Signature Tree Patents (Class 713/177)
  • Patent number: 12028458
    Abstract: When a user signs-in to a service provider such as a cryptocurrency exchange, the user must undergo a lengthy validation process that involves submitting copies of identity documents or utility bills. Each such service provider requires the same type of documents, and this therefore leads to repetition, inefficiency, loss of time and/or loss of profit when multiple service providers are consulted. The present invention, allows a user's identity to be established before multiple service providers with only one manual validation.
    Type: Grant
    Filed: September 14, 2018
    Date of Patent: July 2, 2024
    Assignee: Blockpass UK Ltd
    Inventors: Adam Vaziri, Thomas Leiritz, Hoang Ngoc Toan
  • Patent number: 11949789
    Abstract: A computer-implemented method is for tamper-evident recording of a plurality of executable items. Each executable item is associated with a data item verification fingerprint. The method includes computing an aggregated verification fingerprint from data item verification fingerprints using a one-way compression function so that the aggregated verification fingerprint has a first bit length. The first bit length is less than a total bit length of a concatenation of the data item verification fingerprints. The method further includes storing the aggregated verification fingerprint in a blockchain, attempting to execute an element of code, validating the element of code against the aggregated verification fingerprint, and, based on the validation, allowing execution or denying execution of the element of code.
    Type: Grant
    Filed: July 6, 2022
    Date of Patent: April 2, 2024
    Assignee: CRYPTOWERK CORP.
    Inventor: Holger Assenmacher
  • Patent number: 11909885
    Abstract: Improved optical network security (e.g., using a computerized tool) is enabled. Various embodiments herein can send (e.g., via a network) to a group of network devices comprising a first network device and a second network device, a first encrypted data stream, a second encrypted data stream, a first hash code, and a second hash code, wherein the first network device deletes the second encrypted data stream after the first network device hashes the second encrypted data stream, and in response to the second network device being determined not to have received the second hash code within a defined threshold time, determine that the first network device is unauthorized to use the network.
    Type: Grant
    Filed: October 27, 2021
    Date of Patent: February 20, 2024
    Assignee: AT&T Intellectual Property I, L.P.
    Inventors: Joseph Soryal, Dylan Chamberlain Reid
  • Patent number: 11876783
    Abstract: There is provided a computerized method of secure communication between a source computer and a destination computer, the method performed by an inspection computer and comprising: receiving data sent by the source computer to the destination computer; inspecting the received data using one or more filtering mechanisms, giving rise to one or more inspection results; separately signing each of the one or more inspection results; determining, based on an inspection management policy, whether to send at least some of the inspection results and/or derivatives thereof for manual inspection; upon a positive determination, providing manual inspection of the at least some inspection results and/or derivatives thereof, and providing signing of the at least one manual inspection result; and analyzing signed inspection results and performing additional verification of the signed inspection results when a result of the analyzing meets a predefined criterion specified by the inspection management policy.
    Type: Grant
    Filed: November 13, 2019
    Date of Patent: January 16, 2024
    Assignee: KAZUAR ADVANCED TECHNOLOGIES LTD.
    Inventors: Daniel Mondy Finchelstein, Yuval Moshe Porat, Yaacov Fenster
  • Patent number: 11875146
    Abstract: Modification of application implementation may include modification, addition, and/or removal of machine-readable instructions. Modification of machine readable instructions prior to run-time may modify implementation of one or more features. Physical computer processor(s) may be configured by computer readable instructions to obtain machine-readable instructions. Machine-readable instructions may, cause a target computing platform to implement an application when executed. Physical computer processor(s) may obtain information regarding implementation of the application by the target computing platform and analyze the machine-readable instructions and/or the information to create one or more rules for modifying application implementation by the computing platform. Physical computer processor(s) may modify the machine-readable instructions based on the rules to add features to and/or remove features from the machine-readable instructions.
    Type: Grant
    Filed: August 23, 2021
    Date of Patent: January 16, 2024
    Assignee: Flexion Mobile PLC
    Inventors: Andreas Nils Olof Mac Mahon, Peter Zoltan Takacs, Jonathan Richard Williamson
  • Patent number: 11797683
    Abstract: A method for performing a security chip protocol comprises receiving, by processing hardware of a security chip, a message from a first device as part of performing the security chip protocol. The processing hardware retrieves a secret value from secure storage hardware operatively coupled to the processing hardware. The processing hardware determines a path through a key tree based at least in part on the message. The processing hardware derives a validator at least in part from the secret value using a sequence of entropy redistribution operations associated with the path through the key tree. The processing hardware exchanges the validator between the security chip and the first device as part of the security chip protocol in order to authenticate at least one of the security chip or the first device.
    Type: Grant
    Filed: July 21, 2021
    Date of Patent: October 24, 2023
    Assignee: Cryptography Research, Inc.
    Inventors: Paul C. Kocher, Pankaj Rohatgi, Joshua M. Jaffe
  • Patent number: 11789726
    Abstract: Functional wrappers are scripts and related software that provide a way to group and invoke functionality comprising semantic intent in a legacy application. These functional wrappers allow programmatic access to functionality in legacy applications in contemporary software architectures without risk of porting errors. Additional functionality to provide features with presently expected, but not available at the time the legacy applications were developed, such as functional wrappers to provide parallelism and scaling, are disclosed. Finally, automatic generation of the functional wrappers are also disclosed.
    Type: Grant
    Filed: February 24, 2021
    Date of Patent: October 17, 2023
    Assignee: Snowflake Inc.
    Inventors: Tom Button, Federico Zoufaly
  • Patent number: 11394556
    Abstract: A computer-implemented method is for tamper-evident recording of a plurality of executable items. Each executable item is associated with a data item verification fingerprint. The method includes computing an aggregated verification fingerprint from data item verification fingerprints using a one-way compression function so that the aggregated verification fingerprint has a first bit length. The first bit length is less than a total bit length of a concatenation of the data item verification fingerprints. The method further includes storing the aggregated verification fingerprint in a blockchain, attempting to execute an element of code, validating the element of code against the aggregated verification fingerprint, and, based on the validation, allowing execution or denying execution of the element of code.
    Type: Grant
    Filed: May 14, 2020
    Date of Patent: July 19, 2022
    Assignee: CRYPTOWERK CORP.
    Inventor: Holger Assenmacher
  • Patent number: 11356444
    Abstract: Systems and methods for protected verification of user information are provided. Multiple computing systems may transmit or receive communications from one or more other computing systems as part of the protected user information verification. For example, a user may utilize a verification service to independently verify the user's information to third-party systems without the verification service actually storing, receiving, accessing, or otherwise coming into contact with the user-specific information that it is verifying. In this way, the system can protect a user's personal information while streamlining the user's verification with one or more third parties.
    Type: Grant
    Filed: January 17, 2020
    Date of Patent: June 7, 2022
    Assignee: CALLFIRE, INC.
    Inventor: Radu Maierean
  • Patent number: 11303626
    Abstract: Embodiments presented herein provide systems and methods for creating and modifying a hash chain. A hash chain is created to track resource-privilege transfers between entities. A root node of the hash chain identifies the resource and specifies a digest of a possession token held by a first entity that initially possesses the privilege. A transfer of the privilege to a second entity can be recorded by adding an expansion node to the hash chain. If the second entity successfully reveals a possession token that a hashing function associated with the hash chain maps to the digest, an expansion node is linked to the root node. The expansion node indicates the possession token and a successor digest that is based on a successor possession token.
    Type: Grant
    Filed: February 17, 2020
    Date of Patent: April 12, 2022
    Assignee: INTUIT INC.
    Inventors: Glenn Scott, Induprakas Keri
  • Patent number: 11169959
    Abstract: A system may read source data corresponding to a source variable and apply a transformation to the source variable to generate an output variable. The transformation may include logic, and the output variable may be configured for ingestion into a big data storage format. The system may record lineage data of the output variable that comprises the transformation and/or the source variable. The system may also receive a request to generate a requested output variable. The requested output variable may be generated from a second transformation that is the same as the first transformation. The system may thus match the first transformation to the second transformation using the lineage data. In response to matching the first transformation to the second transformation, the system may deny the request. The original output variable may be returned in response to the matching the first transformation to the second transformation.
    Type: Grant
    Filed: July 16, 2018
    Date of Patent: November 9, 2021
    Assignee: American Express Travel Related Services Company, Inc.
    Inventors: Ambika Aggarwal, Ravi Arasan, Sandeep Bose, Debasish Das, Ravi K. Kaushik, Matthew Kent Meyer, Gurusamy Ramasamy, Jeremy D. Seideman
  • Patent number: 11082206
    Abstract: A system, computer program product, and computer-executable method of providing a layout-independent cryptographic stamp of a distributed data set from a data storage system, the system, computer program product, and computer-executable method comprising receiving a request for a cryptographic stamp of the distributed data set, creating a hash of each slice of the distributed data set, and using each hash from each slice of the distribute data set to create the cryptographic stamp of the distributed data set.
    Type: Grant
    Filed: July 10, 2019
    Date of Patent: August 3, 2021
    Assignee: EMC IP Holding Company LLC
    Inventors: David Meiri, Xiangping Chen, William R. Stronge, Felix Shvaiger
  • Patent number: 10958438
    Abstract: A method for blockchain-based data verification is provided. The method includes: obtaining target data submitted by a data submitter, wherein a first data digest of the target data is recorded in a blockchain; computing a second data digest of the target data; determining whether the second data digest matches the first data digest of the target data recorded in the blockchain; and determining that the target data submitted by the data submitter is valid in response to determining that the second data digest matches the first data digest of the target data recorded in the blockchain.
    Type: Grant
    Filed: May 14, 2020
    Date of Patent: March 23, 2021
    Assignee: ADVANCED NEW TECHNOLOGIES CO., LTD.
    Inventors: Fuqiang Li, Linqing Wang, Hong Zhang, Haitao Jiang, Xinyu Weng, Zongru Zhan
  • Patent number: 10637669
    Abstract: Initial data is included in a data structure such as an initial container at an initial entity, along with rules and a data signature of at least a portion of the initial data and other container contents relating to the initial entity and the initial data. Each rule defines at least one condition governing the permissible transfer and processing of the initial data by other entities in a provenance chain. Each receiving entity creates a container of its own to encapsulate received containers, and, after optional processing of its own, such as adding or altering data and rules, digital signature for its container. The digital signatures may be obtained from a hash tree-based signing infrastructure that returns data signatures enabling recomputation of a logically uppermost value of the hash tree. A lineage map of any given container may also be displayed for analysis by a user.
    Type: Grant
    Filed: February 24, 2018
    Date of Patent: April 28, 2020
    Assignee: Guardtime SA
    Inventors: Matthew Johnson, Garrett Day, Gregory Raymond, Hema Krishnamurthy
  • Patent number: 10505740
    Abstract: Provided is a process including: receiving, with one or more processors, a first request to store a record from a computing entity; encoding, with one or more processors, the record in a first plurality of segments; arranging, with one or more processors, the first plurality of segments in respective content nodes of a first content graph, wherein at least some content nodes of the first content graph have two or more content edges of the first content graph pointing to two or more respective other content nodes of the first content graph; and storing, with one or more processors, the content nodes of the first content graph in a verification graph.
    Type: Grant
    Filed: December 5, 2018
    Date of Patent: December 10, 2019
    Assignee: ALTR Solutions, Inc.
    Inventors: Christopher Edward Struttmann, James Douglas Beecham
  • Patent number: 10235538
    Abstract: A method is provided for providing a notary service for a file, the method including the steps in which: (a) when a notary service request for a specific file is obtained, a server generates, by using a hash function, or supports the generation of, a message digest of the specific file; and (b) if a predetermined condition is satisfied, the server registers, in a database, or supports the registration of, a representative hash value or a value obtained by processing the representative hash value, the representative hash value being generated by calculating at least one neighboring hash value that matches a specific hash value, wherein the specific hash value is a hash value of the result of encrypting the message digest with a private key of a specific user and a private key of the server.
    Type: Grant
    Filed: July 30, 2018
    Date of Patent: March 19, 2019
    Assignee: Coinplug, Inc.
    Inventors: Joon Sun Uhr, Jay Wu Hong, Joo Han Song
  • Patent number: 10075559
    Abstract: A server configuration management system is disclosed. The system comprises a script database storing a plurality of audit policies, a plurality of servers that each comprises an agent that executes at least a portion of one of the plurality of audit policies, and a configuration management server communicatively coupled to the script database and each agent. The configuration management server sends an audit script to a plurality of agents executing on a plurality of non-production servers of a common device group in a non-production environment, receives audit results from the plurality of agents, sends a remediate script to corresponding agents executing on non-compliant non-production servers, and responsive to a non-production server malfunctioning as a result of execution of the remediate script, creates, via a user interface, and implements an exception for a production server in the common device group in a production environment that corresponds to the non-production server.
    Type: Grant
    Filed: October 5, 2016
    Date of Patent: September 11, 2018
    Assignee: Sprint Communications Company L.P.
    Inventors: David Brox, Christopher Smith, Donald B. Roth
  • Patent number: 10061907
    Abstract: A file validation method and system is provided. The method includes retrieving from an authoritative source system, an artifact file. Identification information identifying a requesting user of the artifact file is recorded and associated metadata and a modified artifact file comprising the metadata combined with the artifact file are generated. An encryption key including a first portion and a second portion is generated and the first portion is stored within a central key store database. An encrypted package comprising the modified artifact file and the second portion of the key is generated.
    Type: Grant
    Filed: August 3, 2017
    Date of Patent: August 28, 2018
    Assignee: International Business Machines Corporation
    Inventors: Rhonda L. Childress, Michael J. Spisak, George E. Stark
  • Patent number: 9948667
    Abstract: A signature rule processing method, a server, and an intrusion prevention system is provided. The method includes: performing, by a cloud server, correlation analysis on signature rule usage status information of each security device connected to the cloud server and a latest signature rule set published by the cloud server, to obtain a most active threat signature rule identification list, and sending, by the cloud server, update information to each security device to update a signature rule after generating the update information according to the most active threat signature rule identification list. The present invention is applicable to the field of network security systems.
    Type: Grant
    Filed: October 21, 2016
    Date of Patent: April 17, 2018
    Assignee: Huawei Technologies Co., Ltd.
    Inventors: Yungang Deng, Kun Li, Nengyi Pan
  • Patent number: 9853819
    Abstract: At least one node in a distributed hash tree verification infrastructure is augmented with an identifier of an entity in a registration path. A data signature, which includes parameters for recomputation of a verifying value, and which is associated with a digital input record, will therefore also include data that identifies at least one entity in the hash tree path used for its initial registration in the infrastructure. An uppermost value of the hash tree verification infrastructure is entered as, or as part of, a transaction in a blockchain.
    Type: Grant
    Filed: October 17, 2016
    Date of Patent: December 26, 2017
    Assignee: GUARDTIME IP HOLDINGS LTD.
    Inventors: Ahto Truu, Andres Kroonmaa, Michael Gault, Jeffrey Pearce
  • Patent number: 9819494
    Abstract: Disclosed is a digital signature service system and method based on a hash function in which a main agent, who requires the generation of a digital signature, does not personally generate the digital signature, and wherein digital signatures may be simultaneously and stably generated for large-scale data such as multiple electronic documents and digital data using a hash function and a hash tree, which are known as a simple and secure method, to guarantee the integrity of the data in a digital signature-based structure based on a server.
    Type: Grant
    Filed: November 16, 2015
    Date of Patent: November 14, 2017
    Assignee: MARKANY INC.
    Inventors: Ho-il Ryu, Hae-il Jung, Jong-uk Choi
  • Patent number: 9727730
    Abstract: Techniques are disclosed for presenting and collecting end user license agreement acceptance for software applications or firmware components executed on a computing appliance. A sentry component allows only certain commands to be executed before the relevant end user license agreements are accepted, e.g., commands to configure a network interface and web server on the appliance executed on a shell over a serial interface. Once configured the web server is used to provide a rich interface for presenting end user license agreements and obtaining acceptance thereof. Once the user accepts the terms of the relevant license agreements, then the appliance is made active and all configuration commands become operational, including commands needed to configure the device and start services which would otherwise be prohibited by the sentry component prior to license acceptance.
    Type: Grant
    Filed: March 7, 2013
    Date of Patent: August 8, 2017
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventor: William V. Da Palma
  • Patent number: 9710649
    Abstract: Techniques are disclosed for presenting and collecting end user license agreement acceptance for software applications or firmware components executed on a computing appliance. A sentry component allows only certain commands to be executed before the relevant end user license agreements are accepted, e.g., commands to configure a network interface and web server on the appliance executed on a shell over a serial interface. Once configured the web server is used to provide a rich interface for presenting end user license agreements and obtaining acceptance thereof. Once the user accepts the terms of the relevant license agreements, then the appliance is made active and all configuration commands become operational, including commands needed to configure the device and start services which would otherwise be prohibited by the sentry component prior to license acceptance.
    Type: Grant
    Filed: September 12, 2011
    Date of Patent: July 18, 2017
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventor: William V. Da Palma
  • Patent number: 9553728
    Abstract: An approach is provided for providing end-to-end security in multi-level distributed computations. A distributed computation security platform determines one or more signatures associated with one or more computation closures of at least one functional flow. The distributed computation security platform also processes and/or facilitates a processing of the one or more signatures to generate at least one supersignature. The distributed computation security platform further determines to associate the at least one supersignature with the at least one functional flow.
    Type: Grant
    Filed: March 28, 2011
    Date of Patent: January 24, 2017
    Assignee: Nokia Technologies Oy
    Inventors: Sergey Boldyrev, Jari-Jukka Harald Kaaja, Hannu Ensio Laine, Jukka Honkola, Vesa-Veikko Luukkala, Ian Justin Oliver
  • Patent number: 9514326
    Abstract: The various technologies presented herein relate to analyzing a plurality of shares stored at a plurality of repositories to determine whether a secret from which the shares were formed matches a term in a query. A threshold number of shares are formed with a generating polynomial operating on the secret. A process of serially interpolating the threshold number of shares can be conducted whereby a contribution of a first share is determined, a contribution of a second share is determined while seeded with the contribution of the first share, etc. A value of a final share in the threshold number of shares can be determined and compared with the search term. In the event of the value of the final share and the search term matching, the search term matches the secret in the file from which the shares are formed.
    Type: Grant
    Filed: October 14, 2014
    Date of Patent: December 6, 2016
    Assignee: Sandia Corporation
    Inventors: Thomas M. Kroeger, Thomas R. Benson
  • Patent number: 9473307
    Abstract: Provided are apparatuses and methods of generating and verifying signature information for data authentication. A method of verifying signature information may involves receiving signature information with respect to a predetermined number of data segments from a transmitter, constructing a hash tree based on the signature information, and verifying a validity of the signature information, by verifying trapdoor hash values using a root hash value of the constructed hash tree.
    Type: Grant
    Filed: June 9, 2014
    Date of Patent: October 18, 2016
    Assignee: Samsung Electronics Co., Ltd.
    Inventors: Seog Chung Seo, Eun Ah Kim, Tae Hong Kim, Myeong Wuk Jang, Sang Won Hyun
  • Patent number: 9338013
    Abstract: A verifiable, redactable log, which, in some embodiments, may contain multiple hash values per entry in order to sever confidentiality of a log from verifiability. Logs may be verified using recalculation of hashes and verification of trusted digital signatures. In some embodiments, the log may be divided into segments, each signed by a time server or self-signed using a system of ephemeral keys. In some embodiments, log messages regarding specific objects or events may be nested within the log to prevent reporting omission. The logging system may receive events or messages to enter into the log.
    Type: Grant
    Filed: March 24, 2014
    Date of Patent: May 10, 2016
    Assignee: Palantir Technologies Inc.
    Inventors: Ryan Castellucci, Philip Martin
  • Patent number: 9332065
    Abstract: The present invention relates to methods and apparatus for in obtrusively determining previous actions and information associated with a user and generating web page content based upon previous actions and stored information.
    Type: Grant
    Filed: July 24, 2014
    Date of Patent: May 3, 2016
    Assignee: PARRABLE, INC.
    Inventor: Dharun Ravi
  • Patent number: 9270470
    Abstract: A data processing device for playing back a digital work reduces the processing load involved in verification by using only a predetermined number of encrypted units selected randomly from multiple encrypted units constituting encrypted contents recorded on a DVD. In addition, the data processing device improves the accuracy of detecting unauthorized contents by randomly selecting a predetermined number of encrypted units every time the verification is performed.
    Type: Grant
    Filed: January 13, 2015
    Date of Patent: February 23, 2016
    Assignee: PANASONIC INTELLECTUAL PROPERTY MANAGEMENT CO., LTD.
    Inventors: Masao Nonaka, Yuichi Futa, Toshihisa Nakano, Kaoru Yokota, Motoji Ohmori, Masaya Miyazaki, Masaya Yamamoto, Kaoru Murase, Senichi Onoda
  • Patent number: 9223840
    Abstract: An embodiment computing device operating in a data storage system includes an object storage controller operable to divide an object into blocks and to create an object hash from hash values, and a network interface in communication with the object storage controller, the network interface operable to transmit the blocks to a storage subsystem that generates one of the hash values from each of the blocks, to receive the hash values from the storage subsystem, and to provide the hash values to the object storage controller for creation of the object hash from the hash values. In an embodiment, the object storage controller is operably coupled to a processor and a memory or stored on a computer readable medium.
    Type: Grant
    Filed: December 31, 2012
    Date of Patent: December 29, 2015
    Assignee: Futurewei Technologies, Inc.
    Inventors: John Plocher, Xitao Zheng, James Hughes
  • Patent number: 9122846
    Abstract: Transformations of digital records are used as lowest level inputs to a tree data structure having a root in a core system and having nodes computed as digital combinations of child node values. Signature vectors are associated with the digital records and have parameters that enable recomputation upward through the tree data structure to either a current calendar value or onward to a composite calendar value that is a function of calendar values in a calendar, which comprises a set of computed calendar values, such that the calendar values have a time correspondence. Recomputation yields the same value only if a candidate digital record is an exact version of the original digital record included in the original computation of the value, indicating authentication of the candidate digital record. The authentication process as such is independent of any trust authority that issues cryptographic keys.
    Type: Grant
    Filed: April 30, 2014
    Date of Patent: September 1, 2015
    Assignee: GUARDTIME IP HOLDINGS LIMITED
    Inventors: Ahto Buldas, Märt Saarepera
  • Patent number: 9098725
    Abstract: In one exemplary embodiment, an apparatus includes a memory storing data and a processor performing operations. The apparatus generates or maintains an accumulation tree for the stored data—an ordered tree structure with a root node, leaf nodes and internal nodes. Each leaf node corresponds to a portion of the data. A depth of the tree remains constant. A bound on a degree of each internal node is a function of a number of leaf nodes of a subtree rooted at the internal node. Each node of the tree has an accumulation value. Accumulation values of the root and internal nodes are determined by hierarchically employing an accumulator over the accumulation values of the nodes lying one level below the node in question. The accumulation value of the root node is a digest for the tree.
    Type: Grant
    Filed: February 26, 2014
    Date of Patent: August 4, 2015
    Assignee: Brown University
    Inventors: Charalampos Papamanthou, Roberto Tamassia, Nikolaos Triandopoulos
  • Patent number: 9053142
    Abstract: Systems and methods are disclosed which enable the establishment of file dates and the absence of tampering, even for documents held in secrecy and those stored in uncontrolled environments, but which does not require trusting a timestamping authority or document archival service. A trusted timestamping authority (TTSA) may be used, but even if the TTSA loses credibility or a challenger refuses to acknowledge the validity of a timestamp, a date for an electronic document may still be established. Systems and methods are disclosed which enable detection of file duplication in large collections of documents, which can improve searching for documents within the large collection.
    Type: Grant
    Filed: November 27, 2011
    Date of Patent: June 9, 2015
    Inventor: Kelce S. Wilson
  • Patent number: 9036820
    Abstract: A system that incorporates the subject disclosure may include, for example, instructions which when executed cause a device processor to perform operations comprising sending a service request to a remote management server; receiving from the management server an authentication management function and an encryption key generator for execution by a secure element and an encryption engine for execution by a secure device processor, sending a request to establish a communication session with a remote device; and communicating with the remote device via a channel established using an application server. The secure element and the secure device processor authenticate each other using a mutual authentication keyset. The secure element, the secure device processor and the device processor each have a security level associated therewith; the security level associated with the secure device processor is intermediate between that of the secure element and that of the device processor. Other embodiments are disclosed.
    Type: Grant
    Filed: September 11, 2013
    Date of Patent: May 19, 2015
    Assignee: AT&T INTELLECTUAL PROPERTY I, LP
    Inventors: Walter Cooper Chastain, Stephen Emille Chin
  • Patent number: 9026794
    Abstract: An information processing system including a medium where a content to be played is stored; and a playing apparatus for playing a content stored in the medium; with the playing apparatus being configured to selectively activate a playing program according to a content type to be played, to obtain a device certificate correlated with the playing program from storage by executing the playing program, and to transmit the obtained device certificate to the medium; with the device certificate being a device certificate for content types in which content type information where the device certificate is available is recorded; and with the medium determining whether or not an encryption key with reading being requested from the playing apparatus is an encryption key for decrypting an encrypted content matching an available content type recorded in the device certificate, and permitting readout of the encryption key only in the case of matching.
    Type: Grant
    Filed: July 11, 2012
    Date of Patent: May 5, 2015
    Assignee: Sony Corporation
    Inventors: Kenjiro Ueda, Hiroshi Kuno, Takamichi Hayashi
  • Patent number: 9009482
    Abstract: Methods, systems, and apparatus are disclosed which enable flexible insertion of forensic watermarks into a digital content signal using a common customization function. The common customization function flexibly employs a range of different marking techniques that are applicable to a wide range of forensic marking schemes. These customization functions are also applicable to pre-processing and post-processing operations that may be necessary for enhancing the security and transparency of the embedded marks, as well as improving the computational efficiency of the marking process. The common customization function supports a well-defined set of operations specific to the task of forensic mark customization that can be carried out with a modest and preferably bounded effort on a wide range of devices. This is accomplished through the use of a generic transformation technique for use as a “customization” step for producing versions of content forensically marked with any of a multiplicity of mark messages.
    Type: Grant
    Filed: September 26, 2013
    Date of Patent: April 14, 2015
    Assignee: Verance Corporation
    Inventor: Joseph M. Winograd
  • Patent number: 8972737
    Abstract: A data processing device for playing back a digital work reduces the processing load involved in verification by using only a predetermined number of encrypted units selected randomly from multiple encrypted units constituting encrypted contents recorded on a DVD. In addition, the data processing device improves the accuracy of detecting unauthorized contents by randomly selecting a predetermined number of encrypted units every time the verification is performed.
    Type: Grant
    Filed: January 15, 2014
    Date of Patent: March 3, 2015
    Assignee: Panasonic Intellectual Property Management Co., Ltd.
    Inventors: Masao Nonaka, Yuichi Futa, Toshihisa Nakano, Kaoru Yokota, Motoji Ohmori, Masaya Miyazaki, Masaya Yamamoto, Kaoru Murase, Senichi Onoda
  • Patent number: 8966274
    Abstract: This disclosure relates generally to methods and systems for determining when a file has changed. According to one aspect of the present disclosure, a method of determining if contents of a file have changed can include determining if a digital signature created as a function of contents of the file has changed, and when the digital signature has changed, overlaying the contents of the file with a first mark that indicates the contents have changed and blocks a view of the contents of the file.
    Type: Grant
    Filed: December 21, 2012
    Date of Patent: February 24, 2015
    Assignee: CA, Inc.
    Inventor: Jaimini Ram
  • Patent number: 8955137
    Abstract: An upload and verification system allows a user to upload files which the user would like to attached to the electronic record of a certain event associated with the company, for example, an insurance claim. A quarantine server may receive the uploaded file and scan the file for malicious code. The quarantine server may transmit the file to temporary storage server. The temporary storage server may receive the file, may convert the file to a file format supported by the company system and may compress the file. The temporary storage server may also transmit a preview of the file back to the client device, where the user can verify that the correct document has been uploaded and no mistakes have been made.
    Type: Grant
    Filed: February 26, 2013
    Date of Patent: February 10, 2015
    Assignee: State Farm Mutual Automobile Insurance Company
    Inventors: Jeffrey Mousty, John Dillard, Surendra Karnatapu, Robert Fatima
  • Patent number: 8917409
    Abstract: An image forming apparatus which can prohibit any users but a user who has made a deposit from operating the image forming apparatus for a chargeable process. A communication controller of the image forming apparatus obtains pieces of proper information of cell-phones. An ID management section issues IDs for the respective pieces of proper information, and the communication controller sends the IDs to the corresponding cell-phones. At an input section, a user of one of the cell-phones inputs the ID sent thereto. Thereafter, the communication controller receives an access from a cell-phone and receives proper information of the cell-phone. In this moment, it is judged whether the cell-phone which has made an access is identical with the cell-phone of which ID was inputted at the input section. Only when the communication controller identifies the cell-phone, the communication controller permits the image forming apparatus to communicate with the cell-phone.
    Type: Grant
    Filed: December 3, 2007
    Date of Patent: December 23, 2014
    Assignee: Konica Minolta Business Technologies, Inc.
    Inventor: Kazuo Matoba
  • Patent number: 8891811
    Abstract: The present invention relates generally to digital watermarking. In one implementation, we provide a hierarchical digital watermark detector method. The method includes: i) in a first layer of a hierarchical search, performing watermark detection on blocks of at least a portion of an incoming suspect signal; ii) identifying a first block in the portion that is likely to include a decodable digital watermark; and iii) in a second layer of the hierarchical search, performing additional watermark detection on overlapping blocks in a neighborhood around the first block. Another implementation provides a hierarchical watermark detector including a buffer and a detector. The buffer stores portions of an incoming signal. The detector evaluates watermark detection criteria for blocks stored in the buffer, and hierarchically zooms into a neighborhood of blocks around a block associated with watermark detection criteria that satisfies detection criteria.
    Type: Grant
    Filed: September 14, 2005
    Date of Patent: November 18, 2014
    Assignee: Digimarc Corporation
    Inventors: Osama M. Alattar, Adnan M. Alattar
  • Patent number: 8892867
    Abstract: A client computer runs a communicator employed to connect to a server computer in a cloud. The communicator is updated on a regular basis to update its algorithms for processing raw data into secured data. The server computer receives and validates the secured data, and attempts to update the communicator if the secured data is invalid. The server computer may deem the client computer as being infected when the update is reinitiated a predetermined number of times. The raw data may be restructured, or encrypted using an encryption scheme where the key used for the encryption is not provided to the receiver of the data. The algorithm for data restructuring and encryption may be included in the update to the communicator. Communication between the client computer and the server computer may be on a dynamically selected channel indicated in a previous communication.
    Type: Grant
    Filed: July 3, 2013
    Date of Patent: November 18, 2014
    Assignee: Trend Micro Incorporated
    Inventors: Jayronn Christian Sulit Bucu, Frederic Fritz Anciano Vila, Nicholas Carlo Talens Ramos
  • Patent number: 8887282
    Abstract: A client computer runs a communicator employed to connect to a server computer in a cloud. The communicator is updated on a regular basis to update its algorithms for processing raw data into secured data. The server computer receives and validates the secured data, and attempts to update the communicator if the secured data is invalid. The server computer may deem the client computer as being infected when the update is reinitiated a predetermined number of times. The raw data may be restructured, or encrypted using an encryption scheme where the key used for the encryption is not provided to the receiver of the data. The algorithm for data restructuring and encryption may be included in the update to the communicator. Communication between the client computer and the server computer may be on a dynamically selected channel indicated in a previous communication.
    Type: Grant
    Filed: July 3, 2013
    Date of Patent: November 11, 2014
    Assignee: Trend Micro Incorporated
    Inventors: Jayronn Christian Sulit Bucu, Frederic Fritz Anciano Vila, Nicholas Carlo Talens Ramos
  • Patent number: 8872677
    Abstract: A compression method applies a selection rule to input symbols and generates a reduced partial set of symbols. The partial set is checked against a dictionary-index for a match. A match identifies a range of matching symbols in a dictionary. The length of the matching range is iteratively increased by checking previous and next symbols in the input data and the dictionary until a matching range length meets a threshold limit or the length of the matching range cannot be increased further. Compressed data corresponding to the input symbols is provided where input symbols are copied over and symbols in a matched range of data are replaced with a representation of their corresponding start location and length in the dictionary.
    Type: Grant
    Filed: March 15, 2013
    Date of Patent: October 28, 2014
    Assignee: Dialogic Networks (Israel) Ltd.
    Inventors: Oleg Litvak, Amir Ilan
  • Patent number: 8874921
    Abstract: A method of generating a keyless digital multi-signature is provided. The method includes receiving multiple signature generation requests from one or more client computers, building subtrees based on the signature generation requests, and constructing a search tree including the subtrees. The method also includes assigning explicit length tags to leaf nodes of the search tree to balance the search tree and applying a hash function to each of the search tree nodes. The root hash value and the height of the search tree make up a generated aggregate signature request, followed by receiving an aggregate signature based on the aggregate signature request. The keyless digital multi-signature is generated based on the aggregate signature and contains an implicit length tag to verify that the number of signature generation requests is limited. The aggregate signature is generated if the height of the search tree does not exceed a predetermined height limitation.
    Type: Grant
    Filed: June 20, 2011
    Date of Patent: October 28, 2014
    Assignee: Guardtime IP Holdings, Ltd.
    Inventors: Ahto Buldas, Andres Kroonmaa, Märt Saarepera
  • Patent number: 8863253
    Abstract: In various embodiments, a method comprises scanning a directory structure to generate a scan result comprising a plurality of discovered systems, identifying one or more accounts associated with at least one of the plurality of discovered systems, configuring a security appliance to change one or more old passwords to one or more new passwords for the one or more accounts, and changing, with the configured security appliance, the one or more old passwords to the one or more new passwords.
    Type: Grant
    Filed: September 30, 2009
    Date of Patent: October 14, 2014
    Assignee: BeyondTrust Software, Inc.
    Inventors: Gyle Iverson, Jeffery Nielsen, Julie Lustig-Rusch, James Mitchell
  • Patent number: 8838984
    Abstract: A method for data integrity protection includes receiving items of data for storage in a storage medium. The items are grouped into multiple groups, such that at least some of the groups include respective pluralities of the items. A respective group signature is computed over each of the groups, thereby generating multiple group signatures. An upper-level signature is computed over the group signatures. Groups of the items, the group signatures, and the upper-level signature are stored in respective locations in the storage medium.
    Type: Grant
    Filed: September 24, 2008
    Date of Patent: September 16, 2014
    Assignee: SanDisk IL Ltd.
    Inventors: Arseniy Aharonov, Yonatan Halevi
  • Patent number: 8837718
    Abstract: The claimed subject matter relates to architectures that can construct a hierarchical set of decryption keys for facilitating user-controlled encrypted data storage with diverse accessibility and hosting of that encrypted data. In particular, a root key can be employed to derive a hierarchical set of decryption keys and a corresponding hierarchical set of encryption keys. Each key derived can conform to a hierarchy associated with encrypted data of the user, and the decryption capabilities of the decryption keys can be configured based upon a location or assignment of the decryption key within the hierarchy. The cryptographic methods can be joined with a policy language that specifies sets of keys for capturing preferences about patterns of sharing. These policies about sharing can themselves require keys for access and the policies can provide additional keys for other aspects of policy and or base-level accesses.
    Type: Grant
    Filed: March 27, 2009
    Date of Patent: September 16, 2014
    Assignee: Microsoft Corporation
    Inventors: Kristin Estella Lauter, Mihir Bellare, Josh Benaloh, Melissa E. Chase, Erik J. Horvitz, Chris Demetrios Karkanias
  • Patent number: 8831272
    Abstract: A system (50) is used for identifying a content item. The system (50) receives a received first identifier (101) of the content item, the received first identifier being based on at least part of a baseband level representation of the content item; a received second identifier (102) of the content item, the received second identifier being based on at least part of an encoded representation (103) of the content item; and the at least part of the encoded representation (103) of the content item. The system comprises a second identifier generator (53) for generating a generated second identifier based on the at least part of the encoded representation (103) of the content item; and a validation unit (54) for validating the received first identifier as a valid first identifier of the content item if the generated second identifier matches the received second identifier.
    Type: Grant
    Filed: October 7, 2009
    Date of Patent: September 9, 2014
    Assignee: Koninklijke Philips N.V.
    Inventor: Franciscus L.A.J. Kamperman
  • Patent number: 8832800
    Abstract: A method for producing an electro-biometric signature allowing legal interaction between and the identification of persons utilizing biometric features. The method includes inputting a user's biometric features in a pre-determined sequence and checking that no feature is entered repeatedly.
    Type: Grant
    Filed: August 24, 2010
    Date of Patent: September 9, 2014
    Assignee: Administradora de Proyectos y Sistemas Avanzados, S.C.
    Inventors: Pedro Pablo Garcia Perez, Juan Luis Soto Decuir, Ciro Alfonso Herrera Ramirez