Abstract: A method for establishing secure access to a media peripheral in a home via a node in a communication network may include acquiring by the node, security data associated with the media peripheral. The method may include searching by the node, for a previously acquired security data associated with a location of previous operation of the media peripheral. The method may further include communicating between the node and the media peripheral, information associated with the media peripheral, while the media peripheral is located in the home, when the previously acquired security data is not found. The node may utilize the acquired security data associated with the media peripheral and the previously acquired security data to facilitate secure communication between the media peripheral in the home and the communication network, when the previously acquired security data is found.

Abstract: Methods, apparati, and computer-readable media for securely transporting a software application onto a tamper resistant module (TRM) (103) by using an individualized TRM key set. A method embodiment of the present invention comprises: storing a key pair unique to the TRM (103) in a memory located on the TRM (103), where the key pair comprises a TRM public key (150) and a TRM private key (190); retrieving the TRM public key from the TRM; encrypting a portion of the software application using the TRM public key (150); transmitting the encrypted software application to the TRM (103); and recovering and decrypting the encrypted software application using the TRM private key (190).

Abstract: A method for authorizing access of different types to an automation component of a technical system and, if needed, logging and digitally signing them, is provided. An authorization unit, for example a smart card, holds a digital signature function and information of a user and allocated access rights. Optionally, the authorization unit also comprises a budget account for services for e.g. billing software services.

Abstract: A forged card discrimination system, an authenticity determination information writing device and a forged card discrimination device which can directly utilize an existing cash card or a credit card of a magnetic recording type and is preferable to prevent abuse of a forgery card with low cost are provided. A forged card discrimination system 1 is configured to include a magnetic card read section 1a, magnetic card determination section 1b, and an authentic signal (analog signal) writing section 1c, reads all track data on the magnetic card as analog signal, and analyzes the waveform of the analog signal so as to determine authenticity of the magnetic card, in addition, when target magnetic card is an authentic card, performs writing analog signal data based on the original algorithm in a front part of writing position of STX signal and a rear part of writing position of ETX signal.

Abstract: A secure solution is provided to the problem of secret key agreement. In particular, a method of reliable forward secret key sharing is disclosed between two legitimate correspondents whose profiles match sufficiently. The invention relies on a physical random function, sometimes referred to as a physical unclonable function (PUF) to provide a secure solution to the problem of secret key agreement. In one embodiment, a one-pass protocol is introduced based on Reed-Solomon codes leading to an unconditionally secure solution. In a further embodiment, the solution of the first embodiment is improved upon by providing a conditionally secure solution based on a pseudo random family of functions. In a still further embodiment, a two-pass protocol is introduced which is used exclusively for purposes of identification and authentication. In accordance with the principles of the two-pass protocol, two communications are required and unlike the one-pass protocol, the second correspondent selects the secret key K.

Abstract: All nodes within a communication system (100) will create an IP address based on a shared-secret key. The shared-secret key is unique for every node within the communication system and is known only to the node (102) and a server (103). The router (101) can validate that the node (102) owns the IP address.

Abstract: An apparatus for communicating, including a communicating unit that enables the apparatus to communicate with a communications counterparty via the communicating unit. The communicating unit includes a unit for providing an individual certificate that is a digital certificate being provided with information identifying the apparatus for communicating in order to receive an authentication by the communications counterparty when communicating, and a unit for communicating when having been authenticated with the individual certificate by the communications counterparty. The apparatus further includes at least one storage area for storing the individual certificate and a common certificate that is a digital certificate not being provided with apparatus identifying information, in a replacement component as a minimum unit enabled for replacement.

Abstract: A system and method for searching and retrieving certificates, which may be used in the processing of encoded messages. In one broad aspect, a method is provided in which a certificate search request is received, a search of one or more certificate servers for certificates satisfying the request is performed, located certificates are retrieved and processed at a first computing device to determine data that uniquely identifies each located certificate, and search result data comprising the determined data is communicated to a second device (e.g. a mobile device) for use in determining whether each located certificate is already stored on the second device.

Abstract: A method and system for secure communication and control in a fueling environment. In one aspect, the fueling environment with secure communication comprises a fuel dispenser and at least one node communicable coupled with the fuel dispenser. The fuel dispenser is operable to generate a first public key and a first private key associated with the fuel dispenser and publish the first public key within the fueling environment. The fuel dispenser is further operable to authenticate a particular one of the nodes using, at least in part, a second public key associated with the particular node and the first public and the first private keys. The fuel dispenser may then dynamically generate a run-time symmetric key using, at least in part, the first private key and the second public key and communicate data associated with the fueling environment to the authenticated node, with the data encrypted using the symmetric key.

Abstract: Providing a user with assurance that a networked computer is secure, typically before completion of the log-in operation. This can be accomplished by extending the local log-in process to perform a host assessment of the workstation prior to requesting the user's credentials. If the assessment finds a vulnerability, the log-in process can inform the user that the machine is or may be compromised, or repair the vulnerability, prior to completion of the log-in operation. By performing vulnerability assessment at the level of the workstation, a network server is able to determine whether the workstation is a “trusted” platform from which to accept authentication requests. If the vulnerability assessment shows that the workstation is compromised, or if the possibility of remote compromise is high, the network server can elect to fail the authentication on the grounds that the workstation cannot be trusted.

Abstract: An extensible token framework is provided for identifying purpose and behavior of run time security objects. The framework includes a set of marker token interfaces, which extends from a default token interface. A service provider may implement one or more marker token interfaces for a Subject or a thread of execution. A service provider may also implement its own custom marker tokens to perform custom operations. The security infrastructure runtime recognizes behavior and purpose of run time security objects based on the marker or custom marker token interfaces the token implements and handles the security objects accordingly.

Abstract: A system and method for searching and retrieving certificates, which may be used in the processing of encoded messages. In one embodiment, a certificate synchronization application is programmed to perform certificate searches by querying one or more certificate servers for all certificate authority (CA) certificates and cross-certificates on the certificate servers. In another embodiment, all certificates related to an identified certificate are retrieved from the certificate servers automatically by the certificate synchronization application, where the related certificates comprise at least one of one or more CA certificates and one or more cross-certificates. Embodiments of the invention facilitate at least partial automation of the downloading and establishment of certificate chains, thereby minimizing the need for users to manually search for individual certificates.

Abstract: A secure method for generating digital documents that are certified by a known authority, comprising the steps of: A. Programming an electronic device with a document issuing method that originates with the known authority; B. programming the electronic device with data identifying the owner of the device; C. reading a digital document into the device; D. physical identification of the owner of the device, based on the identifying data as programmed in step (B); E. if the result of the identification process in step (D) is positive, then issuing of a digital document signed by the known authority. A device for generating digital documents that are certified by a known authority, comprising a computer for implementing a program written in the memory, and wherein the memory includes a document issuing method that originates with the known authority; input means for reading information related to physical user identification; and output means.

Abstract: A certificate managing device has a verifying section that verifies validity of a first public key certificate corresponding to a originating mail address when an electronic mail to which the first public key certificate is attached is received, a comparing section that compares newness of the first public key certificate with newness of a second public key certificate which is already registered as a public key certificate corresponding to the originating mail address, and a registering section that registers the first public key certificate as the public key certificate corresponding to the originating mail address in place of the second public key certificate when the first public key certificate is more recent than the second public key certificate.

Abstract: A method and system for securely processing a credential substrate using a credentials production system and secured consumable supply. The consumable supply is selectively in one of a plurality of states including a production disabled state and a production enabled state. The state of the consumable supply is changed from the production disabled state to the production enabled state. The state in the consumable supply is verified as being in the production enabled state prior to processing the credential substrate using the consumable supply.

Abstract: An improved secure programming technique involves reducing the size of bits programmed in on-chip secret non-volatile memory, at the same time enabling the typical secure applications supported by secure devices. A technique for secure programming involves de-coupling chip manufacture from the later process of connecting to ticket servers to obtain tickets. A method according to the technique may involve sending a (manufacturing) server signed certificate from the device prior to any communication to receive tickets. A device according to the technique may include chip-internal non-volatile memory to store the certificate along with the private key, in the manufacturing process.

Abstract: The hash extension technique used to generate an ECGA may be used to increase the strength of one-way hash functions and/or decrease the number of bits in any situation where some external requirement limits the number of hash bits, and that limit is below what is (or may be in the future) considered secure against brute-force attacks. For example, to decrease the length of human entered security codes (and maintain the same security), and/or to increase the strength of a human entered security code (and maintain the length of the security code), the security code may be generated and/or authenticated using an extended hash method.

Abstract: A maintenance control system comprises at least one electronics unit including a first wireless communicator, a second wireless communicator configured for association with an individual, and an authentication manager. The authentication manager authenticates access to the at least one electronics unit via wireless communication between the first wireless communicator and the second wireless communicator regarding a maintenance identifier stored within a memory of at least one of the first wireless communicator and the second wireless communicator.

Abstract: Techniques are provided for improving security in a single-sign-on context by providing, to a user's client system, two linked authentication credentials in separate logical communication sessions and requiring that both credentials be presented to a host system. Only after presentation of both credentials is the user authenticated and permitted to access applications on the host system.

Abstract: A method for secure loading of a key dedicated to securing a predetermined operation into memory of a microchip of an embedded system includes, as a first step, authenticating a security device by generating a first random number using the microchip, transmitting the first random number to the security device, generating a second random number in the security device, generating a first cryptogram from the first and second random numbers by applying an asymmetric signature algorithm using an asymmetric secret key, transmitting at least the first cryptogram to the microchip, and authenticating the security device by verifying the first cryptogram using the public key.

Abstract: Determining access includes determining if particular credentials/proofs indicate that access is allowed, determining if there is additional data associated with the credentials/proofs, wherein the additional data is separate from the credentials/proofs, and, if the particular credentials/proofs indicate that access is allowed and if there is additional data associated with the particular credentials/proofs, then deciding whether to deny access according to information provided by the additional data. The credentials/proofs may be in one part or in separate parts. There may be a first administration entity that generates the credentials and other administration entities that generate proofs. The first administration entity may also generate proofs or may not generate proofs. The credentials may correspond to a digital certificate that includes a final value that is a result of applying a one way function to a first one of the proofs.

Abstract: A sub system (110) included in a robot that executes a program for performing a predetermined function includes a data receiving unit (115) that receives expansion data that expands the function of the robot, a data incorporation unit (116) that incorporates the received expansion data, a password output unit (113) that outputs a password corresponding to a predetermined condition, and a server sub system (100) that provides a plurality of expansion data includes a terminal communication unit (101) that accepts an input of the password by a user, an option presentation unit (125) that obtains the plurality of expansion data corresponding to the accepted password and presents to the user, a data selection unit (104) that accepts a selection of the user, and a data transmission unit (106) that transmits the selected expansion data to the robot sub system (110).

Abstract: When an application is loaded into a device (100, 200), the device verifies that the application originates from a trusted operator. The verification implies that the application must, in a secure manner, present itself to the device in such a way that the device can ensure that it originates from the trusted operator. The device identifies the trusted operator as well as the issuer of a SIM (211) located in the device. Thereafter, the device compares the identity of the trusted operator with the identity of the issuer of the SIM, and if the identity of the trusted operator corresponds to the identity of the issuer of the SIM, the previously verified application is installed in a secure execution environment (104, 204, 211) of the device.

Abstract: A method of protecting an electronic device from unauthorized reprogramming, the electronic device comprising a data memory and a key memory, the method comprising loading into the key memory a predetermined public key of a cryptographic public key mechanism for verifying subsequent data items to be loaded into the data memory, the subsequent data items being signed with a corresponding private key; characterized in that the method further comprises setting a permanent identifier in the electronic device, the permanent identifier including an identifier identifying an entity authorized to reprogram the electronic device and an indicator identifying a selected one of a number of categories of public keys.

Abstract: Methods and apparatus for a smartcard system are provided which securely and conveniently provides for secure transaction completion in a contact or contactless environment. The invention utilizes selection of processing applications based on the account issuer parameters and risk factors (stored on a smartcard) and merchant system parameters and risk factors (stored on a merchant system database). The invention permits a merchant system and smartcard to exchange information useful for determining if particular transactions should be completed online or offline.

Abstract: A system for selectively enabling a microprocessor-based system is disclosed. State information that describes the operating conditions or circumstances under which a user intends to operate the system is obtained. In the preferred embodiment of the invention, a valid hash value is determined, preferably based on the state information and preferably by locating the valid hash value within a table of valid hash values indexed by the state information. Candidate authorization information is obtained from the user, and a candidate hash value is generated by applying a hashing algorithm to the candidate authorization information, the state information, or a combination of the candidate authorization information and state information. The candidate hash value and the valid hash value are then compared, and the microprocessor-based system is enabled if the candidate hash value matches the valid hash value.

Abstract: Certain embodiments of the invention may provide a method and system for secure access to a media peripheral in a home via a node in a communication network and may comprise attempting to identify previously acquired security data associated with the media peripheral. If the security data is not found, information associated with the home may be exchanged and security data associated with the media peripheral may be acquired and utilized to facilitate secure communication between the media peripheral and the communication network. The security data may also be authenticated and/or transferred to, for example, a media exchange server or other server coupled to the communication network. If previously acquired security data associated with the media peripheral is found, an identifier associated with the home may be acquired, authenticated, registered and/or distributed throughout the communication network.

Abstract: Methods and apparati for securely loading one or more computer software applications onto a tamper resistant module (TRM) (107) and for securely deleting one or more applications from the TRM. An embodiment of the invention comprises a method for determining, based at least upon an encrypted personalization data block, whether a TRM (107) is part of a qualified set of TRM's to accept loading of an application. Thereafter, the method provides for loading the application onto the TRM (107) only after the first step determines that the TRM (107) is qualified to accept the loading of the application. Another embodiment comprises a method for determining, based at least upon an encrypted personalization data block, whether a TRM (107) is part of a qualified set of TRM's to accept deleting of an application. Thereafter, the method provides for deleting the application from the TRM (107) only when the first step determines that the TRM (107) is qualified to accept the deleting of the application.

Abstract: The present invention relates to a mobile, portable and compact signature device which is used for simple and secure signature of information by a user. In particular the device is protected from manipulation attempts by the combination of two measures: firstly the architecture ensures that information can only be shown on the display and signed when decrypted by the Smartcard in the device and thus intended for a specific user identity represented by the Smartcard. Secondly further manipulation opportunities for a potential attacker are restricted by the permanent combination in everyday use of the signature device with display and Smartcard. The area of application of the signature device disclosed and associated method includes but is not restricted to the authorisation of financial transactions.

Abstract: A method and system for securely and efficiently processing transactions on a client computer with secure and insecure components. A secure transaction module runs on the secure components and uses certificates to authenticate client/server transactions. Users can fill in server-supplied forms with a very high degree of confidence that no malicious software has interfered, and that the server will get exactly what the user intended. The module maintains some tamper-resistant storage with labels indicating that certain registers can only be changed based on cryptographically secured commands from remote server domains. If such registers are scarce, then additional ones are simulated. Applications include managing online accounts, purchase of monetary credits that can be spent online, moving credentials on and off smart cards, using proxy signers to divide certificate authority responsibilities, creating self-destructing email documents, and digital rights management.

Abstract: Secure authentication of a user on a host computer to a web server including a security device acquiring trust or a security context from the web server. The security device is operable of providing an X.509 certificate to a browser plug-in on the host computer. The browser plug-in on the host computer performing authentication of the security device and in response providing user credentials to the security device. The security device performing authentication of the user and requests a security context from the web server. In response, the web server provides a security context to the security device. The security device delegates the web server trust by transmitting the context to the host computer and enabling the user to securely access resources on the web server.

Abstract: The present invention relates to a system and method for fully electronic identity authentication, with particular application to electronic election registration and voting. In particular, the present invention provides an authentication system that operates in conjunction with a secure server to authenticate users to provide access information as needed for the authenticated users to access the secure server.

Abstract: An authentication and network management system for Wi-Fi local area networks includes a network management device and a plurality of Wi-Fi local area networks coupled to the network management device. Each local network includes at least one access point device having a Wi-Fi radio. A plurality of end user devices are attachable to the network forming nodes thereof, and each end user device has input plugs, such as USB ports and the like, for coupling accessories thereto. An authentication device is provided in the network for authenticating the end user devices attached to the network. A plurality of authenticating keys is provided, with each key attachable to an input plug of an end user device. Each key contains a validation certificate therein, wherein the authentication device verifies the presence of a current validation certificate on a key coupled to the end users device prior to granting access to the network.

Abstract: A method for generating and verifying a user attestation-signature value and issuing an attestation value for using a user attestation-signature value that corresponds to at least one attribute, each with an attribute value remaining anonymous includes: providing a module public key and a security module attestation value providing a user public key that includes: at least one user determined attribute value and a proof value demonstrating that the user public key is validly derived from the module public key of the security module deriving an attester determined attribute value and an attestation value based on an attester secret key, the user public key, and an anonymous attribute value and verifying whether or not (i) the user attestation-signature value was validly derived from the security module attestation value provided by the security module and the attestation value, (and (ii) the attestation value is associated with a subset of at least one attribute, each attribute in the subset having a revealed

Abstract: The invention relates to a system for information transmission between a write- and/or read installation and several portable devices. According to the invention, the information transmission between a portable device and the write- and/or read installation is effected via two channels. On the one hand a first information transmission takes place capacitively and preferably with the human body as a transmission medium. On the other hand, the information transmission procedure also includes a second or conventional “contactless” transmission, i.e. an inductive transmission or a transmission via electromagnetic waves, for example in the radio frequency-, microwave- or infrared range.

Abstract: A method for provisioning a device such as a token. The device issues a certificate request to a Certification Authority. The request includes a public cryptographic key uniquely associated with the device. The Certification Authority generates a symmetric cryptographic key for the device, encrypts it using the public key, and creates a digital certificate that contains the encrypted symmetric key as an attribute. The Certification Authority sends the digital certificate to the device, which decrypts the symmetric key using the device's private key, and stores the decrypted symmetric key.

Abstract: A digital certificate is employed to produce a digital signature for a digital construct. In the digital certificate is set forth a certificate validity period defining for the digital certificate a time period during which the digital certificate is to be honored as valid for producing digital signatures, and a signature validity period defining for each digital signature produced based on the digital certificate a time period during which the digital signature is to be honored as valid.

Abstract: The present invention relates to a system and method for dynamically auditing of electronic elections using an electronic registration and voting system. In particular, the present invention provides false voting data associated with false voters to the voting systems, recovers voting records associated with the false voters, and compares the stored voting records to the original false voting data.

Abstract: A method and apparatus for user authentication using infrared communication of a mobile terminal is disclosed. The user authentication system, which is for identifying a user who requests service from an automated machine, comprises a mobile terminal for transmitting electronic signature data for the user in the form of an infrared signal, automated information providing means for providing the requested service after verifying the validity of the electronic signature data, and certificate providing means for registering an authorization certificate in response to a request from the mobile terminal and transmitting the certificate to the automated information providing means for verifying the user authentication.

Abstract: A digital certificate identifies an entity as having authority over the certificate to revoke same as delegated by the issuer. The certificate also has at least one revocation condition relating to possible revocation of the certificate. To authenticate the certificate, the identification of the delegated revocation authority, a location from which a revocation list is to be obtained, and any freshness requirement to be applied to the revocation list are determined from the certificate. It is then ensured that the revocation list from the location is present and that the present revocation list satisfies the freshness requirement, that the revocation list is promulgated by the delegated revocation authority identified in the certificate, and that the certificate is not identified in the revocation list as being revoked.

Abstract: The described systems, methods and data structures are directed to a portable computing environment. A communication link is established between a portable device and a host device. The portable device is equipped with a processing unit and is configured to execute a process that is accessible by the host device. The host device includes an application configured to interact with the process on the portable device. The process on the portable device provides data to the application on the host device using the communication link. The application uses the data to provide a computing environment.

Abstract: Methods and device for digitally signing documents by using a portable device that encodes a signature string to sound. The acoustic signature string may be transmitted and then decoded back into digital data. The signature string may be further processed to verify the signature of the document and to produce a certificate of identity and integrity for the document. The certificate of identity and integrity may be used to further identify and validate the document and its signer.

Abstract: The described systems, methods and data structures are directed to a portable computing environment. A communication link is established between a portable device and a host device. The portable device is equipped with a processing unit and is configured to execute a process that is accessible by the host device. The host device includes an application configured to interact with the process on the portable device. The process on the portable device provides data to the application on the host device using the communication link. The application uses the data to provide a computing environment.

Abstract: Embodiments of the system may utilize a Knowledge Broadcasting System for specifying content metadata and locating Internet documents. In this instance embodiments of the invention comprise an improved manner of specifying the content of an Internet document in such a way that the users of the system are able to retrieve relevant Internet documents. This is accomplished using a three-tiered search engine where the first-tier is denoted as a category search, the second tier is denoted as a context search, and the third-tier is denoted as a keyword search. At each step relevant information is filtered out and the focus of the search is narrowed. In the general search, the user narrows the focus of the search by selecting a hierarchical definition.

Abstract: A host communicates with a gateway, a DHCP server or a PPP peer of ISP to determine an IPv6 address, also receives a public key certificate from the gateway, the DHCP server or the PPP peer of ISP, and sends a public key certificate including an IPv6 address to a communication counterpart. The host receives a new public key certificate from the gateway, the DHCP server or the PPP peer of ISP when necessary.

Abstract: In accordance with the present invention, ingredients for a particular electronic recipe accessible at a particular web site are encrypted, wherein the encrypted ingredients may be decrypted by a food retailer that intends to pre-package the encrypted ingredients. Instructions for preparing the electronic recipe and the encrypted ingredients are transmitted to a computer system associated with a particular user. The particular user may select the food retailer at which the encrypted ingredients are to be pre-packaged and transmit the encrypted ingredients to the food retailer. The selected food retailer may decrypt the encrypted ingredients utilizing a decryption key provided by the particular web site and pre-package the encrypted ingredients for the particular user.

Abstract: The described systems, methods and data structures are directed to a portable computing environment. A communication link is established between a portable device and a host device. The portable device is equipped with a processing unit and is configured to execute a process that is accessible by the host device. The host device includes an application configured to interact with the process on the portable device. The process on the portable device provides data to the application on the host device using the communication link. The application uses the data to provide a computing environment.

Abstract: The invention provides a form of reacting on security or vulnerability information relevant for a system comprising computer software and/or hardware or electronics, wherein a service provider with a first subsystem (1) is providing activation tokens to be received by a customer with a second subsystem (2). The activation tokens including activation information and naming of system characteristics in machine readable and filterable manner. The second subsystem (2) comprises receiving means (11) for controlling the receiving of the activation tokens, checking means (12) for automatically determining whether the activation information is relevant for the second subsystem (2) by checking whether the second subsystem has characteristics corresponding to the naming of an activation token, and transforming means (13) for transforming relevant activation information into at least one activation measure for the second subsystem (2). The activation measures will reduce the vulnerability of the second subsystem.

Abstract: System and computer program product for updating an SSL certificate for a server. First program instructions detect when a change has been made to a name, domain or IP address of the server and detect that the server is using an SSL certificate based on a name, domain or IP address applicable before the change. In response, the first program instructions notify an administrator that a change is required to the SSL certificate to reflect the change to the name, domain or IP address. Second program instructions respond to a request by the administrator, to automatically create a new SSL certificate signing request. The new SSL certificate signing request is a form which can be sent to an SSL certificate authority. Third program instructions respond to another request by the administrator, to send the new SSL certificate signing request to the SSL certificate authority.

Abstract: In an information processor for checking in or out a content to an external device connected thereto, a number of possible checkouts for the content by a predetermined kind of symbol, a name corresponding to the content is displayed and a number of possible checkouts for the content is displayed. Thus, a desired content can be checked out or in simply and quickly.