February 3, 2015
    Assignee: Sprint Communications Company L.P.
    Inventors: Shane R. Werner, Warren B. Cope, Von McConnell
  • Patent number: 8942224
    Abstract: A method and system for handling security synchronization for prolonged periods of no-reception of voice frames. The method includes receiving one or more protocol data units (PDUs) by a radio link control (RLC) sub layer and determining a time period between the receiving of each PDU and a previously received PDU by the RLC sub layer. Further, the method includes initiating recovery procedure for the time period exceeding a first predefined time. The recovery procedure includes identifying count of the one or more PDUs to be recovered, deciphering each PDU using a plurality of hyper frame numbers (HFNs) and updating a master HFN based on the deciphering. The master HFN deciphers each PDU among the one or more protocol data units. Further, the method also includes delivering the one or more PDUs to a packet data convergence protocol sub layer where type verification of the PDU is performed.
    Type: Grant
    Filed: August 23, 2010
    Date of Patent: January 27, 2015
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Kundan Kumar Lucky, Gert-Jan Van Lieshout
  • Patent number: 8942377
    Abstract: A method and apparatus to establish trust between two nodes in a communications network. A first node receives from a network node authentication data unique to the first node, which can be used to derive a compact representation of verification data for the first node. The first node also receives a certified compact representation of verification data of all nodes in the network. The first node derives trust information from the authentication data for the node, and sends to a second node a message that includes the trust information and part of the authentication data. The second node has its own copy of the certified compact representation of verification data of all nodes in the network, and verifies the authenticity of the message from the first node using the compact representation of verification data of all nodes in the network and the received trust information and authentication data.
    Type: Grant
    Filed: February 12, 2010
    Date of Patent: January 27, 2015
    Assignee: Telefonaktiebolaget L M Ericsson (Publ)
    Inventors: Wassim Haddad, Rolf Blom, Mats Naslund
  • Patent number: 8938805
    Abstract: A processing device comprises a processor coupled to a memory and implements a host-based intrusion detection system configured to permit detection of tampering with at least one software component installed on the processing device. The host-based intrusion detection system comprises a forward-secure logging module configured to record information characterizing a plurality of events occurring in the device in such a manner that modification of the recorded information characterizing the events is indicative of a tampering attack and can be detected by an authority. For example, the recorded information may comprise at least one forward-secure logging record R having entries r1 . . . rn corresponding to respective ones of the events wherein any erasure or other modification of a particular pre-existing entry ri in R by an attacker is detectable by the authority upon inspection of R.
    Type: Grant
    Filed: September 24, 2012
    Date of Patent: January 20, 2015
    Assignee: EMC Corporation
    Inventors: Ari Juels, Catherine V. Hart
  • Publication number: 20150016609
    Abstract: The invention proposes a system for authenticating and authorizing network services comprising: a mobile device being adapted to, upon receipt of an information message indicating at least one network access type, determine the network access type, to create a start message containing at least a user identity, and to encapsulate the start message in an authentication message compatible with the access network identified in the information message, and an access controller for reading the encapsulated message from the mobile and forwarding the encapsulated message to an authentication server identified in the encapsulated message. The invention also proposes a corresponding method for authenticating and authorizing network services, and an access control device, a subscriber device and a router device.
    Type: Application
    Filed: September 29, 2014
    Publication date: January 15, 2015
    Inventors: Jari T. Malinen, Timothy J. Kniveton, Meghana Sahasrabudhe
  • Patent number: 8935763
    Abstract: Methods and systems taught herein provide for authentication information for authenticating a user terminal to be shared between a network entity that supports IMS-AKA authentication of the user terminal and a network entity that supports GBA-AKA authentication of the user terminal. Sharing authentication information between these entities allows all or part of the authentication information generated for IMS-AKA authentication of the user terminal to be used subsequently for GBA-AKA authentication of the user terminal, or vice versa.
    Type: Grant
    Filed: February 15, 2008
    Date of Patent: January 13, 2015
    Assignee: Telefonaktiebolaget L M Ericsson (publ)
    Inventors: Luis Barriga, David Castellanos Zamora
  • Patent number: 8929861
    Abstract: A personnel access system may include a mobile device(s) comprising a first near field communication (NFC) device, a wireless device, and a first controller configured to generate an access request. An access control device may be associated with a personnel access position and include a second NFC device configured to receive the access request, and a second controller configured to generate a verification request for the mobile device(s) based upon the received access request. A verification device may be configured to receive the verification request from the access control device, and send a verification message to the mobile device(s). The first controller may be configured to receive the verification message via the wireless device, and generate verification data based thereon. The second controller may be configured to selectively grant personnel access based upon the verification data.
    Type: Grant
    Filed: February 24, 2011
    Date of Patent: January 6, 2015
    Assignee: BlackBerry Limited
    Inventors: Santiago Carbonell Duque, Alberto Daniel Zubiri, Tomasz Buozek
  • Patent number: 8913559
    Abstract: A mobile station selects a provider such as an online sign up (OSU) provider by receiving a pre-association message including OSU selection information from a Wi-Fi network component, such as an access point in communication with the OSU provider, and sending a selection of an OSU provider in accordance with the OSU selection information to the network component. The OSU selection information excludes identification of the OSU network provider or resource, but provides other attributes to the user, such as price or service configuration. The pre-association message may be transmitted as a beacon or using ANQP.
    Type: Grant
    Filed: October 8, 2012
    Date of Patent: December 16, 2014
    Assignee: Futurewei Technologies, Inc.
    Inventors: Bin Chen, Kaidi Huang, George Calcev, Hanan Ahmed
  • Patent number: 8914859
    Abstract: Obfuscating a message, in one aspect, may include detecting sensitive information in a message to be broadcast into public or quasi-public computer network environment; replacing the sensitive information in the message with a representation that preserves general aspects of the sensitive information and a user interface element, the user interface element for enabling a viewer of the message to request access to details of the sensitive information; and transmitting the replaced message for broadcasting into the public or quasi-public computer network environment. De-obfuscating the message, in one aspect, may include authenticating one or more viewers or receivers of the message and based on the authentication, presenting details associated with the sensitive information.
    Type: Grant
    Filed: November 7, 2011
    Date of Patent: December 16, 2014
    Assignee: International Business Machines Corporation
    Inventors: Thomas D. Erickson, David W. Levine
  • Patent number: 8913743
    Abstract: Method for decrypting, within a wireless communication device, a sequence of encrypted packets received via a wireless communication channel between the communication device and a cell assigned to this device, comprising for each packet the following steps: —the computation of an encrypting sequence corresponding to the packet (21); and —the decrypting of the packet with the aid of the said encrypting sequence (22). In this method, the encrypting sequences are computed before the reception of the packets while the reception quality is above a threshold (20, TH) and an indication of change of cell is not received (24).
    Type: Grant
    Filed: January 19, 2010
    Date of Patent: December 16, 2014
    Assignee: ST-Ericsson SA
    Inventors: Hervé Sibert, Sylviane Roullier
  • Patent number: 8907768
    Abstract: Embodiments of the present invention are directed to systems, apparatuses and methods for using a mobile device with an accelerometer to gain access into a secured or restricted area. A first device and a second device interact by making physical contact with each other thereby generating interaction data that is representative of the physical interaction between the first and second device. The first and second device may be mobile phones. The second device may be a point of sale terminal, access point device, or any other stationary (i.e., in a fixed position) device positioned at a line, door, gate, or entrance. A server computer determines, based on interaction data, that the first device and the second device made physical contact. After determining that the first device and the second device made contact, communications may be initiated between the devices.
    Type: Grant
    Filed: November 23, 2010
    Date of Patent: December 9, 2014
    Assignee: Visa International Service Association
    Inventors: Patrick Faith, Mark Carlson, Ayman Hammad, Ben Rewis, Kris Koganti
  • Patent number: 8908864
    Abstract: Systems, methods, and computer readable media for detecting and mitigating address spoofing in messaging service transactions are disclosed. A messaging service firewall (MSF) separate from a short message service center (SMSC) receives a mobility management reply message (MMR) that is sent by a mobile location register element in response to an associated mobility management query (MMQ) and that includes a serving switch identifier. The MSF allocates a global title address (GTA) from a pool of GTAs and stores a correlation between the allocated GTA and the originating SMSC. The MSF replaces the serving switch identifier in the MMR with the allocated GTA and routes the modified MMR. The MSF then receives a messaging service message (MSM) that is addressed to the allocated GTA and that includes the purported originating SMSC. If the purported originating SMSC does not match the SMSC to which the GTA is correlated, the MSM is discarded.
    Type: Grant
    Filed: October 5, 2012
    Date of Patent: December 9, 2014
    Assignee: Tekelec Netherlands Group, B.V.
    Inventor: Eloy Johan Lambertus Nooren
  • Patent number: 8903443
    Abstract: Methods and systems for slow associated control channel signaling are disclosed. An example method for securing communications in a mobile network disclosed herein comprises transmitting a first variant of a message of a first type on a first slow associated control channel (SACCH) before ciphering is started on the first SACCH, and after ciphering is started on the first SACCH, transmitting a second variant of the message of the first type on the first SACCH, and subsequently transmitting the second variant of the message of the first type on the first SACCH, wherein the subsequently transmitted second variant of the message of the first type is the next transmitted message of the first type on the first SACCH.
    Type: Grant
    Filed: March 8, 2013
    Date of Patent: December 2, 2014
    Assignee: BlackBerry Limited
    Inventors: David Philip Hole, Eswar Kalyan Vutukuri
  • Patent number: 8904523
    Abstract: The invention is directed to a security module deployed in a host device, which provides a secondary agent that operates in coordination with the host agent in the host device, but operates independent of the host operating system of the host device to independently access an existing communication network interface in the host device or a separate dedicated network interface, if available. In one aspect, the present invention enables robust theft recovery and asset tracking services. The system comprises a monitoring center; one or more monitored devices; a security module in the monitored devices; and one or more active communications networks. Monitored devices may be stand alone devices, such as computers (e.g., portable or desktop computers), or a device or a subsystem included in a system. A monitored device comprises a security module, a host agent and software to support the host agent that runs in the monitored device's OS.
    Type: Grant
    Filed: October 13, 2010
    Date of Patent: December 2, 2014
    Assignee: Absolute Software Corporation
    Inventor: William Doyle Gordon
  • Patent number: 8887251
    Abstract: A handover method of a mobile terminal between heterogeneous networks for facilitating the handover with pre-authentication procedure is provided. A handover method between heterogeneous networks includes receiving, at a mobile terminal connected to a source network, information on at least one target authenticator of a target network from a source authenticator in response to an attach request; creating an authentication key between the mobile terminal and the target authenticator selected among the at least one target authenticator through a pre-authentication process; determining, when the mobile terminal transmits a handover request to the selected target authenticator, whether the authentication key contained in the handover request matches with the authentication key stored in the selected target authenticator; and connecting, when the authentication keys match with each other, to the target network via the selected target authenticator.
    Type: Grant
    Filed: December 23, 2009
    Date of Patent: November 11, 2014
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Peng Lei, Jeong Jae Won, Young Seok Kim