Data Authentication Patents (Class 713/161)
-
Patent number: 8549636Abstract: An information processing apparatus includes: a software storing unit that stores software; a storage recognizing unit that recognizes, when a storage having stored therein first authentication information for enabling a function of the software stored in the software storing unit is connected to the information processing apparatus via an interface unit, that the storage is connected and transmits second authentication information uniquely corresponding to the function of the software to be enabled to the storage; and a function managing unit that enables, when the first authentication information and the second authentication information compared by the storage coincide with each other, the function of the software on the basis of a notification informing that the first authentication information and the second authentication information coincide with each other issued by the storage, the storage deleting the first authentication information.Type: GrantFiled: April 4, 2012Date of Patent: October 1, 2013Assignee: Sony CorporationInventor: Yuki Nakai
-
Patent number: 8547201Abstract: According to one embodiment, when sending a transmission target main data 21, an authentication-tag generator unit 13 generates an authentication tag 23 by using a main data 21 and a key data 22 stored in a key-data storage unit 12. A transmitter/receiver unit 14 adds the authentication tag 23 to the main data 32 sends as a transmission data. When receiving the received data 24a, the transmitter/receiver unit 14 divides the received data into a main data 21a and an authentication tag 23a. The authentication-tag generator unit 13 generates an authentication tag 23b for comparison. A received-data authentication unit 15 determines whether or not those the received authentication tag 23a and the authentication tag for comparison 23b match with each other. A different key data is used every time upon the authentication-tag generation and use time of each key data during a set period is restricted.Type: GrantFiled: December 28, 2009Date of Patent: October 1, 2013Assignees: Kabushiki Kaisha Toshiba, Yokohama National UniversityInventors: Shigeki Katayama, Katsuhiko Sekiguchi, Kazuto Fukushima, Tsutomu Matsumoto
-
Patent number: 8549310Abstract: The invention relates to methods and apparatuses for acquiring a physical measurement, and for creating a cryptographic certification of that measurement, such that its value and time can be verified by a party that was not necessarily present at the measurement. The certified measurement may also include corroborative information for associating the actual physical measurement process with the certified measurement. Such corroborative information may reflect the internal or external state of the measurement certification device, as well as witness identifiers of any persons that may have been present at the measurement acquisition and certification. The certification may include a signal receiver to receive timing signals from a satellite or other external source. The external timing signals may be used to generate the time included in the certified measurement, or could be used to determine the location of the measurement certification device for inclusion in the certified measurement.Type: GrantFiled: June 24, 2009Date of Patent: October 1, 2013Assignee: Walker Digital, LLCInventors: Jay S. Walker, Bruce Schneier, James A. Jorasch
-
Patent number: 8543091Abstract: Embodiments of the present disclosure provide systems and methods for secure Short Message Service (SMS) communications. According to an embodiment, a method of providing secure Short Message Service (SMS) communications comprises requesting that SMS data to be sent from a client device to a remote location be encrypted. The method also comprises encrypting the SMS data by processing the SMS data with a Message Authentication Code (MAC) and a timestamp and/or counter along with second factor authentication information. The method further comprises sending the encrypted SMS data to the remote location by a secure SMS application via a regular SMS channel of the client device.Type: GrantFiled: December 22, 2008Date of Patent: September 24, 2013Assignee: eBay Inc.Inventor: Upendra Mardikar
-
Patent number: 8543837Abstract: In a gaming environment, a method of periodically downloading dynamically generated executable modules at random intervals that perform system configuration integrity checks in a secure and verifiable manner is disclosed. The dynamically generated executable module returns the signature to a server from which it was downloaded and deletes itself from the system being checked. The next time such an executable module is downloaded, it will contain a different randomly chosen subset of hashing and encryption algorithms. The server that is performing the system configuration integrity check maintains a database of expected system configurations and performs subset of hashing and encryption algorithms as contained in the dynamically generated executable module. The result returned by the downloaded executable module is compared to that computed locally, and an error condition is raised if they do not match.Type: GrantFiled: December 20, 2011Date of Patent: September 24, 2013Assignee: IGTInventors: Robert Bigelow, Jr., Dwayne A Davis, Kirk Rader
-
Patent number: 8539244Abstract: A service provider server has management means which manages a user ID corresponding to a service user and a device IDs corresponding to an information processing terminals of the service user in association with each other.Type: GrantFiled: October 15, 2008Date of Patent: September 17, 2013Assignee: NEC CorporationInventors: Shuhei Miura, Akira Kobayashi, Katsuhiro Ochiai, Kaori Sugiyama, Koichi Nihei, Kaname Naito, Motonobu Kimura, Junichi Gokurakuji
-
Patent number: 8533792Abstract: E-mail based user authentication is described herein. A user can access resources of a service provider by submitting only an e-mail address to which the user has access. The service provider generates an authentication ticket corresponding to the user's login request, and transmits the authentication ticket to the e-mail service provider indicated by the submitted e-mail address. The e-mail service provider processes the authentication ticket, and enables either approval or denial of the authentication ticket, whether by explicit user action or by automated processing.Type: GrantFiled: February 17, 2011Date of Patent: September 10, 2013Assignee: Microsoft CorporationInventor: Fei Chua
-
Patent number: 8533801Abstract: A system for binding a subscription-based computer to an internet service provider (ISP) may include a binding module and a security module residing on the computer. The binding module may identify and authenticate configuration data from peripheral devices that attempt to connect to the computer, encrypt any requests for data from the computer to the ISP, and decrypt responses from the ISP. If the binding module is able to authenticate the configuration data and the response to the request for data from the ISP, then the security module may allow the communication between the computer and the ISP. However, if either the configuration cycle or the response cannot be properly verified, then the security module may degrade operation of the computer.Type: GrantFiled: June 14, 2011Date of Patent: September 10, 2013Assignee: Microsoft CorporationInventors: Todd Carpenter, Shon Schmidt, David J. Sebesta, William J. Westerinen
-
Patent number: 8533849Abstract: A method for detecting at least one traitor computer system among a plurality of receiver computer systems including: assigning a version of protected content to each of the plurality of receiver computer systems that are currently identified as innocent by a content protection system that monitors distribution of protected content to the plurality of receiver computer systems; recovering at least one unauthorized rebroadcast of the content; generating a score for each of the plurality of receiver computer systems with respect to the recovered unauthorized rebroadcast; calculating a threshold independent of an estimation of maximum traitor computer systems; checking a highest score against the threshold; incriminating a receiver computer system having the highest score above the threshold as a traitor computer system; and removing any unauthorized rebroadcasts overlapping with the traitor computer system. The process may be repeated from generating scores until all traitors are identified.Type: GrantFiled: September 7, 2010Date of Patent: September 10, 2013Assignee: International Business Machines CorporationInventors: Hongxia Jin, Serdar Pehlivanoglu
-
Patent number: 8527780Abstract: A removable drive such as a USB drive or key is provided for connecting to computer devices to provide secure and portable data storage. The drive includes a drive manager adapted to be run by an operating system of the computer device. The drive manager receives a password, generates a random key based on the password, encrypts a user-selected data file in memory of the computer device using the key, and stores the encrypted file in the memory of the removable drive. The drive manager performs the encryption of the data file without corresponding encryption applications being previously loaded on the computer system. The drive manager may include an Advanced Encryption Standard (AES) cryptography algorithm. The drive manager generates a user interface that allows a user to enter passwords, select files for encryption and decryption, and create folders for storing the encrypted files on the removable drive.Type: GrantFiled: May 2, 2011Date of Patent: September 3, 2013Assignee: Strong Bear LLCInventors: Rodney B. Roberts, Ronald B. Gardner
-
Patent number: 8527759Abstract: An IMS User Equipment (UE) is provided. The IMS UE comprises: searching means for searching, based on UPnP technology, a UPnP network for a host device that has IMS subscription information, establishing means for establishing a session with the host device discovered by the searching means, subscription retrieving means for retrieving, from the host device via the session, the IMS subscription information, registering means for registering with the IMS network using the IMS subscription information, key retrieving means for retrieving, from the host device via the session, a first encryption key shared with an IMS application server (AS) in an IMS network by sending identity of the IMS AS to the host device via the session, and communicating means for performing encrypted communication with the IMS AS using the first encryption key.Type: GrantFiled: May 23, 2008Date of Patent: September 3, 2013Assignee: Telefonaktiebolaget L M Ericsson (publ)Inventors: Shingo Murakami, Toshikane Oda, Luis Barriga
-
Patent number: 8528044Abstract: An information processing apparatus that can easily and safely transmit data. A registering unit registers first authentication information in association with user information indicating a first user. The first authentication information is necessary for the first user to log on to the information processing apparatus. A generating unit generates an address data that is used to transmit data from an external apparatus to the information processing apparatus and includes the user information and second authentication information. A transmitting unit transmits the address data to the external apparatus. An authenticating unit authenticates by utilizing the second authentication information included in the address data when the data is transmitted based on the address data from the external apparatus. A storing unit stores the received data in association with the first user when the authentication by the authenticating unit succeeds.Type: GrantFiled: May 15, 2009Date of Patent: September 3, 2013Assignee: Canon Kabushiki KaishaInventor: Toshiyuki Nakazawa
-
Patent number: 8527978Abstract: A system, method, and computer program product are provided for populating a list of known wanted data. In use, an update to data is identified. In addition, a list of known wanted data is populated with the data, in response to the update.Type: GrantFiled: March 31, 2008Date of Patent: September 3, 2013Assignee: McAfee, Inc.Inventor: Ahmed Said Sallam
-
Patent number: 8522034Abstract: Methods and systems are disclosed for providing secure transmissions across a network comprising a transmitting device and a receiving device. At the transmitting device, a stream of watermark bits is generated. Next, a plurality of watermarks is generated, each of the plurality of watermarks comprising an index number and a portion of the stream of watermark bits. The watermarks are inserted into each header of a plurality of outgoing packets. At the receiving device, the plurality of outgoing packets are received and it is determined if a received packet is valid based on the watermark in the header of the received packet. The stream of watermark bits may be generated using a stream cipher such as RC4, a block cipher such as 3DES in CBC mode, or other equivalent pseudo-random stream generating techniques.Type: GrantFiled: August 19, 2011Date of Patent: August 27, 2013Assignee: Google Inc.Inventors: Ăšlfar Erlingsson, Xavier Boyen, Darrell Anderson, Wayne Gray
-
Patent number: 8521183Abstract: Various aspects are disclosed herein for detection of mobile devices. Detection of mobile devices can be localized to an environment that is radio frequency enclosed. Within this environment, any packages can be scanned for the presence of mobile devices and for the interrogation of information from such mobile devices, such as the mobile device number and mobile device equipment information. The environment can contain an antenna for communicating with any mobile devices within the environment and a receiver component configured to receive information from any contacted mobile device. Based on this information, a determination can be made whether to validate a contacted mobile device or to take any alternative action.Type: GrantFiled: February 22, 2013Date of Patent: August 27, 2013Assignee: AT&T Mobility II LLCInventors: DeWayne Allan Sennett, Brian Kevin Daly
-
Patent number: 8522009Abstract: A server certificate and root certificate for performing secure communication with monitoring target devices are issued in a site monitoring apparatus. Using a secret key that is paired with a public key, a digital signature is issued based on communication destination information in which the site monitoring apparatus is the communication destination and the issued root certificate, and the communication destination information, root certificate, and digital signature are transmitted to the monitoring target devices. The monitoring target devices receive the communication destination information, root certificate, and digital signature from the site monitoring apparatus.Type: GrantFiled: November 16, 2010Date of Patent: August 27, 2013Assignee: Canon Kabushiki KaishaInventor: Yoshimasa Kawana
-
Patent number: 8516260Abstract: The device and accompanying apparatus and method provides security among a calling function, such as an any executable code, and at least one target function, such as any executable code that the calling function wishes to have execute. In one example, the device includes an engine operative to perform run-time verification of the signatures of secure interrupt handler code and at least one target function before allowing execution of the at least one target function. If both the secure interrupt handler code's signature and the at least one target function's signature are successfully verified, the at least one target function is allowed to execute.Type: GrantFiled: October 27, 2009Date of Patent: August 20, 2013Assignee: Advanced Micro Devices, Inc.Inventor: Scott A. Krig
-
Patent number: 8510833Abstract: One embodiment relates to a method of connection-rate filtering by a network device. Address resolution protocol (ARP) request packets received from a sub-network are monitored, and a copy of the received ARP request packets are sent to an agent program. The agent program determines a rate of ARP request packets sent by a host in the sub-network. Other embodiments are also disclosed.Type: GrantFiled: October 27, 2005Date of Patent: August 13, 2013Assignee: Hewlett-Packard Development Company, L.P.Inventors: Shaun K. Wakumoto, Frank A. Reichstein
-
Patent number: 8510860Abstract: This disclosure describes techniques for dynamically assembling and utilizing a pedigree of a resource. A pedigree of a resource is a set of statements that describe a provenance of the resource. As described herein, a document may include local pedigree fragments and optionally one or more pointers to remote pedigree fragments not locally stored in the document. A pedigree fragment, generally, is a data structure that specifies a direct relationship between a first resource, e.g., a primary resource, and a second resource from which an asserted fact of the first resource is derived. Because a pedigree fragment specifies such direct relationships, a set of pedigree fragments may be used to assemble the complete pedigree of resource.Type: GrantFiled: March 15, 2011Date of Patent: August 13, 2013Assignee: Architecture Technology CorporationInventors: Ken Thurber, Robert A. Joyce, Julia A. Baker
-
Patent number: 8504826Abstract: A data security protection method generates dynamic encryption keys and dynamic decryption keys for a host and a client during data transmission between the host and the client. The host stores a host initial key K0, and determines a host key Kn using a one-way hash function based on the host initial key K0. The client stores a client initial key K?0, and determines a client key K?n using the one-way hash function based on the client initial key K?0. Original data Rn is encrypted as encrypted data Xn using the host key Kn before being sent to the client. The client decrypts the encrypted data Xn using the client key K?n, to obtain the original data Rn.Type: GrantFiled: July 21, 2011Date of Patent: August 6, 2013Assignee: Hon Hai Precision Industry Co., Ltd.Inventors: Chun-Hsu Lin, Ching-Wei Ho, Che-Yi Chu
-
Patent number: 8503677Abstract: A communication device receives secure communication frames on which a security transform has been performed to permit authentication. The communication device maintains an authentication history and a local time varying parameter. In multi-hop communication, the communication device provisionally verifies the freshness of a received secure communication frame by verifying that identifying information extracted from the frame is not already present in the authentication history and that a received time varying parameter extracted from the frame is not older than the local time varying parameter by more than a certain margin. If these freshness tests both pass, the frame is authenticated. If authentication succeeds, the frame is transmitted on the next hop without performance of a new security transform.Type: GrantFiled: November 18, 2010Date of Patent: August 6, 2013Assignee: Oki Electric Industry Co., Ltd.Inventors: Taketsugu Yao, Kiyoshi Fukui, Jun Nakashima
-
Patent number: 8495751Abstract: A computer-implemented method is provided for controlling use of a file on a user device. The method includes transmitting authentication information to a system and downloading the file from the system over the network upon successful authentication by the system. The method also includes limiting access of the file to a client application of the user device and preventing altering of the file, printing of the file and opening of the file outside of the client application. Notes corresponding to the file can be stored in a local storage area.Type: GrantFiled: January 27, 2012Date of Patent: July 23, 2013Assignee: Paramount Pictures CorporationInventors: Raymond G. Joyce, Damon Garrett, Frederick Huntsberry, Randy Tunila
-
Patent number: 8495035Abstract: A method for data integrity protection includes arranging data in a plurality of data blocks. A respective block signature is computed over each of the data blocks, thereby generating multiple block signatures. The data blocks and the block signatures in an integrity hierarchy are stored in a storage medium, the hierarchy comprising multiple levels of signature blocks containing signatures computed over lower levels in the hierarchy, culminating in a top-level block containing a top-level signature computed over all of the hierarchy. A modification is made in the data stored in a given data block within the hierarchy. The respective block signature of the given data block is recomputed in response to the modification, and the recomputed block signature is stored in the top-level block for use in verifying a subsequent requests to read data from the given data block.Type: GrantFiled: October 23, 2008Date of Patent: July 23, 2013Assignee: SanDisk IL Ltd.Inventor: Arseniy Aharonov
-
Patent number: 8490154Abstract: There is provided a computer-implemented method for authentication, the method comprising: defining a demanded level of security in an authorization service of a server; providing at least one authentication mechanism comprising at least one instance for at least one client; providing a policy comprising a security level for the at least one instance; receiving at least one request from the client to the server; authenticating the request based on the policy and the demanded level of security by the authentication service; and permitting the request if the demanded level of security is reached.Type: GrantFiled: September 21, 2007Date of Patent: July 16, 2013Assignee: SAP AGInventors: Laurent Y. Gomez, Ivonne Thomas
-
Patent number: 8484723Abstract: A system and method for signing and authenticating electronic documents using public key cryptography applied by one or more server computer clusters operated in a trustworthy manner, which may act in cooperation with trusted components controlled and operated by the signer. The system employs a presentation authority for presenting an unsigned copy of an electronic document to a signing party and a signature authority for controlling a process for affixing an electronic signature to the unsigned document to create a signed electronic document. The system provides an applet for a signing party's computer that communicates with the signature authority.Type: GrantFiled: June 4, 2010Date of Patent: July 9, 2013Assignee: Signix, Inc.Inventor: Robert Terrell Pilaj Oswalt
-
Patent number: 8484752Abstract: A method and apparatus are provided for verifying authenticity of program code for an electronic control unit. In one implementation, a method is provided. According to the method, program code for an the electronic control unit is received. The method may access metadata embedded in the program code. The metadata may identify a source of the program code. The method may further communicate via a network with a server to determine a status of the program code. The method may verify the authenticity of the program code based on the source of the program code and the status.Type: GrantFiled: November 14, 2007Date of Patent: July 9, 2013Assignee: Caterpillar Inc.Inventors: John L. Traenkenschuh, Paul W. Bierdeman, Todd Wagner
-
Patent number: 8477947Abstract: Provided is an optical phase modulating method and apparatus for a quantum key distribution. When an optical phase modulator is arranged outside an optical interferometer, a configuration of the optical interferometer may be simplified, and an extension of an optical path caused by the optical phase modulator, instability and an insertion loss increased in the optical interferometer, and the like, may be overcome. An output feature may be improved by adjusting an applied voltage of the optical phase modulator arranged outside the optical interferometer.Type: GrantFiled: October 6, 2010Date of Patent: July 2, 2013Assignee: Electronics and Telecommunications Research InstituteInventor: Jeong-sik Cho
-
Patent number: 8478266Abstract: A mobile node and its home system generate synchronized time-based codes at periodic time intervals. Each time-based code is valid for a predetermined time period. To facilitate anonymous operation when roaming, the mobile node identifies itself with a coded identifier instead of a public identifier. The coded identifier used at a given time includes the time-based code that is valid for that given time. To authenticate the mobile node, a serving system receives authentication information from the mobile node and forwards the authentication information to a home system. The authentication information includes the current time-based code and a timestamp. The home system identifies the mobile node from the current time-based code and the timestamp. The home system then uses the authentication information to authenticate the mobile node.Type: GrantFiled: March 7, 2006Date of Patent: July 2, 2013Assignee: Sprint Spectrum L.P.Inventors: Tong Zhou, George Jason Schnellbacher
-
Patent number: 8479269Abstract: Methods and systems are disclosed for reducing a number of unauthorized wireless communication devices (WCDs) using a femtocell. A femtocell may transmit a pilot beacon on a macro-network carrier, and may transmit one or more overhead channels on a femtocell carrier. Subsequently, the femtocell may receive a registration request from a WCD. The femtocell may then determine whether the WCD is authorized to receive wireless services from the femtocell, and if it is not so authorized, the femtocell may, during a subsequent slot associated with the unauthorized WCD in a periodically recurring slot cycle, responsively disable at least one of (i) its pilot channel and (ii) one or more of its overhead channels. As a result of the disabling, the unauthorized WCD may move away from the femtocell, perhaps handing off to the macro network.Type: GrantFiled: April 13, 2010Date of Patent: July 2, 2013Assignee: Sprint Spectrum L.P.Inventors: Muralidhar Malreddy, Ryan S. Talley, Rajveen Narendran
-
Patent number: 8479276Abstract: A virtual machine computing platform uses a security virtual machine (SVM) in operational communications with a risk engine which has access to a database including stored patterns corresponding to patterns of filtered operational data that are expected to be generated during operation of the monitored virtual machine when malware is executing. The stored patterns may have been generated during preceding design and training phases. The SVM is operated to (1) receive raw operational data from a virtual machine monitor, the raw operational data obtained from file system operations and network operations of the monitored virtual machine; (2) apply rule-based filtering to the raw operational data to generate filtered operational data; and (3) in conjunction with the risk engine, perform a mathematical (e.g., Bayesian) analysis based on the filtered operational data and the stored patterns in the database to calculate a likelihood that the malware is executing in the monitored virtual machine.Type: GrantFiled: December 29, 2010Date of Patent: July 2, 2013Assignee: EMC CorporationInventors: Alex Vaystikh, Robert Polansky, Samir Dilipkumar Saklikar, Liron Liptz
-
Patent number: 8468362Abstract: An information handling system includes a memory and a detector circuit. The memory is configured to store a first electrocardiogram measurement. The detector circuit is configured to receive a second electrocardiogram measurement in response to a specific combination of keys of a keyboard being pressed for a specific period of time, wherein each key in the specific key combination includes an electrocardiogram sensor on a top surface of the key, to authorize a user and log the user onto the information handling system when the second electrocardiogram measurement matches the first electrocardiogram measurement, and otherwise: to deny access to the information handling system; to increase a counter; to determine whether the counter has exceeded a threshold; and to request that an input window is displayed when the counter has exceeded the threshold.Type: GrantFiled: June 3, 2011Date of Patent: June 18, 2013Assignee: Dell Products, LPInventors: David Konetski, Frank H. Molsberry
-
Patent number: 8468358Abstract: Third-party applications for platforms are linked to identified individuals that guarantee the security of the applications. The linkage is achieved by acquiring one or more biometric records of the individual guarantor, storing those records as a signature in a database, assigning a unique identifier to the signature, and embedding that unique identifier in the executable file of the application. The signature of the guarantor can be compared to other stored signatures of other guarantors to check for individuals posing under multiple aliases. The signature of a guarantor linked to a malicious application can be flagged so that a subsequent application guaranteed by the same individual can be disapproved.Type: GrantFiled: November 9, 2010Date of Patent: June 18, 2013Assignee: Veritrix, Inc.Inventor: Paul Headley
-
Patent number: 8464331Abstract: A data transmission management server for managing a terminal device to access a network resource providing server by a source gateway in a virtual private network (VPN) obtains current resource information of a plurality of gateways in the VPN periodically. The data transmission management server selects one from the gateways as a destination gateway according to the resource information, transmits an internet protocol address of the destination gateway to the source gateway to make the source gateway establish a secure communication tunnel to the selected destination gateway and access the network resource providing server over the secure communication tunnel.Type: GrantFiled: March 3, 2011Date of Patent: June 11, 2013Assignee: Hon Hai Precision Industry Co., Ltd.Inventors: Chi-Feng Lee, Ming-Chin Ho
-
Patent number: 8464053Abstract: Systems, methods, and media for retransmitting data using the SRTP are provided. In some embodiments, methods for retransmitting data using the SRTP are provided. The methods include: receiving at least one data unit associated with a media session; determining the index of the at least one data unit; determining the session key of the media session using the index; authenticating the at least one data unit using the session key; and retransmitting the at least one data unit.Type: GrantFiled: September 5, 2007Date of Patent: June 11, 2013Assignee: Radvision LtdInventors: Jay Davis, Michael Zak, Sasha Ruditsky, Tsahi Levent-Levi
-
Publication number: 20130145159Abstract: A modem unit and the like receive packets sent from a base station apparatus and receives packets sent from other terminal apparatuses. A processing unit processes the received packets. For the packets received by the modem unit and the like from the base station apparatus, a private key complying with a public key cryptosystem is used for a digital signature, whereas a symmetric key complying with a symmetric key cryptosystem is used for data. For the packets received from the other terminal apparatuses, a symmetric key complying with the symmetric key cryptosystem is used for the digital signature.Type: ApplicationFiled: January 11, 2013Publication date: June 6, 2013Applicant: SANYO ELECTRIC CO., LTD.Inventor: Sanyo Electric Co., Ltd.
-
Patent number: 8456653Abstract: A data processing apparatus includes a storage unit configured to store electronic data including first data for identifying policy data that is information indicating an authority for handling the electronic data and is managed by a server apparatus. The data processing apparatus includes a print job data production unit configured to produce print job data based on electronic data to be printed, an acquisition unit configured to acquire the first data included in the electronic data, an adding unit configured to add the first data acquired by the acquisition unit to the print job data, and a sending unit configured to send the print job data having the first data added thereto to an image processing apparatus.Type: GrantFiled: November 28, 2006Date of Patent: June 4, 2013Assignee: Canon Kabushiki KaishaInventor: Hirotomo Tanaka
-
Patent number: 8458474Abstract: A method of authenticating an entity by a verification entity, said entities sharing a pair of secret keys X and Y which are nĂ—m (n, m>i) binary matrices. The method may be applied to cryptographic protocols for authenticating electronic chips at a very low cost.Type: GrantFiled: May 21, 2008Date of Patent: June 4, 2013Assignee: France TelecomInventors: Matthew Robshaw, Henri Gilbert
-
Patent number: 8458460Abstract: In general, in one aspect, a computer-implemented method includes determining a digest value based on hash operations on values of, at least, a set op-codes of multiple instructions of a program during execution of the program by a processor.Type: GrantFiled: September 27, 2007Date of Patent: June 4, 2013Assignee: Intel CorporationInventors: Steven R. King, Erik J. Johnson
-
Patent number: 8457919Abstract: A process for testing an integrated circuit includes collecting a set of points of a physical property while the integrated circuit is executing a multiplication, dividing the set of points into a plurality subsets of lateral points, calculating an estimation of the value of the physical property for each subset, and applying to the subset of lateral points a step of horizontal transversal statistical processing by using the estimations of the value of the physical property, to verify a hypothesis about the variables manipulated by the integrated circuit.Type: GrantFiled: March 31, 2010Date of Patent: June 4, 2013Assignee: Inside SecureInventors: Benoit Feix, Georges Gagnerot, Mylene Roussellet, Vincent Verneuil
-
Patent number: 8458778Abstract: A method includes storing a security credential associated with a communication network on a portable storage device. The method also includes detecting removal of the portable storage device from a specified location. The method further includes allowing at least one communication device to communicate over the communication network using the security credential. In addition, the method includes revoking the security credential after a specified time period has elapsed. The portable storage device could represent a card, and the specified location could represent a card reader/writer. Also, the communication network could represent a wireless network, and the security credential could represent a cryptographic key.Type: GrantFiled: January 25, 2008Date of Patent: June 4, 2013Assignee: Honeywell International Inc.Inventors: Ramakrishna S. Budampati, Denis Foo Kune, Soumitri N. Kolavennu
-
Patent number: 8456670Abstract: A printing device includes a processor, an attribute managing part configured to be activated by the processor to communicate with a host device and to control an authentication printing job received from the host device, a memory configured to store authentication printing job data and user information extracted from the authentication printing job data, and a deleting part configured to delete the authentication printing job data and the user information stored in the memory based on predetermined results of communication between the attribute managing part and the host device. As a result, the user is not required to consider whether the time for which the authentication printing data is stored should be extended.Type: GrantFiled: February 17, 2009Date of Patent: June 4, 2013Assignee: Oki Data CorporationInventor: Yoshiaki Kusakabe
-
Patent number: 8458461Abstract: Methods and apparatus are provided for performing authentication and decryption operations. A record including multiple encrypted blocks is received. An encrypted block in the record is extracted and decrypted first in order to obtain context information for performing authentication operations. Each remaining block is then decrypted and authenticated by using the available context information. Authentication operations can be performed without having to wait for the decryption of all of the blocks in the record.Type: GrantFiled: July 26, 2010Date of Patent: June 4, 2013Assignee: Broadcom CorporationInventor: Joseph Tardo
-
Patent number: 8453224Abstract: Apparatus, systems, and methods may operate to receive a request from a node to provide access to a web site, to provide site authenticity information associated with the web site to the node, and to receive single sign-on (SSO) information from the node in response to validation of the site authenticity information by the node, the SSO information enabling the node to automatically log in to the web site. Additional activities include receiving site authenticity information from a node associated with a web site, and automatically transmitting SSO information to the node responsive to validating the site authenticity information. Additional apparatus, systems, and methods are disclosed.Type: GrantFiled: October 23, 2009Date of Patent: May 28, 2013Assignee: Novell, Inc.Inventor: Girish Bitmandi Mutt
-
Patent number: 8443448Abstract: A system and method for performing a security check may include using at least one processor to periodically check a status of a flag, generate and store a baseline representation of modules stored on the device where the flag is determined to be set to a first state, and, where the flag is determined to be set to a second state, generate an active representation of modules stored on the first device, compare the active representation of modules to the baseline representation of modules, and, responsive to a determination in the comparing step of a difference between the baseline and active representations of modules, output an alert. The flag status may depend on an association of the device with one of a plurality of authorization policies, each mapped to one of the two states. Results of the comparison may be appended to an activity log of the device.Type: GrantFiled: August 20, 2009Date of Patent: May 14, 2013Assignee: Federal Reserve Bank of New YorkInventors: Danny Brando, Joonho Lee, Jia Ye
-
Patent number: 8438629Abstract: A packet security method and apparatus adjusts a security level of the packet according to a feature of the packet. The packet security method includes detecting a feature of a packet to be transmitted, determining a security level of the packet according to the detected feature, and generating a security packet according to the determined security level. The feature of the packet is at least one of a destination address of the packet, a transfer protocol of the packet, a packet size, an application for the packet, and a designated security level for the packet. According to the method, the security function is adoptively applied according to the feature of the packet being transmitted, and thus flexibility can be provided in the application of the security function to achieve an efficient use of resources.Type: GrantFiled: February 17, 2006Date of Patent: May 7, 2013Assignee: Samsung Electronics Co., Ltd.Inventors: Yung-ji Lee, Kyung-hee Lee
-
Patent number: 8437802Abstract: Methods and devices for allowing a wireless communication device (1301) initially unauthorized for communication with a network to obtain persistent soft network subscription credential information (1303) from a wireless communication device (1401) initially authorized for communication with the network are disclosed. In performing the persistent transfer of the soft network subscription credential information (1303), one of a token management module (1312), a session initiation protocol communication module (1408), or a electronic rights manager (1406) may be used to ensure that only one communication device is capable of communicating with a network at any one time.Type: GrantFiled: January 30, 2012Date of Patent: May 7, 2013Assignee: Motorola Mobility LLCInventors: James J. Morikuni, Bashar Jano
-
Patent number: 8438642Abstract: A method for detecting potential phishing URLs includes extracting a URL from a document, analyzing the URL context, and comparing the URL to stored trusted URLs and stored known phishing URLs. The URL context includes anchor text and surrounding content associated with the URL. The method further includes generating a phishing alert based on the comparing and the analyzing.Type: GrantFiled: June 5, 2009Date of Patent: May 7, 2013Assignee: AT&T Intellectual Property I, L.P.Inventors: Junlan Feng, Valerie Torres, Daniel G. Sheleheda
-
Patent number: 8434138Abstract: A token calculates a one time password by generating a HMAC-SHA-1 value based upon a key K and a counter value C, truncating the generated HMAC-SHA-1 value modulo 10^Digit, where Digit is the number of digits in the one time password. The one time password can be validated by a validation server that calculates its own version of the password using K and its own counter value C?. If there is an initial mismatch, the validation server compensate for a lack of synchronization between counters C and C? within a look-ahead window, whose size can be set by a parameter s.Type: GrantFiled: December 6, 2011Date of Patent: April 30, 2013Assignee: Symantec CorporationInventors: Nicolas Popp, David M'Raihi, Loren Hart
-
Patent number: 8433927Abstract: A method, computer program product, and data processing system are disclosed for protecting sensitive program code (and also data) from unauthorized access in a memory space not subject to protection fault detection. In a preferred embodiment, secure initialization hardware loads the sensitive code from a storage location accessible only to the secure initialization hardware itself and decrypts the sensitive code into a portion of the processor-accessible memory space, from which the code is executed. Once execution of the sensitive code has completed, all or at least a portion of the code is deleted before passing control to application software. If the application software needs to cause the sensitive code to be executed, the secure initialization hardware is activated to reload/decrypt a fresh copy of the sensitive code into the memory space and cause the code to be executed. Before control is returned to the application software, the sensitive code is again deleted to prevent unauthorized access.Type: GrantFiled: May 29, 2007Date of Patent: April 30, 2013Assignee: International Business Machines CorporationInventors: Wilfred E. Plouffe, Jr., Kanna Shimizu
-
Patent number: 8433899Abstract: A system for authenticating data of interest includes a digest locator engine capable to locate a first and a second digest result in a data file, including a set of data; a first digest creator capable to create, using a first digest function, a first digest of the set of data, the first digest function being identical to a digest function used to create the first digest result; a second digest creator capable to create, using a second digest function that is incompatible with the first digest function, a second digest of the set of data, the second digest function being identical to a second digest function used to create the second digest result; and a digest comparator engine, communicatively coupled to the digest locator, first digest creator and the second digest creator, capable to compare the first and second created digests with the first and second located digest results respectively.Type: GrantFiled: January 20, 2009Date of Patent: April 30, 2013Assignee: Kwan Software Engineering, Inc.Inventor: John Man Kwong Kwan