Abstract: Each software component loaded for a verified operating system on a client computer must satisfy a set of boot rules for a boot certificate. A verified operating system identifier is created from the boot certificate. The boot certificate is published and signed by a boot authority that attests to the validity of the operating system booted under the boot certificate. Each software component for the operating system is associated with a component certificate published and signed by the same boot authority that signed the boot certificate. The boot rules determine the validity of the software component based on the contents of the component and boot certificates. The client computer transmits the verified operating system identity and the boot certificate to a server computer, such as a content provider, and the content provider determines whether to trust the verified operating system with its content.

Abstract: A memory control unit includes fuses that are selectively blown to set a manufacturer's identification code (ID), and a further fuse that is selectively blown to designate the memory control unit as a general-purpose unit or a custom unit. When designated as a custom unit, the memory control unit uses the manufacturer's ID to protect data in the memory by scrambling the data, or by comparing the manufacturer's ID with an input ID and disabling access to the memory if the ID's do not match. A semiconductor integrated circuit chip including the memory control unit can thus be fuse-programmed for either general-purpose use or custom use.

Abstract: A server registering a first party as a party relying upon a second party's certificate, revoking the second party's certificate after registering the first party, and initiating communication with the first party to indicate that the second party's certificate has been revoked.

Abstract: A system and method to validate security credentials using hardware is provided. The system includes a credential validation module to recalculate security credentials received in a datagram and to determine if the security credentials are valid. The system also includes a parser to extract the security credentials from the payload data of the received datagram, and a memory to store validated credentials for further use.

Abstract: In one embodiment, a system comprises debug functionality, a debug interface communicatively coupled to the debug functionality, and a hardware key interface. Communication with the debug functionality over the debug interface is not permitted if an authorized hardware key is not communicatively coupled to the hardware key interface.

Abstract: The invention relates to a method for preparing a chip card for electronic signature services. According to said method, data is exchanged between a chip card user and a signature portal, an asymmetric pair of keys and a signature PIN that is associated with the asymmetric pair of keys being generated on the chip card by means of a software application which can be executed on the chip card, and the chip card communicating the signature PIN to the user.

Abstract: A method and apparatus for verifying revocation status of a digital certificate is provided. The invention operates in part by a receiver verifying a security certificate for a sender. In various embodiments the steps to accomplish this include receiving a first security certificate associated with the sender and storing the security certificate in a location accessible to the receiver; updating the first security certificate in the location accessible to the receiver if the first security certificate is changed or revoked; receiving a second security certificate from the sender when identity of the sender needs to be verified; comparing the second security certificate to the first security certificate; and confirming the sender's identity only if the second security certificate matches the first security certificate for the sender.

Abstract: This invention relates to a method, devices and system for distributing rights to a digital content and for accessing said digital content. Further, the invention relates to a voucher structure defining rights to said digital content. Still further, the invention relates to a digital content structure adapted for arranging the distribution of rights to the digital content.

Abstract: The described systems, methods and data structures are directed to a portable computing environment. A communication link is established between a portable device and a host device. The portable device is equipped with a processing unit and is configured to execute a process that is accessible by the host device. The host device includes an application configured to interact with the process on the portable device. The process on the portable device provides data to the application on the host device using the communication link. The application uses the data to provide a computing environment.

Abstract: A method and computer program to assign certificates/private keys to a token. This method and computer program allows a user to access a certificate authority and have certificates/private keys that are used for signature, encryption and role purposes generated and downloaded to the token. The use of secure communication lines and computers is not necessary since the token contains a unique token ID and private key, while the certificate authority contains the associated public key for the token. The certificate generated is wrapped in the public key and only the token, having the associated private key, may activate the certificate.

Abstract: A method for mutual authorization of a secondary resource in a grid of resource computers is provided. When a primary resource attempts to offload a grid computing job to a secondary resource, the primary resource sends a proxy certificate request to the user machine. Responsive to a proxy certificate request, the user machine performs authorization with the secondary resource. If authorization with the secondary resource is successful, the user machine generates and returns a valid proxy certificate. The primary resource then performs mutual authentication with the secondary resource. If the authorization with the secondary resource fails, the user machine generates and returns an invalid proxy certificate. Mutual authentication between the primary resource and the secondary resource will fail due to the invalid proxy certificate. The primary resource then selects another secondary resource and repeats the process until a resource is found that passes the mutual authorization with the user machine.

Abstract: A computer implemented web based access control facility for a distributed environment, which allows users to request for access, take the request through appropriate approval work flow and finally make it available to the users and applications. This program also performs an automatic task of verifying the health of data, access control data as well as the entitlements, to avoid malicious user access. The system also provides an active interface to setup a backup, to delegate the duty in absence. Thus this system provides a comprehensive facility to grant, re-certify and control the entitlements and users in a distributed environment.

Abstract: The present invention discloses a method and apparatus for manufacturing trusted devices. A licensing authority provides keying information to a multitude of manufactures that insert the keying information into trusted devices. The trusted devices generate final private and public keys using the keying information. The keys may then be certified by the manufacture and verified by other devices.

Abstract: In an embodiment of a system and method according to the present invention, a chain of one or more certificates certifying a principal's public key is exchanged for a single substitute certificate. The substitute certificate is used as a replacement for the certificate chain. The substitute certificate is useful for authentication of the principal. In one embodiment, an authentication server exchanges the certificates. The substitute certificate is signed by the authentication server and used for authentication and communication with principals that have knowledge of and trust the authentication server. In one embodiment the substitute certificate also includes the principal's access information.

Abstract: Generating a device certificate. A method of generating a device certificate comprising forming a template that will generate a device certificate upon the occurrence of a triggering event, filling in an authorization root certificate section of the template; filling in an authorization certificate section of the template, filling in a group certificate section of the template, and forming a device certificate section of the template.

Abstract: An online transaction system configured to implement authentication methods that allow for strong multi-factor authentication in online environments. The authentication methods can be combined with strong security methods to further ensure that the authentication process is secure. Further, the strong multi-factor authentication can be implemented with zero adoption dependencies through the implementation of automated enrollment methods.

Abstract: A device is provided for controlling secure transactions using a physical device held by a user and bearing at least one first pair of asymmetric keys, including a first device public key and a first corresponding device private key. The control includes, prior to implementing the device, certifying a first device public key and characteristics data of the physical device by signing with a first certification key, delivering a factory certificate, after verifying that the device private key is housed in a tamper-proof zone of the physical device. At least one second pair of asymmetric keys is generated, including a second device public key and a second device private key housed in a tamper-proof zone of the device. A second device public key is certified by signing with at least the first device private key, delivering a provisional certificate.

Abstract: Mobile code, such as an applet, is permitted to create a network connection with a content server on a network, without restricting the applet only to connections from the computer from which it was downloaded. This is achieved in accordance with the principles of the present invention by using network restriction software in the execution engine or runtime system under which the applet executes. When the applet attempts to create a network connection to a content server, the network restriction software checks a name file on the content server for the presence of an entry whose name corresponds to the name of the computer from which the applet was downloaded. If such an entry is present, then the network restriction software permits the network connection between the applet and the content server to be created. If not, the applet may not create a network connection with the content server.

Abstract: The present invention is directed to a secure electronic registration and voting solution incorporating integrated end-to-end voting system architecture and processes providing secure identification and authentication, voter registration, ballot definition, ballot presentation to the voter, voting, and ballot tabulation via secure transmission over the network. The disclosed embodiments of the present invention describe an integrated solution to voting via a network, such as the Internet. A user logs into the system using through an application on a local computer that presents an electronic ballot to a user and accepts the user's voting selections. The voting selections are then associated with the user's login data and an identifier for the local computer. The local application than encrypts the voting data and forwards a server that authenticates the encrypted voting data using the user login and the computer identifier. The still-encrypted voting data is then stored.

Abstract: Certification processing hardware is connected to a game apparatus utilized for connecting with a game server in a network game environment to execute a user certification process. The certification processing hardware includes: a storing unit which stores certification information of the user, such as a user ID and a password; a certification information transmitting unit which encrypts the certification information with an encryption key from the game server to transmit it to the game server; a certification result information receiving unit which receives certification result information from the game server; and a certification result decryption processing unit which decrypts the certification result information. Components of the certification information cannot be referred to and copied from outside the certification processing hardware, thereby ensuring the confidentiality of the certification information.

Abstract: To provide an improved management structure of memory devices storing service-use applications. A card for a memory device applied to use various services is provided as one child card or more corresponding to each of the services, a parent card-stores data for child-card issue management, and the child-card issue processing is executed based on the parent card, such as parent card authentication. An issue certificate having a parent-card digital signature is stored in the child card, the issue certificate contains a service code and a child-card identification, and thus it becomes possible to confirm a service set in the child card based on the issue certificate as the parent-card signature data.

Abstract: Method for securing a session over a radio or infrared wireless link (101) between a terminal (11) and a mobile equipment (10), said session being secured with a SIM card (100) in said mobile equipment (10). The terminal (11) and the mobile equipment (10) both comprise a display and a keyboard or keypad and can be mutually connected through said short distance wireless link (101). The method comprises the following steps: generating a secret in one of said terminals or said smart cards, displaying this secret on the display of said terminal (11) or said user equipment (10), entering said secret or the hash value of said secret on the input means of the other one of said terminals (11) or user equipments (10), using said shared secret for securing at least a part of said session over said short distance wireless link (101).

Abstract: A home device authentication system and method, wherein the home device authentication system includes one or more home devices each having device information including coding information for authentication and information on a service provider providing authentication services; and a home gateway including decoding information corresponding to the coding information of the home devices, and for authenticating the home devices by using the decoding information. Further, if there exists no decoding information in the home gateway, the home gateway requests the decoding information from the service provider. Accordingly, privacy and security for the home network is secured.

Abstract: In order to apply an electronic signature from a client station having authentication resources at a server, the following steps are carried out: the client station is authenticated at the server, thus establishing an authenticated communication channel; a private key/public key pair is generated at the client station; a signature certificate request generated by means of at least the public key is transmitted from the client station to the server via the authenticated channel; a signature certificate obtained in response to the request is returned via the authenticated channel; this certificate is verified at the client station; an electronic signature is calculated at the client station by means of the private key, after which this private key is destroyed; and the calculated signature is formatted with the aid of the signature certificate received via the authenticated channel.

Abstract: The present invention provides in a method for providing secure authentication using digital certificates, an improvement to enable the selective transfer of authentication data. The said method comprises presentation of basic authentication data certified by an accepted certifying authority, at the commencement of a secure transaction and transfer of additional individual authentication data units against specific requests, as and when required, thereby eliminating the risks associated with providing any authentication data that is not required for a particular transaction. The instant invention also provides a system and configured computer program product for carrying out the above method.

Abstract: A storage device has a storage medium, a set of credentials stored on the storage medium, and a controller. The controller within the storage device is coupled to the storage medium, and adapted to identify security status of the storage device. The controller is adapted to alter one or more credentials of the set of credentials responsive to the security status.

Abstract: A boot method an apparatus arc described which reduce the likelihood of a security breach in a mobile device, preferably in a situation where a reset has been initiated. A predetermined security value, or password, is stored, for example in BootROM. A value of a security location within FLASH memory is read and the two values are compared. Polling of the serial port is selectively performed, depending on the result of such comparison. In a presently preferred embodiment, if the value in the security location matches the predetermined security value, then polling of the serial port is not performed. This reduces potential security breaches caused in conventional arrangements where code may be downloaded from the serial port and executed, which allows anyone to access and upload programs and data in the FLASH memory, including confidential and proprietary information.

Abstract: A smart card system is disclosed for secure transmission of post issuance data to a embedded chip using a chip relay module, a plurality of hardware security modules, a first communication system having two security layers and a second communication system having four security layers. The first communication system may be considered a server side system and comprises a chip management system, a security server having a first hardware security module, a distribution server having a second hardware security module and a computer system connected by a network. The first communication system has a first security layer and a second security layer. The first security layer comprises mutual authentication that makes each component of the first communication system a trusted node to the others through client mutual authentication. The second security layer comprises system keys for secure communication between the hardware security modules.

Abstract: System for using a manufacturer issued certificate to authenticate a CTA device during registration with an IP telephony network. In response to providing the manufacturer issued certificate, the issuance of another certificate allows the CTA to be provisioned by a specific IP telephony network. The system includes a method of operating a cable telephony adapter in an IP telephony network. The method includes steps of storing a manufacturer issued certificate in the cable telephony adapter, providing the manufacturer issued certificate to the telephony network, receiving a network issued certificate, and registering for telephony services with the telephony network using the network issued certificate.

Abstract: A method and apparatus to transmit personal information, the method including: receiving an information request message requesting the personal information; receiving the personal information from a user; receiving a transmission approval from the user; transmitting a service requesting identifier to the service provider when the transmission approval is received; receiving a security policy with respect to the personal information to be transmitted; securing the personal information to be transmitted according to the received security policy; and transmitting the personal information to the service provider. Therefore, the personal information can be safely transmitted.

Abstract: Method and apparatus for enabling applications on security processors of computer systems. In one aspect, a security processor apparatus includes a processor and a memory coupled to the processor and operative to store a secure table. The secure table stores different certified endorsement keys and different values, each value associated with one of the endorsement keys. Each stored value is derived from a different application that is certified by the associated endorsement key to be executed on the processor.

Abstract: A method and apparatus for activating protected content on a portable memory device when the portable memory device is incorporated into a mobile terminal during the manufacture of the mobile terminal. During manufacturing, the portable memory device is coupled to the mobile terminal, and the mobile terminal is powered on. An activation program resident on the mobile terminal is executed upon power on of the mobile terminal. The activation program imports a secure rights database of rights files from the portable memory device, activates an active rights database resident on the mobile terminal based on the imported secure rights database, and disables the secure rights database on the portable memory device to prevent subsequent unauthorized use of the portable memory device.

Abstract: An encryption/decryption method is disclosed. The method comprises: using at least one public encryption algorithm for encrypting/decrypting data by using an encryption key, and using a digital certificate for obtaining the encryption key, being the digital certificate one intended for a purpose of guaranteeing a user's identity, with at least one field including a safe combination of bytes predetermined for containing a guarantee key intended for the purpose of guaranteeing the user's identity. The method also comprises a) selecting, according to at least one predetermined steganographic criterion, a subset of the bits of the field with the guarantee key and/or of at least another field of at least the digital certificate also including a safe combination of bytes but not containing the guarantee key, and b) generating from at least the selected bits the encryption key.

Abstract: A system, method and computer program product for administering trust dependent functional control over a portable endpoint security device (PEPS). A reconnoitering application in conjunction with a trust enforcement policy determines a relative trusted state of the host processing unit and administers trust dependent functional control over the PEPS in dependence on one or more trust dependent characteristics reconnoitered from the host processing unit. The trust dependent characteristics reconnoitered from the host processing unit may be location dependent, context dependent, hardware configuration dependent and logical state dependent.

Abstract: A system may include a sender computing system, an intermediary service component, and a receiver computing system. The sender computing system may transmit a message and authentication data, and the intermediary service component may receive the message and the authentication data from the sender computing system, process the message, and transmit the authentication data and the processed message. The receiver computing system may receive the authentication data and the processed message.

Abstract: A system may include a sender computing system to transmit first authentication data in association with a message, the first authentication data conforming to a first authentication mechanism, and to transmit second authentication data in association with the message, the second authentication data conforming to a second authentication mechanism. The system may also include a component to receive the first authentication data in association with the message from the sender computing system, and to receive the second authentication data in association with the message from the sender computing system.

Abstract: A system may include a sender computing system, an intermediary component, and a receiver computing system. The sender computing system may transmit first authentication data and second authentication data, and the intermediary component may receive the first authentication data and second authentication data from the sender computing system, perform an authentication action based on the second authentication data, and transmit the first authentication data. The receiver computing system may receive the first authentication data.

Abstract: A secure handshake service is implemented among a plurality of UPnP (Universal Plug and Play) portable media devices and endpoints in an open network hosting one or more UPnP services. A first portable media device receives a first request for a hosted service from a second portable media device via the network. The first portable media device authenticates authorizes the second portable media device as a function of the certificate of the request. The second portable media device is allowed to access the requested service hosted on the first portable media device if the second portable media device has been authenticated and authorized by the first portable media device.

Abstract: A workflow, enterprise, and mail-enabled application server and platform supports distributed computing and remote execution of web applications. Lotus Domino online services (DOLS) is used by a web site administrator to configure Internet Notes (iNotes) clients to auto download from server, thus providing iNotes clients with web access using HTTP with various browsers, and with local processing and replication. A local run time model comprises a hierarchy of models including object data store model, security model, indexing model, replication model, agent workflow model and mail model. DOLS provides a layered security model that allows flexibility for controlling access to all or part of an application. The highest level of security is managed through a database access control list (ACL). Further refinements within the security model provide access to specific documents, and their views, forms or folders, and include read access lists, write access lists, form access lists and readers and authors fields.

Abstract: Obtaining tokens with alternate personally identifying information. A method may be practiced, for example, in a networked computing environment including a client and a token issuer. The token issuer provides security tokens to the client that the client can use for accessing functionality of services in the networked computing environment. The method includes sending a security token request to a token issuer. The security token request specifies alternate personally identifying information for an entity. The method further includes receiving a security token from the security token issuer. The security token includes the alternate personally identifying information.

Abstract: A digital rights management system and method. The inventive system includes a client for publishing and/or viewing protected content; a DRM server for providing licenses for viewing the protected content; and an inventive license proxy server coupled between the client and the server. The license proxy server includes a digital rights management lockbox and plural digital rights management client certificates. The license proxy server is disposed on an operationally independent platform relative to the client or the DRM server and thereby extends a DRM vendor's rights management capabilities to other platforms.

Abstract: In one embodiment, techniques to validate certificates using authentication, authorization, and accounting (AAA) services are provided. A service receives a request from a requester for validation of a certificate. The request may include the certificate associated with the requester. The servicer creates a AAA request that includes the certificate. The AAA request is then sent to the AAA server. A response is then received from the AAA server that includes a result of the certificate validation and also AAA attributes associated with any AAA services performed. The servicer may then validate the proof of possession of the private key or perform other type of authentication calculations after receiving the response from the AAA server if the response indicates the certificate was validated. The servicer can then perform an action based on the certificate validation and AAA attributes.

Abstract: If a smart card is to be used for a particular purpose, and there is no certificate initialized on the smart card for this purpose, a computerized device enables a user to select one of the certificates already installed in the smart card for the particular purpose. The selected certificate may be imported into the computerized device.

Abstract: A method of authentication of peers of a peer-to-peer network includes a certificate issuer tracking at most a predetermined number of node IDs for each peer on the peer-to-peer network, a requesting peer requesting from the certificate issuer a certificate for authenticating a communicating peer and each certificate issued listing at least one node ID of the predetermined number of node IDs assigned for the communicating peer.

Abstract: A method for real-time validation of an electronically signature generated onboard a mobile system. The method includes maintaining a ground mobile user account management (GMUAM) module user database to have up-to-date authorized user account information. The GMUAM is hosted by a stationary central computer system (CCS). The method additionally includes transferring the up-to-date authorized user account information stored on the GMUAM user database to a mobile user account management (MUAM) module user database, thereby updating the MUAM user data base with up-to-date authorized user account information. The MUAM module is included in an onboard computer system (OCS) hosted by the mobile system. The method further includes evoking a signature validator module communicatively connected to the MUAM module to access the MUAM database and verify whether user account information included in an electronic signature initiated by a secure data application (SDA) is authorized user account information.

Abstract: In one embodiment, a Manufacturer Installed Certificate (MIC) and a personal identification number are sent to a call controller to request a configuration profile. When the configuration file is received, the IP phone is provisioned according to the configuration profile.

Abstract: At least one software application is stored in a memory device, where a security data structure controls access to information obtainable from data stored in the device and to the at least one software application. A set of protocols control communication between a host and a memory device. Invocation of at least one software application stored in the memory device modifies the protocol. A security data structure controls access to data stored in the memory device according to an access policy. Invocation of at least one software application stored in the memory device imposes at least one condition in addition to the access policy for accessing the data. A data object storing data in the memory device is associated with at least one software application. Accessing the object will invoke the at least one software application which processes the data in the object. Individual ones of a plurality of first sets of protocols are selectable for enabling data to be provided and stored in a data object.

Abstract: The invention is directed to a secure data communication system and method for use in connection with a potentially untrusted host computer. The system includes a storage medium that is connectable with the potentially untrusted host computer. The system also includes a hardened, stand alone, browser stored on the storage medium. The system can also include client authentication data and/or add-on program data. The browser can use the client authentication data to facilitate secure communications. The system can include has a loader that performs an integrity check of the browser and/or data files and launches the browser only if the browser and associated data files pass the integrity check. The client authentication data can be stored on the storage medium. The storage medium can be read-only, read-write or a combination thereof.

Abstract: An authentication system providing a safety authentication process of electronic values with the use of mobile terminals which do not have a tamper-resistant function. The electronic value including encrypted value authentication information (F(VPW)), wherein an authentication information (VPW) corresponding to an electronic value specified by a user is acquired by the hash calculation, is stored in user's mobile terminal.

Abstract: Software protection using data structures is described. In one implementation, an engine between the processor and the memory of a computing device encrypts and stores data and program variables in blocks of memory that correspond to nodes of a tree-like data structure. When accessed, the nodes of this search tree are rearranged according to various schemata to obscure memory access patterns from being detected by cache attacks or side-channel attacks. In one implementation, the data structure is a splay tree that self-rearranges upon access and increases efficiency while providing security.