By Generation Of Certificate Patents (Class 713/175)
  • Patent number: 8813243
    Abstract: Embodiments of the present invention provide a method and system, including a client and security token, for reducing a size of a security-related object stored in the token. The object is stored in a storage structure that is indexed according to an identity reference to a certificate associated with the object and a private key identifier identifying a private key assigned to an owner of the token. A request to access an encrypted data object results in accessing the private key identifier in the storage structure using only the identity reference as an index.
    Type: Grant
    Filed: February 2, 2007
    Date of Patent: August 19, 2014
    Assignee: Red Hat, Inc.
    Inventor: Steven William Parkinson
  • Patent number: 8812850
    Abstract: A method and apparatus for secure multimedia transfer provides an encrypted data transfer system that makes transferring multimedia content from a client to any incompatible system or to a system outside the location of the client very difficult.
    Type: Grant
    Filed: December 18, 2003
    Date of Patent: August 19, 2014
    Assignee: TiVo Inc.
    Inventors: James M. Barton, David C. Platt
  • Patent number: 8806196
    Abstract: A relying party obtains a certificate of a certificate subject and acquires a status information object for the certificate. The relying party validates the certificate using information in the status information object and compares authorization attributes present in the status information object with policy attributes associated with the requested service. A policy attribute is a set of constraints used by the relying party to determine if the authorization attributes associated with the certificate subject are sufficient to allow the certificate subject to access the requested service. If the authorization attributes present in the status information object match the policy attributes associated with the requested service, the relying party may grant the certificate subject access to the requested service.
    Type: Grant
    Filed: November 4, 2011
    Date of Patent: August 12, 2014
    Assignee: Motorola Solutions, Inc.
    Inventors: Anthony R. Metke, Erwin Himawan, Shanthi E. Thomas
  • Patent number: 8806195
    Abstract: User interface generation in view of constraints of a certificate profile is described.
    Type: Grant
    Filed: February 26, 2010
    Date of Patent: August 12, 2014
    Assignee: Red Hat, Inc.
    Inventors: Andrew Wnuk, Christina Fu
  • Patent number: 8806201
    Abstract: Systems, methods and apparatus for a distributed security that provides authentication and authorization management. The system can include an epoch processor that is used to validate authentication and authorization data that is valid only for an epoch. The epoch processor can maintain a public key that can be used to decrypt the authentication and authorization data during the epoch that the key is valid. The epoch processor can receive a new public key during each epoch. The epoch processor can also determine if the authentication or authorization data was fraudulently generated based on the contents of the data, and verifying whether the data is valid for the epoch in which it was decrypted.
    Type: Grant
    Filed: July 24, 2008
    Date of Patent: August 12, 2014
    Assignee: Zscaler, Inc.
    Inventors: Kailash Kailash, Shashidhara Mysore Nanjundaswamy, Amarnath Mullick, Jose Raphel
  • Patent number: 8800038
    Abstract: Provided is a tampering monitoring system that can identify a monitoring module that has been tampered with among a plurality of monitoring modules. A management apparatus is provided with an acquisition unit that acquires a new monitoring module that has not been tampered with, a generation unit that generates a decoy monitoring module by modifying the acquired monitoring module, a transmission unit that transmits the decoy monitoring module to the information security device and causes the information security device to install the decoy monitoring module therein, a reception unit that receives from the information security device, after the decoy monitoring module has been installed, monitoring results generated by the monitoring modules monitoring other monitoring modules, and a determination unit that identifies, by referring to the received monitoring results, a monitoring module that determines the decoy monitoring module to be valid and determines the identified monitoring module to be invalid.
    Type: Grant
    Filed: April 15, 2011
    Date of Patent: August 5, 2014
    Assignee: Panasonic Corporation
    Inventors: Yuichi Futa, Yuji Unagami, Natsume Matsuzaki, Hiroki Shizuya, Masao Sakai, Shuji Isobe, Eisuke Koizumi, Shingo Hasegawa
  • Patent number: 8799660
    Abstract: A communication apparatus includes: a first storage unit storing a received electronic mail; a verification unit executing a first verification about an electronic signature attached to the received electronic mail; a printing unit printing the received electronic mail if a verification result of the first verification is positive; a deletion unit deleting the printed electronic mail from the first storage unit; and a storage control unit controlling a second storage unit to store the mail information about the received electronic mail in the second storage unit if the verification result of the first verification is negative. The verification unit again executes the first verification about a specific electronic signature attached to a specific electronic mail which mail information is stored in the second storage unit. The printing unit prints the specific electronic mail if a verification result by again executing the first verification about the specific electronic signature is positive.
    Type: Grant
    Filed: March 19, 2010
    Date of Patent: August 5, 2014
    Assignee: Brother Kogyo Kabushiki Kaisha
    Inventor: Shohei Tsujimoto
  • Patent number: 8800020
    Abstract: A system and method are provided for controlling access to resources and facilitating correction of access issues. A two-factor authentication method comprises: receiving a credential associated with a connection request, determining a resource identifier associated with the connection request, identifying a user associated with the resource identifier, determining whether the received credential is valid for the identified user, and, responsive to a determination that the credential is not valid for that user, denying access to resources associated with the resource identifier and communicating information regarding the failure to the identified user.
    Type: Grant
    Filed: February 14, 2014
    Date of Patent: August 5, 2014
    Assignee: Elemica, Inc.
    Inventors: Paul Dale, Maarten Koopmans
  • Patent number: 8793487
    Abstract: A public key infrastructure comprising a participant that issues digital certificates. Each digital certificate can be relied upon in at least two different trust domains. The public key infrastructure does not employ policy mapping between or among the trust domains. Furthermore, the public key infrastructure does not link any pair of trust domains via cross-certificates. Just one trust domain is bound to the digital certificate at any given moment. The current trust domain that is to be bound to the digital certificate is elected by a relying party at the time of reliance, based upon a specific certificate validation methodology selected by the relying party.
    Type: Grant
    Filed: January 16, 2009
    Date of Patent: July 29, 2014
    Assignee: Identrust, Inc.
    Inventors: William C. Epstein, Lawrence R. Miller
  • Patent number: 8788828
    Abstract: A system and method for verifying ownership of an electronic receipt in a communication system providing a public key infrastructure, the verification arising out of a series of messages being sent and received between a first party and a verifying party, the method comprising the steps of receiving a proof message from the first party, the proof message being derived from at least a first public key based on a secret owned by the first party and wherein the secret is associated with at least the secret of a further public key of the first party and an electronic receipt that has been issued by electronically signing a request message with a second public key, determining whether or not the proof message was derived from the second public key.
    Type: Grant
    Filed: September 12, 2012
    Date of Patent: July 22, 2014
    Assignee: International Business Machines Corporation
    Inventors: Elsie van Herrewegen, Jan Camenisch
  • Patent number: 8788811
    Abstract: A method and system for server-side key generation for non-token clients is described.
    Type: Grant
    Filed: May 28, 2010
    Date of Patent: July 22, 2014
    Assignee: Red Hat, Inc.
    Inventors: Christina Fu, Andrew Wnuk
  • Publication number: 20140201530
    Abstract: The present invention provides system and method for providing certified voice and/or multimedia mail messages in a broadband signed communication system which uses packetized digital information. Cryptography is used to authenticate a message that has been compiled from streaming voice or multimedia packets. A certificate of the originator's identity and electronic signature authenticates the message. A broadband communication system user may be provisioned for certified voice and/or multimedia mail by registering with a certified mail service provider and thereby receiving certification. The called system user's CPE electronically signs the bits in received communication packets and returns the message with an electronic signature of the called system user to the calling party, along with the system user's certificate obtained from the service provider/certifying authority during registration. The electronic signature is a cryptographic key of the called party.
    Type: Application
    Filed: March 5, 2014
    Publication date: July 17, 2014
    Applicant: AT&T Intellectual Property II, L.P.
    Inventor: Aviel D. Rubin
  • Patent number: 8782406
    Abstract: There is disclosed a method in a communications system for enabling authentication of a sender device and a receiver device in the communication system, wherein the sender device is associated with a self-generated first identity and a first master device, the receiver device is associated with a self-generated second identity and a second master device and wherein the authentication is enabled by utilizing the first master device and the second master device for the sender device and the receiver device to verify the identities of each other. In one embodiment, both the sender device and the receiver device are also associated with a third device ant the third device is used in addition to the master devices for verifying said identities. There is also disclosed a method In a sender device, a method in a receiver device, a method in a third device, a sender device, a receiver device, a third device, and a computer program product for the same.
    Type: Grant
    Filed: July 4, 2008
    Date of Patent: July 15, 2014
    Assignee: DTS Steering Group AB
    Inventors: Anders Orre, Subhashini Sreenivasan, Niclas Lindberg, Ilio Virgili
  • Patent number: 8782771
    Abstract: Providing for employing a real time firewall to secure components of an automation control network from unauthorized communication to or from such components is disclosed herein. A monitoring component can inspect at least a portion of an instance of communication directed toward or originating from a component of the automation control network. Such inspection can, e.g., be a deep packet inspection based on information received from a communication request and/or response protocol. A filtering component can selectively admit or deny propagation of the instance of communication based on the inspection and a predetermined security criterion. In such a manner, the subject innovation can provide for limited access to network components from office network machines and for securing components of an automation control network from influence by unauthorized entities.
    Type: Grant
    Filed: June 19, 2007
    Date of Patent: July 15, 2014
    Assignee: Rockwell Automation Technologies, Inc.
    Inventors: Chao Chen, Steven J. Scott
  • Patent number: 8776186
    Abstract: A method begins by a dispersed storage (DS) processing module generating a certificate signing request (CSR) that includes a certificate and a certificate extension, wherein the certificate includes information regarding a requesting device and wherein the certificate extension includes information regarding an accessible dispersed storage network (DSN) address range for the requesting device. The method continues with the DS processing module outputting the CSR to a certificate authority of a DSN and receiving a signed certificate from the certificate authority, wherein the signed certificate includes a certification signature of the certificate authority authenticating the certificate and the certificate extension. The method continues with the DS processing module storing the signed certificate for use when generating a DSN access request, wherein the DSN access request is requesting access to dispersed storage error encoded data in the DSN at an address within the accessible DSN address range.
    Type: Grant
    Filed: August 17, 2012
    Date of Patent: July 8, 2014
    Assignee: Cleversafe, Inc.
    Inventors: Jason K. Resch, Wesley Leggette, Andrew Baptist
  • Patent number: 8775316
    Abstract: A computerized wagering game system includes a gaming module comprising gaming code which is operable when executed on to conduct a wagering game on which monetary value can be wagered, and a security module operable to perform at least one encryption function on information communicated via a network connection. The encryption functions include in various embodiments key management, authentication, or other encryption functions such as symmetric, asymmetric, hash, or message authentication code functions.
    Type: Grant
    Filed: April 8, 2011
    Date of Patent: July 8, 2014
    Assignee: WMS Gaming Inc.
    Inventors: Timothy D. Wilson, Jason A. Smith, Nevin J. Liber, Mark B. Gagner
  • Patent number: 8775809
    Abstract: A method and a device of verifying the validity a digital signature based on biometric data. A verifier attains a first biometric template of the individual to be verified, for instance by having the individual provide her fingerprint via an appropriate sensor device. Then, the verifier receives a digital signature and a second biometric template. The verifier then verifies the digital signature by using either the first or the second biometric template as a public key. The attained (first) biometric template of the individual is compared with the received (second) biometric template associated with the signature and if a match occurs, the verifier can be confident that the digital signature and the associated (second) biometric template have not been manipulated by an attacker for impersonation purposes.
    Type: Grant
    Filed: November 12, 2007
    Date of Patent: July 8, 2014
    Assignee: Koninklijke Philips N.V.
    Inventors: Pim Theo Tuyls, Gregory Krimhild Rene Neven
  • Patent number: 8775810
    Abstract: Systems, methods, and computer-readable media provide a requesting device with access to a service. In one implementation, a server stores a token decryption key for validating an encrypted token. The server receives the encrypted token and a digital signature generated using a signature creation key from a client device, and decrypts the token with the token decryption key. The server extracts a signature validation key from the token, and validates the digital signature using the signature validation data. The system provides the client device with access to the service, based on whether the digital signature is validated.
    Type: Grant
    Filed: September 30, 2009
    Date of Patent: July 8, 2014
    Assignee: Amazon Technologies, Inc.
    Inventors: Ryan J. Snodgrass, Joel C. Hegg, Ian T. R. MacLeod, Samuel S. Gigliotti, Scott G. Carmack
  • Patent number: 8775814
    Abstract: A system and a method for providing a personalized biometric identification system to facilitate in securing critical transactions have been disclosed. The system includes a server which captures pre-designated biometric prints of a user, personalizes them and registers them on a bio print reader, owned by the user, over a unidirectional non-Internet based channel. The system overcomes the challenges involved in employing biometrics as a part of non-repudiation process for authorizing Internet based critical transactions for multiple entities by assuring the safety of the biometric prints of the users and eliminating additional hardware requirements.
    Type: Grant
    Filed: August 28, 2012
    Date of Patent: July 8, 2014
    Assignee: Tata Consultancy Services Ltd.
    Inventor: Prasanna Bidare
  • Patent number: 8769290
    Abstract: Methods, systems, and apparatus, including computer programs encoded on a computer storage medium, for providing confidential structured data. In one aspect, a method includes creating a first data structure instance according to a protocol for creating structured and extensible data structures. The first data structure instance is serialized. The serialized first data structure instance is encrypted. A second data structure instance is created according to the protocol. The second data structure instance contains the encrypted and serialized first data structure instance. The second data structure instance is serialized.
    Type: Grant
    Filed: February 28, 2011
    Date of Patent: July 1, 2014
    Assignee: Google Inc.
    Inventor: Aaron Jacobs
  • Patent number: 8769291
    Abstract: A method and system for generating identity certificates. The method may include receiving a user request to activate a network appliance, and causing a network appliance identifier and a transaction identifier of an activation transaction associated with the user request to be transmitted to the network appliance. A certificate signing request (CSR) and the transaction identifier may be received from the network appliance, the CSR including the network appliance identifier. A certificate may be generated for the network appliance if the activation transaction is valid.
    Type: Grant
    Filed: July 23, 2007
    Date of Patent: July 1, 2014
    Assignee: Red Hat, Inc.
    Inventors: James P. Schneider, Luke R. Meyer
  • Patent number: 8769266
    Abstract: A method for assembling authorization certificate chains among an authorizer, a client, and a third party allows the client to retain control over third party access. The client stores a first certificate from the authorizer providing access to a protected resource and delegates some or all of the privileges in the first certificate to the third party in a second certificate. The client stores a universal resource identifier (URI) associated with both the first certificate and the third party and provides the second certificate and the URI to the third party. The third party requests access to the protected resource by providing the second certificate and the URI, without knowledge or possession of the first certificate. When the authorizer accesses the URI, the client provides the first certificate to the authorizer, so that the client retains control over the third party's access.
    Type: Grant
    Filed: July 16, 2009
    Date of Patent: July 1, 2014
    Assignee: Intel Corporation
    Inventor: Victor B. Lortz
  • Patent number: 8769264
    Abstract: A system that incorporates teachings of the present disclosure may include, for example, a set-top-box having a controller to transmit a request to a remote management server for status information associated with a x.509 certificate intended for the STB, and receive the status information associated with the x.509 certificate from the remote management server, where events associated with the status information are received by the remote management server from at least one of the STB, a certificates proxy, an external certificate web service, and a certificate authority, and where the status information comprises at least a portion of the received events. Other embodiments are disclosed.
    Type: Grant
    Filed: November 2, 2012
    Date of Patent: July 1, 2014
    Assignee: AT&T Intellectual Property I, LP
    Inventors: Jerald R. Howcroft, Benjamin Jahner
  • Publication number: 20140181525
    Abstract: Managing digital rights of contents and services streamed to a client device, including: receiving and validating a certificate from the client device; enabling the client device to log into and communicate with a server using a secure protocol to establish a private relationship between the client device and the server; and transmitting a resource identifier to the client device using the secure protocol when the private relationship is established.
    Type: Application
    Filed: February 25, 2014
    Publication date: June 26, 2014
    Applicants: SONY NETWORK ENTERTAINMENT INTERNATIONAL LLC, Sony Corporation
    Inventors: Leo Pedlow, True Xiong, Eric Holcomb, Kathy Fielder
  • Patent number: 8763125
    Abstract: A dummy debugger program is installed within the user computer system. The dummy program is registered with the operating system as a debugger and may also be registered as a system service as if it is a kernel mode debugger. The dummy debugger program may have the name of a popular debugging program. Dummy registry keys are created that are typically used by a debugger to make it appear as if a debugger is present within the operating system of the user computer. Dummy program folders or dummy program names are created to make it appear as if a debugger is present within the operating system of the user computer. API calls are intercepted by using API hooks and modified to always return a meaningful value indicating that a debugger is present. Malware performing any checks to see if a debugger is present will be informed that a debugger is present and will then shutdown, sleep, terminate, etc.
    Type: Grant
    Filed: September 26, 2008
    Date of Patent: June 24, 2014
    Assignee: Trend Micro, Inc.
    Inventor: Hsiang-an Feng
  • Patent number: 8756416
    Abstract: A method and system for checking a revocation status of a biometric reference template previously generated for an individual. A hash value of the biometric reference template is computed. A reference template revocation object for the biometric reference template is created, which includes inserting into the reference template revocation object: (i) a location for checking the revocation status of the biometric reference template and (ii) a unique biometric reference template identifier that uniquely identifies the biometric reference template. The revocation status of the biometric reference template is ascertained through use of the reference template revocation object. The ascertained revocation status of the biometric reference template is returned to a relying party that had requested the status of the biometric reference template.
    Type: Grant
    Filed: September 12, 2012
    Date of Patent: June 17, 2014
    Assignee: International Business Machines Corporation
    Inventor: Phillip H. Griffin
  • Patent number: 8756413
    Abstract: The present invention relates to a method and a device for ensuring information integrity and non-repudiation over time. A basic idea of the present invention is to provide a mechanism for secure distribution of information, which information relates to an instance in time when usage of cryptographic key pairs associated with a certain brand identity commenced, as well as when the key pairs ceased to be used, i.e. when the key pairs were revoked. The mechanism further allows a company or an organization to tie administration of cryptographic key pairs and a procedure for verifying information integrity and non-repudiation to their own brand. This can be seen as a complement or an alternative to using a certificate authority (CA) as a trusted third party, which CA guarantees an alleged relation between a public key and the identity of the company or organization using the cryptographic key pair to which that public key belongs.
    Type: Grant
    Filed: April 20, 2005
    Date of Patent: June 17, 2014
    Assignee: Brandsign AB
    Inventors: Anders Thoursie, Peter Holm, Sven-Håkan Olsson
  • Publication number: 20140164778
    Abstract: The proposed method relates to methods for obtaining, storage, and exchange of digital information, including replication and distribution of software, more specifically, to methods for producing and storage of digital certificates and replication of software therefor. The proposed method will find useful application for safe storage and transmitting various data, e.g. personal data, electronic funds, and, also for replication and distribution of software. Comparing with all known related art methods, the present method is characterized with an essentially increased level of protection of storage and transmission of digital information and replication of software due to affirmation of the digital certificate in authorized entities, due to the employment of consolidated certificates, as well as due to the enhancement of authenticity of information transmission with the use of electronic digital signatures.
    Type: Application
    Filed: December 7, 2012
    Publication date: June 12, 2014
    Inventors: Andrei Yoryevich Sherbakov, Oleg Olegovich Tikhonenko
  • Patent number: 8750523
    Abstract: The subject matter disclosed herein relates to a method and/or system for enabling access to media content using different digital rights management formats.
    Type: Grant
    Filed: March 22, 2012
    Date of Patent: June 10, 2014
    Assignee: Disney Enterprises, Inc.
    Inventors: Arnaud Robert, Scott Watson, Jeffrey Lotspiech
  • Patent number: 8751791
    Abstract: A method and device for confirming authenticity of a public key infrastructure (PKI) transaction event between a relying node and a subject node in a communication network enables improved network security. According to some embodiments, the method includes establishing at a PKI event logging (PEL) server a process to achieve secure communications with the relying node (step 705). Next, the PEL server processes reported PKI transaction event data received from the relying node (step 710). The reported PKI transaction event data describe the PKI transaction event between the relying node and the subject node. The reported PKI transaction event data are then transmitted from the PEL server to the subject node (step 715). The subject node can thus compare the reported PKI transaction event data with corresponding local PKI transaction event data to confirm the authenticity of the PKI transaction event.
    Type: Grant
    Filed: September 17, 2008
    Date of Patent: June 10, 2014
    Assignee: Motorola Solutions, Inc.
    Inventors: Erwin Himawan, Ananth Ignaci, Anthony R. Metke, Shanthi E. Thomas
  • Patent number: 8751793
    Abstract: The present inventions provide an integrated, modular array of administrative and support services for electronic commerce and electronic rights and transaction management. These administrative and support services supply a secure foundation for conducting financial management, rights management, certificate authority, rules clearing, usage clearing, secure directory services, and other transaction related capabilities functioning over a vast electronic network such as the Internet and/or over organization internal Intranets. These administrative and support services can be adapted to the specific needs of electronic commerce value chains. Electronic commerce participants can use these administrative and support services to support their interests, and can shape and reuse these services in response to competitive business realities. A Distributed Commerce Utility having a secure, programmable, distributed architecture provides administrative and support services.
    Type: Grant
    Filed: December 2, 2003
    Date of Patent: June 10, 2014
    Assignee: Intertrust Technologies Corp.
    Inventors: Karl L. Ginter, Victor H. Shear, Francis J. Spahn, David M. Van Wie, Robert P. Weber
  • Patent number: 8751800
    Abstract: Embodiments are directed towards providing interoperability by establishing a trust relationship between a provider of a media player usable by a consumer and a content provider. A trust relationship is verified through using a public-private key certification authority. When a request for content is received from a consumer, the request might indicate what content protection mechanisms are available in the consumer's device. When a trust relationship is determined to exist between the content provider and the media player providers, the content provider encrypts a license separately for each of a plurality of different content protection mechanisms available at the consumer's device. The encrypted licenses are provided to the consumer's device, where the media player may be selected to play the content based on a self integrity check the media player may perform, and its ability to use a private key associated with a corresponding public key to decrypt the license.
    Type: Grant
    Filed: April 2, 2012
    Date of Patent: June 10, 2014
    Assignee: Google Inc.
    Inventor: David Kimbal Dorwin
  • Publication number: 20140156996
    Abstract: In one example, a method for promoting learned discourse in online forums includes posting forum content on a forum server and providing access to users to the content through an I/O module. The method further includes receiving a comment from a user and analyzing the comment from the user to produce an a priori score for the comment. A portable certificate of status is accepted from the user and used to produce a posteriori score for the comment. A system for promoting learned discourse in online forms is also disclosed.
    Type: Application
    Filed: November 27, 2013
    Publication date: June 5, 2014
    Inventors: Stephen B. Heppe, Kenan G. Heppe
  • Patent number: 8745371
    Abstract: Devices located on a back end of a web application in a private cloud may establish secure communications to other back end devices or client devices with a secure boot device integrated in the back end device. The secure boot device enables the back end component to cryptographically split data and encrypt data for transmission to other devices through a secure communications link. The secure communications link may improve security on private cloud networks. Further the secure communications link may improve security to allow back end devices to be located remote to other back end devices.
    Type: Grant
    Filed: December 29, 2011
    Date of Patent: June 3, 2014
    Assignee: Unisys Corporation
    Inventor: Eric T. Obligacion
  • Patent number: 8745396
    Abstract: The present invention discloses a method for implement real time data service and a real time data service system. After starting to forward data messages to an accessed user terminal, an access point (AP) of the real time data service system verifies the user terminal, and continues forwarding the data messages to the user terminal after the verification is successful.
    Type: Grant
    Filed: December 8, 2009
    Date of Patent: June 3, 2014
    Assignee: ZTE Corporation
    Inventors: Yi Hui, Yang Zhou
  • Patent number: 8744075
    Abstract: Provided is a key generation apparatus that generates, based on a generated random number, quantum gates Ui, L and R corresponding respectively to m types of unitary operations Ui corresponding to n qubits and two types of unitary operations L and R corresponding to m qubits, generates a quantum gate CU whose control is enabled such that operation of the quantum gate Ui is controlled according to an input state of the m qubits, generates a quantum gate G by adding the quantum gates L and R to the quantum gate CU, generates a public key P by obfuscating the quantum gate G, generates a quantum gate CU† and a quantum gate R*, and generates a private key S by connecting the quantum gate CU† and the quantum gate R*.
    Type: Grant
    Filed: December 10, 2010
    Date of Patent: June 3, 2014
    Assignee: Sony Corporation
    Inventor: Yu Tanaka
  • Patent number: 8738894
    Abstract: A method for installing embedded firmware is provided. The method includes generating one or more firmware file instances and generating one or more digital certificate instances that are separate instances from the firmware file instances. The method includes associating the one or more digital certificate instances with the one or more firmware file instances to facilitate updating signature-unaware modules with signature-aware firmware or to facilitate updating signature-aware modules with signature-unaware firmware.
    Type: Grant
    Filed: April 22, 2013
    Date of Patent: May 27, 2014
    Assignee: Rockwell Automation Technologies, Inc.
    Inventors: Brian A. Batke, Jack M. Visoky, James J. Kay, Scott A. Mintz, William B. Cook
  • Publication number: 20140143549
    Abstract: An information processing apparatus includes: a storage unit that stores a tree structure formed by nodes, each of which is stores identification information identifying a document; and a registration unit that registers documents in the storage unit. The registration unit receives a document including identification information identifying the document and a word set and a key, registers the identification information in a leaf node in the tree structure, and calculates a secure index corresponding to identification information registered in each node from a root node to the leaf node in the tree structure based on the word set and the key. In addition, the registration unit generates a value calculated by adding the calculated secure index as a search index for the document and stores a value calculated by adding a search index generated for each of a plurality of received documents as a search index for the plurality of documents in the storage unit.
    Type: Application
    Filed: July 6, 2012
    Publication date: May 22, 2014
    Applicant: NEC Corporation
    Inventors: Toshinori Araki, Isamu Teranishi, Jun Furukawa
  • Patent number: 8732472
    Abstract: Analysis of authenticity digital certificates includes. Initial information pertaining to digital certificates is collected from diverse information sources. For each of the digital certificates the initial information includes intrinsic parameter data from among contents of the digital certificate and extrinsic parameter data pertaining to the digital certificate and comprising static data not contained in the contents of the digital certificate. Selected parameter data is stored and analyzed to determine a measure of suspiciousness for each of the digital certificates. If necessary, circumstantial data based on actual usage of one or more of the digital certificates are collected. The initial data and supplemental data are compared against a set of decision criteria that define fraudulent activity, and a determination of authenticity of each of the digital certificates is made.
    Type: Grant
    Filed: April 12, 2013
    Date of Patent: May 20, 2014
    Assignee: Kaspersky Lab ZAO
    Inventors: Nikolay A Grebennikov, Alexey V Monastyrsky, Alexander A Gostev
  • Patent number: 8732471
    Abstract: A computer including at least two processors is used to preferably perform a secure data communication. Data containing a processor ID identifying one of the at least two processors provided for a first computer (computer 31) is transmitted from the first computer to a second computer (a node at the other party) (S91, S92). The second computer returns data containing the processor ID contained in the data transmitted in S91 and S92 and a public key certificate relating to the second computer. The first computer receives the data returned from the second computer, acquires, from the received data, the processor ID contained therein, and causes a processor (SPE1), which is identified by the processor ID, to process the received data. At this moment, the processing of the data is restricted according to a content of the public key certificate contained in the received data.
    Type: Grant
    Filed: August 2, 2006
    Date of Patent: May 20, 2014
    Assignees: Sony Corporation, Sony Computer Entertainment Inc.
    Inventor: Chisato Numaoka
  • Patent number: 8732459
    Abstract: In one embodiment, the invention provides a portable wireless personal communication system for cooperating with a remote certification authority to employ time variable secure key information pursuant to a predetermined encryption algorithm to facilitate convenient, secure encrypted communication. The disclosed system includes a wireless handset, such as PDA, smartphone, cellular telephone or the like, characterized by a relatively robust data processing capability and a body mounted key generating component which is adapted to be mounted on an individual's body, in a permanent or semi-permanent manner, for wirelessly broadcasting, within the immediate proximity of the individual, a secret or private key identifying signal corresponding to a time variable secure key information under the control of the certification authority.
    Type: Grant
    Filed: December 21, 2012
    Date of Patent: May 20, 2014
    Assignee: MLR, LLC
    Inventor: Charles M. Leedom, Jr.
  • Publication number: 20140136849
    Abstract: A method for operating a mobile device, not assigned to a motor vehicle, via an electronic device with a display and operator control device of the motor vehicle is made available. The program has program parts for a user interface and for operator control sequences which are assigned a digital certificate. The user interface comprises fixed areas for displaying variable contents. The program parts are transmitted together with the digital certificate to the electronic device of the motor vehicle and are carried out when the certificate is successfully checked. The transmission of data without protection by a digital certificate is restricted to the variable contents for display in the fixed areas of the user interface.
    Type: Application
    Filed: January 23, 2014
    Publication date: May 15, 2014
    Applicant: Volkswagen Aktiengesellschaft
    Inventors: Fabian HUEGER, Helge NEUNER, Michael MIRTSCHINK
  • Publication number: 20140136848
    Abstract: A method and apparatus for providing an automated key distribution to enable communication between two networked devices. A monitoring device receives a request from a network device to send a certificate using a second secure connection prior to an expiration of a timeout period, wherein the second secure connection was created using a known port in response to determining that a request to create a first secure connection was rejected. The monitoring device sends the certificate to the network device using the second secure connection, and establishes the first secure connection with the network device in response to the network device receiving the public key of the monitoring device from a server system by using the certificate.
    Type: Application
    Filed: January 17, 2014
    Publication date: May 15, 2014
    Applicant: Red Hat, Inc.
    Inventor: James Paul Schneider
  • Patent number: 8724812
    Abstract: Methods for establishing secure point-to-point communications in a trunked radio system include receiving, at a trunking controller, a request from a source endpoint for a traffic channel for confidential communications between the source endpoint and a destination endpoint using a shared unique first symmetric key. The trunking controller provides keying material related to the symmetric key over the secured control channel to at least one of the source or destination endpoints and assigns a traffic channel. Moreover, in response to the request, the controller assigns a traffic channel. The keying material enables the unique first symmetric key to be securely established between the source and destination endpoints.
    Type: Grant
    Filed: December 31, 2010
    Date of Patent: May 13, 2014
    Assignee: Motorola Solutions, Inc.
    Inventors: Thomas J. Senese, Adam C. Lewis, Anthony R. Metke, George Popovich, Shanthi E. Thomas
  • Patent number: 8726387
    Abstract: A method and apparatus for detecting a Trojan horse in a suspicious version of a software application in the form of at least one electronic file. A computer device determines a source from which the suspicious version of the software application was obtained. A comparison is then made between the source from which the suspicious version of the software application was obtained and a source from which an original, clean version of the software application was obtained. If the sources differ, then it is determined that the suspicious version of the software application is more likely to contain a Trojan horse than if the sources were the same.
    Type: Grant
    Filed: February 11, 2011
    Date of Patent: May 13, 2014
    Assignee: F-Secure Corporation
    Inventors: Mika Ståhlberg, Jarno Niemelä, Kimmo Kasslin
  • Patent number: 8726011
    Abstract: A method of managing a digital certificate by a computer system can include the steps of receiving, the at the computer system, a business request for a digital certificate from a requester and transmitting, by the computer system, the request to a first approver. The method can further include, upon approval by the first approver, transmitting, by the computer system, the request to a second approver, upon approval by the second approver, transmitting, by the computer system, the request to a certificate manager, transmitting, by the computer system, the request to an implementer and receiving, by the computer system, from the implementer, technical information related to the request and transmitting, by the computer system, a certificate to a certificate supplier.
    Type: Grant
    Filed: May 17, 2013
    Date of Patent: May 13, 2014
    Assignee: JPMorgan Chase Bank, N.A.
    Inventors: Jay C. Jarvie, Leonid Vayner, Clive Anthony Payne
  • Patent number: 8726026
    Abstract: An end-to-end encryption method for emails sent from a sender (1) to a recipient (6) is disclosed. According to the method, the sender requests from an encryption system (16) a certificate corresponding to the recipient (6), and the encryption system (16) returns to the sender (11) a first, proforma certificate corresponding to the recipient (6). The sender (1) sends with his email client (11) an outgoing email to the recipient encrypted with the proforma certificate, and the email is forwarded through the encryption system (16). The encryption system (16) decrypts the email using a private key corresponding to the certificate and also makes the content of the email available to the recipient (6).
    Type: Grant
    Filed: November 18, 2004
    Date of Patent: May 13, 2014
    Assignee: Totemo AG
    Inventors: Marcel Mock, Olivier Swedor
  • Patent number: 8719848
    Abstract: According to an embodiment, an information processing device offering various APIs stores, for every application program, a WSDL file which indicates definition information of an API which is permitted to be used by an application program, and developer information which specifies a developer of an application program. The information processing device releases to an application program a WSDL file corresponding to the application program, receives, through a web service, a request that is a request for use of a first API, determines whether or not the definition information of the first API is indicated in a first WSDL file corresponding to the first application program, and determines whether or not the first WSDL file is leaked, using developer information.
    Type: Grant
    Filed: September 1, 2011
    Date of Patent: May 6, 2014
    Assignee: Kabushiki Kaisha Toshiba
    Inventors: Yu Kaneko, Shigeo Matsuzawa
  • Patent number: 8719577
    Abstract: Operations or functions on a device may require an operational certificate to ensure that the user of the device or the device itself is permitted to carry out the operations or functions. A system and a method are provided for providing an operational certificate to a device, whereby the operational certificate is associated with one or more operations of the device. A manufacturing certificate authority, during the manufacture of the device, obtains identity information associated with the device and provides a manufacturing certificate to the device. An operational certificate authority obtains and authenticates at least a portion of the identity information associated with the device from the manufacturing certificate and, if at least the portion of the identity information is authenticated, the operational certificate is provided to the device.
    Type: Grant
    Filed: December 21, 2012
    Date of Patent: May 6, 2014
    Assignee: BlackBerry Limited
    Inventors: Christopher Lyle Bender, Roger Paul Bowman
  • Patent number: 8719575
    Abstract: The invention relates to a method of secure broadcasting of encrypted digital data of a proprietary entity, these data being stored in a storage module (6) of a server (5), comprising: the encryption of the digital data by means of an encryption key for the broadcasting of the digital data to the authenticated third party, and the broadcasting of these digital data to the authenticated third party.
    Type: Grant
    Filed: March 16, 2009
    Date of Patent: May 6, 2014
    Inventors: Jonathan Attia, Bernard Pinot