Message Digest Travels With Message Patents (Class 713/181)
-
Patent number: 7613926Abstract: Protection systems and methods provide for protecting one or more personal computers (“PCs”) and/or other intermittently or persistently network accessible devices or processes from undesirable or otherwise malicious operations of Java™ applets, ActiveX™ controls, JavaScript™ scripts, Visual Basic scripts, add-ins, downloaded/uploaded programs or other “Downloadables” or “mobile code” in whole or part. A protection engine embodiment provides, within a server, firewall or other suitable “re-communicator,” for monitoring information received by the communicator, determining whether received information does or is likely to include executable code, and if so, causes mobile protection code (MPC) to be transferred to and rendered operable within a destination device of the received information, more suitably by forming a protection agent including the MPC, protection policies and a detected-Downloadable.Type: GrantFiled: March 7, 2006Date of Patent: November 3, 2009Assignee: Finjan Software, LtdInventors: Yigal Mordechai Edery, Nimrod Itzhak Vered, David R. Kroll, Shlomo Touboul
-
Patent number: 7610505Abstract: Methods and apparatus for implementing peer-to-peer relay. In one implementation, a method of detecting and recovering from violations in a peer-to-peer relay network includes: receiving a message at a peer system from a sending peer system connected to said peer system in a peer-to-peer relay network detecting a violation in said received message; and sending an alert message to each peer system connected to said peer system in said peer-to-peer relay network; wherein each peer system in said peer-to-peer relay network stores a connection limit defining a number of other peer systems up to which that peer system is permitted to connect, and each peer system stores a set of one or more relay rules for relaying data to other peer systems connected to that peer system.Type: GrantFiled: January 24, 2008Date of Patent: October 27, 2009Assignee: Sony Computer Entertainment America Inc.Inventors: Glen Van Datta, Anthony Mai
-
Patent number: 7606401Abstract: Herein is described a tokenless biometric method for processing electronic transmissions, using at least one user biometric sample, an electronic identicator and an electronic rule module clearinghouse. The steps for processing of the electronic transmissions comprise of a user registration step, wherein a user registers with an electronic identicator at least one registration biometric sample taken directly from the person of the user. A formation of a rule module customized to the user in a rule module clearinghouse, wherein at least one pattern data of a user is associated with at least one execution command of the user. A user identification step, wherein the electronic identicator compares a bid biometric sample taken directly from the person of the user with at least one previously registered biometric sample for producing either a successful or failed identification of the user.Type: GrantFiled: August 4, 2005Date of Patent: October 20, 2009Assignee: YT Acquisition CorporationInventors: Ned Hoffman, Philip Dean Lapsley
-
Patent number: 7603562Abstract: A mechanism for making increased amounts of firmware available to a computer pre-boot is discussed. To increase the amount of firmware available pre-boot, a design decision is made during the build process as to which segments of the firmware need to be placed on the ROM part and which segments of the firmware can be located elsewhere. The segments of the firmware that are stored remotely from the ROM are referred to as “virtual ROM modules”. Each of the virtual ROM modules is assigned a generated unique identifier, and a “message digest” is constructed for each module using an algorithm such as MD5 or SHA-1. In the software build of the ROM image, the message digest-unique identifier pair created for each Virtual ROM module is used as a logical pointer for the virtual module. Additionally, a search path variable is placed into the ROM image in non-volatile storage. The search path provides for one or more locations in which to look for the Virtual ROM modules, and may be updated at a later point in time.Type: GrantFiled: February 1, 2006Date of Patent: October 13, 2009Assignee: Insyde Software CorporationInventor: Rex A. Flynn
-
Publication number: 20090254756Abstract: A data communication method capable of performing a synchronization processing at two or more computer terminals while ensuring security. A server certificate and a public key are transmitted through a host-side terminal to a guest-side terminal, whereby the guest-side terminal authenticates the server, and a guest-side hash key used in a hash function, as well as the hash function, are encrypted with the public key. A web server decrypts the hash key and the hash function, creates a digest of the contents with the guest-side hash key, and transmits the digest through the host-side terminal to the guest-side terminal. The guest-side terminal receives the contents and digest received from the host-side terminal, and compares this digest and a digest created from the received contents, whereby security can be ensured when the synchronization processing is performed.Type: ApplicationFiled: September 24, 2004Publication date: October 8, 2009Inventor: Jun Kawakita
-
Patent number: 7600127Abstract: A method for updating an ISO file, e.g., to add a digital signature to the ISO file, includes adding a supplemental file composed of, e.g., all zeroes to the ISO file before recording, and then recording the ISO file with supplemental file to an optical disk using ISO format. A digital signature is computed after recording. The zeroes in the supplemental file are replaced by the values of the digital signature and the file is re-saved. Also, an ISO file that might have a common part and several unique parts, e.g., for respective languages, is deconstructed such that only a single copy of the common part is recorded to disk, avoiding multiple recordations of the same data.Type: GrantFiled: July 13, 2005Date of Patent: October 6, 2009Assignee: Lenovo Singapore Pte. LtdInventors: Rod David Waltermann, Mark Charles Davis, Seiichi Kawano
-
Patent number: 7599890Abstract: A memory card (110) includes a memory (1415) to store encrypted content data, a license hold unit (1440) to store at least a portion of license information distributed by a distribution system, a plurality of authentication data hold units (1400.1, 1400.2), each storing a plurality of authentication data that are authenticated respectively by a plurality of public authentication keys KPma, KPmb common to the distribution system, and a switch (SW2) to selectively provide the data from the plurality of authentication data hold units outside of said recording apparatus according to a request external to the memory card (110).Type: GrantFiled: March 28, 2001Date of Patent: October 6, 2009Assignees: Sanyo Electric Co., Ltd., Fujitsu Limited, Hitachi, Ltd.Inventors: Yoshihiro Hori, Hiroshi Takemura, Takatoshi Yoshikawa, Toshiaki Hioki, Takahisa Hatakeyama, Takayuki Hasebe, Shigeki Furuta, Masataka Takahashi, Takeaki Anazawa, Tadaaki Tonegawa
-
Patent number: 7600134Abstract: A method for theft deterrence of a computer system is disclosed. The computer system includes a trusted platform module (TPM) and storage medium. The method comprises providing a binding key in the TPM; and providing an encrypted symmetric key in the storage medium. The method further includes providing an unbind command to the TPM based upon an authorization to provide a decrypted symmetric key; and providing the decrypted symmetric key to the secure storage device to allow for use of the computer system. Accordingly, by utilizing a secure hard disk drive (HDD) that requires a decrypted key to function in conjunction with a TPM, a computer if stolen is virtually unusable by the thief. In so doing, the risk of theft of the computer is significantly reduced.Type: GrantFiled: November 8, 2004Date of Patent: October 6, 2009Assignee: Lenovo Singapore Pte. Ltd.Inventors: Ryan C. Catherman, David C. Challener, James P. Hoff, Joseph M. Pennisi, Randall S. Springfield
-
Patent number: 7600126Abstract: Efficient processing of time-bound messages is described herein. In an implementation, messages are classified either time-bounded messages or non-time-bounded messages. The time-bounded messages are then processed separately from the non-time-bound messages. Examples of time-bounded messages can include spam e-mails or other types or classes of e-mails subject to a retention policy, such that the are retained only for some set period of time. Metadata relating to the time-bound messages are compiled and stored separately from the messages, thereby enabling optimization of the metadata storage and processing apart from the messages. The time-bounded messages are accumulated before they are processed in bulk, thereby reducing the number if I/O operations consumed by the time-bound messages, and reducing the amount and cost of resources supporting the process of the time-bounded messages.Type: GrantFiled: May 27, 2005Date of Patent: October 6, 2009Assignee: Microsoft CorporationInventors: William J. Bolosky, Atul Adya, Ronnie I Chaiken, Marcus Jon Jager
-
Publication number: 20090249076Abstract: A user is provided with access to his or her account information using a client. The account information is stored on a server which receives the information from a feed source and transmits the information to the client. A method for downloading and installing specialized software for viewing the account information on the client is also provided. The information can be received from different feed sources in different formats and converted to a format that is compatible with the intended receiving client. Encryption can be used to protect the privacy of the users of the system and the account information therein. Additionally, a special access password and a privileged access routine can be used to provide access to an authorized third party user on a temporary basis.Type: ApplicationFiled: April 1, 2009Publication date: October 1, 2009Applicant: AllOne Health Group, Inc.Inventors: William C. Reed, William Drew Palin, Dennis Wozniak, Thomas A. Druby, Daniel Thomas Hynes, Patrick Jason Kinney, Warwick Antony Charlton, John Greg Pollak, Erik Lazlo Manassy
-
Patent number: 7596703Abstract: An agent computer system, acting on behalf of the user, provides the personal information to various wide area network sites for conducting online transactions. A user has a secure device with a built-in device identifier. A backup center has a computer system to be coupled to the secure device during backup of the personal information. The personal information is encrypted with a unique user ID as a key. The user ID is entered by the user. The user ID is irreversibly encrypted to a unique irreversibly encrypted user identifier. The secure device includes data executable to establish a new account, renew an old account, and transmission of the encrypted information along with the unique device identifier and the unique irreversibly encrypted user identifier to the backup center. The unique device identifier and the unique irreversibly encrypted user identifier are used for indexing the storage of the encrypted information.Type: GrantFiled: March 21, 2003Date of Patent: September 29, 2009Assignee: Hitachi, Ltd.Inventors: Tomohisa Kohiyama, Motoyasu Tsunoda
-
Publication number: 20090240764Abstract: A network storage system for a download intensive environment is provided. The network storage comprises at least a data storage server (DSS) that includes an interface enabling connection of the DSS to a network at a location that enables at least a view of network transactions performed by a plurality of clients; a storage unit; and a system adapted to monitor the network transactions occurring on the network and identification of the network transactions as belonging to a registered client of the DSS, and storing in the storage the transactions with an identification corresponding to the registered client.Type: ApplicationFiled: March 17, 2009Publication date: September 24, 2009Applicant: CRYPTORIAInventors: NIR PELEG, OR SAGI, AMNON STRASSER
-
Patent number: 7594261Abstract: Systems and methods for cryptographically processing data as a function of a Cartier pairing are described. In one aspect, a Cartier pairing is generated from two different abelian varieties or abelian varieties and an isogeny between them. Data is cryptographically processed based on the Cartier pairing.Type: GrantFiled: February 8, 2005Date of Patent: September 22, 2009Assignee: Microsoft CorporationInventors: Kristin E. Lauter, Denis X. Charles
-
Patent number: 7594124Abstract: A method and apparatus for cross validation of data using multiple subsystems are described. According to one embodiment of the invention, a computer comprises a first subsystem and a second subsystem; and a memory, the memory comprising a first memory region and a second memory region, the first memory region being associated with the first subsystem and a second memory region being associated with the second subsystem; upon start up of the computer, the first subsystem to validate the second memory region and the second subsystem to validate the first memory region.Type: GrantFiled: June 9, 2004Date of Patent: September 22, 2009Assignee: Intel CorporationInventors: David Durham, Travis Schluessler, Raj Yavatkar, Vincent Zimmer, Carey Smith
-
Patent number: 7590853Abstract: Secure computation environments are protected from bogus or rogue load modules, executables and other data elements through use of digital signatures, seals and certificates issued by a verifying authority. A verifying authority—which may be a trusted independent third party—tests the load modules or other executables to verify that their corresponding specifications are accurate and complete, and then digitally signs the load module or other executable based on tamper resistance work factor classification. Secure computation environments with different tamper resistance work factors use different verification digital signature authentication techniques (e.g., different signature algorithms and/or signature verification keys)—allowing one tamper resistance work factor environment to protect itself against load modules from another, different tamper resistance work factor environment.Type: GrantFiled: August 20, 2007Date of Patent: September 15, 2009Assignee: Intertrust Technologies CorporationInventors: Victor H. Shear, W. Olin Sibert, David M. Van Wie
-
Patent number: 7590855Abstract: To assist a destination/intermediary node in authenticating a communications packet as originating from a certain source node, the source node hides a cryptographically generated first special value based on the packet in a header portion of the communications packet. Upon receipt of the communications packet, the destination/intermediary node cyptographically generates a second special value also based on the packet for comparison to the first special value extracted from hiding in the header portion. If the first and second special values match, the destination/intermediary node has authenticated the communications packet as originating from the source node. The foregoing may be implemented in a number of situations, but has special use in connection with the detection of packet communications vulnerability assessment probe traffic by an intrusion detection system.Type: GrantFiled: April 30, 2002Date of Patent: September 15, 2009Assignee: TippingPoint Technologies, Inc.Inventor: Victoria Lynn Irwin
-
Publication number: 20090228701Abstract: A logging system and method based on a one-way hash function are described. The system includes a user system, a trusted third party, and a verifier. The method includes the following steps. The user system records a log file and initializes a message authentication code key and an image code. When the verifier requests the user system for a logging unit corresponding to an operation history, the user system uses a one-way hash function to calculate a check value and returns the check value and an image code sequence. The verifier then verifies the integrity of the check value and the image code sequence through the trusted third party. The trusted third party checks if the image code sequence obtained by the hash calculation equals to the check value through the one-way hash function, so as to verify that the log file of the user system has not been modified.Type: ApplicationFiled: December 17, 2008Publication date: September 10, 2009Applicant: INDUSTRIAL TECHNOLOGY RESEARCH INSTITUTEInventor: Chih-Yin LIN
-
Patent number: 7581110Abstract: This invention provides a bandwidth-efficient mechanism whereby the source or originating node(s) (the invention supports multiple source nodes, each creating single or multiple broadcast message(s)) may utilize broadcast addressing service to efficiently reach multiple receiver nodes and still control which receiver node(s) may access the broadcast data or message. This method is realized by a novel and efficient key distribution technique.Type: GrantFiled: August 24, 2000Date of Patent: August 25, 2009Assignee: Nokia CorporationInventor: Scott Probasco
-
Patent number: 7581103Abstract: Software self-checking mechanisms are described for improving software tamper resistance and/or reliability. Redundant tests are performed to detect modifications to a program while it is running. Modifications are recorded or reported. Embodiments of the software self-checking mechanisms can be implemented such that they are relatively stealthy and robust, and so that it they are compatible with copy-specific static watermarking and other tamper-resistance techniques.Type: GrantFiled: June 13, 2002Date of Patent: August 25, 2009Assignee: InterTrust Technologies CorporationInventors: William G. Home, Lesley R. Matheson, Casey Sheehan, Robert E. Tarjan
-
Patent number: 7581117Abstract: Secure delivery of configuration data of an intellectual property (IP) core includes the steps of loading configuration data for the IP core into IP core space by an IP core provider, masking portions of the IP core space not loaded with configuration data in the loading configuration data step with the value 0 or 1 by the IP core provider, encrypting data in the IP core space by the IP core provider, loading configuration data for system design other than for the IP core into a remainder space and any unused portions of the IP core space by a system designer, masking portions of the IP core space loaded in the loading configuration data step with the value 0 or 1 used by the IP core provider in the masking portions of the IP core space not loaded step, and encrypting data in a configuration space by the system designer.Type: GrantFiled: July 19, 2005Date of Patent: August 25, 2009Assignee: Actel CorporationInventors: Kenneth Irving, Jonathan Greene
-
Patent number: 7577845Abstract: In accordance with the present invention, there is provided a concept of the present invention is to use technology and methods of a special coded information matrix cryptogram with five integrated technologies to protect the original digital data from forgery, counterfeiting and pirating effectively. Five technologies comprise of data matrix bitmap technology, compression technology, encryption technology, data allocating technology and authentication technology. They can enhance the information matrix cryptogram with the special features to the strongest level of security. The concept of designing the system of the present invention is to be able to convert any data in any kind of formats and size into a special formatted and coded information matrix cryptogram. This cryptogram with a special authentic code is unique and infeasible to break.Type: GrantFiled: August 17, 2004Date of Patent: August 18, 2009Inventor: Hengli Ma
-
Publication number: 20090204813Abstract: A system for authenticating data of interest includes a digest locator engine capable to locate a first and a second digest result in a data file, including a set of data; a first digest creator capable to create, using a first digest function, a first digest of the set of data, the first digest function being identical to a digest function used to create the first digest result; a second digest creator capable to create, using a second digest function that is incompatible with the first digest function, a second digest of the set of data, the second digest function being identical to a second digest function used to create the second digest result; and a digest comparator engine, communicatively coupled to the digest locator, first digest creator and the second digest creator, capable to compare the first and second created digests with the first and second located digest results respectively.Type: ApplicationFiled: January 20, 2009Publication date: August 13, 2009Inventor: John Man Kwong Kwan
-
Patent number: 7574605Abstract: A method of managing digital signature includes the steps of preparing a signature log file storing signature log entry information, generating a new digital signature for a transmission message by reflecting, in the new digital signature, signature log entry information registered to the signature log file in the past; generating signature log entry information associated with the new digital signature and registering the signature log entry information to the signature log file; and preparing a user search file in addition to the signature log file; registering, to the user search file, user identifier information indicating a transmission destination of the transmitted digital signature and a transmission source of the received digital signature, with a correspondence established between the information, the user identifier information, and each signature log entry information in the signature log file.Type: GrantFiled: May 17, 2002Date of Patent: August 11, 2009Assignee: Hitachi, Ltd.Inventors: Kouichi Tanimoto, Shinji Itoh, Kunihiko Miyazaki, Narihiro Omoto, Katsuko Nishioka
-
Patent number: 7574479Abstract: Techniques for attesting to content received from an author (sender) are provided. A sender's content is represented by a message digest. The message digest is signed by an identity service. The signed message digest represents an attestation as to the authenticity of the content from the sender. The sender transmits the signed message digest and content in a message to a recipient. The recipient verifies the signature and message digest to authenticate the content from the sender.Type: GrantFiled: January 24, 2006Date of Patent: August 11, 2009Assignee: Novell, Inc.Inventors: Cameron Craig Morris, Lloyd Leon Burch, Stephen R. Carter, Stephen Hugh Kinser
-
Patent number: 7574607Abstract: Methods and apparatus for secure transmission of data in pipeline fashion. A pair of transaction certificates can be used to verify the authenticity and integrity of data transmitted in more than one block.Type: GrantFiled: October 29, 2002Date of Patent: August 11, 2009Assignee: Zix CorporationInventors: Gary G. Liu, David P. Cook
-
Patent number: 7571325Abstract: Methods, apparati, and computer-readable media for regulating a user's access to a Web page. A method embodiment of the present invention comprises the steps of hashing (31) a URL associated with a Web page requested by the user; comparing (32) the hashed URL with a list (24) of pre-stored URL hashes; and granting (34) or denying (37) access to the requested Web page based upon results of the comparing step (32).Type: GrantFiled: March 14, 2005Date of Patent: August 4, 2009Assignee: Symantec CorporationInventors: Shaun Cooley, Brian Powell
-
Patent number: 7570759Abstract: A method for encrypting a message containing a plurality of message segments is described. First, a key is input into a SHA function to generate a first hash value. Then, a first message segment is encrypted into a first cipher segment by use of a part of the first hash value. Next, the first message segment and the first hash value are input into the SHA function to generate a second hash value. Following that, the second message segment is encrypted into a second cipher segment by use of a part of the second hash value. Subsequently, next message segment is repeatedly encrypted and input into the SHA function to generate a next cipher segment and a next hash value, respectively, until the last message segment is encrypted and the last hash value is generated.Type: GrantFiled: August 13, 2004Date of Patent: August 4, 2009Inventor: Yen-Fu Liu
-
Publication number: 20090193261Abstract: In one embodiment of the invention, an apparatus for authenticating a flash program is provided. The apparatus comprises a hardware unique key, a register storing a customer identity (ID) and a message authentication code (MAC) generation unit. The MAC generation unit acquires a root key corresponding to the hardware unique key and the customer ID, and generates a MAC for the flash program using the acquired root key, wherein the content of the register is locked to avoid modification of the stored customer ID until the next system reset.Type: ApplicationFiled: January 25, 2008Publication date: July 30, 2009Applicant: MEDIATEK INC.Inventors: Ching-Chao Yang, Tzung-Shian Yang
-
Publication number: 20090187759Abstract: Systems, methods, and computer readable media for application-level authentication in a telecommunications network are disclosed. According to one aspect, the subject matter described herein includes a method for application-level authentication of messages in a telecommunications network. The method includes, at a node in a telecommunications network, receiving, from a personal communications device having a user, a message requiring application-level authentication, the message including information associated with the user and incorporating first authentication information associated with the user, the first authentication information being provided from a source that is not the user of the personal communications device. A request for second authentication information associated with the user is sent to an authentication server.Type: ApplicationFiled: January 21, 2009Publication date: July 23, 2009Inventor: Peter J. Marsico
-
Patent number: 7565549Abstract: Managing and controlling the execution of software programs with a computing device to protect the computing device from malicious activities. A protector system implements a two-step process to ensure that software programs do not perform malicious activities which may damage the computing device or other computing resources to which the device is coupled. In the first phase, the protector system determines whether a software program has been previously approved and validates that the software program has not been altered. If the software program is validated during the first phase, this will minimize or eliminate security monitoring operations while the software program is executing during the second phase. If the software program cannot be validated, the protector system enters the second phase and detects and observes executing activities at the kernel level of the operating system so that suspicious actions can be anticipated and addressed before they are able to do harm to the computing device.Type: GrantFiled: July 3, 2007Date of Patent: July 21, 2009Assignee: International Business Machines CorporationInventors: Thomas James Satterlee, William Frank Hackenberger
-
Patent number: 7565537Abstract: A secure key exchange with mutual authentication allows devices on a network to perform, in a single roundtrip over the network, the exchange. A key exchange initiator packet that does not include a key to be established is sent from an initiating device to another device via a network. The key exchange initiator packet is validated and the other device generates the key without requiring any additional packets to be received from the initiating device in order to generate the key. A key exchange response packet that does not include the key is returned to the initiating device, which validates the key exchange response packet and generates the key without requiring any additional packets to be sent to the other device or received from the other device.Type: GrantFiled: June 10, 2002Date of Patent: July 21, 2009Assignee: Microsoft CorporationInventors: Dinarte R. Morais, Ling Tony Chen, Damon V. Danieli
-
Patent number: 7558953Abstract: Disclosed is a method of loading data, such as software, into a mobile terminal, where the data is loaded from a loading station, and the data comprises payload data and header data. The mobile terminal accepts the data conditioned on a verification process based on the header data. The step of receiving the data further comprises the steps of receiving a header message including the header data from the loading station by the mobile terminal, verifying the received header data by the mobile terminal, and receiving at least a first payload message including the payload data, if the header data is verified successfully.Type: GrantFiled: December 20, 2002Date of Patent: July 7, 2009Assignee: Telefonaktiebolaget L M Ericsson (Publ)Inventors: Harro Osthoff, Bernard Smeets, Christian Gehrmann
-
Publication number: 20090164794Abstract: The digital content store provides users with an opportunity to purchase authorized usage of digital content, such as single or multiple music tracks, video, movies, and/or video games. The users can also buy license to a desired track for a fixed number of times, e.g. preferably the users can listen on three different machines simultaneously. Users can also burn a play list of X number of times, for example ten. The burn limit preferably applies to the play list, not the song. Mixed media capability is provided that allows the purchase of digital content and/or physical media. The digital content store system comprises a unique digital rights management system and a back-end enabling system that controls these digital rights.Type: ApplicationFiled: December 18, 2008Publication date: June 25, 2009Inventors: Ellis Verosub, Sanjeev Tenneti, Kamal Acharya, Solomon D. Goldfarb, Todd Pringle, David S. Bill, Shailesh Prakash, Adam Milligan
-
Patent number: 7551737Abstract: A system and method for providing cryptographic keys which are usable in a network of connected computer nodes applying a signature scheme. The method employs: generating a random secret key usable in the network of connected computer nodes; generating an exponent interval I having a plurality of exponent elements, the exponent interval having a specified first random limit, wherein each element of the plurality of exponent elements of the exponent interval has a unique prime factor tat is larger than a given security parameter; and, providing a public key comprising an exponent-interval description including The first random limit, and a public key value derived from the random secret key, such That the random secret key and a selected exponent value from the plurality of exponent elements in the exponent interval I are usable for deriving a signature value on a message to be sent within The network to a second computer node for verification.Type: GrantFiled: March 25, 2004Date of Patent: June 23, 2009Assignee: International Business Machines CorporationInventors: Jan Camenisch, Maciej A Koprowski
-
Patent number: 7552230Abstract: One embodiment of the present method and apparatus for reducing spam in peer-to-peer networks includes forming a search message including at least one decoy word and sending the search request message, including the decoy word(s), to one or more nodes in the network. Embodiments of the present invention make it possible to weed out nodes in the network that send spam in response to every search message (e.g., regardless of the search message's content).Type: GrantFiled: June 15, 2005Date of Patent: June 23, 2009Assignee: International Business Machines CorporationInventors: David A. George, Raymond B. Jennings, III, Jason D. LaVoie
-
Patent number: 7552332Abstract: A method and system for capturing an electronic signature of a user in a Java-based environment on a personal digital assistant. A user is prompted by an applet operating on the personal digital assistant, handling a canvas by the applet, and capturing an instance of the electronic signature on the canvas. The canvas encodes the instance of the electronic signature in a file and transfers the file by the canvas to the applet. A personal digital assistant may include a screen sensitive to pressure for capturing a signature and an application adapted to capture and attach the signature to a business object. The application may also include an applet adapted to prompt a user and adapted to handle a canvas. The canvas is adapted to capture an instance of the electronic signature and encode the instance in a file. The file is transferred by the canvas to the applet.Type: GrantFiled: October 20, 2003Date of Patent: June 23, 2009Assignee: SAP AGInventors: Prithipal Singh, Sunil Lal, Srinivasan Subramanian
-
Patent number: 7552335Abstract: The present invention provides a technique that allows for a valid modification that is authorized by the author of data, while assuring the originality of the data. An information processing apparatus for processing original data created by a predetermined author is provided. The information processing apparatus includes a modification-information storing unit for storing modification information regarding a modification onto a storage medium when the original data is modified, and a modification-assuring-information creating unit for creating modification assuring information for assuring that the modification information is true.Type: GrantFiled: November 12, 2003Date of Patent: June 23, 2009Assignee: Canon Kabushiki KaishaInventor: Keiichi Iwamura
-
Publication number: 20090158046Abstract: A system (200) detects transmission of potentially malicious packets. The system (200) receives, or otherwise observes, packets and generates hash values based on variable-sized blocks of the packets. The system (200) then compares the generated hash values to hash values associated with prior packets. The system (200) determines that one of the received packets is a potentially malicious packet when one or more of the generated hash values associated with the received packet match one or more of the hash values associated with the prior packets.Type: ApplicationFiled: October 10, 2008Publication date: June 18, 2009Inventors: Walter Clark Milliken, William Timothy Strayer, Stephen Douglas Milligan, Luis Sanchez, Craig Partridge
-
Publication number: 20090158045Abstract: The present invention relates to a wireless sensor message authentication method, which is characterized by an authentication scheme of any message authentication code applied to any secure message authentication code (MAC); an authentication scheme using the concept of error correcting code (ECC) and applied to any binary ECC to provide different feature; flexible technique tuning required throughput and faulty data detection capability by adjusting the ECC in use; end-to-end authentication; and XOR operation conducted to original MAC to secure light overhead.Type: ApplicationFiled: February 1, 2008Publication date: June 18, 2009Inventors: Hung-Min Sun, Shih-Ying Chang
-
Patent number: 7549058Abstract: A method and apparatus for encrypting and decrypting digital data employing multiple Huffman tables and at least one encryption key to enhance security of the digital data. At least one image parameter for characterizing the digital data, such as a motion vector table or DC-luminance, is selected as an image parameter. All possible Huffman tables according to the image parameter are then generated by Huffman tree mutation. A predetermined number of active Huffman tables from all possible Huffman tables are selected using a first encryption key and a hash function. Afterward, a coding sequence for the active Huffman tables is generated using a second encryption key and the hash function. Finally, the digital data is encrypted into an encrypted bit stream by the active Huffman tables with the coding sequence. Encrypted symbols of the image parameter can be reduced by symbol statistic analysis, thus reducing computation effort.Type: GrantFiled: June 30, 2005Date of Patent: June 16, 2009Assignee: MAVs Lab. Inc.Inventors: Bei Wang, Chia-Hung Yeh, Hsuan-Huei Shih, C.-C. Jay Kuo
-
Patent number: 7549061Abstract: An executing device for conducting playback is high during the playback of contents. The executing device is equipped with a highly efficient processor and reduces the processing load involved in verification by using, for the verification, only a predetermined number of encrypted units selected randomly from multiple encrypted units constituting encrypted contents recorded on a DVD. In addition, the executing device is capable of improving the accuracy of detecting unauthorized contents by randomly selecting a predetermined number of encrypted units every time the verification is performed.Type: GrantFiled: March 24, 2005Date of Patent: June 16, 2009Assignee: Panasonic CorporationInventors: Masao Nonaka, Yuichi Futa, Toshihisa Nakano, Kaoru Yokota, Motoji Ohmori, Masaya Miyazaki, Masaya Yamamoto, Kaoru Murase, Senichi Onoda
-
Patent number: 7549053Abstract: A method and system for efficiently retrieving secured data by securely pre-processing provided access information, provides data store security based on only a single piece of access information, which is generally public, such as the proper name of a business or individual that is used to retrieve mailing address information. The access information is hashed for access to a secured data store and efficient access and low data storage for permutations of input access information are provided by verifying the presence of an entry for the hashed access information in a look-up table. If an entry is found, the data store is accessed using the hashed access information, but if an entry is not found, another look-up table corresponding to another information type may be tried or the input access information permuted and retried.Type: GrantFiled: September 27, 2005Date of Patent: June 16, 2009Assignee: United States Postal ServiceInventors: James D. Wilson, Robert F Snapp, David J Payne, Edgar H. Gillock, II
-
Patent number: 7545810Abstract: Approaches are disclosed for switching transport protocol connection keys. In a transport protocol module configured to use a first key for signing messages associated with a transport protocol connection, a second key is configured for the transport protocol connection. A first message that is associated with the transport protocol connection is received. The first message includes a first signature. A first and a second message digests are computed for the first message, where the first message digest is based on the first key and the second message digest is based on the second key. The first message is validated if the first signature in the first message matches any one of the first message digest and the second message digest.Type: GrantFiled: July 1, 2005Date of Patent: June 9, 2009Assignee: Cisco Technology, Inc.Inventors: Satish K. Mynam, Anantha Ramaiah, Chandrashekhar Appanna, Keyur Patel
-
Patent number: 7545938Abstract: An apparatus for generating codes includes a quantization unit which generates quantization coefficients by performing discrete wavelet transform with respect to each of tiles into which an image is divided, a block division unit which divides the quantization coefficients into blocks, a Hash conversion unit which performs Hash conversion based on the quantization coefficients of each of the blocks so as to produce a Hash value for each of the blocks, a digital watermark embedding unit which adjusts a parity of a quantization coefficient of interest equal to a parity of the Hash value of a block to which the quantization coefficient of interest belongs, and a coding unit which generates code sequence data by coding the quantization coefficients including the quantization coefficient whose parity is adjusted.Type: GrantFiled: November 10, 2003Date of Patent: June 9, 2009Assignee: Ricoh Company Ltd.Inventors: Yasuyuki Nomizu, Takanori Yano, Junichi Hara, Hiroyuki Sakuyama, Taku Kodama, Yasuyuki Shinkai, Toshio Miyazawa, Nekka Matsuura, Takayuki Nishimura
-
Patent number: 7543138Abstract: An image registration server stores encryption keys of respective ones of a plurality of client terminals. Image data is encrypted by the image registration server using the encryption key corresponding to the client terminal to which the image data is applied. The encrypted image data is applied to the client terminal via a server. The client terminal has a decryption key stored within so that only a client terminal that is duly authorized can decrypt encrypted image data. Other client terminals that are not duly authorized cannot decode the image data. This makes it possible to prevent unlawful use of image data even if the image data has been intercepted.Type: GrantFiled: September 22, 2000Date of Patent: June 2, 2009Assignee: Fujifilm CorporationInventors: Yoshiki Kawaoka, Norihisa Haneda, Hiroshi Suganuma, Hiroyuki Yoshinaga
-
Patent number: 7543149Abstract: A method for securing patient identity comprising accessing an electronic medical records database including patient data for a plurality of patients. Each patient in the electronic medical records database is assigned a unique patient identifier. Patient data for a first patient, including a first patient identifier, is retrieved from the electronic medical records database. The first patient is de-identified from the patient data. De-identifying includes the creation of a first encoded patient identifier responsive to the first patient identifier. The de-identifying results in de-identified first patient data and includes the replacement of the first patient identifier with the first encoded patient identifier. The de-identified first patient data is transmitted to a data warehouse system. The method further comprises identifying a second patient in response to receiving report data that includes a second encoded patient identifier from the data warehouse system.Type: GrantFiled: April 22, 2003Date of Patent: June 2, 2009Assignee: GE Medical Systems Information Technologies Inc.Inventors: Thomas N. Ricciardi, Curtis White
-
Publication number: 20090138722Abstract: A method and apparatus for authenticating and authorizing online transactions. An authentication cookie is transmitted to a client system. The authentication cookie includes a user encryption key and an encrypted buffer that contains user identification data and a profile code. Subsequent requests for the particular service use the authentication cookie to generate a query that includes the encrypted buffer and user identification data entered by the user. Portions of the query are encrypted using the user encryption key. Queries received at each authentication and authorization server are authenticated by reconstructing the user encryption key using information transmitted in the clear and decrypting the query using both the reconstructed user encryption key and the secret key. The user identification data entered by the user is then compared with the user identification data in the encrypted buffer for further authentication. The profile code is analyzed for determining authorization.Type: ApplicationFiled: January 29, 2009Publication date: May 28, 2009Applicant: PALMSOURCE, INC.Inventors: Robert Lennie, Carl Chen, Gabe Dalbec
-
Publication number: 20090132826Abstract: A security system in which wireless transmitting security devices use a hybrid or dual encoding methodology, wherein a first part of a data message is encoded in a return-to-zero (RZ) format and a second part of the data message is encoded in a non-return-to-zero (NRZ) format, thereby increasing error detection and correction. In a first aspect of the invention, status information is included in the first part of the message and redundant status information is included in the second part of the message. In a second aspect of the invention, message sequence information is included in the second part of the message to avoid processing of stale or out-of-sequence messages.Type: ApplicationFiled: January 23, 2009Publication date: May 21, 2009Applicant: HONEYWELL INTERNATIONAL INC.Inventor: Thomas Schmit
-
Patent number: 7529937Abstract: A discovery secret is transmitted from the source domain to the correspondent domain. The discovery secret includes a data element specific to the correspondent domain and. The discovery secret includes a source domain address to which the correspondent domain is permitted send a message in order to determine that a potential correspondent has compatible secure email technology so that a link between the source domain and the correspondent domain may be established. The discovery secret is received by the correspondent domain including receiving the data element and the source domain address. An invitation is transmitted from the correspondent domain to the source domain address. The invitation includes the data element or an element corresponding to the data element. The source domain initiates a process to establish a link with the correspondent domain upon receipt by the source domain of the invitation.Type: GrantFiled: April 15, 2005Date of Patent: May 5, 2009Assignee: Microsoft CorporationInventors: Eric D. Tribble, Trevor W. Freeman
-
Patent number: 7529943Abstract: A network device constructs an outgoing resource reservation message and determines an authentication value, using, for example, a cryptographic algorithm and at least a portion of the outgoing message. The network device identifies a destination node for the message and inserts the authentication value in the message. The network device sends the message across a network to the destination node for authentication at the destination node using the authentication value.Type: GrantFiled: April 16, 2004Date of Patent: May 5, 2009Assignee: Juniper Networks, Inc.Inventor: Nurettin Burcak Beser