Having Particular Address Related Cryptography Patents (Class 713/162)
  • Patent number: 10291595
    Abstract: A platform, apparatus and method for Internet of Things Implementations. For example, one embodiment of a system comprises: an Internet of Things (IoT) hub comprising a network interface to couple the IoT hub to an IoT service over a wide area network (WAN), and programming logic to program an identification device with one or more encryption keys usable to establish encrypted communication with an IoT device; and at least one IoT device interfacing with the identification device following programming of the identification device by the IoT hub; wherein once the identification device is programmed and interfaced with the IoT device, the IoT device uses the one or more keys to establish a secure communication channel with the IoT hub and/or the IoT service.
    Type: Grant
    Filed: November 28, 2017
    Date of Patent: May 14, 2019
    Assignee: Afero, Inc.
    Inventors: Joe Britt, Shin Matsumura, Houman Forood, Scott Zimmerman, Phillip Myles, Sean Zawicki, Daisuke Kutami, Shannon Holland
  • Patent number: 10144304
    Abstract: Various techniques described herein relate to electric vehicle power management system for managing a plurality of battery modules in a battery pack. Such electric vehicle power management system may include a plurality of battery management systems corresponding to a plurality of battery modules, and an energy management system for managing the plurality of battery management systems. The energy management system and the plurality of battery management systems may adopt master-slave wireless communication, and may use a single wireless frequency channel or a plurality of assigned wireless frequency channels.
    Type: Grant
    Filed: July 20, 2016
    Date of Patent: December 4, 2018
    Assignee: THUNDER POWER NEW ENERGY VEHICLE DEVELOPMENT COMPANY LIMITED
    Inventor: Yu-Ting Dai
  • Patent number: 10135739
    Abstract: A data processing device includes a first packet communication interface for communication with at least one host processor via a network interface controller (NIC) and a second packet communication interface for communication with a packet data network. A memory holds a flow state table containing context information with respect to multiple packet flows conveyed between the host processor and the network via the first and second interfaces packet communication interfaces. Acceleration logic, coupled between the first and second packet communication interfaces, performs computational operations on payloads of packets in the multiple packet flows using the context information in the flow state table.
    Type: Grant
    Filed: May 4, 2016
    Date of Patent: November 20, 2018
    Assignee: MELLANOX TECHNOLOGIES, LTD.
    Inventors: Shachar Raindel, Shlomo Raikin, Liran Liss
  • Patent number: 10127194
    Abstract: Methods, systems, and apparatus for performing recursive embedding by URL parameterization are provided. Recursive embedding by URL parameterization may be performed by receiving a display parameter for defining a window display area within a portion of a first document associated with a first application having a first format, and a URL-based identifier specifying a portion of a second document associated with a second application having a second format. The first and second formats are different from each other. A display of the portion of first including the window display area is generated. The specified portion of the second document is displayed within the window display area, and the first and second documents are independently executable with respect to each other.
    Type: Grant
    Filed: May 27, 2016
    Date of Patent: November 13, 2018
    Assignee: Google LLC
    Inventor: Christopher Richard Uhlik
  • Patent number: 10031233
    Abstract: This application discloses a GNSS reference apparatus having a vector error generator and a reference data server. The vector error generator generates one or more sequences of keyed intentional errors made confidential with confidential error keys, and then combines the sequences to generate a sequence of reference erroneous positions. The reference data server issues GNSS position-determination reference data based on the reference erroneous positions where the keyed intentional errors for at least one of the confidential sequences are reversible with confidential access to the corresponding confidential error key for determining a GNSS-based position.
    Type: Grant
    Filed: November 25, 2015
    Date of Patent: July 24, 2018
    Assignee: Trimble Inc.
    Inventor: David G. Bird
  • Patent number: 10021036
    Abstract: Systems and methods for management of persistent cookies in a corporate web portal are described. A plurality of zones may be defined and stored in memory. Each zone may be associated with a zone property indicative of whether cookies are allowed. A resource request may be received from a user device over a network where access to the requested resource may require a cookie. The user device may be classified into a zone from the plurality of zones based on the attributes of the user device. The cookie may be automatically installed on the user device based on a zone property for the zone and for those resources that have been configured to require installation of a cookie installed without requiring further user interaction following the request.
    Type: Grant
    Filed: January 8, 2016
    Date of Patent: July 10, 2018
    Assignee: SonicWALL Inc.
    Inventors: Christopher D. Peterson, Jeetendra Kulkarni
  • Patent number: 9977685
    Abstract: Some embodiments provide a method of operating several logical networks over a network virtualization infrastructure. The method defines a managed physical switching element (MPSE) that includes several ports for forwarding packets to and from a plurality of virtual machines. Each port is associated with a unique media access control (MAC) address. The method defines several managed physical routing elements (MPREs) for the several different logical networks. Each MPRE is for receiving data packets from a same port of the MPSE. Each MPRE is defined for a different logical network and for routing data packets between different segments of the logical network. The method provides the defined MPSE and the defined plurality of MPREs to a plurality of host machines as configuration data.
    Type: Grant
    Filed: December 20, 2013
    Date of Patent: May 22, 2018
    Assignee: NICIRA, INC.
    Inventors: Ganesan Chandrashekhar, Rahul Korivi Subramaniyam, Ram Dular Singh, Vivek Agarwal, Howard Wang
  • Patent number: 9860251
    Abstract: A system and computer program product for implementing a method for restricting access to information transmitted over a computing network. A computer receives a resource request for a resource to be located. The resource request contains a universal resource locator (URL). The computer determines that the requested resource is available and in response, the computer locates the requested resource contained in the resource request. The computer determines whether encryption of the contained. URL is required. The computer may determine whether encryption is required for a return URL of the requested resource that is to be returned to a location of the resource request. After the computer determines that the requested resource is available, the computer may: determine that encryption of the requested resource is required and in response, determine an encrypted value of the requested resource.
    Type: Grant
    Filed: January 30, 2017
    Date of Patent: January 2, 2018
    Assignee: International Business Machines Corporation
    Inventors: Michael P. Carlson, Srinivas Chowdhury
  • Patent number: 9811831
    Abstract: A system may include a point-of-sale system that gathers payment card track data from a payment card and a payment card gateway that processes the track data to authorize purchase transactions. The point-of-sale system may remove sensitive data such as a portion of a primary account number from the track data and may compress the removed data. The compressed version of the data may be appended to a discretionary field in the track data. The discretionary field may be encrypted following insertion of the compressed data. Track data that has been modified in this way may be conveyed to the payment gateway for processing.
    Type: Grant
    Filed: February 21, 2014
    Date of Patent: November 7, 2017
    Assignee: ENTIT SOFTWARE LLC
    Inventors: Terence Spies, Matthew J. Pauker, Jacob Green, Michael S. Leong, Richard T. Minner
  • Patent number: 9805215
    Abstract: A technology is described for making a decision based on identifying without disclosing the identifying information. The method may include receiving a mapping value that represents identifying information that has been converted into a mapping value. A request for data associated with the identifying information may be made by providing the mapping value as a proxy for the identifying information whereby the data associated with the identifying information may be located using the mapping value and returned to a requesting client or service.
    Type: Grant
    Filed: August 17, 2015
    Date of Patent: October 31, 2017
    Assignee: Amazon Technologies, Inc.
    Inventors: Jesper Mikael Johansson, Dominique Imjya Brezinski, Darren Ernest Canavor, Darin Keith McAdams, Jon Arron McClintock, Brandon William Porter
  • Patent number: 9801060
    Abstract: Systems and techniques for secure wireless low-power wake-up are described herein. A low-power wake-up receiver (LP-WUR) of a wireless device may receive a wake-up signal. The LP-WUR may extract a receiver ID token from the wake-up signal. The LP-WUR may then verify the receiver ID token and enable a main transceiver, different than the LP-WUR, when the verification passes to engage in wireless communications.
    Type: Grant
    Filed: November 5, 2015
    Date of Patent: October 24, 2017
    Assignee: Intel Corporation
    Inventors: Alexander W Min, Minyoung Park
  • Patent number: 9774609
    Abstract: A method of communicating in a secure communication system, comprises the steps of assembling as message at a sender, then determining a security level, and including an indication of the security level in a header of the message. The message is then sent to a recipient.
    Type: Grant
    Filed: January 8, 2016
    Date of Patent: September 26, 2017
    Assignee: Certicom Corp.
    Inventor: Marinus Struik
  • Patent number: 9710654
    Abstract: A system that validates a native code module. During operation, the system receives a native code module comprised of untrusted native program code. The system validates the native code module by: (1) determining that code in the native code module does not include any restricted instructions and/or does not access restricted features of a computing device; and (2) determining that the instructions in the native code module are aligned along byte boundaries such that a specified set of byte boundaries always contain a valid instruction and control flow instructions have valid targets. The system allows successfully-validated native code modules to execute, and rejects native code modules that fail validation. By validating the native code module, the system facilitates safely executing the native code module in the secure runtime environment on the computing device, thereby achieving native code performance for untrusted program binaries without significant risk of unwanted side effects.
    Type: Grant
    Filed: June 3, 2016
    Date of Patent: July 18, 2017
    Assignee: Google Inc.
    Inventors: J. Bradley Chen, Matthew T. Harren, Matthew Papakipos, David C. Sehr, Bennet S. Yee
  • Patent number: 9705854
    Abstract: A method for operating a secure device having a plurality of mutually exclusive circuit zones, including a first circuit zone having a first level of security and a second circuit zone having a second level of security less than the first level of security, the method including unpacking a key exchange package including receiving a key exchange package in the second circuit zone, the key exchange package including encrypted key data and processing the encrypted key data using a content key in the first circuit zone to generate decrypted key data and storing the decrypted key data in the first circuit zone without disclosing the decrypted key data into the second circuit zone.
    Type: Grant
    Filed: July 9, 2013
    Date of Patent: July 11, 2017
    Assignee: Massachusetts Institute of Technology
    Inventors: Roger I. Khazan, Joshua Kramer, Daniil M. Utin, Mankuan Michael Vai, David Whelihan
  • Patent number: 9654472
    Abstract: A storage count verification system is provided in which a client can verify the number of identical data items stored by a server without the server being notified of the results. A storage count verification system verifies whether a user device and a server device have identical data where search data requested by a user device is used to search data to be searched on a server device. The server device generates a public parameter for searching the data to be searched and transmits the generated public parameter to the user device. The user device is provided with a user generation unit for generating, on the basis of the public parameter received from the server device, a secret parameter that is for the search data and corresponds to the public parameter and a user encryption unit for encrypting the search data on the basis of the generated secret parameter.
    Type: Grant
    Filed: June 18, 2013
    Date of Patent: May 16, 2017
    Assignee: Hitachi, Ltd.
    Inventors: Masayuki Yoshino, Hisayoshi Sato
  • Patent number: 9628453
    Abstract: A method and system for restricting access to information transmitted over a computing network. A computer receives a resource request for a resource to be located. The resource request contains a universal resource locator (URL). The computer determines that the requested resource is available and in response, the computer locates the requested resource contained in the resource request. The computer determines whether encryption of the contained URL is required. The computer may determine whether encryption is required for a return URL of the requested resource that is to be returned to a location of the resource request. After the computer determines that the requested resource is available, the computer may: determine that encryption of the requested resource is required and in response, determine an encrypted value of the requested resource.
    Type: Grant
    Filed: June 10, 2015
    Date of Patent: April 18, 2017
    Assignee: International Business Machines Corporation
    Inventors: Michael P. Carlson, Srinivas Chowdhury
  • Patent number: 9619663
    Abstract: A replaceable printer component includes a first memory device and a communication link. The first memory device is configured to store a first secret. The communication link is configured to communicatively link the first memory device to a printer controller when the replaceable printer component is installed in a printing system. The printing system comprises a second memory device storing a second secret. The second memory device is communicatively linked to the printer controller. The printer controller is configured to determine an authenticity of the replaceable printer component based on the first secret and the second secret.
    Type: Grant
    Filed: October 11, 2016
    Date of Patent: April 11, 2017
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventor: Jacob Grundtvig Refstrup
  • Patent number: 9607096
    Abstract: A system and method for managing access to content is provided. One example embodiment provides for a method including acts of identifying a filter of content based at least in part on the preferences a user and a subject presented in the content and presenting the content using the filter to the user. Another example embodiment provides for a system that includes a controller configured to identify a filter of content based on preferences of a user, to present content using the identified filter and to update the preferences of the user based on feedback from the user and the subjects presented in the content.
    Type: Grant
    Filed: June 23, 2014
    Date of Patent: March 28, 2017
    Assignee: Excalibur IP, LLC
    Inventors: Athellina Athsani, Elizabeth F. Churchill, Joseph O'Sullivan
  • Patent number: 9565559
    Abstract: A computer-based system and method for secured privacy preservation scheme while data aggregation in a non-hierarchical wireless sensor network that lacks peer-to-peer communication between the communicating sensor nodes is disclosed. The method and system adopts formation of self-adaptive efficient cluster formation for robust privacy preservation in the network by grouping the multiple sensor nodes in the network to form multiple clusters that enables low computation overhead and high scalability in the network. The method and system of the invention discloses an effective twin-key management scheme that provides establishment of secure communication among the sensor nodes and the secure communication between at least one sensor node with the sever node performing the function data aggregation of the data collected by the sensor nodes.
    Type: Grant
    Filed: June 9, 2011
    Date of Patent: February 7, 2017
    Assignee: Tata Consultancy Services Limited
    Inventors: Arijit Ukil, Jaydip Sen
  • Patent number: 9531786
    Abstract: A device management system includes an electronic device and a remote maintenance server. The electronic device displays an operation screen to a user. The remote maintenance server includes a transparent panel management portion that draws a guide image on a virtual transparent panel based on an operation of a service person performed on a service terminal device, and causes the electronic device to overlay and display the virtual transparent panel on the operation screen.
    Type: Grant
    Filed: July 15, 2014
    Date of Patent: December 27, 2016
    Assignee: KYOCERA Document Solutions Inc.
    Inventors: Daisuke Yoshida, Toyoaki Oku, Koki Nakajima, Takeshi Nakamura, Yoshihiko Arai, Atsushi Matsumoto
  • Patent number: 9530003
    Abstract: A computer system includes a data network connection, a reading device, an input component and a security device, wherein the security device establishes a data network link via the data network connection as the computer system is starting up and said security device further receives access data either via the data network link or via the reading device and the input component, and said security device compares the received access data with a data record stored in a firmware on a memory element and boots the computer system if the comparison was successful.
    Type: Grant
    Filed: December 17, 2013
    Date of Patent: December 27, 2016
    Assignee: Fujitsu Technology Solutions Intellectual Property GmbH
    Inventor: Mario Wegener
  • Patent number: 9525554
    Abstract: A device and method associates a certificate with a first recipient identity. The method comprises receiving the first recipient identity of a user. The method comprises associating the first recipient identity of the user with a second recipient identity of the user. The second recipient identity is associated with a certificate so that subsequent transmissions of data to the first recipient identity encrypts the data according to specifications of the certificate.
    Type: Grant
    Filed: September 10, 2008
    Date of Patent: December 20, 2016
    Assignee: Google Inc.
    Inventors: Sanjiv Maurya, Jack Cai
  • Patent number: 9501431
    Abstract: A method and apparatus are provided to enable the remote management of software that is otherwise limited to using local input/output (I/O) only. According to the method and apparatus, a microcontroller is installed on a system board of a server and configured to listen to write requests directed to a first I/O interface. When such requests are detected, data that is part of such requests is intercepted and transmitted over a second I/O interface that is different from the first I/O interface.
    Type: Grant
    Filed: September 5, 2013
    Date of Patent: November 22, 2016
    Assignee: Google Inc.
    Inventor: Nathan Isaac Laredo
  • Patent number: 9495549
    Abstract: A replaceable printer component includes a first memory device and a communication link. The first memory device is configured to store a first secret. The communication link is configured to communicatively link the first memory device to a printer controller when the replaceable printer component is installed in a printing system. The printing system comprises a second memory device storing a second secret. The second memory device is communicatively linked to the printer controller. The printer controller is configured to determine an authenticity of the replaceable printer component based on the first secret and the second secret.
    Type: Grant
    Filed: August 11, 2015
    Date of Patent: November 15, 2016
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventor: Jacob Grundtvig Refstrup
  • Patent number: 9491032
    Abstract: In various embodiments, methods and systems for managing wake-enabled transport connections of wake-enabled applications is provided. A set of ports is designated as a wake-enabled port set. An operating system (OS) of a computing device running applications plumbs the multiport wake pattern to the one or more network interface controllers (NIC) of the computing device. A wake-enabled application acquires a port from the wake-enabled port set. The OS makes a determination that the application is wake-enabled and as such, assigns a port, from the wake-enable port set, to the wake-enabled application. Upon receiving a packet at the NIC, a determination is made whether the packet corresponds to a wake-enabled transport connection based on comparing the packet to the multiport wake pattern. Upon matching the packet to the multiport wake pattern, the NIC communicates with the OS to wake a portion of the wake-enabled application associated with the wake-enabled transport connection.
    Type: Grant
    Filed: September 5, 2013
    Date of Patent: November 8, 2016
    Assignee: MICROSOFT TECHNOLOGY LICENSING, LLC
    Inventors: Praveen Balasubramanian, Poornananda R. Gaddehosur, David Garfield Thaler, III, Dmitry A. Anipko, Christopher Benjamin Palmer
  • Patent number: 9471755
    Abstract: Font protection management is described. In one or more implementations, a font package is obtained for an application and includes fonts that are protected by obfuscation. When the application is launched, a request to determine whether use of the protected fonts is authorized in connection with the application may be communicated to a font protection service. A response that is indicative of authorization to use the protected fonts in connection with the application may be received from the font protection service. When the response indicates that use of the protected fonts is authorized, the protected fonts may be de-obfuscated and subsequently used in connection with the application. When the response indicates that use of the protected fonts is not authorized in connection with the application, however, default fonts may be used with the application instead.
    Type: Grant
    Filed: July 11, 2013
    Date of Patent: October 18, 2016
    Assignee: Adobe Systems Incorporated
    Inventor: David G. Demaree
  • Patent number: 9444822
    Abstract: Providing authorization and authentication in a cloud for a user of a storage array includes: receiving, by a storage array access module from a client-side array services module, a token representing authentication of user credentials and authorized access privileges defining one or more storage array services accessible by the user, where the token is generated by a cloud-based security module upon authentication of the user credentials and identification of authorized access privileges for the user; receiving, by the storage array access module from the user, a user access request to one or more storage array services; and determining, by the storage array access module, whether to grant the user access request in dependence upon the authorized access privileges represented by the token.
    Type: Grant
    Filed: May 29, 2015
    Date of Patent: September 13, 2016
    Assignee: Pure Storage, Inc.
    Inventors: Benjamin P. Borowiec, Jimmy T. Hu, Ethan L. Miller, Terence W. Noonan, Constantine P. Sapuntzakis, Neil A. Vachharajani, Daquan Zuo
  • Patent number: 9436623
    Abstract: Methods, apparatus and systems for implementing run-time fabric reconfiguration are described herein. In accordance with one aspect, techniques are disclosed for implementing run-time fabric reconfiguration on a System on a Chip (SoC) via use of multiple endpoint fabric interfaces having routing logic that is dynamically reconfigured at run-time by a fabric control unit in response to system-state changes. The endpoint fabric interfaces may be coupled to or integrated in IP blocks that are coupled to a switch fabric, or may be implemented in the switch fabric itself. The run-time fabric reconfiguration techniques may be implemented to for various purposes and/or to address various events, such as node failures, security events, IP or design bugs, feature prototyping, and virtualization.
    Type: Grant
    Filed: September 20, 2012
    Date of Patent: September 6, 2016
    Assignee: Intel Corporation
    Inventors: Aviad Wertheimer, Daniel Greenspan
  • Patent number: 9418249
    Abstract: Transponder (180) having stored a fixed identification number, which expands said identification number with a random number, encrypts said expanded number with a key, and sends it to a reader (160) on its request. Reader (160), which on request receives an encrypted number from a transponder (180), decrypts a received encrypted number with a key, which was also used by the transponder (180), and extracts a fixed identification number associated with the transponder (180).
    Type: Grant
    Filed: May 12, 2009
    Date of Patent: August 16, 2016
    Assignee: NXP B.V.
    Inventors: Peter Thueringer, Hans De Jong, Bruce Murray, Heike B. Neumann, Paul Hubmer, Susanne Stern
  • Patent number: 9361453
    Abstract: A system that validates a native code module. During operation, the system receives a native code module comprised of untrusted native program code. The system validates the native code module by: (1) determining that code in the native code module does not include any restricted instructions and/or does not access restricted features of a computing device; and (2) determining that the instructions in the native code module are aligned along byte boundaries such that a specified set of byte boundaries always contain a valid instruction and control flow instructions have valid targets. The system allows successfully-validated native code modules to execute, and rejects native code modules that fail validation. By validating the native code module, the system facilitates safely executing the native code module in the secure runtime environment on the computing device, thereby achieving native code performance for untrusted program binaries without significant risk of unwanted side effects.
    Type: Grant
    Filed: August 19, 2014
    Date of Patent: June 7, 2016
    Assignee: Google Inc.
    Inventors: J. Bradley Chen, Matthew T. Harren, Matthew Papakipos, David C. Sehr, Bennet S. Yee
  • Patent number: 9307391
    Abstract: A system and a method is provided for managing the mobility of a mobile network in a Proxy Mobile Internet Protocol (PMIP) environment operating under the Dynamic Host Configuration Protocol (DHCP) protocol. The method is based on prefix allotment between a server DHCPv6 and a mobile router via an access gateway (MAG) and the exchanging of messages between the server and a point of attachment (LMA).
    Type: Grant
    Filed: February 27, 2013
    Date of Patent: April 5, 2016
    Assignee: COMMISSARIAT A L'ENERGIE ATOMIQUE ET AUX ENERGIES ALTERNATIVES
    Inventors: Alexandre Petrescu, Michael Mathias Boc, Christophe Janneteau
  • Patent number: 9294867
    Abstract: One embodiment of a system for providing services to subscribers of a network supports the provision of a plurality of different services to multiple subscribers. A first processing unit provides a first execution environment for a first set of software applications and a second processing unit provides a second execution environment for a second set of software applications. A data structure is provided for storing data associated with subscribers of the system, the data structure providing a common identity for association with a subscriber which is recognized by all processing units of the system. This provides a common user repository which simplifies the provision of services and the authentication processes within the system.
    Type: Grant
    Filed: October 31, 2014
    Date of Patent: March 22, 2016
    Assignee: Hewlett Packard Enterprise Development LP
    Inventor: Colin I'Anson
  • Patent number: 9286281
    Abstract: A system and method for facilitating the entry by a signer user of information into a scaffold electronic document having multiple information entry fields, over the internet or similar network. The system includes a document summary server, in communication with a document execution server, and associated with a scaffold electronic document via network. The document summary server facilitates the entry by a signer user of information into one or more information entry fields in a scaffold document.
    Type: Grant
    Filed: October 20, 2010
    Date of Patent: March 15, 2016
    Assignee: Citrix Systems, Inc.
    Inventors: Cary Dunn, Jonathan Siegel, Daryl Bernstein
  • Patent number: 9264235
    Abstract: A device and method are provided for a device that authenticates a server over a network. The device and method are operable to contact the server to initiate a handshaking operation. The device receives certificate information and handshaking information from the server. The device completes the handshaking operations to establish the connection with the server. The device downloads the content from the server through the connection before authenticating the server to establish a secure connection. In some aspects, the device may display a portion of the downloaded content before the server is authenticated.
    Type: Grant
    Filed: November 16, 2010
    Date of Patent: February 16, 2016
    Assignee: BlackBerry Limited
    Inventors: Alexander Truskovsky, Neil Patrick Adams, Eli Omen Jackson
  • Patent number: 9246923
    Abstract: Systems and techniques are provided for the classification of risks associated with developers in an application ecosystem. Signals associated with a developer account for an application ecosystem may be received. Each of the signals may include one of an account signal, an application signal, and a financial signal, and each of the signals may be associated with a weight and a score. The signals may be combined using the weights and the scores associated with the signals to obtain a risk probability for the developer account. The risk probability may be scored.
    Type: Grant
    Filed: January 19, 2014
    Date of Patent: January 26, 2016
    Assignee: Google Inc.
    Inventors: Ryan James Terribilini, Alec Go
  • Patent number: 9223026
    Abstract: This application discloses a GNSS reference apparatus having a vector error generator and a reference data server. The vector error generator generates one or more sequences of keyed intentional errors made confidential with confidential error keys, and then combines the sequences to generate a sequence of reference erroneous positions. The reference data server issues GNSS position-determination reference data based on the reference erroneous positions where the keyed intentional errors for at least one of the confidential sequences are reversible with confidential access to the corresponding confidential error key for determining a GNSS-based position.
    Type: Grant
    Filed: November 13, 2012
    Date of Patent: December 29, 2015
    Assignee: Trimble Navigation Limited
    Inventor: David G. Bird
  • Patent number: 9219717
    Abstract: A mobile communication device registers for data communication through a mobile communication network with a packet-based network. The device may or may not have a mobile device number, and registers using a fully-qualified-domain-name (FQDN) uniquely identifying the device in a domain-name-system (DNS) of the packet-based network. A packet-data-network gateway assigns a packet-based address for the device, and generates a request for registering the address with the FQDN in a DNS server. Alternatively, the device generates the packet-based address based on a received portion of the address, retrieves the FQDN from an identity module, and sends a DNS-Update message to the DNS server including the address and FQDN. Again alternatively, a DNS server receives an encrypted DNS update message including a FQDN and a packet-based address, and decrypts the message prior to registering the address and FQDN in a DNS database.
    Type: Grant
    Filed: September 8, 2014
    Date of Patent: December 22, 2015
    Assignee: Cellco Partnership
    Inventor: Praveen Gupta
  • Patent number: 9191291
    Abstract: A computer-implemented method is presented herein. The method obtains a first content item from an online source, and then generates a characterizing signature of the first content item. The method continues by finding a previously-saved instance of the characterizing signature and retrieving data associated with a second content item (the second content item is characterized by the characterizing signature). The method continues by analyzing the data associated with the second content item, corresponding data associated with the first content item, and decision criteria. Thereafter, either the first content item or the second content item is identified as an original content item, based on the analyzing. The other content item can be flagged as an aggregated content item.
    Type: Grant
    Filed: September 9, 2013
    Date of Patent: November 17, 2015
    Assignee: salesforce.com, inc.
    Inventor: Dai Duong Doan
  • Patent number: 9166951
    Abstract: Strict transport security controls are arranged to detect a first navigation command of a network-enabled application to navigate from a secure connection established with a first network address and to navigate to a second network address using an unsecure reference. A filter is used to filter, in response to the detection of the first navigation command, referring information in a second navigation command used to establish a second address secure connection with a device having the second network address. The strict transport security controls service is optionally arranged to provide a warning signal upon detecting formation of the second navigation command.
    Type: Grant
    Filed: February 4, 2014
    Date of Patent: October 20, 2015
    Inventor: Robert Hansen
  • Patent number: 9154308
    Abstract: A method includes receiving a request for a device to replace a unique identifier associated with the device with a revocable identifier, generating a revocable identifier for the device, wherein the revocable identifier comprises at least a cryptographic representation of the unique identifier associated with the device and a counter value, checking the generated revocable identifier to determine that the generated revocable identifier has not previously been generated for the device and associating the generated revocable identifier with the device.
    Type: Grant
    Filed: September 27, 2013
    Date of Patent: October 6, 2015
    Assignee: Google Inc.
    Inventor: William Alexander Drewry
  • Patent number: 9130739
    Abstract: The invention concerns the contact-less technology MIFARE, and describes a method to update a state by injecting an IV using a non-linear feedback shift register that makes use of only look-up tables and basic operations on 8-bit words.
    Type: Grant
    Filed: April 12, 2012
    Date of Patent: September 8, 2015
    Assignee: GEMALTO SA
    Inventors: Aline Gouget, Pascal Paillier
  • Patent number: 9118634
    Abstract: A system including a computer and a computer readable hardware storage device containing instructions which, upon being executed by the computer, implements a method for restricting access to information transmitted over a computing network. A resource request for a resource to be located is received. The resource request contains a universal resource locator (URL). The URL is evaluated to determine whether encryption of none, part, or all of the URL is required. It is determined that the requested resource is available and in response, the requested resource contained in the resource request is located. It is determined whether encryption is required for none, part, or all of a return URL of the requested resource that is to be returned to a location of the resource request.
    Type: Grant
    Filed: July 2, 2014
    Date of Patent: August 25, 2015
    Assignee: International Business Machines Corporation
    Inventors: Michael P. Carlson, Srinivas Chowdhury
  • Patent number: 9106619
    Abstract: A system encrypts digital content data with a key of a content encryption key (CEK) pair and CEK related share data available to an end user station including a source for generating source encrypted data including content data. The share data is encrypted with a first key of a second encryption key pair associated with a targeted intermediate station including a processor receiving source encrypted data and being in data communication with a portable storage device associated with the end user station, which is associated with a third encryption key pair. The processor generates intermediate station encrypted data by decrypting encrypted share data using a key of the second key pair and encrypting resulting decrypted data using a key of the third key pair. A reconstruction processor uses an algorithm and input share data to reconstruct the CEK. A decryption processor uses the reconstructed CEK to decrypt encrypted content data.
    Type: Grant
    Filed: March 26, 2013
    Date of Patent: August 11, 2015
    Assignee: ALTECH UEC (PTY) LIMITED
    Inventor: Alan John Sullivan
  • Patent number: 9094983
    Abstract: A method of controlling connection between nodes in a digital interface whereby a first node that is a master node determines a second node to be the master and controls a point-to-point connection or a broadcast connection to another node. The first node having the display device determines the second node to be the master in accordance with a user selection, and transmits a connection command of a predetermined format for transmitting a data stream to the second node. The second node determined as the master in accordance with the transmitted connection command of the predetermined format is allocated with a channel and a bandwidth from an isochronous resource manager (IRM), and performs a point-to-point connection between the second node and the first node to transit the data stream. Thus, the transmission/reception, reproduction, and control of the data stream of the program can be smoothly performed.
    Type: Grant
    Filed: January 20, 2015
    Date of Patent: July 28, 2015
    Assignee: LG Electronics Inc.
    Inventors: Chang Hwan Jang, Jae Yoon Jeong
  • Patent number: 9071582
    Abstract: Lookaside-type communication apparatus and reception and transmission control methods make high-rate communication of a packet including encrypted data. Receive data including encrypted data are supplied to an encryption data processing part, and supplied to a security part through a second bus when the packet is received. The encrypted data becomes plain-text data in the security part, and supplied to the control part through the system bus. Transmit data including a data body including a plain-text data to be encrypted are supplied to the security part when the packet is transmitted. The plain-text data become the encrypted data in the security part, and the transmit data having the data body including the encrypted data are supplied to the encryption data processing part through the second bus. The transmit data are transmitted in the form of the packet in the transmission and reception part.
    Type: Grant
    Filed: September 12, 2012
    Date of Patent: June 30, 2015
    Assignee: LAPIS SEMICONDUCTOR CO., LTD.
    Inventor: Takahiro Shimizu
  • Patent number: 9055428
    Abstract: A communication apparatus of the present invention is a communication apparatus that communicates with a plurality of other communication apparatuses, and starts processing for setting an address for the communication apparatus using encrypted communication when encrypted communication with the plurality of communication apparatuses becomes possible by sharing encryption keys for encrypting communication with the other communication apparatuses.
    Type: Grant
    Filed: December 1, 2011
    Date of Patent: June 9, 2015
    Assignee: Canon Kabushiki Kaisha
    Inventor: Toshifumi Hamachi
  • Patent number: 9043593
    Abstract: Mechanisms are provided for handling a database client request. An encrypted database client request (DCR) is received, by an unsecure access local agent, from a client computing device as part of a session between the client computing device and a database data processing system. The unsecure access local agent retrieves a database session information (DSI) address corresponding to the session and generates a first unique identifiable key (UIK) based on a portion of the encrypted DCR. The unsecure access local agent generates a DSI mapping data structure that maps the first UIK to the DSI address. A secure access local agent of the database data processing system processes the encrypted DCR using the DSI mapping data structure.
    Type: Grant
    Filed: March 11, 2013
    Date of Patent: May 26, 2015
    Assignee: International Business Machines Corporation
    Inventor: Leonid Rodniansky
  • Patent number: 9042549
    Abstract: Disclosed is a method for address privacy protection for a first wireless device sharing a privacy key with a second wireless device. In the method, a first resolution tag is generated at the first wireless device using a pseudo-random function with the seed value and the privacy key as input arguments. The privacy key is only known to the first and second wireless devices. A privacy address is generated for the first wireless device based on the seed value and the first resolution tag. A packet is transmitted from the first wireless device to the second wireless device. The packet includes the privacy address and the first resolution tag.
    Type: Grant
    Filed: March 30, 2009
    Date of Patent: May 26, 2015
    Assignee: Qualcomm Incorporated
    Inventors: Lu Xiao, Yong Jin Kim, Zhanfeng Jia, David Jonathan Julian
  • Publication number: 20150143110
    Abstract: Methods and systems for managing encrypted network traffic using spoofed addresses. One example method includes receiving a request to resolve a domain name; determining that the domain name is included in a predetermined set of domain names; associating a spoofed address with the domain name; sending a response to the request to resolve the domain name, the response including the spoofed address; receiving a secure request for a resource, the secure request directed to the spoofed address; determining that the secure request is directed to the domain name based on the association between the spoofed address and the domain name; and selectively decrypting the secure request based at least in part on determining that the secure request is directed to the domain name.
    Type: Application
    Filed: November 20, 2013
    Publication date: May 21, 2015
    Applicant: Phantom Technologies, Inc.
    Inventor: Paul Michael Martini
  • Patent number: 9030946
    Abstract: A method of providing security for network access radio systems and associated access radio security systems used with the systems. The method includes connecting an access radio having a radio link to a network; communicating between the access radio and a computer over the network using a ping application having ping commands and unique encrypted codes; and enabling operation of the access radio when the access radio is receiving ping commands. Typically, the access radio and the computer are nodes on the network and the network is a local area network (LAN). The ping application sends packets of information from the computer to the access radio and receives a response from the access radio. The ping application must be functioning (i.e., sending and receiving commands between the computer and the access radio) to enable the access radio to communicate via the radio link with a remote network.
    Type: Grant
    Filed: January 15, 2014
    Date of Patent: May 12, 2015
    Assignee: AT&T Intellectual Property II, L.P.
    Inventor: Sanford Brown