Visiting Center Patents (Class 380/248)
  • Patent number: 10034168
    Abstract: Disclosed are a method, apparatus, and system for authenticating a communication session between a user equipment device (UE) and a communication network. A first authentication of a UE is performed by generating an authentication key, transmitting the authentication key over a first communication link from the UE to a communication network, authenticating the UE using the authentication key, and generating an authentication result indicative of authenticating the UE. A second authentication of the UE is performed to authorize a communication session over a second communication link between the UE and the communication network. The second authentication includes transmitting UE identifying information over the second communication link from the UE to the communication network and authenticating the UE using the UE identifying information and the authentication key. The second communication link is established under an internet protocol.
    Type: Grant
    Filed: April 25, 2013
    Date of Patent: July 24, 2018
    Assignee: Sprint Spectrum L.P.
    Inventors: Raymond E. Reeves, Mark Peden, Simon Youngs, Gary Koller
  • Patent number: 10021077
    Abstract: The disclosed system allows a user to have access to a protected network through the distribution of signed send tokens. In particular, a device associated with the protected network, such as a network interface card, may generate and issue send tokens to various third-parties who seek access to the network. A send token may be a block of data that contains transmission information regarding the operations that are allowed to be performed by the network user. For example, the send token may identify the portions of the network to which the user's data packets are allowed to be sent, as well as the permitted content of the user's data packets.
    Type: Grant
    Filed: May 12, 2014
    Date of Patent: July 10, 2018
    Assignee: Google LLC
    Inventor: Glenn Christopher Brown
  • Patent number: 9882957
    Abstract: Client-side endpoint configuration can be accomplished by allowing a client to include as part of an API request, a desired endpoint for subsequent notifications from a server. The endpoint can be an endpoint identifier, such as a Uniform Resource Identifier (URI) or a domain name. When a web service receives the API request from a client device, the web service can generate a response to the request and send the response to the endpoint identified in the request. The API request can asynchronously communicate with the client device whenever the response is completed.
    Type: Grant
    Filed: August 13, 2013
    Date of Patent: January 30, 2018
    Assignee: Amazon Technologies, Inc.
    Inventor: Andre Mostert
  • Patent number: 9641487
    Abstract: A method, system and apparatus for sharing media content securely and reliably among various computing devices in a private network through media streaming technology is provided.
    Type: Grant
    Filed: December 20, 2005
    Date of Patent: May 2, 2017
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Yu Chen Zhou, Lin Ma, Lei Ma, Yi Min Gan
  • Patent number: 9526071
    Abstract: A method of connecting to a network by a terminal in a communication system, the communication system including the terminal, one or more access points, and a network controller controlling the one or more access points is provided. The method includes establishing a connection with a first access point, setting and storing wake-up information, configured to selectively transceive with the first access point, in the first access point and the network controller, performing hand off to a second access point connected to the network controller, and selectively transceiving data with the second access point based on the wake-up information set and stored in the network controller.
    Type: Grant
    Filed: September 16, 2013
    Date of Patent: December 20, 2016
    Assignee: Samsung Electronics Co., Ltd.
    Inventor: Bu-Seop Jung
  • Patent number: 9313784
    Abstract: Embodiments describe synchronizing access routers with wireless terminal state information. According to an embodiment is a wireless terminal that transmits a message that includes an address for at least two access routers. State change information can optionally be included in the message. According to another embodiment is an access router that receives a state change notification from a wireless device or another access router. The state change notification is updated in the access router. An acknowledgment confirming the updated state change may be sent to the wireless terminal. Dynamic state synchronization is provided with minimal communication with wireless terminal.
    Type: Grant
    Filed: February 26, 2013
    Date of Patent: April 12, 2016
    Assignee: QUALCOMM Incorporated
    Inventors: Mathew Scott Corson, Georgios Tsirtsis, Vincent Douglas Park
  • Patent number: 9231936
    Abstract: A computer-implemented method for authenticating messages in a control area network is described. In one embodiment, a message identifier for a data message is ascertained. Each device is associated with one or more message identifiers. The data message is sent from a first device to a second device. The data message is associated with the ascertained message identifier. An authentication code computed by the first device is sent to the second device. The authentication code is sent by the first device in the data message or in an authentication message.
    Type: Grant
    Filed: February 12, 2014
    Date of Patent: January 5, 2016
    Assignee: Symantec Corporation
    Inventors: Qiyan Wang, Shankar Somasundaram
  • Patent number: 9231944
    Abstract: Methods for the authentication of a web site by a visitor to the web site. The visitor uses a device, such as a portable device like a cell phone to compute a dynamic identification string and a one-time password. The dynamic identification string is sent to a service provider, such as a certification service server associated with the web site. In response, the server computes a one-time password that is transmitted to the visitor's device. The device computed one-time password can then be compared to the server computed one-time password in order to authenticate the web site.
    Type: Grant
    Filed: January 9, 2015
    Date of Patent: January 5, 2016
    Assignee: Bouyant Holdings Limited
    Inventor: Isaac J Labaton
  • Patent number: 9225706
    Abstract: The ability to connect a device to the Internet or another type of network from various network access points in a convenient manner is contemplated. The device may be conveniently connected to the desired network without requiring user input of a username and password when connecting to the various network access points.
    Type: Grant
    Filed: December 30, 2013
    Date of Patent: December 29, 2015
    Assignee: Cable Television Laboratories, Inc.
    Inventor: Stuart A. Hoggan
  • Patent number: 9160736
    Abstract: A client device is coupled with a server. The client device prompts a user to enter a number associated with a mobile device, which can be the client device, and generates data including a code. The code is typically hidden from the user when the code is generated and is saved on the client device. The client device transmits the number entered by the user and the code generated by the client device to the server, which sends a message, including the code, to the mobile device associated with the number. The client device prompts the user to enter the code included in the message. Validity of the number is based on one or more factors, including the accuracy of the code entered by the user. In addition, validity of the number can also be based on whether the second user input was entered within a predetermined time limit.
    Type: Grant
    Filed: December 30, 2014
    Date of Patent: October 13, 2015
    Assignee: Synchronoss Technologies, Inc.
    Inventor: Sumeet Sohan Singh
  • Patent number: 9098850
    Abstract: A system arranged to authenticate a user via its mobile device to a service provider, the system comprising: an authentication server; the user mobile device, the user mobile device provided with a verification application arranged to communicate with the authentication server; and a notification server in communication with the authentication server and arranged to transmit a notification to the user mobile device responsive to the authentication server, the authentication server arranged to provide a signed authentication to the service provider responsive to present and historical information regarding one of: the user mobile device; and an additional user device in communication with said authentication server, said signed authentication provided in accordance with a rule set determined by an authorized entity stored on said authentication server memory governing the required present and historical information attribute.
    Type: Grant
    Filed: September 24, 2012
    Date of Patent: August 4, 2015
    Assignee: Ping Identity Corporation
    Inventors: Avish Jacob Weiner, Ran Ne'Man
  • Patent number: 9088408
    Abstract: Methods, systems, and computer programs for performing key agreement operations in a communication system are described. In some aspects, a wireless network operator accesses a secret key associated with a mobile device. A key derivation function (KDF) is evaluated based on the secret key to produce a key derivation key, and the KDF is evaluated based on the key derivation key to produce an output value. A session key and a challenge value are obtained based on the output value. In some aspects, the mobile device receives the challenge value and accesses a secret key. A KDF is evaluated based on the secret key to produce a key derivation key, and the KDF is evaluated based on the key derivation key to produce an output value. A response value and a session key are obtained based on the output value. The response value is transmitted to the wireless network operator.
    Type: Grant
    Filed: June 28, 2012
    Date of Patent: July 21, 2015
    Assignee: Certicom Corp.
    Inventors: Matthew John Campagna, Daniel Richard L. Brown, Nevine Maurice Nassif Ebeid
  • Patent number: 9077558
    Abstract: The transmission of data is accomplished across a network having wireless and wired interfaces. Data is transferred through a wireless interface from an Access Point to a Client/Bridge and then to one of a Intelligent Electrical Device (IED) connected to the Client/Bridge through a wired connection. Data is transferred from the Access Point to the Client/Bridge through a 4 address mode wireless interface having originator, transmitter, receiver and destination address fields. The Client/Bridge determines context cache information representing the media access control numbers of each of the IEDs connected to the Client/Bridge through the wired interface and transfers this context cache information to the AP. In the event of a failure of the Client/Bridge, the context cache information stored at the AP can be transferred to the Client/Bridge using the wireless interface to facilitate recovery of the Client/Bridge.
    Type: Grant
    Filed: March 5, 2009
    Date of Patent: July 7, 2015
    Assignee: SIEMENS CANADA LIMITED
    Inventors: Phil Levy, Amin Abdul
  • Patent number: 9009479
    Abstract: Techniques are described for enabling authentication and/or key agreement between communications network stations and service networks. The techniques described include the negotiation and use of a cryptographic primitive shared between a service network and a home environment of a station. The techniques described also feature a key usage indicator, such as a sequence number, maintained by the service network and a station. Comparison of the key usage indicators can, for example, permit efficient authentication of the service network.
    Type: Grant
    Filed: December 10, 2012
    Date of Patent: April 14, 2015
    Assignee: Verizon Laboratories Inc.
    Inventor: Christopher P. Carroll
  • Patent number: 9008619
    Abstract: A mobile terminal that may be able to access a wireless communication network and a control method thereof are provided. The mobile terminal includes: a wireless communication unit configured to access a wireless communication network; a detection unit configured to detect a connectable wireless communication network through the wireless communication unit; and a controller outputting icons each corresponding to one or more wireless communication networks detected by the detection unit to a locked screen displayed in a locked state in which inputting of a control command with respect to an application is limited, releasing the locked state when selecting of any one of the output icons is detected, and controlling the wireless communication unit to access a wireless communication network corresponding to the selected icon.
    Type: Grant
    Filed: August 21, 2012
    Date of Patent: April 14, 2015
    Assignee: LG Electronics Inc.
    Inventors: Sanghyuck Lee, Eunju Lee, Byeongwook Kim
  • Patent number: 8959620
    Abstract: A method for composing an authentication password associated with an electronic device is implemented by a password composing system including a display, a receiving unit, and a processing unit. In the method, the display is configured to display a start point, and a plurality of displayed paths. The receiving unit is configured to detect a set of user-input movements of a contact point at the display. The processing unit is configured to determine whether the user-input movements conform with a predefined valid user-input gesture, store a plurality of codes corresponding to the valid user-input gestures, and to compose the authentication password according to valid ones of the series of the user-input movements.
    Type: Grant
    Filed: March 14, 2013
    Date of Patent: February 17, 2015
    Assignee: Mitac International Corp.
    Inventors: Ching-Teng Hsueh, Hui-Chun Yang
  • Patent number: 8955062
    Abstract: A method including: assigning identifiers to respective domains, where each of the domains is allocated a corresponding set of resources, and where the resources in the sets of resources are accessible at respective physical addresses; storing permissions to access the physical addresses, where each of the permissions indicates which of the physical addresses one or more of the domains are permitted to access. The method also includes: assigning a code to a first domain, where the code includes instructions, and where each of the instructions includes a corresponding one of the physical addresses; tagging each of the instructions by adding the identifier assigned to the first domain to each of the instructions; and during execution of each of the instructions, comparing the identifier included in the corresponding instruction to one of the permissions; and based on the comparison, permitting access to the set of resources allocated to the first domain.
    Type: Grant
    Filed: March 17, 2014
    Date of Patent: February 10, 2015
    Assignee: Marvell World Trade Ltd.
    Inventor: Mark N. Fullerton
  • Patent number: 8938805
    Abstract: A processing device comprises a processor coupled to a memory and implements a host-based intrusion detection system configured to permit detection of tampering with at least one software component installed on the processing device. The host-based intrusion detection system comprises a forward-secure logging module configured to record information characterizing a plurality of events occurring in the device in such a manner that modification of the recorded information characterizing the events is indicative of a tampering attack and can be detected by an authority. For example, the recorded information may comprise at least one forward-secure logging record R having entries r1 . . . rn corresponding to respective ones of the events wherein any erasure or other modification of a particular pre-existing entry ri in R by an attacker is detectable by the authority upon inspection of R.
    Type: Grant
    Filed: September 24, 2012
    Date of Patent: January 20, 2015
    Assignee: EMC Corporation
    Inventors: Ari Juels, Catherine V. Hart
  • Patent number: 8914859
    Abstract: Obfuscating a message, in one aspect, may include detecting sensitive information in a message to be broadcast into public or quasi-public computer network environment; replacing the sensitive information in the message with a representation that preserves general aspects of the sensitive information and a user interface element, the user interface element for enabling a viewer of the message to request access to details of the sensitive information; and transmitting the replaced message for broadcasting into the public or quasi-public computer network environment. De-obfuscating the message, in one aspect, may include authenticating one or more viewers or receivers of the message and based on the authentication, presenting details associated with the sensitive information.
    Type: Grant
    Filed: November 7, 2011
    Date of Patent: December 16, 2014
    Assignee: International Business Machines Corporation
    Inventors: Thomas D. Erickson, David W. Levine
  • Patent number: 8908864
    Abstract: Systems, methods, and computer readable media for detecting and mitigating address spoofing in messaging service transactions are disclosed. A messaging service firewall (MSF) separate from a short message service center (SMSC) receives a mobility management reply message (MMR) that is sent by a mobile location register element in response to an associated mobility management query (MMQ) and that includes a serving switch identifier. The MSF allocates a global title address (GTA) from a pool of GTAs and stores a correlation between the allocated GTA and the originating SMSC. The MSF replaces the serving switch identifier in the MMR with the allocated GTA and routes the modified MMR. The MSF then receives a messaging service message (MSM) that is addressed to the allocated GTA and that includes the purported originating SMSC. If the purported originating SMSC does not match the SMSC to which the GTA is correlated, the MSM is discarded.
    Type: Grant
    Filed: October 5, 2012
    Date of Patent: December 9, 2014
    Assignee: Tekelec Netherlands Group, B.V.
    Inventor: Eloy Johan Lambertus Nooren
  • Patent number: 8904499
    Abstract: A Bluetooth host solves the aforementioned problems by evaluating a Bluetooth service provider server ID and by determining which of a plurality of access IDs map to the server ID and, correspondingly, providing a Bluetooth access ID that corresponds thereto. Accordingly, one Bluetooth host may readily gain access to any one of a plurality of different devices and different types of devices. Additionally, the Bluetooth host includes capacity to store and provide additional supporting information according to the type of device that is the Bluetooth service provider. Generally, the Bluetooth host stores a plurality of access or link IDs in relation to a plurality of master device IDs and, upon detecting a beacon, determines what access or link ID to provide and whether to provide additional stored information.
    Type: Grant
    Filed: December 20, 2012
    Date of Patent: December 2, 2014
    Assignee: Broadcom Corporation
    Inventor: James R. Hinsey
  • Patent number: 8887251
    Abstract: A handover method of a mobile terminal between heterogeneous networks for facilitating the handover with pre-authentication procedure is provided. A handover method between heterogeneous networks includes receiving, at a mobile terminal connected to a source network, information on at least one target authenticator of a target network from a source authenticator in response to an attach request; creating an authentication key between the mobile terminal and the target authenticator selected among the at least one target authenticator through a pre-authentication process; determining, when the mobile terminal transmits a handover request to the selected target authenticator, whether the authentication key contained in the handover request matches with the authentication key stored in the selected target authenticator; and connecting, when the authentication keys match with each other, to the target network via the selected target authenticator.
    Type: Grant
    Filed: December 23, 2009
    Date of Patent: November 11, 2014
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Peng Lei, Jeong Jae Won, Young Seok Kim
  • Patent number: 8880898
    Abstract: A method of maintaining a version counter indicative of a version of memory content stored in a processing device. The method comprises selectively operating the device in a first or second mode. Access to the first mode is limited to authorized users and controlled separately from access to the second mode. In the first mode at least an initial integrity protection value is generated for cryptographically protecting an initial counter value of said version counter during operation of the processing device in the second mode; wherein the initial counter value is selected from a sequence of counter values, and the initial integrity protection value is stored as a current integrity protection value in a storage medium. In the second mode, a current counter value is incremented to a subsequent counter value; wherein incrementing includes removing the current integrity protection value from said storage medium.
    Type: Grant
    Filed: April 18, 2007
    Date of Patent: November 4, 2014
    Assignee: Telefonaktiebolaget L M Ericsson (Publ)
    Inventor: Ben Smeets
  • Patent number: 8855602
    Abstract: A mobile telecommunications network and method of operation that includes establishing a first user plane connection between a telecommunications device registered with the network and a network gateway device of the network via a first access point; providing the telecommunications device with a token using the first user plane connection; establishing a second user plane connection between the telecommunications device and the network gateway device via a second access point by using the token information to validate the telecommunications device; and, subsequent to establishment of and corresponding to the second user plane connection, establishing a control plane connection between the telecommunications device and the network gateway device via the second access point.
    Type: Grant
    Filed: June 8, 2012
    Date of Patent: October 7, 2014
    Assignee: Vodafone Group PLC
    Inventors: Christopher Pudney, David Fox, Peter Howard
  • Patent number: 8848912
    Abstract: A terminal identification method is provided which enables two-way communications between terminals and a network while identifying terminal IDs and protecting privacy. Also, authentication method and system are provided which require no complicated calculating process, less steps and smaller amount for wireless communications, and less power consumption. A server and terminal share a hash function and an initial value determined for each terminal, calculate the same temporary ID by hashing the initial value the same number of times with the hash function, and identify the terminal using the calculated temporary ID. The server and the terminal also hold a common hash function and authentication information, acquire an authenticating communication parameter from communication parameters temporarily common during communication, and generate an authentication key using the authentication information, the authenticating communication parameter, and the hash function.
    Type: Grant
    Filed: December 19, 2006
    Date of Patent: September 30, 2014
    Assignee: Nippon Telegraph and Telephone Corporation
    Inventors: Koichi Takasugi, Koki Mitani, Hiroshi Saito
  • Patent number: 8812848
    Abstract: A method, user equipment (UE) and system are provided for negotiating a security capability during idle state mobility of the UE from a non-long term evolution (non-LTE) network to a long term evolution (LTE) network. The UE sends UE security capabilities supported by the UE to the LTE network for a non-access stratum (NAS) security algorithm selection use. The UE then receives from the LTE network selected NAS security algorithm. The UE further generates a root key from an authentication vector-related key stored at the UE and then derives, from the generated root key, a NAS protection key for security communication with the LTE network.
    Type: Grant
    Filed: January 3, 2014
    Date of Patent: August 19, 2014
    Assignee: Huawei Technologies Co., Ltd.
    Inventor: Chengdong He
  • Patent number: 8793765
    Abstract: Disclosed is a data processing apparatus providing a predetermined function by executing a program for the data processing apparatus, including a first storage unit that stores encoded execution starting data for starting execution of the program; a first decode key storage unit that stores a first decode key capable of decoding the encoded execution starting data; a start up unit that obtains the first decode key from the first decode key storage unit when turning on the power is accepted and decodes the encoded execution starting data by the first decode key to start executing the program; and an authentication confirmation unit that sends a request for authentication to an external apparatus after the start up unit starts executing the program and starts providing the predetermined function when obtaining an authentication result indicating the apparatus is authenticated from the external apparatus.
    Type: Grant
    Filed: January 6, 2012
    Date of Patent: July 29, 2014
    Assignee: Ricoh Company, Ltd.
    Inventors: Alain Volmat, Shizu Kanauchi, Yoshinaga Kato, Takahiro Asai
  • Patent number: 8775795
    Abstract: The successful authenticating of a Network Access Identifier (NAI) process is enabled by an authenticating method and a mobile terminal for a Code Division Multiple Access (CDMA) EVolution to packet Data Optimized (EVDO) network.
    Type: Grant
    Filed: April 29, 2010
    Date of Patent: July 8, 2014
    Assignee: Hisense Mobile Communications Technology Co., Ltd.
    Inventor: Yuan Que
  • Patent number: 8776259
    Abstract: A method of and system for digital rights management, in which access to a piece of content is granted in accordance with a license owned by a license owner to a client who is a member of a domain. This requires successfully verifying that a membership relation exists between the client and the domain as reflected in a first state variable, and that an association relation exists between the license owner and the domain as reflected in a second state variable. Both relationships are revoked by executing an online protocol between the parties in the relationship after which both remove the corresponding state variable. The domain controller propagates the state administration relating to the domain is propagated to the client so that the client can update its state administration.
    Type: Grant
    Filed: October 21, 2013
    Date of Patent: July 8, 2014
    Assignee: Koninklike Philips N.V.
    Inventors: Wouter Baks, Franciscus L. A. J. Kamperman, Petrus J. Lenoir, Lukasz Szostek
  • Patent number: 8769612
    Abstract: A technique that enables a portable device to be automatically associated with a plurality of computers. Information that a computer can use to authenticate a portable device and establish a trusted relationship prior to creating an association with the portable device is created and stored in a data store that is accessible by a plurality of computers and is associated with a user of the portable device. When a computer discovers such a portable device with which it is not yet associated, the computer can identify a user logged into the computer and use information identifying the user to retrieve authentication information that is device independent and is expected to be presented by the portable device to authenticate it and allow automatic association.
    Type: Grant
    Filed: August 14, 2008
    Date of Patent: July 1, 2014
    Assignee: Microsoft Corporation
    Inventor: Narayanan Ganapathy
  • Patent number: 8745730
    Abstract: A networked computer device can be customized to contain provisioning and/or authorization logic in its firmware or the firmware of one of its subcomponents. The computer device is thus configured to provision itself from a provisioning server that is identified within the firmware, and to periodically query an operations authority for continued authorization to operate with the received provisioning. Upon failure to receive authorization, the firmware may implement various security measures, such as storage protection, boot protection, communications protection, and so forth. The firmware may also implement remote reporting, to assist an investigator when a device has been lost or stolen.
    Type: Grant
    Filed: September 13, 2011
    Date of Patent: June 3, 2014
    Assignee: Amazon Technologies, Inc.
    Inventor: Timothy C. Worsley
  • Patent number: 8738898
    Abstract: The present invention relates to communications, and in particular though not exclusively to forming a secure connection between two untrusted devices. The present invention provides a method of securely connecting a first device (A) to a second device (B) using a third party authentication server (AS) coupled to the second device, the first device and the authentication server both having first device shared secret data (SSDa) and the second device and the authentication server both having second device shared secret data (SSDb).
    Type: Grant
    Filed: May 31, 2007
    Date of Patent: May 27, 2014
    Assignee: British Telecommunications plc
    Inventors: Ian Herwono, Paul W Hodgson
  • Patent number: 8725113
    Abstract: Examples of embodiments provide systems and methods for varying the functions of an electronic device according to a physical relationship (e.g. the distance) between the electronic device and the primary user (e.g., owner) of the electronic device. The device may measure the distance using a wireless signal from a secondary device carried by or associated with the primary user. In some embodiments, the electronic device may change its functions based on its environment, in combination with the distance between the electronic device and the primary user. Environmental factors may include the device's location, the device's velocity, and the date and time of day.
    Type: Grant
    Filed: March 12, 2012
    Date of Patent: May 13, 2014
    Assignee: Google Inc.
    Inventors: Ullas Gargi, Rich Gossweiler
  • Patent number: 8707390
    Abstract: Secure access to a wireless network access can be provided in a system where wireless devices access a wireless network through a wireless access point (WAP). For example, a plurality of pre-shared keys (PSKs) may be generated and distributed to the WAP and the wireless device. The wireless device may automatically rotate an active one of the plurality of PSKs, while the WAP receives one or more rotation signals identifying the active one of the plurality of PSKs. The wireless device and the WAP may encrypt information relating to the active one of the PSKs within communications between them, thus securing the communications.
    Type: Grant
    Filed: July 26, 2007
    Date of Patent: April 22, 2014
    Assignee: CA, Inc.
    Inventor: Joannes G. Van De Groenendaal
  • Patent number: 8701168
    Abstract: One embodiment of the present invention provides a system that associates a digital certificate with an enterprise profile. During operation, an identity store receives a digital certificate from a client. Next, the identity store searches for a mapping rule which determines if an enterprise profile is associated with the digital certificate, wherein the enterprise profile facilitates in identifying user capabilities. If a mapping rule is found, the identity store executes the mapping rule to determine if an enterprise profile is associated with the digital certificate. If so, the enterprise profile, which is associated with the digital certificate, is returned to the client.
    Type: Grant
    Filed: November 21, 2005
    Date of Patent: April 15, 2014
    Assignee: Oracle International Corporation
    Inventors: Hari V. N. Sastry, Dipankar Thakuria, Quan H. Dinh
  • Patent number: 8701184
    Abstract: An authentication apparatus includes: a database section that stores a password; an entry section through which a password is entered; a storage section that stores an entered password which is entered through the entry section; an authentication section that authenticates whether the password and the entered password match with each other; and a determining section that determines whether or not a re-entered password is to be subjected to an authentication processing performed by the authentication section when the re-entered password is entered through the entry section after the authentication section determines that the password and the entered password do not match with each other.
    Type: Grant
    Filed: June 30, 2008
    Date of Patent: April 15, 2014
    Assignee: Kyocera Mita Corporation
    Inventor: Toshimitsu Morimoto
  • Patent number: 8683574
    Abstract: Techniques for identity-based Peer-to-Peer (P2P) Virtual Private Networks (VPN's) are provided. First and second principals authenticate to a trusted third party. The first principal subsequently requests a P2P VPN with the second principal. The second principal is contacted on behalf of the first principal and permission is acquired. The first and second principals are then sent commands to directly establish a P2P VPN communication session with one another.
    Type: Grant
    Filed: December 15, 2008
    Date of Patent: March 25, 2014
    Assignee: Novell, Inc.
    Inventors: Prakash Umasankar Mukkara, Lloyd Leon Burch
  • Patent number: 8683580
    Abstract: An image forming apparatus includes: an authentication unit that can execute a login process and a logout process; an operation unit that receives an instruction for the logout process from the user; a user attribute storage unit that stores the identification information of a non-logged-out user; a determination unit that determines whether a logged-in user, who is a user for whom the login process is executed by the authentication unit, is the non-logged-out user, based on the identification information stored in the user attribute storage unit; and a forced logout processing unit that, in a case in which the logged-in user is determined to be the non-logged-out user by the determination unit, instructs the authentication unit to execute the logout process when a predefined particular process among the plurality of processes is executed and completed by the processing unit.
    Type: Grant
    Filed: August 18, 2011
    Date of Patent: March 25, 2014
    Assignee: Kyocera Document Solutions Inc.
    Inventor: Takeo Shimizu
  • Patent number: 8676198
    Abstract: A method of supporting location privacy of a mobile station includes receiving, from a base station, a message including a temporary station identifier (TSTID) during an initial ranging procedure, wherein the TSTID is temporarily used to protect the location privacy of the mobile station; performing, with the base station, a basic capabilities negotiation procedure after the initial ranging procedure; performing, with the base station, an authentication procedure after the basic capabilities negotiation procedure; performing, with the base station, a registration procedure after the authentication procedure; and releasing the TSTID after receiving a station identifier (STID) which is assigned during the registration procedure, wherein the STID uniquely identifies the mobile station in the base station.
    Type: Grant
    Filed: March 12, 2012
    Date of Patent: March 18, 2014
    Assignee: LG Electronics Inc.
    Inventors: Gene Beck Hahn, Ki Seon Ryu
  • Patent number: 8671457
    Abstract: A method and system is provided to analyse receiver indicia of location for a set of at least one receivers to determine whether a receiver has an erroneous indicator of location. The embodiment may take further steps to confirm whether or not inappropriate usage has occurred. The method and system includes identifying a first indicia of location for a set of one or more receivers, identifying a second indicia of location for one or more receivers from the set, and determining if the first and second indicia of location are mutually inconsistent. Indicia of location include indicators of receiver location, inventory state, communication path and definition on systems. The method and system may optionally include action to report or correct the location error.
    Type: Grant
    Filed: June 5, 2006
    Date of Patent: March 11, 2014
    Assignee: Maxxian Technology Inc.
    Inventor: J. Rene Juneau
  • Patent number: 8666408
    Abstract: A method of supporting location privacy of a mobile station includes receiving, from a base station, a temporary station identifier (TSTID) during an initial ranging procedure; transmitting a registration request (REG-REQ) message requesting a registration to the base station, the REG-REQ message including a real medium access control (MAC) address of the mobile station; and receiving, from the base station, a registration response (REG-RSP) message including a station identifier (STID) assigned to the mobile station. The TSTID is temporarily used to protect a mapping between the real MAC address of the mobile station and the STID, and the TSTID is used until the STID is assigned to the mobile station.
    Type: Grant
    Filed: March 12, 2012
    Date of Patent: March 4, 2014
    Assignee: LG Electronics Inc.
    Inventors: Gene Beck Hahn, Ki Seon Ryu
  • Patent number: 8646044
    Abstract: The contemplated embodiments of the invention provide a method for implementing a mandatory integrity control (MIC) system that provides access control for each and every object and subject that need access control, but in a way that allows legacy operating systems to continue with little modification. The invention provides a novel method that selects an integrity level designator for a subject, when the subject logs onto the computer system. The selected integrity level designator is then added to an existing data structure in the computer system. The existing data structure may be a part of a security descriptor stored in a system access control list of an object. The existing data structure may be a part of a list of security permissions that constitute an access token for a process executing as a subject.
    Type: Grant
    Filed: April 28, 2005
    Date of Patent: February 4, 2014
    Assignee: Microsoft Corporation
    Inventors: Richard B. Ward, Jeffrey Hamblin, Peter T. Brundrett
  • Patent number: 8633798
    Abstract: A computer system includes a computer, a fingerprint reader, and a security apparatus to apply complete security for the benefit of an authorized user. The computer includes a first interface, a second interface, an account storage unit, and a fingerprint storage unit. The fingerprint reader can connect with the computer through the first interface for inputting fingerprint information. The security apparatus can connect with the computer through the second interface, and includes a password storage module, a first use module, a password modification module, and a normal use module.
    Type: Grant
    Filed: October 12, 2011
    Date of Patent: January 21, 2014
    Assignee: Hon Hai Precision Industry Co., Ltd.
    Inventor: Yu-Sheng Lin
  • Patent number: 8635444
    Abstract: A technique for improving authentication speed when a client roams from a first authentication domain to a second authentication domain involves coupling authenticators associated with the first and second authentication domains to an authentication server. A system according to the technique may include, for example, a first authenticator using an encryption key to ensure secure network communication, a second authenticator using the same encryption key to ensure secure network communication, and a server coupled to the first authenticator and the second authenticator wherein the server distributes, to the first authenticator and the second authenticator, information to extract the encryption key from messages that a client sends to the first authenticator and the second authenticator.
    Type: Grant
    Filed: April 16, 2012
    Date of Patent: January 21, 2014
    Assignee: Trapeze Networks, Inc.
    Inventor: Dan Harkins
  • Patent number: 8627410
    Abstract: A system includes a remote authentication dial in user service (RADIUS) server in communication with a network access server. The network access server provides an authentication request to the RADIUS server. The authentication request includes at least a user identifier and a device identifier. The RADIUS server determines an authentication format utilized by the network access server based on the received authentication request. The system may also determine an authorization level to provide with an authentication response.
    Type: Grant
    Filed: December 19, 2007
    Date of Patent: January 7, 2014
    Assignee: Verizon Patent and Licensing Inc.
    Inventors: Jeffrey W. Hughes, Andrew L. Bates, Jared M. Allison
  • Patent number: 8621569
    Abstract: Data storage and management systems can be interconnected as clustered systems to distribute data and operational loading. Further, independent clustered storage systems can be associated to form peered clusters. As provided herein, methods and systems for creating and managing intercluster relationships between independent clustered storage systems, allowing the respective independent clustered storage systems to exchange data and distribute management operations between each other while mitigating administrator involvement. Cluster introduction information is provided on a network interface of one or more nodes in a cluster, and intercluster relationships are created between peer clusters. A relationship can be created by initiating contact with a peer using a logical interface, and respective peers retrieving the introduction information provided on the network interface.
    Type: Grant
    Filed: April 1, 2009
    Date of Patent: December 31, 2013
    Assignee: NetApp Inc.
    Inventor: Steven M. Ewing
  • Patent number: 8615658
    Abstract: Utilizing the AAA infrastructure to dynamically allocate the various parameters needed to establish the security association between the Foreign Agent and the Home Agent. The present invention uses the AAA server as a central entity to dynamically generate and distribute the chosen security association parameters needed to support the Foreign Agent and Home Agent security association based on a request from the Foreign Agent. The AAA server can also dynamically assigns a unique SPI value to the Foreign Agent and Home Agent pairs. The various parameters that can be allocated in the present invention include a FA-HA shared secret key or a public/private key pair, an authentication algorithm and mode, a FA-HA secret key lifetime, and security parameter index or security index values. The present invention also can assist in making sure that the Foreign Agent and the Home Agent stay synchronized with respect to their security association.
    Type: Grant
    Filed: January 17, 2013
    Date of Patent: December 24, 2013
    Assignee: Apple Inc.
    Inventors: Ahmad Muhanna, Mohamed Khalil
  • Patent number: 8615659
    Abstract: A first terminal subscribes to at least one service using a service guide in which information necessary for reception of each service is stored, and sends the service guide and an identifier (ID) of the subscribed service to a smartcard. The smartcard stores the service guide and the ID of the subscribed service, and sends the service guide and the ID of the subscribed service to a second terminal through a response message to a request message used for acquiring TBK information, received from the second terminal. The second terminal receives the response message by sending the request message to the smartcard, acquires TBK information corresponding to a service that the second terminal intends to play back, from the service guide depending on the subscribed service's ID included in the response message, and acquires the TBK by performing an authentication process using the TBK information.
    Type: Grant
    Filed: November 17, 2008
    Date of Patent: December 24, 2013
    Assignee: Samsung Electronics Co., Ltd
    Inventors: Byung-Rae Lee, Bo-Sun Jung, Sung-Oh Hwang, Kook-Heui Lee
  • Patent number: 8613046
    Abstract: The present invention relates to a far-end control method with a security mechanism including a host transmitting an identification code through the PSTN (Public switched telephone network) to the I/O control device of the far-end. The I/O control device has a CPU to receive the identification code and judge whether the identification code matches with the predetermined value stored therein; if the identification code matches with the predetermined value, the mobile internet connection between the host and the I/O control device is activated to enable the host to mutually transmit information or signals with a far-end control device from the I/O control device through the mobile internet, and the connection will be disabled after the information or signal transmission is completed.
    Type: Grant
    Filed: December 29, 2008
    Date of Patent: December 17, 2013
    Assignee: Moxa Inc.
    Inventor: Hsu-Cheng Wang
  • Patent number: 8613064
    Abstract: A method and apparatus for providing a secure authentication process is described. In one embodiment, a method for a method for providing a secure authentication process includes monitoring login activity of at least one authentication process associated with a computer resource and analyzing the login activity to identify suspicious login activity associated with user credentials.
    Type: Grant
    Filed: September 30, 2008
    Date of Patent: December 17, 2013
    Assignee: Symantec Corporation
    Inventor: Jayanta Roy