Position Dependent Or Authenticating Patents (Class 380/258)
-
Patent number: 7506169Abstract: Maps and/or signs are embedded with plural-bit data in the form of digital watermarks. In one implementation, an apparatus is provided to read two or more digital watermarks embedded within a map. Each of the two or more digital watermarks includes location information for a respective map location. The two or more digital watermarks are embedded through alterations to data representing the map; the alterations are generally imperceptible to a human observer of the map. The apparatus includes: a global positioning system receiver to determine a physical location of said apparatus; an input to receive data corresponding to at least a portion of the respective map area; a processor or electronic processing circuitry to extract the location information from the input data and to correlate the physical location with the extracted location information; and an output to output an indication of a relative correlation between the physical location and watermark location information.Type: GrantFiled: July 23, 2007Date of Patent: March 17, 2009Assignee: Digimarc CorporationInventors: Trent J. Brundage, Neil E. Lofgren
-
Patent number: 7496948Abstract: A method for controlling access to a target application in accordance with an exemplary embodiment is provided. The method includes determining whether a user is within a predetermined distance from at least one predetermined base device. The method further includes determining whether the predetermined base device is within a predetermined geographical region. The method further includes receiving user access information associated with the user and authenticating the user access information. The method further includes authorizing a user computer only when the user is within the predetermined distance from the predetermined base device, and the predetermined base device is within the predetermined geographical region, and the user access information corresponds to predetermined user access information associated with the user. The method further includes allowing the user computer to access the target application when the user computer has been authorized.Type: GrantFiled: February 4, 2008Date of Patent: February 24, 2009Assignee: International Business Machines CorporationInventors: Rick A. Hamilton, II, Jenny S. Li, Anne R. Sand, James W. Seaman
-
Patent number: 7496201Abstract: A recoverable data storage apparatus includes a hand-portable housing configured with an input/output (I/O) port presented outwardly therefrom, a data storage means retained within the housing and operatively coupled with the input/output port, and a client agent embodied as device-executable code residing on the data storage device and configured. When executed on a network-linked host computing device, the client agent is configured to establish communication with a remote server and receive data indicating a possession status of the data storage apparatus. A device tracking system includes a data network means, a hardware portion, and a software portion. The hardware portion includes at least, (1) a server device operatively coupled with the network means, and (2) a data storage device with an externally presented input/output port configured to operatively couple with a host device.Type: GrantFiled: March 7, 2008Date of Patent: February 24, 2009Assignee: WestinTech LLCInventor: Kenneth Vernon Westin
-
Patent number: 7492899Abstract: The present invention relates to a method of authentication for Media Gateway, comprising: setting up an initial key for validating initial digital signatures between a Media Gateway and a Media Gateway Controller; generating a new shared key having a specific lifetime by performing signaling communication between said Media Gateway and said Media Gateway Controller with said initial key; authenticating calls and responses between said Media Gateway and said Media Gateway Controller with said new shared key; and updating said shared key between said Media Gateway and said Media Gateway Controller if the lifetime of said shared key is expired. The invention can authenticate each call, update the shared key periodically, and prevent calling invalidly effectively.Type: GrantFiled: December 16, 2003Date of Patent: February 17, 2009Assignee: ZTE CorporationInventors: Kezhi Qiao, Ming Ni
-
Patent number: 7490127Abstract: Concurrent recipient resolution and certificate acquisition. If a client-entered input data may be resolved without further client input, the server resolves the input data into a recipient entry that has an associated routing address. The server then transmits a response to the client that includes the associated full display name, routing address and certificate. If the server determines that the recipient entry cannot be resolved without further input from the client, the server identifies a number of possible recipient entries, and for each possible recipient generates a token, which is then communicated to the client. The server receives a subsequent request from the client identifying a selected one of the possible associated recipients using the associated token. The server then acquires a certificate associated with the selected recipient using the token, and then sends the certificate to the client.Type: GrantFiled: June 13, 2003Date of Patent: February 10, 2009Assignee: Microsoft CorporationInventors: Jorge Pereira, Karim Michel Batthish, Roy Williams
-
Publication number: 20090034726Abstract: A method and system for controlling distribution of content within a personal domain that makes use of a determination of the relative proximity to a source device or the geographic locations of the receiving devices. The location information may be determined using a Global Positioning System (GPS) or wireless triangulation systems. Usage rights for devices in the network are determined using the location or proximity determination.Type: ApplicationFiled: October 6, 2008Publication date: February 5, 2009Inventors: Jim C. Williams, John Christopher Park Russel
-
Publication number: 20090028333Abstract: One aspect involves receiving by a tag of wireless communications that utilize a first security provision, and wireless communications that utilize a second security provision different from the first security provision. A different aspect involves receiving by an entity of an authentication request that is based on a first digital certificate unknown to the entity, and determining by the entity, without external authentication of the first digital certificate, whether the first digital certificate is in a trust relationship with a second digital certificate that is different from the first digital certificate and that is known to the entity.Type: ApplicationFiled: December 31, 2007Publication date: January 29, 2009Applicant: SAVI TECHNOLOGY, INC.Inventors: Igor V. Balabine, Nikola Cargonja, Allan M. Evans, Liping Julia Zhu, Devendra Shiledar, Stephen Alan Stough
-
Patent number: 7478420Abstract: The protection of data on a client mobile computing device by a server computer system such as within an enterprise network or on a separate mobile computing device is described. Security tools are described that provide different security policies to be enforced based on a location associated with a network environment in which a mobile device is operating. Methods for detecting the location of the mobile device are described. Additionally, the security tools may also provide for enforcing different policies based on security features. Examples of security features include the type of connection, wired or wireless, over which data is being transferred, the operation of anti-virus software, or the type of network adapter card. The different security policies provide enforcement mechanisms that may be tailored based upon the detected location and/or active security features associated with the mobile device. Examples of enforcement mechanisms are adaptive port blocking, file hiding and file encryption.Type: GrantFiled: October 29, 2007Date of Patent: January 13, 2009Assignee: Novell, Inc.Inventors: Michael Wright, Peter Boucher, Gabe Nault, Merrill Smith, Sterling K. Jacobson, Jonathan Wood, Robert Mims
-
Publication number: 20090003605Abstract: A security system assesses the response time to requests for information to determine whether the responding system is in physical proximity to the requesting system. Generally, physical proximity corresponds to temporal proximity. If the response time indicates a substantial or abnormal lag between request and response, the system assumes that the lag is caused by the request and response having to travel a substantial or abnormal physical distance, or caused by the request being processed to generate a response, rather than being answered by an existing response in the physical possession of a user. If a substantial or abnormal lag is detected, the system is configured to limit subsequent access to protected material by the current user, and/or to notify security personnel of the abnormal response lag.Type: ApplicationFiled: September 10, 2008Publication date: January 1, 2009Applicant: KONINKLIJKE PHILIPS ELECTRONICS, N.V.Inventor: MICHAEL EPSTEIN
-
Patent number: 7471714Abstract: In a random number sequence sharing apparatus, a reception unit receives a radio signal including a radio wave from a pre-designated radio star at a pre-designated observation time, a sending unit sends the received radio signal to another random number sequence sharing apparatus, an acceptance unit accepts a radio signal sent from the another sharing apparatus, an analysis unit separates the two radio signals into a plurality of independent components by independent component analysis, a selection unit selects two independent components temporally different by difference in time required for the radio wave to arrive at both sharing apparatuses from the radio star, a sampling unit averages the two selected independent components after adjusting the temporal difference and bit-samples the average, and an output unit outputs a sequence of the bit samples as a random number sequence to be shared.Type: GrantFiled: March 15, 2005Date of Patent: December 30, 2008Assignee: National Institute of Information and Communication Technology, Incorporated Administrative AgenvyInventor: Ken Umeno
-
Patent number: 7472269Abstract: A system and method for strong authentication achieved in a single round trip is disclosed, which reduces the amount of time needed for a mobile node to be authenticated by the network. In an embodiment of the present invention, the, authentication time is approximately three times faster than for 3GPP.Type: GrantFiled: February 25, 2002Date of Patent: December 30, 2008Assignee: Nokia Siemens Networks OyInventors: Charles E. Perkins, Hossam Afifi
-
Publication number: 20080310626Abstract: To allow viewers to view a plain document depending on levels of the authorized powers of the viewers without inserting identifiers into the plain document. An encrypting device includes devices for: storing encrypting role information which includes encrypting keys and key IDs of the encrypting keys; grasping the encrypting range of the plain document, and creating an encrypted part by encrypting the encrypting range using the encrypting key in the encrypting role information; creating the encrypting information configured with one, two, or more record(s) containing the front position and rear position of the encrypted part, the key ID corresponding to the encrypting key that is applied for the encrypted part, and the processing order of the encrypted part; creating the encrypted document by combining an encrypted document main body configured with a document containing the encrypted part with the encrypting information; and storing the encrypted document to a prescribed medium.Type: ApplicationFiled: March 26, 2008Publication date: December 18, 2008Inventor: TSUNEO ENDOH
-
Publication number: 20080298589Abstract: Systems and methods for communicating and authenticating end-to-end management keys to stations to facilitate communications between stations in the network. A nonce based upon a pseudo-random number generated by the station(s) can be included with the end-to-end management key (EMK). The station(s) can compare the nonce to the generated pseudo-random number to authenticate the EMK.Type: ApplicationFiled: January 7, 2008Publication date: December 4, 2008Applicant: Intellon CorporationInventors: SRINIVAS KATAR, Lawrence W. Yonge, III, Manjunath Krishnam
-
Publication number: 20080298590Abstract: Systems and methods for authenticating key rotation communications. Key rotation communications can include a key counter known to both a headend device and a station. Comparison between a local key counter and the key counter included in the key rotation communication can be used to authenticate the key rotation communication.Type: ApplicationFiled: January 9, 2008Publication date: December 4, 2008Applicant: Intellon CorporationInventors: SRINIVAS KATAR, LAWRENCE W. YONGE, III, MANJUNAH KRISHNAM
-
Patent number: 7457413Abstract: A method and a corresponding device for generating true random numbers for use in encryption of a message for secure transmission of said message from a sending device to a receiver, or for authentication of a sent message. An optical image represented by optical data is obtained by an optical sensor and processed in order to improve the stochasticity of the optical data. The thus processed data is then used for generating random numbers which can be used as an encryption key, or for generating an encryption key, for subsequent use in an encryption algorithm for encrypting the message. The method is implemented in a digital pen (DP) to be used in an information management system.Type: GrantFiled: June 7, 2001Date of Patent: November 25, 2008Assignee: Anoto ABInventors: Mikael Thuvesholmen, Mads Dore Hansen, Tomas Edso, Kristofer Skantze
-
Publication number: 20080280626Abstract: Provided is a method for providing a location-based service using a location token. The method includes the steps of: a) receiving an encrypted token message including constraints for location information access from a terminal; b) decoding and storing the transmitted token message in a token database; c) creating a location token accessible to the transmitted token message and transmitting the location token to the terminal; d) extracting a token message number in the location token transmitted from a location-based service server, checking constraints of a user and updating an exception list; and e) acquiring location information of the terminal and transmitting the location information to the location-based service server.Type: ApplicationFiled: November 28, 2005Publication date: November 13, 2008Applicant: ELECTRONICS TELECOMMUNICATIONS RESEARCH INSTITUTEInventors: Hae-Ock Choi, Jeong-Ah Jang, Kyong-Ho Kim
-
Patent number: 7450930Abstract: A method and system for controlling distribution of content within a personal domain that makes use of a determination of the relative proximity to a source device or the geographic locations of the receiving devices. The location information may be determined using a Global Positioning System (GPS) or wireless triangulation systems. Usage rights for devices in the network are determined using the location or proximity determination.Type: GrantFiled: December 6, 2004Date of Patent: November 11, 2008Assignee: Motion Picture Association of AmericaInventors: Jim C. Williams, John Christopher Park Russell
-
Patent number: 7444507Abstract: A method and apparatus for distribution of digital certificates. A limited access to networks by use of existing identity information allows distribution of digital certificates.Type: GrantFiled: June 30, 2002Date of Patent: October 28, 2008Assignee: Intel CorporationInventors: Wai Kwan Mak, Victor C. Robison, Jesse R. Walker
-
Publication number: 20080260152Abstract: The present invention relates to a method and a device (104) for authenticating a plurality of physical tokens (101, 102, 103). A basic idea of the invention is to supply a sequence of interconnected devices (108, 109, 110), each device comprising a physical token (101, 102, 103), with a challenge of the respective physical token created during enrollment of said respective physical token, wherein the sequence of interconnected devices is arranged such that a data set supplied to the sequence is cryptographically processed with a response of a token comprised in a device and passed on to a token comprised in a subsequent device which further cryptographically processes the processed data set with its response until a response of a final physical token has been used to further cryptographically process the data set.Type: ApplicationFiled: November 27, 2006Publication date: October 23, 2008Applicant: Koninklijke Philips Elecetronics, N.V.Inventors: Boris Skoric, Alphons Antonius Maria Lambertus Bruekers, Pim Theo Tuyls, Willem Gerard Ophey
-
Patent number: 7440569Abstract: Methods and apparati are provided for determining a “Squared Tate pairing” for hyperelliptic curves and using the results to support at least one cryptographic process. The improved techniques provide increased efficiency and an alternative method to the conventional method of implementing the Tate pairing for Jacobians of hyperelliptic curves. With the Squared Tate pairing for hyperelliptic curves, one may obtain a significant speed-up over a contemporary implementation of the Tate pairing for hyperelliptic curves. The Squared Tate pairing for hyperelliptic curves can be substituted for the Tate pairing for hyperelliptic curves in any applicable cryptographic application.Type: GrantFiled: July 28, 2003Date of Patent: October 21, 2008Assignee: Microsoft CorporationInventors: Anne Kirsten Eisentraeger, Kristin E. Lauter, Peter L. Montgomery
-
Publication number: 20080253569Abstract: A system and method for authentication in a wireless mobile communication system are provided, in which a mobile station calculates a CMAC value having a first number of bits, transmits to a base station a ranging request message including a partial CMAC value being a second number of upper bits of the CMAC value having the first number of bits, and receives a ranging response message indicating whether authentication is successful or failed from the base station.Type: ApplicationFiled: April 16, 2008Publication date: October 16, 2008Applicants: SAMSUNG ELECTRONICS CO., LTD., SEOUL NATIONAL UNIVERSITY INDUSTRY FOUNDATIONInventors: Hyoung-Kyu Lim, Young-Wook Kim, Sae-Woong Bahk, Jong-Tack Kim
-
Publication number: 20080226071Abstract: A method for security authentication within a wireless network is disclosed. A method within an adhoc mesh network for two devices to quickly determine roles (i.e. which is the authenticator and which is the supplicant) while establishing a security association is provided for. The invention further provides for the inclusion of cached key information in the role negotiation process and the application of role negotiation to a shortened three-way handshake.Type: ApplicationFiled: February 26, 2008Publication date: September 18, 2008Applicant: MOTOROLA, INC.Inventors: Anthony J. Braskich, Charles R. Barker, Stephen P. Emeott, Guenael T. Strutt
-
Publication number: 20080226070Abstract: An encryption system, method, and computer program product are provided. After the receipt of encrypted content, a plurality of coordinates associated with a location of a device are identified. In use, the content is decrypted utilizing the coordinates.Type: ApplicationFiled: March 12, 2007Publication date: September 18, 2008Inventor: William S. Herz
-
Patent number: 7426746Abstract: A mechanism for providing a mobile node with reliable information for location privacy decisions in connection with an address update process that gives the correspondent node a chance to deduce the location of the mobile node is provided. According to one embodiment of the invention, an indication is given when an address update process needs to be performed for optimizing routing between a mobile node and a correspondent node. In response to the indicating step, the correspondent node may be authenticated, the authentication yielding identity information about the correspondent node. Based on the identity information, a route optimization decision may be made based on whether or not the address update process is to be performed, and the address update process may be carried out depending on the decision.Type: GrantFiled: October 22, 2003Date of Patent: September 16, 2008Assignee: Nokia CorporationInventors: Risto Mononen, Sandro Grech
-
Patent number: 7424116Abstract: A method includes receiving an authentication request from a mobile station (401) and determining whether to forward the request to an authentication agent. When it is determined to forward the request, the request is forwarded to the authentication agent (107). A random number and a random seed are received from the authentication agent (107). The random number and the random seed are forwarded to the mobile station (401). A response to the random number and the random seed from the mobile station (401) is received and forwarded to the authentication agent (107). The authentication agent (107) compares the response with an expected response. When the authentication agent (107) authenticates the mobile station (401), a derived cipher key is received from the authentication agent (107).Type: GrantFiled: August 31, 2006Date of Patent: September 9, 2008Assignee: Motorola, Inc.Inventors: Hans Christopher Sowa, Daniel J. McDonald, David J. Chater-Lea, Scott J. Pappas, Jason Johur, Dennis Newkirk, Randy Kremske, Walter F. Anderson
-
Publication number: 20080205647Abstract: An information subscribing system for portable terminal device 20 having autonomous network access, wherein the portable terminal device 20 communicates to the transmission authentication control protocols platform 2 in conjunction with the information distribution platform 1 over a network connection, the transmission authentication control protocols platform 2 permits the portable terminal device 20 to perform subscribing and searching for the information stored on the information distribution platform 1.Type: ApplicationFiled: July 31, 2006Publication date: August 28, 2008Applicant: SHANGHAI YEE NETWORKS CO., LTDInventors: Wenqi Zhang, Weimin Cheng, Di Fan
-
Publication number: 20080208925Abstract: A communication method is disclosed as including the steps of (a) associating sensor with an object; (b) associating a mobile phone or personal digital assistant with a secure token capable of communication contactlessly with the sensor; (c) setting a number of rules of possible allowable ways of interaction between the object and the mobile pone; (d) the sensor obtaining information relating to the object; (e) the secure token initiating and establishing information contactless communication with the sensor and receiving from the sensor the information obtained by the sensor; and (f) the secure token issuing an output on the basis of the rules of possible or allowable ways of interaction and the information received from the sensor.Type: ApplicationFiled: August 19, 2005Publication date: August 28, 2008Applicant: SENERATION COMPANY LIMITEDInventor: Kam Hong Shum
-
Patent number: 7418727Abstract: A security authentication for PC client is provided according to the present invention, wherein said method includes: PC client sends a registry request to a server with a user ID and a password; The server makes first authentication based on the user ID and password, if the authentication succeeds, a field used for re-authentication will be created and returned to the PC client through an authentication successful message; When initiating a call, the PC client transmits the user ID and the field used for re-authentication acquired when registered to media gateway controller; The media gateway controller transfers the user ID and field used for re-authentication to the server, which makes second authentication according to the user ID and the field used for the second authentication, if the authentication fails, the call will be rejected, otherwise the call will be accepted and returns information of the called subscriber.Type: GrantFiled: June 7, 2002Date of Patent: August 26, 2008Assignee: Huawei Technologies Co., LtdInventors: Haitao Lin, Quan Gan, Shuiyang Chen, Xiaolan Wang
-
Publication number: 20080192931Abstract: The present invention relates to a method for allocating an authorization key identifier in a wireless portable Internet system. In a privacy key management version 2 (PKMv2) of the wireless portable Internet system, a base station generates PAK identifier, PMK identifier, and authorization key identifier for distinguishing a primary authorization key (PAK) shared by the base station and the subscriber station in an RSA-based authorization, a pairwise master key (PMK) shared by the base station and the subscriber station in an EAP-based authorization, and authorization keys generated by the PAK and the PMK. The base station transmits PAK identifier, PMK identifier, and authorization key identifier to the subscriber station and shares them with the subscriber station. Therefore, the base station and the subscriber station may easily distinguish more than 2 authorization-related keys.Type: ApplicationFiled: October 27, 2005Publication date: August 14, 2008Inventors: Seok-Heon Cho, Sung-Cheol Chang, Chul-Sik Yoon
-
Publication number: 20080192933Abstract: The pocket portable electronic entity (400) includes: connection element (420) for removable connection to a host station (300), first members (460, 470, 471) for secure communication with a remote server (100) via the connection element and the host station, second members (450, 455) for communication between the secure first communication element and a second portable electronic entity (500), and elements (440, 445) for communicating to the remote server via the secure first communication means data received from the second portable electronic entity via the second communication members.Type: ApplicationFiled: December 28, 2007Publication date: August 14, 2008Applicant: OBERTHUR CARD SYSTEMS SAInventor: Marc Bertin
-
Publication number: 20080192934Abstract: A conditional access system in which entitlement control messages (ECMs) containing the encryption keys used to encrypt a program transmission, are sent to a set-top box over a secure communications channel separate from the channel used for transmission of the encrypted program.Type: ApplicationFiled: April 17, 2008Publication date: August 14, 2008Applicant: NOKIA CORPORATIONInventors: Rickard Nelger, Ari Nieminen
-
Publication number: 20080192932Abstract: The invention discloses a method of reading data (dat) from a first transponder (TAG1) into a transceiver (REA). Said (dat) are only transmitted from the first transponder (TAG1) to the transceiver (REA) when a second transponder (TAG2) is present within the RFID communication range of the transceiver (REA) and if a positive authentication procedure between the two transponders (TAG1, TAG2) within the RFID communication range of the transceiver (REA) takes place. The second transponder (TAG2) is preferably a stationary transponder (TAG2), whereas the first transponder (TAG1) may be a mobile transponder The invention further relates to transponders (TAG1, TAG2) as well as to a transceiver (REA) used in such a method of reading data (dat). Furthermore, the invention relates to a poster (POS), to which a first transponder (TAG1) is attached, and to a poster wall (WAL) for attaching such a poster (POS) and a second transponder (TAG2).Type: ApplicationFiled: May 19, 2006Publication date: August 14, 2008Applicant: NXP B.V.Inventors: Frank Graeber, Wolfgang Tobergte
-
Publication number: 20080181403Abstract: The present invention is an authenticating system including: a client (hereinafter, referred to as C) including a creator for, by employing a first hash algorithm (hereinafter, referred to as 1A), creating a first hash value (hereinafter, referred to as 1V) from authentication information including an ID and a password, and creating 2V from the 1V and a random number, and a receiver for receiving the random number and an 1A identifier from a server (hereinafter, referred to as S), transmitting the ID and the 2V to the S, and receiving an authentication result from the S; and the S including a storage for storing 3V created from the authentication information by employing an 2A identifier and the 2A ID by ID, and a device for transmitting the random number and the 1A identifier to a PC, receiving the ID and the 2V from the PC, determining whether the 2A identifier, which corresponds to the ID, coincides with the 1A identifier, creating 4V from the 3V and the random number by employing the 1A in a case where itType: ApplicationFiled: January 17, 2008Publication date: July 31, 2008Inventor: YU SAKAMOTO
-
Publication number: 20080165967Abstract: The present invention provides a method, a migration server and a terminal device mor migrating specifically encrypted access objects (such as e.g. a license) between mobile terminals such as e.g. computers and/or cellular telephones. Method for migrating a specifically encrypted access object from a first terminal unit to a second terminal unit is performed according to the invention, by a migration server of a communication network. The method comprises receiving via said communication network, a first specifically encrypted access object of said first terminal unit and identification data related to said first terminal unit and to a content said first specifically encrypted access object is destined for (e.g. an application). Then identification data related to said second terminal unit and a request for issuing a second specifically encrypted access object for said second terminal unit are received at the server via a communication network.Type: ApplicationFiled: December 3, 2004Publication date: July 10, 2008Inventors: Andree Ross, Dirk Frijters, Dirk Gaschler
-
Patent number: 7398392Abstract: The present method for using communication channel round-trip response time for digital asset management utilizes a predetermined distance between a sending device and a receiving device to prevent unauthorized receipt of digital content when the unauthorized receiving device is located beyond the predetermined distance. When the receiving device requests digital content from the sending device, the sending device replies with a request for an acknowledgement. The receiving device sends the requested acknowledgement. The time between sending the request for an acknowledgement and receipt of the acknowledgement is the actual round-trip response time.Type: GrantFiled: November 15, 2002Date of Patent: July 8, 2008Assignee: Cable Television Laboratories, Inc.Inventor: Joseph W. Weber
-
Publication number: 20080159536Abstract: An approach is provided that allows an administrator to set a new password at a wireless access point, such as a traditional WAP or a wireless router. The wireless access point creates a message that includes the new password. The message is encrypted using the old password that was previously set for the wireless network. The encrypted message is wirelessly transmitted from the wireless access point to the active client devices (those clients currently accessing the wireless network). The clients decrypt the message using the old password that was previously provided to the clients. The clients retrieve the new password from the message. The clients construct a new message that is encrypted using the new password. The new message is wirelessly transmitted from the clients to the wireless access device and serves as an acknowledgement.Type: ApplicationFiled: March 15, 2008Publication date: July 3, 2008Inventors: David Yu Chang, John Yow-Chun Chang, Vishwanath Venkataramappa
-
Publication number: 20080159535Abstract: A method of protecting a broadcast frame, the method comprising broadcasting a beacon and a maintenance beacon frame (MBF) from an access point (AP) to a plurality of terminals during a maintenance beacon waiting period (MBWP); and broadcasting broadcast management frames (BMFs) from the AP to the plurality of terminals during a broadcast management frame waiting period (BMFWP), wherein the MBF comprises a BMFs message integrity code (MIC) field including a BMFs MIC calculated from concatenated BMFs to be sent in a current beacon interval.Type: ApplicationFiled: September 12, 2007Publication date: July 3, 2008Inventors: Eun Ah Kim, Jeong Hyun Yi, Tae-Chul Jung, Alexey Fomin, Evgeny Linsky, Mikhail Stepanov, Sergei Bezzateev
-
Publication number: 20080152140Abstract: An authentication and mass subscriber management technique is provided by employing a key table derived as a subset of a larger key pool, a network edge device, and authentication tokens attached on both the network edge device and on a subscriber's computing device. The network edge device and subscriber's computing device are provided with secure, tamper-resistant network keys for encrypting all transactions across the wired/wireless segment between supplicant (subscriber) and authenticator (network edge device). In an embodiment of the invention, a secure, secret user key is shared between a number of subscribers based upon commonalities between serial numbers of those subscribers' tokens. In another embodiment of the invention, a unique session key is generated for each subscriber even though multiple subscribers connected to the same network connection point might have identical pre-stored secret keys.Type: ApplicationFiled: December 13, 2007Publication date: June 26, 2008Applicant: KOOLSPAN, Inc.Inventor: Anthony C. FASCENDA
-
Patent number: 7392057Abstract: A system and method for providing a message service. Position information and/or security information is inserted into messages before transmission. A receiving mobile terminal may open the received message depending on its position or knowledge of the security information.Type: GrantFiled: October 22, 2004Date of Patent: June 24, 2008Assignee: Samsung Electronics Co., LtdInventor: Hyeon-Wook Lee
-
Publication number: 20080137859Abstract: An improved approach to public key passing is provided to inhibit man-in-the-middle (MITM) attacks during an exchange of public keys over one or more public networks. In one embodiment, a method for securely passing public keys includes encrypting a first user public key, wherein the first user public key is associated with a first user device. The method also includes passing the encrypted first user public key to a first gateway server over a secure communication link. The method further includes receiving an encrypted second user public key from the first gateway server over the secure communication link, wherein the second user public key is associated with a second user device, and wherein the second user device is associated with a second gateway server. In addition, the method includes decrypting the second user public key.Type: ApplicationFiled: December 6, 2006Publication date: June 12, 2008Inventors: Ramanathan Jagadeesan, Bryan Ogawa, Pamela Suzanne Lee, Mark Enright
-
Patent number: 7386468Abstract: A system and method that tracks surplus reduction actions is disclosed. Managers and other decision makers take various actions regarding employees. Actions are recorded and tracked in a data store. Included with the action is an identifier, such as a digital signature, of the decision maker that performed the action. Affected (i.e., surplus) employees are notified that they have been selected as surplus. Affected employees acknowledge such identification as well as any confidentiality and non-compete obligations. Affected employees electronically sign non-compete agreements and such digital signatures are also recorded in the data store evidencing the employees' acknowledgment of such confidentiality and non-compete obligations. Electronic keys, such as user IDs and passwords, may also be sent to employees that acknowledge surplus actions and non-compete obligations. These electronic keys enable the affected employees to access materials, such as job databases and other relocation and employment information.Type: GrantFiled: January 8, 2002Date of Patent: June 10, 2008Assignee: International Business Machines CorporationInventors: Michael Joseph Calderaro, Lynn P. Lepore, William Daniel Ordway, Jr., Patricia E. Vickers
-
Publication number: 20080107266Abstract: A passive start and entry system includes a controller that determines the desired encryption for a last authenticated identification device during the period in which responses are received from any proximate identification devices. This process allows for the transmission of encrypted data to the last authenticated device without delay upon the expiration of the wait period.Type: ApplicationFiled: October 31, 2007Publication date: May 8, 2008Applicant: SIEMENS VDO AUTOMOTIVE CORPORATIONInventors: Patricia Kachouh, Brian Marlett, Jose Luis Herrera Martinez, Mauricio Carrera Manjarrez
-
Patent number: 7360240Abstract: A portable storage device, for example a secure smart card, contains network identification information for a processing unit that is connectable to a data communications network, which processing unit includes a device reader for reading the portable storage device. The portable storage device includes storage and an access controller. The storage holds a network identity for the processing unit and at least one encryption key. The access controller is operable to control access to the storage by implementing key-key encryption. An embodiment of the invention thus provides a medium not only for storing a network identity for processing unit, but also for other secure information such as an encryption key associated therewith.Type: GrantFiled: August 15, 2001Date of Patent: April 15, 2008Assignee: Sun Microsystems, Inc.Inventors: James E. King, Stephen C. Evans, Martin P. Mayhead
-
Patent number: 7359509Abstract: A method, and deterministic random bit generator system operating in accordance with the method, for generating cryptographic keys and similar secret cryptographic inputs which are hard to guess. A seed is input from an entropy source; and an initial state is generated as a function of the seed. When a request to generate a cryptographic key is received a current state, where the current state is initially the initial state, is mixed to generate an out put string and a next state and the current state is set to the next state. The requested cryptographic key is generated from the string; and output. These steps can be repeated to generate successive output strings with assurance of forward and backward secrecy. An encryption system including such a generator is also disclosed.Type: GrantFiled: December 1, 2004Date of Patent: April 15, 2008Assignee: Pitney Bowes Inc.Inventors: Matthew J. Campagna, Yiqun Yin
-
Patent number: 7359510Abstract: A content including replay condition information is encrypted using first key information while being recorded to a recording medium. The first key information is encrypted using the replay condition information and second key information while being recorded to the recording medium together with the replay condition information. The replay condition information and the first key information are read from the recording medium, and the first key information is decrypted using the replay condition information and the second key information. The content read from the recording medium is decrypted using the decrypted first key information.Type: GrantFiled: February 6, 2003Date of Patent: April 15, 2008Assignee: Kabushiki Kaisha ToshibaInventor: Masahiro Yamada
-
Patent number: 7356011Abstract: Wireless devices are easily configured with logical network and security settings. Configuration commands are received at master and slave wireless devices. The devices switch to predetermined logical network and security settings to allow communication between the master and slave devices. The master device selects a logical network and/or security setting and sends the setting(s) to the slave device. Both devices then switch to the selected setting(s) and use the setting(s) for future communications.Type: GrantFiled: December 18, 2002Date of Patent: April 8, 2008Assignees: Mayfield XI, Mayfield XI Qualified, Mayfield Associates Fund VI, Mayfield Principals Fund II, Mayfield IX, Mayfield Associates Fund IV, The Chip Trust III, The Unger-Luchsinger Family Trust, Jatotech Ventures, L.P., Jatotech Affiliates, L.P.Inventors: Christopher J. F. Waters, Nicholas J Kelsey
-
Publication number: 20080080712Abstract: An enhanced GPS receiver is provided for secure location information communication. The GPS receiver includes a GPS signal receiving unit, a GPS signal processing unit, and en encryption module. The GPS signal receiving unit is used to receive the GPS signals. The GPS signal processing unit coupled to the GPS receiving unit is used to obtain the location information of the mobile device. The encryption module encrypts the location information by using a GPS chip identification number embedded in the GPS receiver as an encryption key. The GPS receiver further optionally includes a compression module for compressing the location information before encryption.Type: ApplicationFiled: September 29, 2006Publication date: April 3, 2008Inventors: Haiquan Huang, Cheng Li, Huafeng Qian
-
Patent number: 7352865Abstract: From a printer, a print client previously acquires printer position information on the printer. For example, when trying to transmit print data to the printer, the print client generates print transmitting data by adding printer position information on the printer to the print data and transmits the print transmitting data. The printer which has received this print transmitting data prints the print data only when the printer position information contained in the print transmitting data coincides with printer position information at this point in time. Consequently, the security of the print transmitting data transmitted from the print client to the printer via a network is ensured.Type: GrantFiled: June 17, 2003Date of Patent: April 1, 2008Assignee: Seiko Epson CorporationInventors: Kazuhito Gassho, Toshihiro Shima, Teruhito Kojima
-
Patent number: 7308703Abstract: Security tools are described that provide different security policies to be enforced based on a location associated with a network environment in which a mobile device is operating. Methods for detecting the location of the mobile device are described. Additionally, the security tools may also provide for enforcing different policies based on security features. Examples of security features include the type of connection, wired or wireless, over which data is being transferred, the operation of anti-virus software, or the type of network adapter card. The different security policies provide enforcement mechanisms that may be tailored based upon the detected location and/or active security features associated with the mobile device. Examples of enforcement mechanisms are adaptive port blocking, file hiding and file encryption.Type: GrantFiled: February 28, 2003Date of Patent: December 11, 2007Assignee: Novell, Inc.Inventors: Michael Wright, Peter Boucher, Gabe Nault, Merrill Smith, Sterling K Jacobson, Jonathan Wood, Robert Mims
-
Patent number: 7308250Abstract: Presented herein are systems and methods for integrating secure identification logic into cell phones. A registration is received, wherein said registration includes an identifier identifying a mobile terminal. Information is transmitted to the mobile terminal, wherein a password is a function of the information.Type: GrantFiled: March 16, 2004Date of Patent: December 11, 2007Assignee: Broadcom CorporationInventors: Rajendra Khare, Sandeep Relan, Brajabandhu Mishra