Visiting Center Patents (Class 380/248)
  • Patent number: 10959094
    Abstract: A method of replacing an authentication parameter for authenticating a security element co-operating with a terminal includes storing in the security element a first authentication parameter; transmitting to a mobile network operator the first authentication parameter for the operator to record it in its authentication system; on occurrence of an event, having a remote platform transmit to the security element an indicator informing the security element that it is authorized to replace the first authentication parameter with a second authentication parameter if its authentication fails; on occurrence of the event, having the entity transmit to the operator a second authentication parameter to replace the first authentication parameter; and in the event of subsequent failure of the security element to connect to the mobile network and if the indicator is present at the security element, replacing the first authentication parameter with the second authentication parameter at the security element.
    Type: Grant
    Filed: June 23, 2016
    Date of Patent: March 23, 2021
    Inventors: Patrice Amiel, Michel Endruschat, Sébastien Ponard, Gabriel Pereira, Jean-Yves Fine, François Zannin, Michel Martin, Caroline Durant Dinet, Xavier Berard
  • Patent number: 10887288
    Abstract: An embodiment of the disclosure provides a voice communication method, a calling terminal, a called terminal and a system, the voice communication method includes: establishing, by a calling terminal, a data communication connection between a called terminal and the calling terminal; obtaining a calling terminal international mobile subscriber identity (IMSI), a called terminal IMSI, a first random number for encryption and decryption, and generating a first encryption key; encrypting voice signals according to the first encryption key by using a preset encryption algorithm and obtaining first encrypted voice signals; sending the first encrypted voice signals to the called terminal. The first encryption key is generated according to the calling terminal IMSI, the called terminal IMSI, and the voice signals are encrypted by using the preset encryption algorithm, thus an encryption process is highly targeted and highly confidential, and security of voice services is improved.
    Type: Grant
    Filed: November 30, 2016
    Date of Patent: January 5, 2021
    Inventors: Xing-Shao Xu, De-Ying Guo
  • Patent number: 10862872
    Abstract: A networked device communication system can configure network devices (e.g., a primary and secondary database) to send and receive sequences of messages, such as replicated data, using one or more keypairs and wrapping keys. The sequences of messages can include an initial set of messages that are encrypted by a wrapping key, and further include another set of messages that are encrypted by a replaced staggered key. The sequence of messages can be configured to be decrypted without exporting keys of hardware security modules.
    Type: Grant
    Filed: April 30, 2020
    Date of Patent: December 8, 2020
    Assignee: Snowflake Inc.
    Inventors: Damien Carru, Robert Bengt Benedikt Gernhardt, Martin Hentschel, Nithin Mahesh, Eric Robinson
  • Patent number: 10862873
    Abstract: A networked device communication system can configure network devices (e.g., a primary and secondary database) to send and receive sequences of messages, such as replicated data, using one or more keypairs and wrapping keys. The sequences of messages can include an initial set of messages that are encrypted by a wrapping key, and further include another set of messages that are encrypted by a replaced staggered key. The sequence of messages can be configured to be decrypted without exporting keys of hardware security modules.
    Type: Grant
    Filed: April 30, 2020
    Date of Patent: December 8, 2020
    Assignee: Snowflake Inc.
    Inventors: Damien Carru, Robert Bengt Benedikt Gernhardt, Martin Hentschel, Nithin Mahesh, Eric Robinson
  • Patent number: 10641887
    Abstract: An access point (AP) device of a wireless communication network determines that an unassociated client station requests to participate in a ranging measurement procedure with the AP device, and determines a preliminary network ID for uses by the unassociated client station during a ranging measurement session and while the unassociated client station remains unassociated with the wireless communication network. The AP device transmits a packet having the preliminary network ID, and after transmitting the packet having the preliminary network ID, participates in a multi-user (MU) null data packet (NDP) ranging measurement session with a plurality of client stations that includes the unassociated client station.
    Type: Grant
    Filed: May 23, 2018
    Date of Patent: May 5, 2020
    Assignee: NXP USA, Inc.
    Inventors: Liwen Chu, Hongyuan Zhang, Hui-Ling Lou
  • Patent number: 10462722
    Abstract: A device may receive relationship information indicating a relationship between first geographic information and a network gateway. The network gateway may be associated with providing a user device with access to a network. The device may store the relationship information. The device may receive, from the user device and via a base station, second geographic information indicating a tracking area in which the user device is located. The device may identify one or more network gateways, associated with the second geographic information, based on the second geographic information and the relationship information. The device may provide, to the user device, one or more device identifiers associated with the one or more network gateways to permit the user device to access the network via the one or more network gateways. The one or more device identifiers may be provided in association with a non-access stratum message.
    Type: Grant
    Filed: August 22, 2018
    Date of Patent: October 29, 2019
    Assignee: Verizon Patent and Licensing Inc.
    Inventors: Sergei Karpov, Sudhakar Reddy Patil, Sagiv Draznin
  • Patent number: 10447502
    Abstract: A home wireless system and a method of controlling it wherein the home wireless system comprises a plurality of wireless peripheral nodes and a first gateway having a wireless communication means for communicating with and controlling wireless peripheral nodes.
    Type: Grant
    Filed: March 8, 2013
    Date of Patent: October 15, 2019
    Assignee: VERISURE SÀRL
    Inventors: Fredrik Hederstierna, Philip Alan Munts
  • Patent number: 10375677
    Abstract: A method and system for allocating shareable wireless transmission resources. A resource pool is established. The resource pool is divided into a plurality of physical layer allocation units usable for wirelessly transmitting control information and traffic data. The allocation units are assigned at the media access control layer for the wireless transmission of the control information and traffic data. The system and method of the present invention also allows mobile stations to be dynamically grouped into multicast groupings to reduce system overhead resource requirements.
    Type: Grant
    Filed: September 24, 2014
    Date of Patent: August 6, 2019
    Assignee: Apple Inc.
    Inventors: Hang Zhang, Jianglei Ma, Ming Jia, Mo-Han Fong, Peiying Zhu, Wen Tong
  • Patent number: 10356060
    Abstract: Systems and methods may provide for implementing a secure communication using physical proximity. In one example, the method may include transmitting an encrypted first communication including a sensitive information file, decrypting the encrypted first communication to generate a decrypted first communication including the sensitive information file, displaying the decrypted first communication, capturing a version of the decrypted first communication displayed on the intermediary device, and extracting the sensitive information file at a user device.
    Type: Grant
    Filed: October 19, 2015
    Date of Patent: July 16, 2019
    Assignee: Intel Corporation
    Inventor: Jasmeet Chhabra
  • Patent number: 10341915
    Abstract: To facilitate a handoff of a communication session in a wireless network, a first wireless access point at least temporarily emulates a second wireless access point, spoofing a target communication device that communications transmitted from the first wireless access point appear to be transmitted from the second wireless access point. According to a first configuration, the communication session is handed off from the first wireless access point to the second wireless access point. According to another configuration, the communication session is handed off from the second wireless access point to the first wireless access point.
    Type: Grant
    Filed: November 30, 2015
    Date of Patent: July 2, 2019
    Assignee: Time Warner Cable Enterprises LLC
    Inventors: Sunmeel Bhumkar, Muhib Oduwaiye, Zaheer Syed, Sourabh Gupta, Syed Ahsan
  • Patent number: 10325235
    Abstract: A method and system for analyzing and optimizing the distribution of work from a plurality of queues includes storing historical data in a database. The historical data may include sets of different types of data items, each of the data items having an associated monetary value. The method further includes assigning a relative score to each of the data items within the sets and calculating a cumulative monetary value for each relative score, the cumulative monetary value being the summation of the monetary values for all items having relative scores up to and including the relative score. The method further includes determining the maximum cumulative monetary value calculated and its corresponding relative score. In one embodiment, the corresponding relative score is then used to determine which items to work in a set of queues that has not yet been worked.
    Type: Grant
    Filed: March 29, 2013
    Date of Patent: June 18, 2019
    Inventors: Robert C. Taintor, Gregory David Leibon
  • Patent number: 10069822
    Abstract: A mobile device sends a network attach request to a network node, and receives an authentication challenge from the network node, where the authentication challenge includes an authentication token, a random number, and a time variable associated with a current time at the network node. A microprocessor smart card of the mobile device retrieves the time variable from the authentication challenge, and starts a clock counter based on the retrieved time variable. The microprocessor smart card uses a current time represented by the clock counter to perform time expiration validation tests on certificates during Public Key Infrastructure (PKI) authentication or on authentication tokens during token-based authentication.
    Type: Grant
    Filed: February 23, 2016
    Date of Patent: September 4, 2018
    Assignee: Verizon Patent and Licensing Inc.
    Inventors: Manuel Enrique Caceres, Warren Hojilla Uy, Praveen Venkataramu, Ruben Cuadrat
  • Patent number: 10051463
    Abstract: A method performed by a subscriber data storage node of a visiting communication network for handling a signalling request in a communication system comprising a home communication network and the visiting communication network. The signalling request originates from a communication device subscribing to the home communication network and having a home subscriber identification, ID, for communication in the home communication network. The communication device is registered to the visiting communication network with a local subscriber ID different from the home subscriber ID, the local subscriber ID being associated with the home subscriber ID. The method comprises receiving the signalling request originating from the communication device, the signalling request being associated with the local subscriber ID and identifying that the local subscriber ID is associated with the home subscriber ID.
    Type: Grant
    Filed: December 2, 2013
    Date of Patent: August 14, 2018
    Inventors: Qiang Li, Justus Petersson, Stefan Thuresson
  • Patent number: 10034168
    Abstract: Disclosed are a method, apparatus, and system for authenticating a communication session between a user equipment device (UE) and a communication network. A first authentication of a UE is performed by generating an authentication key, transmitting the authentication key over a first communication link from the UE to a communication network, authenticating the UE using the authentication key, and generating an authentication result indicative of authenticating the UE. A second authentication of the UE is performed to authorize a communication session over a second communication link between the UE and the communication network. The second authentication includes transmitting UE identifying information over the second communication link from the UE to the communication network and authenticating the UE using the UE identifying information and the authentication key. The second communication link is established under an internet protocol.
    Type: Grant
    Filed: April 25, 2013
    Date of Patent: July 24, 2018
    Assignee: Sprint Spectrum L.P.
    Inventors: Raymond E. Reeves, Mark Peden, Simon Youngs, Gary Koller
  • Patent number: 10021077
    Abstract: The disclosed system allows a user to have access to a protected network through the distribution of signed send tokens. In particular, a device associated with the protected network, such as a network interface card, may generate and issue send tokens to various third-parties who seek access to the network. A send token may be a block of data that contains transmission information regarding the operations that are allowed to be performed by the network user. For example, the send token may identify the portions of the network to which the user's data packets are allowed to be sent, as well as the permitted content of the user's data packets.
    Type: Grant
    Filed: May 12, 2014
    Date of Patent: July 10, 2018
    Assignee: Google LLC
    Inventor: Glenn Christopher Brown
  • Patent number: 9882957
    Abstract: Client-side endpoint configuration can be accomplished by allowing a client to include as part of an API request, a desired endpoint for subsequent notifications from a server. The endpoint can be an endpoint identifier, such as a Uniform Resource Identifier (URI) or a domain name. When a web service receives the API request from a client device, the web service can generate a response to the request and send the response to the endpoint identified in the request. The API request can asynchronously communicate with the client device whenever the response is completed.
    Type: Grant
    Filed: August 13, 2013
    Date of Patent: January 30, 2018
    Assignee: Amazon Technologies, Inc.
    Inventor: Andre Mostert
  • Patent number: 9641487
    Abstract: A method, system and apparatus for sharing media content securely and reliably among various computing devices in a private network through media streaming technology is provided.
    Type: Grant
    Filed: December 20, 2005
    Date of Patent: May 2, 2017
    Inventors: Yu Chen Zhou, Lin Ma, Lei Ma, Yi Min Gan
  • Patent number: 9526071
    Abstract: A method of connecting to a network by a terminal in a communication system, the communication system including the terminal, one or more access points, and a network controller controlling the one or more access points is provided. The method includes establishing a connection with a first access point, setting and storing wake-up information, configured to selectively transceive with the first access point, in the first access point and the network controller, performing hand off to a second access point connected to the network controller, and selectively transceiving data with the second access point based on the wake-up information set and stored in the network controller.
    Type: Grant
    Filed: September 16, 2013
    Date of Patent: December 20, 2016
    Assignee: Samsung Electronics Co., Ltd.
    Inventor: Bu-Seop Jung
  • Patent number: 9313784
    Abstract: Embodiments describe synchronizing access routers with wireless terminal state information. According to an embodiment is a wireless terminal that transmits a message that includes an address for at least two access routers. State change information can optionally be included in the message. According to another embodiment is an access router that receives a state change notification from a wireless device or another access router. The state change notification is updated in the access router. An acknowledgment confirming the updated state change may be sent to the wireless terminal. Dynamic state synchronization is provided with minimal communication with wireless terminal.
    Type: Grant
    Filed: February 26, 2013
    Date of Patent: April 12, 2016
    Assignee: QUALCOMM Incorporated
    Inventors: Mathew Scott Corson, Georgios Tsirtsis, Vincent Douglas Park
  • Patent number: 9231944
    Abstract: Methods for the authentication of a web site by a visitor to the web site. The visitor uses a device, such as a portable device like a cell phone to compute a dynamic identification string and a one-time password. The dynamic identification string is sent to a service provider, such as a certification service server associated with the web site. In response, the server computes a one-time password that is transmitted to the visitor's device. The device computed one-time password can then be compared to the server computed one-time password in order to authenticate the web site.
    Type: Grant
    Filed: January 9, 2015
    Date of Patent: January 5, 2016
    Assignee: Bouyant Holdings Limited
    Inventor: Isaac J Labaton
  • Patent number: 9231936
    Abstract: A computer-implemented method for authenticating messages in a control area network is described. In one embodiment, a message identifier for a data message is ascertained. Each device is associated with one or more message identifiers. The data message is sent from a first device to a second device. The data message is associated with the ascertained message identifier. An authentication code computed by the first device is sent to the second device. The authentication code is sent by the first device in the data message or in an authentication message.
    Type: Grant
    Filed: February 12, 2014
    Date of Patent: January 5, 2016
    Assignee: Symantec Corporation
    Inventors: Qiyan Wang, Shankar Somasundaram
  • Patent number: 9225706
    Abstract: The ability to connect a device to the Internet or another type of network from various network access points in a convenient manner is contemplated. The device may be conveniently connected to the desired network without requiring user input of a username and password when connecting to the various network access points.
    Type: Grant
    Filed: December 30, 2013
    Date of Patent: December 29, 2015
    Assignee: Cable Television Laboratories, Inc.
    Inventor: Stuart A. Hoggan
  • Patent number: 9160736
    Abstract: A client device is coupled with a server. The client device prompts a user to enter a number associated with a mobile device, which can be the client device, and generates data including a code. The code is typically hidden from the user when the code is generated and is saved on the client device. The client device transmits the number entered by the user and the code generated by the client device to the server, which sends a message, including the code, to the mobile device associated with the number. The client device prompts the user to enter the code included in the message. Validity of the number is based on one or more factors, including the accuracy of the code entered by the user. In addition, validity of the number can also be based on whether the second user input was entered within a predetermined time limit.
    Type: Grant
    Filed: December 30, 2014
    Date of Patent: October 13, 2015
    Assignee: Synchronoss Technologies, Inc.
    Inventor: Sumeet Sohan Singh
  • Patent number: 9098850
    Abstract: A system arranged to authenticate a user via its mobile device to a service provider, the system comprising: an authentication server; the user mobile device, the user mobile device provided with a verification application arranged to communicate with the authentication server; and a notification server in communication with the authentication server and arranged to transmit a notification to the user mobile device responsive to the authentication server, the authentication server arranged to provide a signed authentication to the service provider responsive to present and historical information regarding one of: the user mobile device; and an additional user device in communication with said authentication server, said signed authentication provided in accordance with a rule set determined by an authorized entity stored on said authentication server memory governing the required present and historical information attribute.
    Type: Grant
    Filed: September 24, 2012
    Date of Patent: August 4, 2015
    Assignee: Ping Identity Corporation
    Inventors: Avish Jacob Weiner, Ran Ne'Man
  • Patent number: 9088408
    Abstract: Methods, systems, and computer programs for performing key agreement operations in a communication system are described. In some aspects, a wireless network operator accesses a secret key associated with a mobile device. A key derivation function (KDF) is evaluated based on the secret key to produce a key derivation key, and the KDF is evaluated based on the key derivation key to produce an output value. A session key and a challenge value are obtained based on the output value. In some aspects, the mobile device receives the challenge value and accesses a secret key. A KDF is evaluated based on the secret key to produce a key derivation key, and the KDF is evaluated based on the key derivation key to produce an output value. A response value and a session key are obtained based on the output value. The response value is transmitted to the wireless network operator.
    Type: Grant
    Filed: June 28, 2012
    Date of Patent: July 21, 2015
    Assignee: Certicom Corp.
    Inventors: Matthew John Campagna, Daniel Richard L. Brown, Nevine Maurice Nassif Ebeid
  • Patent number: 9077558
    Abstract: The transmission of data is accomplished across a network having wireless and wired interfaces. Data is transferred through a wireless interface from an Access Point to a Client/Bridge and then to one of a Intelligent Electrical Device (IED) connected to the Client/Bridge through a wired connection. Data is transferred from the Access Point to the Client/Bridge through a 4 address mode wireless interface having originator, transmitter, receiver and destination address fields. The Client/Bridge determines context cache information representing the media access control numbers of each of the IEDs connected to the Client/Bridge through the wired interface and transfers this context cache information to the AP. In the event of a failure of the Client/Bridge, the context cache information stored at the AP can be transferred to the Client/Bridge using the wireless interface to facilitate recovery of the Client/Bridge.
    Type: Grant
    Filed: March 5, 2009
    Date of Patent: July 7, 2015
    Inventors: Phil Levy, Amin Abdul
  • Patent number: 9009479
    Abstract: Techniques are described for enabling authentication and/or key agreement between communications network stations and service networks. The techniques described include the negotiation and use of a cryptographic primitive shared between a service network and a home environment of a station. The techniques described also feature a key usage indicator, such as a sequence number, maintained by the service network and a station. Comparison of the key usage indicators can, for example, permit efficient authentication of the service network.
    Type: Grant
    Filed: December 10, 2012
    Date of Patent: April 14, 2015
    Assignee: Verizon Laboratories Inc.
    Inventor: Christopher P. Carroll
  • Patent number: 9008619
    Abstract: A mobile terminal that may be able to access a wireless communication network and a control method thereof are provided. The mobile terminal includes: a wireless communication unit configured to access a wireless communication network; a detection unit configured to detect a connectable wireless communication network through the wireless communication unit; and a controller outputting icons each corresponding to one or more wireless communication networks detected by the detection unit to a locked screen displayed in a locked state in which inputting of a control command with respect to an application is limited, releasing the locked state when selecting of any one of the output icons is detected, and controlling the wireless communication unit to access a wireless communication network corresponding to the selected icon.
    Type: Grant
    Filed: August 21, 2012
    Date of Patent: April 14, 2015
    Assignee: LG Electronics Inc.
    Inventors: Sanghyuck Lee, Eunju Lee, Byeongwook Kim
  • Patent number: 8959620
    Abstract: A method for composing an authentication password associated with an electronic device is implemented by a password composing system including a display, a receiving unit, and a processing unit. In the method, the display is configured to display a start point, and a plurality of displayed paths. The receiving unit is configured to detect a set of user-input movements of a contact point at the display. The processing unit is configured to determine whether the user-input movements conform with a predefined valid user-input gesture, store a plurality of codes corresponding to the valid user-input gestures, and to compose the authentication password according to valid ones of the series of the user-input movements.
    Type: Grant
    Filed: March 14, 2013
    Date of Patent: February 17, 2015
    Assignee: Mitac International Corp.
    Inventors: Ching-Teng Hsueh, Hui-Chun Yang
  • Patent number: 8955062
    Abstract: A method including: assigning identifiers to respective domains, where each of the domains is allocated a corresponding set of resources, and where the resources in the sets of resources are accessible at respective physical addresses; storing permissions to access the physical addresses, where each of the permissions indicates which of the physical addresses one or more of the domains are permitted to access. The method also includes: assigning a code to a first domain, where the code includes instructions, and where each of the instructions includes a corresponding one of the physical addresses; tagging each of the instructions by adding the identifier assigned to the first domain to each of the instructions; and during execution of each of the instructions, comparing the identifier included in the corresponding instruction to one of the permissions; and based on the comparison, permitting access to the set of resources allocated to the first domain.
    Type: Grant
    Filed: March 17, 2014
    Date of Patent: February 10, 2015
    Assignee: Marvell World Trade Ltd.
    Inventor: Mark N. Fullerton
  • Patent number: 8938805
    Abstract: A processing device comprises a processor coupled to a memory and implements a host-based intrusion detection system configured to permit detection of tampering with at least one software component installed on the processing device. The host-based intrusion detection system comprises a forward-secure logging module configured to record information characterizing a plurality of events occurring in the device in such a manner that modification of the recorded information characterizing the events is indicative of a tampering attack and can be detected by an authority. For example, the recorded information may comprise at least one forward-secure logging record R having entries r1 . . . rn corresponding to respective ones of the events wherein any erasure or other modification of a particular pre-existing entry ri in R by an attacker is detectable by the authority upon inspection of R.
    Type: Grant
    Filed: September 24, 2012
    Date of Patent: January 20, 2015
    Assignee: EMC Corporation
    Inventors: Ari Juels, Catherine V. Hart
  • Patent number: 8914859
    Abstract: Obfuscating a message, in one aspect, may include detecting sensitive information in a message to be broadcast into public or quasi-public computer network environment; replacing the sensitive information in the message with a representation that preserves general aspects of the sensitive information and a user interface element, the user interface element for enabling a viewer of the message to request access to details of the sensitive information; and transmitting the replaced message for broadcasting into the public or quasi-public computer network environment. De-obfuscating the message, in one aspect, may include authenticating one or more viewers or receivers of the message and based on the authentication, presenting details associated with the sensitive information.
    Type: Grant
    Filed: November 7, 2011
    Date of Patent: December 16, 2014
    Assignee: International Business Machines Corporation
    Inventors: Thomas D. Erickson, David W. Levine
  • Patent number: 8908864
    Abstract: Systems, methods, and computer readable media for detecting and mitigating address spoofing in messaging service transactions are disclosed. A messaging service firewall (MSF) separate from a short message service center (SMSC) receives a mobility management reply message (MMR) that is sent by a mobile location register element in response to an associated mobility management query (MMQ) and that includes a serving switch identifier. The MSF allocates a global title address (GTA) from a pool of GTAs and stores a correlation between the allocated GTA and the originating SMSC. The MSF replaces the serving switch identifier in the MMR with the allocated GTA and routes the modified MMR. The MSF then receives a messaging service message (MSM) that is addressed to the allocated GTA and that includes the purported originating SMSC. If the purported originating SMSC does not match the SMSC to which the GTA is correlated, the MSM is discarded.
    Type: Grant
    Filed: October 5, 2012
    Date of Patent: December 9, 2014
    Assignee: Tekelec Netherlands Group, B.V.
    Inventor: Eloy Johan Lambertus Nooren
  • Patent number: 8904499
    Abstract: A Bluetooth host solves the aforementioned problems by evaluating a Bluetooth service provider server ID and by determining which of a plurality of access IDs map to the server ID and, correspondingly, providing a Bluetooth access ID that corresponds thereto. Accordingly, one Bluetooth host may readily gain access to any one of a plurality of different devices and different types of devices. Additionally, the Bluetooth host includes capacity to store and provide additional supporting information according to the type of device that is the Bluetooth service provider. Generally, the Bluetooth host stores a plurality of access or link IDs in relation to a plurality of master device IDs and, upon detecting a beacon, determines what access or link ID to provide and whether to provide additional stored information.
    Type: Grant
    Filed: December 20, 2012
    Date of Patent: December 2, 2014
    Assignee: Broadcom Corporation
    Inventor: James R. Hinsey
  • Patent number: 8887251
    Abstract: A handover method of a mobile terminal between heterogeneous networks for facilitating the handover with pre-authentication procedure is provided. A handover method between heterogeneous networks includes receiving, at a mobile terminal connected to a source network, information on at least one target authenticator of a target network from a source authenticator in response to an attach request; creating an authentication key between the mobile terminal and the target authenticator selected among the at least one target authenticator through a pre-authentication process; determining, when the mobile terminal transmits a handover request to the selected target authenticator, whether the authentication key contained in the handover request matches with the authentication key stored in the selected target authenticator; and connecting, when the authentication keys match with each other, to the target network via the selected target authenticator.
    Type: Grant
    Filed: December 23, 2009
    Date of Patent: November 11, 2014
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Peng Lei, Jeong Jae Won, Young Seok Kim
  • Patent number: 8880898
    Abstract: A method of maintaining a version counter indicative of a version of memory content stored in a processing device. The method comprises selectively operating the device in a first or second mode. Access to the first mode is limited to authorized users and controlled separately from access to the second mode. In the first mode at least an initial integrity protection value is generated for cryptographically protecting an initial counter value of said version counter during operation of the processing device in the second mode; wherein the initial counter value is selected from a sequence of counter values, and the initial integrity protection value is stored as a current integrity protection value in a storage medium. In the second mode, a current counter value is incremented to a subsequent counter value; wherein incrementing includes removing the current integrity protection value from said storage medium.
    Type: Grant
    Filed: April 18, 2007
    Date of Patent: November 4, 2014
    Assignee: Telefonaktiebolaget L M Ericsson (Publ)
    Inventor: Ben Smeets
  • Patent number: 8855602
    Abstract: A mobile telecommunications network and method of operation that includes establishing a first user plane connection between a telecommunications device registered with the network and a network gateway device of the network via a first access point; providing the telecommunications device with a token using the first user plane connection; establishing a second user plane connection between the telecommunications device and the network gateway device via a second access point by using the token information to validate the telecommunications device; and, subsequent to establishment of and corresponding to the second user plane connection, establishing a control plane connection between the telecommunications device and the network gateway device via the second access point.
    Type: Grant
    Filed: June 8, 2012
    Date of Patent: October 7, 2014
    Assignee: Vodafone Group PLC
    Inventors: Christopher Pudney, David Fox, Peter Howard
  • Patent number: 8848912
    Abstract: A terminal identification method is provided which enables two-way communications between terminals and a network while identifying terminal IDs and protecting privacy. Also, authentication method and system are provided which require no complicated calculating process, less steps and smaller amount for wireless communications, and less power consumption. A server and terminal share a hash function and an initial value determined for each terminal, calculate the same temporary ID by hashing the initial value the same number of times with the hash function, and identify the terminal using the calculated temporary ID. The server and the terminal also hold a common hash function and authentication information, acquire an authenticating communication parameter from communication parameters temporarily common during communication, and generate an authentication key using the authentication information, the authenticating communication parameter, and the hash function.
    Type: Grant
    Filed: December 19, 2006
    Date of Patent: September 30, 2014
    Assignee: Nippon Telegraph and Telephone Corporation
    Inventors: Koichi Takasugi, Koki Mitani, Hiroshi Saito
  • Patent number: 8812848
    Abstract: A method, user equipment (UE) and system are provided for negotiating a security capability during idle state mobility of the UE from a non-long term evolution (non-LTE) network to a long term evolution (LTE) network. The UE sends UE security capabilities supported by the UE to the LTE network for a non-access stratum (NAS) security algorithm selection use. The UE then receives from the LTE network selected NAS security algorithm. The UE further generates a root key from an authentication vector-related key stored at the UE and then derives, from the generated root key, a NAS protection key for security communication with the LTE network.
    Type: Grant
    Filed: January 3, 2014
    Date of Patent: August 19, 2014
    Assignee: Huawei Technologies Co., Ltd.
    Inventor: Chengdong He
  • Patent number: 8793765
    Abstract: Disclosed is a data processing apparatus providing a predetermined function by executing a program for the data processing apparatus, including a first storage unit that stores encoded execution starting data for starting execution of the program; a first decode key storage unit that stores a first decode key capable of decoding the encoded execution starting data; a start up unit that obtains the first decode key from the first decode key storage unit when turning on the power is accepted and decodes the encoded execution starting data by the first decode key to start executing the program; and an authentication confirmation unit that sends a request for authentication to an external apparatus after the start up unit starts executing the program and starts providing the predetermined function when obtaining an authentication result indicating the apparatus is authenticated from the external apparatus.
    Type: Grant
    Filed: January 6, 2012
    Date of Patent: July 29, 2014
    Assignee: Ricoh Company, Ltd.
    Inventors: Alain Volmat, Shizu Kanauchi, Yoshinaga Kato, Takahiro Asai
  • Patent number: 8776259
    Abstract: A method of and system for digital rights management, in which access to a piece of content is granted in accordance with a license owned by a license owner to a client who is a member of a domain. This requires successfully verifying that a membership relation exists between the client and the domain as reflected in a first state variable, and that an association relation exists between the license owner and the domain as reflected in a second state variable. Both relationships are revoked by executing an online protocol between the parties in the relationship after which both remove the corresponding state variable. The domain controller propagates the state administration relating to the domain is propagated to the client so that the client can update its state administration.
    Type: Grant
    Filed: October 21, 2013
    Date of Patent: July 8, 2014
    Assignee: Koninklike Philips N.V.
    Inventors: Wouter Baks, Franciscus L. A. J. Kamperman, Petrus J. Lenoir, Lukasz Szostek
  • Patent number: 8775795
    Abstract: The successful authenticating of a Network Access Identifier (NAI) process is enabled by an authenticating method and a mobile terminal for a Code Division Multiple Access (CDMA) EVolution to packet Data Optimized (EVDO) network.
    Type: Grant
    Filed: April 29, 2010
    Date of Patent: July 8, 2014
    Assignee: Hisense Mobile Communications Technology Co., Ltd.
    Inventor: Yuan Que
  • Patent number: 8769612
    Abstract: A technique that enables a portable device to be automatically associated with a plurality of computers. Information that a computer can use to authenticate a portable device and establish a trusted relationship prior to creating an association with the portable device is created and stored in a data store that is accessible by a plurality of computers and is associated with a user of the portable device. When a computer discovers such a portable device with which it is not yet associated, the computer can identify a user logged into the computer and use information identifying the user to retrieve authentication information that is device independent and is expected to be presented by the portable device to authenticate it and allow automatic association.
    Type: Grant
    Filed: August 14, 2008
    Date of Patent: July 1, 2014
    Assignee: Microsoft Corporation
    Inventor: Narayanan Ganapathy
  • Patent number: 8745730
    Abstract: A networked computer device can be customized to contain provisioning and/or authorization logic in its firmware or the firmware of one of its subcomponents. The computer device is thus configured to provision itself from a provisioning server that is identified within the firmware, and to periodically query an operations authority for continued authorization to operate with the received provisioning. Upon failure to receive authorization, the firmware may implement various security measures, such as storage protection, boot protection, communications protection, and so forth. The firmware may also implement remote reporting, to assist an investigator when a device has been lost or stolen.
    Type: Grant
    Filed: September 13, 2011
    Date of Patent: June 3, 2014
    Assignee: Amazon Technologies, Inc.
    Inventor: Timothy C. Worsley
  • Patent number: 8738898
    Abstract: The present invention relates to communications, and in particular though not exclusively to forming a secure connection between two untrusted devices. The present invention provides a method of securely connecting a first device (A) to a second device (B) using a third party authentication server (AS) coupled to the second device, the first device and the authentication server both having first device shared secret data (SSDa) and the second device and the authentication server both having second device shared secret data (SSDb).
    Type: Grant
    Filed: May 31, 2007
    Date of Patent: May 27, 2014
    Assignee: British Telecommunications plc
    Inventors: Ian Herwono, Paul W Hodgson
  • Patent number: 8725113
    Abstract: Examples of embodiments provide systems and methods for varying the functions of an electronic device according to a physical relationship (e.g. the distance) between the electronic device and the primary user (e.g., owner) of the electronic device. The device may measure the distance using a wireless signal from a secondary device carried by or associated with the primary user. In some embodiments, the electronic device may change its functions based on its environment, in combination with the distance between the electronic device and the primary user. Environmental factors may include the device's location, the device's velocity, and the date and time of day.
    Type: Grant
    Filed: March 12, 2012
    Date of Patent: May 13, 2014
    Assignee: Google Inc.
    Inventors: Ullas Gargi, Rich Gossweiler
  • Patent number: 8707390
    Abstract: Secure access to a wireless network access can be provided in a system where wireless devices access a wireless network through a wireless access point (WAP). For example, a plurality of pre-shared keys (PSKs) may be generated and distributed to the WAP and the wireless device. The wireless device may automatically rotate an active one of the plurality of PSKs, while the WAP receives one or more rotation signals identifying the active one of the plurality of PSKs. The wireless device and the WAP may encrypt information relating to the active one of the PSKs within communications between them, thus securing the communications.
    Type: Grant
    Filed: July 26, 2007
    Date of Patent: April 22, 2014
    Assignee: CA, Inc.
    Inventor: Joannes G. Van De Groenendaal
  • Patent number: 8701168
    Abstract: One embodiment of the present invention provides a system that associates a digital certificate with an enterprise profile. During operation, an identity store receives a digital certificate from a client. Next, the identity store searches for a mapping rule which determines if an enterprise profile is associated with the digital certificate, wherein the enterprise profile facilitates in identifying user capabilities. If a mapping rule is found, the identity store executes the mapping rule to determine if an enterprise profile is associated with the digital certificate. If so, the enterprise profile, which is associated with the digital certificate, is returned to the client.
    Type: Grant
    Filed: November 21, 2005
    Date of Patent: April 15, 2014
    Assignee: Oracle International Corporation
    Inventors: Hari V. N. Sastry, Dipankar Thakuria, Quan H. Dinh
  • Patent number: 8701184
    Abstract: An authentication apparatus includes: a database section that stores a password; an entry section through which a password is entered; a storage section that stores an entered password which is entered through the entry section; an authentication section that authenticates whether the password and the entered password match with each other; and a determining section that determines whether or not a re-entered password is to be subjected to an authentication processing performed by the authentication section when the re-entered password is entered through the entry section after the authentication section determines that the password and the entered password do not match with each other.
    Type: Grant
    Filed: June 30, 2008
    Date of Patent: April 15, 2014
    Assignee: Kyocera Mita Corporation
    Inventor: Toshimitsu Morimoto
  • Patent number: 8683580
    Abstract: An image forming apparatus includes: an authentication unit that can execute a login process and a logout process; an operation unit that receives an instruction for the logout process from the user; a user attribute storage unit that stores the identification information of a non-logged-out user; a determination unit that determines whether a logged-in user, who is a user for whom the login process is executed by the authentication unit, is the non-logged-out user, based on the identification information stored in the user attribute storage unit; and a forced logout processing unit that, in a case in which the logged-in user is determined to be the non-logged-out user by the determination unit, instructs the authentication unit to execute the logout process when a predefined particular process among the plurality of processes is executed and completed by the processing unit.
    Type: Grant
    Filed: August 18, 2011
    Date of Patent: March 25, 2014
    Assignee: Kyocera Document Solutions Inc.
    Inventor: Takeo Shimizu