System Access Control Based On User Identification By Cryptography Patents (Class 713/182)
  • Patent number: 9098440
    Abstract: Methods and apparatus are provided, such as a memory card with a processor and nonvolatile memory coupled thereto. The nonvolatile memory has a secure area configured to store a user password and a serial number in encrypted form. The card is configured to grant access to the secure area when the card receives a password that matches the stored user password and the card is coupled to a system having the serial number.
    Type: Grant
    Filed: August 27, 2013
    Date of Patent: August 4, 2015
    Assignee: Micron Technology, Inc.
    Inventors: Petro Estakhri, Ngon Le
  • Patent number: 9092016
    Abstract: A validation module provides for the upgrading of a physical access control system (PACS) to full HSPD-12 compliance without requiring modification or replacement of the existing PACS. The validation module may contain all of the validation functionality required by federal specifications and technical requirements. The validation module may be installed between an existing PACS panel and a supported card/biometric reader. Readers may be selected based on assurance level requirements, e.g., contactless or contact readers for low and medium assurance level areas and full biometric readers for high assurance areas. The validation module may validate a card according to the assurance level setting, extract ID information from data on the card and then pass the ID information to the PACS panel for an access decision. Cardholder data captured by one validation module may be distributed to other validation modules of the PACS using a management station.
    Type: Grant
    Filed: November 9, 2012
    Date of Patent: July 28, 2015
    Assignee: Assa Abloy AB
    Inventor: John J. McGeachie
  • Patent number: 9092645
    Abstract: In one embodiment, the present disclosure provides a method that includes segmenting an n-bit exponent e into a first segment et and a number t of k-bit segments ei in response to a request to determine a modular exponentiation result R, wherein R is a modular exponentiation of a generator base g for the exponent e and a q-bit modulus m, wherein the generator base g equals two and k is based at least in part on a processor configured to determine the result R; iteratively determining a respective intermediate modular exponentiation result for each segment ei, wherein the determining comprises multiplication, exponentiation and a modular reduction of at least one of a multiplication result and an exponentiation result; and generating the modular exponentiation result R=ge mod m based on, at least in part, at least one respective intermediate modular exponentiation result.
    Type: Grant
    Filed: December 5, 2011
    Date of Patent: July 28, 2015
    Assignee: Intel Corporation
    Inventors: Erdinc Ozturk, Vinodh Gopal, Gilbert M. Wolrich, Wajdi K. Feghali, James D. Guilford, Deniz Karakoyunlu, Martin G. Dixon, Kahraman D. Akdemir
  • Patent number: 9083750
    Abstract: A computer-implemented method for authentication involves defining a level of trust required for access to a resource independently of any particular authentication mechanism or instance, determining levels of trust associated with a plurality of authentication instances, and selecting and combining two or more of the authentication instances to meet or exceed the required level of trust.
    Type: Grant
    Filed: July 15, 2013
    Date of Patent: July 14, 2015
    Assignee: SAP SE
    Inventors: Laurent Y. Gomez, Ivonne Scherfenberg
  • Patent number: 9083720
    Abstract: A message that a user is requesting an access to a resource is received. The access is associated with a requested access level and is granted if an access path exists between the user and the resource for the requested access level. In response to the message reception, a first identifier of the user, a second identifier of the resource, the requested access level, and a first value that represents that the access to the resource was requested is stored in a record. All access paths usable to determine whether the user is authorized to access the resource are identified. Another security object including a flag to represent its usage in authorizing access to the resources is received. A decision is made with respect to whether the received other security object was used within one of the identified access paths as a function of its flag value.
    Type: Grant
    Filed: August 26, 2010
    Date of Patent: July 14, 2015
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventors: Augustinus H. J. Bonnes, Hans Schoone
  • Patent number: 9069944
    Abstract: Disclosed embodiments include a method for receiving, at a configuration information server, an encrypted password associated with a configuration item, where the encrypted password is encrypted using an encryption key. The method further includes encrypting a decrypted password to generate a reencrypted password, where the decrypted password is derived from the encrypted password. The method further includes transmitting the reencrypted password to the configuration item and removing the decrypted password from the configuration information collection server.
    Type: Grant
    Filed: February 14, 2012
    Date of Patent: June 30, 2015
    Assignee: INTERNATIONAL BUSINESS MACHINES CORPORATION
    Inventor: Akira Ohkado
  • Patent number: 9063752
    Abstract: A security method for verifying a client device comprising: loading and executing a boot loader at the client device which establishes a connection to a boot compliance server; sending a first cryptographic element from the boot compliance server to the client device; generating a first cryptographic response with the first cryptographic element based on at least part of the boot loader and sending the first cryptographic response to the boot compliance server for verification; and continuing the boot process upon successful verification of the first cryptographic response.
    Type: Grant
    Filed: December 21, 2012
    Date of Patent: June 23, 2015
    Assignee: ARISTOCRAT TECHNOLOGIES AUSTRALIA PTY LIMITED
    Inventor: Nigel Martin Witty
  • Patent number: 9065807
    Abstract: A wireless communications system comprising a wireless communications unit. The wireless communications unit comprises a communications device, a back-end router, a cryptographic module connected to the back-end router, and a front-end router connected to the cryptographic module and the communications device. The communications device is configured to exchange information over a single wireless communications channel. The front-end router is configured to perform at least one of sending a first data packet received at the front-end router from the communications device to the back-end router through the cryptographic module and sending a second data packet received at the front-end router from the back-end router through the cryptographic module to the communications device.
    Type: Grant
    Filed: May 16, 2012
    Date of Patent: June 23, 2015
    Assignee: THE BOEING COMPANY
    Inventors: Ceilidh Hoffmann, Bruce A. Dike
  • Patent number: 9054919
    Abstract: Device pinning capabilities for cloud-based services and/or storage accounts are disclosed. In one aspect, embodiments of the present disclosure include a method, which may be implemented on a system, for authorizing synchronization of a synchronization client on a device with content associated with an account in the cloud-based service, responsive to determining that the device is on a list of devices that are authorized, and synchronizing the synchronization client on the device with the content associated with the account such that the content is also locally available for access on the device. The list of devices can be specific to and associated with devices for a user in the account and can be limited to an allowable number of devices for the account or a user associated with the account.
    Type: Grant
    Filed: June 11, 2012
    Date of Patent: June 9, 2015
    Assignee: Box, Inc.
    Inventors: Andy Kiang, Peter Rexer
  • Patent number: 9054873
    Abstract: The present invention relates to the field of securing electronic transactions and more specifically to systems to indicate and verify the approval of the risk level of a transaction and to systems for generating transaction risk level approval codes.
    Type: Grant
    Filed: February 24, 2014
    Date of Patent: June 9, 2015
    Assignee: VASCO DATA SECURITY, INC.
    Inventors: Frank Hoornaert, Dirk Marien
  • Patent number: 9054963
    Abstract: A container that manages access to protected resources using rules to intelligently manage them includes an environment having a set of software and configurations that are to be managed. A rule engine, which executes the rules, may be called reactively when software accesses protected resources. The engine uses a combination of embedded and configurable rules. It may be desirable to assign and manage rules per process, per resource (e.g. file, registry, etc.), and per user. Access rules may be altitude-specific access rules.
    Type: Grant
    Filed: July 7, 2014
    Date of Patent: June 9, 2015
    Assignee: Numecent Holdings, Inc.
    Inventors: Arthur S. Hitomi, Robert Tran, Peter J. Kammer, Doug Pfiffner, Huy Nguyen
  • Patent number: 9055096
    Abstract: Upon acquiring first data transmitted from an outside of a predetermined range in a network, an apparatus stores, in a memory, first information including transmission source and destination addresses of the first data. Upon acquiring second data addressed to an inside of the predetermined range and indicating predetermined communication data of service initiation, the apparatus extracts the first information including as the transmission source address a source address of the second data, and stores, in the memory, second information indicating a service initiation and including a destination address of the second data, in association with the first information. When the second information including as the transmission destination address a source address of the second data is stored in the memory and a destination address of the second data coincides with the transmission source address in the first information associated with the second information, the apparatus notifies detection of an attack.
    Type: Grant
    Filed: May 30, 2014
    Date of Patent: June 9, 2015
    Assignee: FUJITSU LIMITED
    Inventors: Masahiro Yamada, Masanobu Morinaga, Yuki Fujishima
  • Patent number: 9053313
    Abstract: A system and method for providing continued access to authentication and encryption services that includes a secure key store communicably coupled to a virtual smart card server. A virtual smart card driver is also provided and is communicably coupled to a virtual smart card secure hardware server. The virtual smart card driver communicates with an authentication client to authenticate a user, and access the user's private key stored in the secure key store when the user's physical smart card is unavailable. Continued access is provided when the user has been authenticated.
    Type: Grant
    Filed: May 27, 2011
    Date of Patent: June 9, 2015
    Assignee: Identive Group, Inc.
    Inventors: Jason Dean Hart, Matthew Patrick Herscovitch
  • Patent number: 9047489
    Abstract: Data may be masked on public networks, such as social networking sites. At a publishing node, the system may monitor data input fields in a webpage that are processed by an internet browser. The system may intercept data, such as text, images, and video input at the data input fields, prior to the data being posted online. The publishing node may control which users are permitted access to the posted data by defining a policy associated with the data input field. The posted data may be transformed or tokenized to ensure that it is inaccessible to a user (or group of users) unless that user/group has access to the decoding key under the policy. In this way, data security and data control may be provided to a publishing user node. Data that has already been posted may be destroyed, for example, by deleting the decryption key or a token.
    Type: Grant
    Filed: November 14, 2011
    Date of Patent: June 2, 2015
    Assignee: Wave Systems Corp.
    Inventors: Steven Sprague, Michael Sprague
  • Patent number: 9042549
    Abstract: Disclosed is a method for address privacy protection for a first wireless device sharing a privacy key with a second wireless device. In the method, a first resolution tag is generated at the first wireless device using a pseudo-random function with the seed value and the privacy key as input arguments. The privacy key is only known to the first and second wireless devices. A privacy address is generated for the first wireless device based on the seed value and the first resolution tag. A packet is transmitted from the first wireless device to the second wireless device. The packet includes the privacy address and the first resolution tag.
    Type: Grant
    Filed: March 30, 2009
    Date of Patent: May 26, 2015
    Assignee: Qualcomm Incorporated
    Inventors: Lu Xiao, Yong Jin Kim, Zhanfeng Jia, David Jonathan Julian
  • Patent number: 9043599
    Abstract: A method and authentication server provide a mobile key. According to the method, upon receipt of an authentication message (access authentication) that is transmitted when a subscriber logs on to the network, the authentication server extracts a subscriber identification contained in said message and generates a corresponding mobile key, which is stored together with the respective extracted subscriber identification. Upon subsequent receipt of a key request message (key request) that is transmitted when a subscriber registers, the authentication server extracts a mobile identification of the subscriber contained in said message and searches for an identical mobile identification, which can be derived in accordance with a configurable derivation function from a subscriber identification that is stored in the authentication server.
    Type: Grant
    Filed: October 31, 2006
    Date of Patent: May 26, 2015
    Assignee: SIEMENS AKTIENGESELLSCHAFT
    Inventors: Rainer Falk, Christian Günther, Dirk Kröselberg
  • Patent number: 9043059
    Abstract: There is provided a battery module including: a power storage unit storing power; a first authentication unit carrying out first authentication via a first authentication route; a second authentication unit carrying out second authentication via a second authentication route; and a discharging control unit controlling discharging from the power storage unit to an external appliance, wherein the first authentication unit is operable, when the first authentication has succeeded, to share key information to be used in the second authentication with an authentication party for the second authentication, the second authentication unit carries out the second authentication using the key information shared with the authentication party, and the discharging control unit is operable, when the second authentication has succeeded, to permit discharging from the power storage unit.
    Type: Grant
    Filed: April 22, 2011
    Date of Patent: May 26, 2015
    Assignee: SONY CORPORATION
    Inventors: Yoshihito Ishibashi, Shigeru Tajima, Daisuke Yamazaki, Masahiro Suzuki
  • Patent number: 9043400
    Abstract: As a user of a social networking system views a page that includes information provided by the system, certain types of social interactions are monitored. If an interaction monitored for is detected, at least one recommendation unit is identified to present to user on the page. The recommendation unit is identified based on a description of the interaction. The recommendation unit suggests that the user perform a social interaction in the social networking system. The recommendation unit is transmitted to a device of the user and is presented to the user on the page without having to reload the entire page.
    Type: Grant
    Filed: December 16, 2013
    Date of Patent: May 26, 2015
    Assignee: Facebook, Inc.
    Inventors: Yigal Dan Rubinstein, Srinivas P. Narayanan, Kent Schoen, Yanxin Shi, David Dawei Ye, Andrey Goder, Levy Klots, Robert Jin, Alexey Spiridonov
  • Patent number: 9043603
    Abstract: Digital rights management (DRM) can be effectively implemented through use of an anchor point and binding records within a user's anchor point domain. Assigning security levels to various components within an anchor point based DRM system and evaluating them against a security criterion provides additional protection against authorized access of the digital content. The content provider may specify the security criterion (e.g., a security level threshold), and the ability to use the digital content is denied or granted based on the ability of components to satisfy this criterion. For example, the ability to use a digital property instance is granted to a content handler that satisfies the security criterion and denied to a content handle that does not satisfy the security criterion.
    Type: Grant
    Filed: January 27, 2009
    Date of Patent: May 26, 2015
    Assignee: Seagate Technology LLC
    Inventor: Paul Marvin Sweazey
  • Patent number: 9043900
    Abstract: A display device is disclosed. The display device comprising: a display unit; a sensor unit; a storage unit; and a processor configured to: provide feedback for indicating a security on state of selected first information when selection input for selecting the first information in the security on state is detected, when a security off input for clearing security is detected in response to the feedback, obtain the fingerprint using the display unit, and convert the first information in the security on state into a security off state when the obtained fingerprint is matched with a pre-stored fingerprint, when a security maintenance input for maintaining security is detected in response to the feedback, maintain the security on state of the first information.
    Type: Grant
    Filed: March 24, 2014
    Date of Patent: May 26, 2015
    Assignee: LG Electronics Inc.
    Inventors: Jihwan Kim, Jongho Kim, Doyoung Lee, Yongsin Kim
  • Patent number: 9043610
    Abstract: A system comprises a basic-input-output-system (“BIOS”), a disk drive, and a security system configured to prevent unauthenticated access to the disk drive. For each of at least two users out of a plurality of users, the BIOS authenticates the user based on the user's token. The BIOS also accesses secured data based on the authentication, and provides the secured data to the security system without input from the user.
    Type: Grant
    Filed: July 7, 2008
    Date of Patent: May 26, 2015
    Assignee: Hewlett-Packard Development Company, L.P.
    Inventors: Lan Wang, Valiuddin Y. Ali, Manuel Novoa, Jennifer E. Rios
  • Patent number: 9043604
    Abstract: Keying materials used for providing security in a platform are securely provisioned both online and offline to devices in a remote platform. The secure provisioning of the keying materials is based on a revision of firmware installed in the platform.
    Type: Grant
    Filed: September 5, 2013
    Date of Patent: May 26, 2015
    Assignee: Intel Corporation
    Inventors: Ernest F. Brickell, Shay Gueron, Jiangtao Li, Carlos V. Rozas, Daniel Nemiroff, Vincent R. Scarlata, Uday R. Savagaonkar, Simon P. Johnson
  • Patent number: 9043210
    Abstract: A biometric voice command and control switching device has a microphone assembly for receiving a currently spoken challenge utterance and a reference utterance, and a voice processing circuit for creating electronic signals indicative thereof. The device further includes a memory for storing the electronic signals, and a processor for comparing the electronic signals to determine if there is a match. If there is a match, an interface circuit enables the operable control of the controlled device.
    Type: Grant
    Filed: October 2, 2012
    Date of Patent: May 26, 2015
    Assignee: Voice Security Systems, Inc.
    Inventors: Sherrie Adcock, Kent Robinson, Brad Clements, Mark Keith Brockelsby, William Keith Brockelsby
  • Publication number: 20150143129
    Abstract: A “Secure Mobile Identity System” that enables the creation of secure digital credentials on mobile devices, prevents identity theft, prevents fraudulent financial transactions, protects privacy, enables a simplified federation process and provides a consumer friendly “One Click Sign On”™ process. Also, the user's credentials are secure if his/her mobile device is lost or stolen.
    Type: Application
    Filed: November 15, 2013
    Publication date: May 21, 2015
    Inventor: Michael Thomas Duffy
  • Patent number: 9038139
    Abstract: In a Reverse Turing Test an applicant seeking access to a computer process is presented with an image containing human-readable data that is intended to be inaccessible to an automated process or bot. In an improved Reverse Turing Test the applicant is presented with multiple sub-images that have to be rearranged in order to yield the overall image. This does not substantially increase a human applicant's difficulty in dealing with the test, but makes it much more difficult for a bot to interpret the image.
    Type: Grant
    Filed: October 5, 2012
    Date of Patent: May 19, 2015
    Inventor: Michael J. Vandemar
  • Patent number: 9038167
    Abstract: This invention is directed to an electronic device with an embedded authentication system for restricting access to device resources. The authentication system may include one or more sensors operative to detect biometric information of a user. The sensors may be positioned in the device such that the sensors may detect appropriate biometric information as the user operates the device, without requiring the user to perform a step for providing the biometric information (e.g., embedding a fingerprint sensor in an input mechanism instead of providing a fingerprint sensor in a separate part of the device housing). In some embodiments, the authentication system may be operative to detect a visual or temporal pattern of inputs to authenticate a user. In response to authenticating, a user may access restricted files, applications (e.g., applications purchased by the user), or settings (e.g., application settings such as contacts or saved game profile).
    Type: Grant
    Filed: December 27, 2013
    Date of Patent: May 19, 2015
    Assignee: Apple Inc.
    Inventors: Anthony Fadell, Andrew Hodge, Stephan Schell, Ruben Caballero, Jesse Lee Dorogusker, Stephen Zadesky, Emery Sanford
  • Patent number: 9038164
    Abstract: An electronic device includes: display controller; user presence determination module; user authentication module; and controller. The user presence determination module determines presence of a user based on image data received from the camera while dominating access to a camera. The user authentication module dominates access to the camera, if the display is put in a screen lock state and to perform a user authentication based on the image data. The controller turns off the display if the user present determination module determines that the user is absent and while the display has not been put in the screen lock state, and to cause the user presence determination module to release the access to the camera and to put the display in the screen lock state before turning on the display if it is determined after the display is turned off that the user is present.
    Type: Grant
    Filed: November 19, 2012
    Date of Patent: May 19, 2015
    Assignee: Kabushiki Kaisha Toshiba
    Inventors: Tsukasa Nunami, Hideaki Andou, Yuuji Irimoto, Ryuhei Yokota
  • Patent number: 9038168
    Abstract: Described is a technology by which access to a resource is determined by evaluating a resource label of the resource against a user claim of an access request, according to policy decoupled from the resource. The resource may be a file, and the resource label may be obtained by classifying the file into classification properties, such that a change to the file may change its resource label, thereby changing which users have access to the file. The resource label-based access evaluation may be logically combined with a conventional ACL-based access evaluation to determine whether to grant or deny access to the resource.
    Type: Grant
    Filed: November 20, 2009
    Date of Patent: May 19, 2015
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Nir Ben-Zvi, Raja Pazhanivel Perumal, Anders Samuelsson, Jeffrey B. Hamblin, Ran Kalach, Ziquan Li, Matthias H. Wollnik, Clyde Law, Paul Adrian Oltean
  • Patent number: 9038191
    Abstract: Methods and apparatus are provided for providing a DRM service by a user terminal apparatus consuming DRM content in a service environment that provides the DRM content using a plurality of incompatible DRM systems. A license corresponding to the DRM content is acquired from a service providing apparatus that provides the DRM content. It is determined whether the license is a common license having a common DRM interface format. The common DRM interface format of the common license is converted to a format of a first DRM system installed in the user terminal apparatus, when the license is the common license. The license having the format of the first DRM system is applied in reproducing the DRM content. The common license is provided from the service providing apparatus to the user terminal apparatus through a common DRM interface when the service providing apparatus does not support the first DRM system.
    Type: Grant
    Filed: April 27, 2012
    Date of Patent: May 19, 2015
    Assignee: Samsung Electronics Co., Ltd
    Inventors: Sergey Nikolayevich Seleznev, Byung-Rae Lee, Bo-Gyeong Kang
  • Patent number: 9038195
    Abstract: Arrangements described herein relate to accessing a cloud based service. Responsive to a user of a first communication device initiating access to the cloud based service via the first communication device, a prompt for a valid password to be entered to access the cloud based service can be received by the first communication device. Responsive to the valid password required to access the cloud based service not being stored on the first communication device, the first communication device can automatically retrieve the valid password from a second communication device via a peer-to-peer ad hoc communication link between the first communication device and the second communication device. The valid password can be automatically provided, by the first communication device, to a login service for the cloud based service to obtain access by the first communication device to the cloud based service.
    Type: Grant
    Filed: March 15, 2013
    Date of Patent: May 19, 2015
    Assignee: Google Technology Holdings LLC
    Inventors: Ansuman Satpathy, Haitang Wang
  • Patent number: 9037864
    Abstract: A system and method for generating user authentication challenges based at least in part on an account owner's social network activity information. A login request including an account owner's correct username and password as well as additional login information is received from a user. The login attempt is detected as a potentially fraudulent based on the additional login information from the user. The account owner's social network activity information is analyzed. An authentication challenge based at least in part on the account owner's social network activity information is generated and sent for display. The login request is allowed or denied based on the completion on the authentication challenge.
    Type: Grant
    Filed: September 21, 2011
    Date of Patent: May 19, 2015
    Assignee: Google Inc.
    Inventors: Jessica Staddon, Andrew M. Archer, Madhukar Narayan Thakur, Michael Christopher Hearn
  • Patent number: 9032496
    Abstract: Systems and methods that provide secure single sign-on are described herein. When a user provides credentials to a client device, the credentials may be intercepted and cached at a secure location, such as within a trusted environment. When a client process, such as a remote desktop program running on the client device, requests the credentials for single sign-on to a server providing remote desktop services, the credentials may be secured, such as within an opaque container that may be accessed only components running in trusted environments, and provided to the client process. The client process may be running in an untrusted environment, such as an operating system session. The client device may forward the secured credentials to a trusted environment in the server, effectuating single sign-on.
    Type: Grant
    Filed: February 28, 2012
    Date of Patent: May 12, 2015
    Assignee: Citrix Systems, Inc.
    Inventor: Virgiliu Mocanu
  • Patent number: 9032534
    Abstract: A system administrator of a wireless LAN 100 manipulates a personal computer PC1 to change a WEP key. The personal computer PC1 authenticates a memory card MC as genuine under management of the system administrator. In the case of the authenticated memory card MC, changed setting information, as well as a previous WEP key before the change of the setting information, is written into the memory card MC. The system administrator then inserts this memory card MC into a memory card slot of a printer PRT1. The printer PRT1 authenticates the memory card MC as genuine under management of the system administrator. In the case of the authenticated memory card MC, the setting information is updated. This arrangement effectively relieves the user's workload in setting wireless communication devices, while ensuring the sufficiently high security.
    Type: Grant
    Filed: December 21, 2004
    Date of Patent: May 12, 2015
    Assignee: Seiko Epson Corporation
    Inventor: Katsuyuki Koga
  • Patent number: 9032493
    Abstract: A three-way trust relationship is established between a mobile device, Internet-connected vehicle system, and a cloud-based service. Access rights are granted to the mobile device from the vehicle system, such that the mobile device can securely connect to, and obtain status information and/or control the Internet-connected vehicle system, through the cloud-based service.
    Type: Grant
    Filed: March 31, 2011
    Date of Patent: May 12, 2015
    Assignee: Intel Corporation
    Inventors: Victor B. Lortz, Anand P. Rangarajan, Somya Rathi, Vijay Sarathi Kesavan
  • Patent number: 9031536
    Abstract: The invention is directed to systems and methods for detecting the loss, theft or unauthorized use of a device and/or altering the functionality of the device in response. In one embodiment, a device monitors its use, its local environment, and/or its operating context to determine that the device is no longer within the control of an authorized user. The device may receive communications or generate an internal signal altering its functionality, such as instructing the device to enter a restricted use mode, a surveillance mode, to provide instructions to return the device and/or to prevent unauthorized use or unauthorized access to data. Additional embodiments also address methods and systems for gathering forensic data regarding an unauthorized user to assist in locating the unauthorized user and/or the device.
    Type: Grant
    Filed: April 2, 2008
    Date of Patent: May 12, 2015
    Assignee: Yougetitback Limited
    Inventors: William Fitzgerald, Peter Bermingham, Frank Hannigan, Paul Prendergast
  • Patent number: 9032508
    Abstract: A pattern password trajectory configuration system used in an electronic device with a graphics input interface and a method using the same are provided. The disclosed pattern password trajectory configuration system includes a central processing module, a pattern defining module electronically connected the central processing module for defining the graphics input interface into a central block and multiple blocks neighboring the central block and assigning different data codes to the different blocks neighboring the central block, a sliding direction defining module electronically connected to the central processing module for assigning different prime numbers to define different sliding directions moving along the blocks neighboring the central block, and a touch sequence defining module electronically connected to the central processing module for counting and recording touch sequences of sliding among the blocks neighboring the central block.
    Type: Grant
    Filed: June 12, 2013
    Date of Patent: May 12, 2015
    Assignee: Yankey Information Co., Ltd.
    Inventor: Chun-Yu Chu
  • Patent number: 9032215
    Abstract: Management of access control in wireless networks known as smart spaces includes a framework that presents non-expert users with a consistent and intuitive interaction mechanism to manage access to devices they own in the smart space without exposing to them the complexity of the underlying security infrastructure. Access control of devices in a network can include providing an interface between a user-level tool on a first device connected to a network and security components associated with the network, communicating a passlet between the user-level tool and the interface, verifying access permission at a second device on the network where access permissions are based on the passlet, and providing a response to the first device based on the verification of the access permission in the passlet. The passlet provides access permissions based on a particular user rather than a particular device.
    Type: Grant
    Filed: June 15, 2005
    Date of Patent: May 12, 2015
    Assignee: Nokia Corporation
    Inventors: Dimitris Kalofonos, Saad Shakhshir
  • Patent number: 9027126
    Abstract: A cyber fraud phish baiting system for baiting a phishing website is disclosed. The cyber fraud phish baiting system is configured to store a plurality of URLs in a database and enter each of the URLs into a browser to view internet resources linked to the URLs. It is configured to scan the internet resources for information requests, obtain information responsive to the information requests from a database, enter responsive information into the information requests, and store the information requests and the responsive information entered into the information requests for each of the URLs. The internet resource may be a phishing website, and fake information is entered into the information requests.
    Type: Grant
    Filed: September 6, 2012
    Date of Patent: May 5, 2015
    Assignee: Bank of America Corporation
    Inventor: Joshua Enoch Larkins
  • Patent number: 9027150
    Abstract: A system for integrating modules of computer code may include a sandbox validator for receiving a first module and verifying that the first module complies with one or more sandbox constraints. A computing device may execute the first module within a runtime environment. A module integrator may operate within the runtime environment for receiving a request from the first module to access a service provided by a second module and only allowing the first module to access the service when the first module is authorized to access the service according to a service authorization table. The sandbox validator may ensure the first module correctly identifies itself when requesting a service provide by another module and that the first module includes runtime policing functions for non-deterministic operations. A service authorizer may generate an authorization policy for the first module, which is sent to the computing device along with the first module.
    Type: Grant
    Filed: October 25, 2013
    Date of Patent: May 5, 2015
    Assignee: Guest Tek Interactive Entertainment Ltd.
    Inventor: Gary R. Court
  • Patent number: 9027119
    Abstract: An apparatus and method are disclosed for determining authentication frequency (i.e., the length of time between authenticating and re-authenticating a user) and challenge type (e.g., username/password, fingerprint recognition, voice recognition, etc.) based on what software applications a user is running on a data-processing system, and how those applications are being used (e.g., what functions are used, what data is input to or output by the application, how often and for how long applications are used, what input devices and output devices are used, etc.) Advantageously, the illustrative embodiment enables authentication frequency and challenge type to be adjusted based on the likelihood of malicious activity and/or the potential cost of malicious activity, as inferred from current and past application usage. In addition, the illustrative embodiment enables selection of an authentication challenge type that is less intrusive to a user based on current application usage.
    Type: Grant
    Filed: September 29, 2008
    Date of Patent: May 5, 2015
    Assignee: Avaya Inc.
    Inventors: Jon Louis Bentley, George William Erhart, Lawrence O'Gorman, Michael J. Sammon, David Joseph Skiba
  • Patent number: 9026805
    Abstract: Described herein are techniques for distributed key management (DKM) in cooperation with Trusted Platform Modules (TPMs). The use of TPMs strengthens the storage and processing security surrounding management of distributed keys. DKM-managed secret keys are not persistently stored in clear form. In effect, the TPMs of participating DKM nodes provide security for DKM keys, and a DKM key, once decrypted with a TPM, is available to be used from memory for ordinary cryptographic operations to encrypt and decrypt user data. TPM public keys can be used to determine the set of trusted nodes to which TPM-encrypted secret keys can be distributed.
    Type: Grant
    Filed: December 30, 2010
    Date of Patent: May 5, 2015
    Assignee: Microsoft Technology Licensing, LLC
    Inventors: Tolga Acar, Brian LaMacchia, Henry Jerez Morales, Lan Duy Nguyen, David Robinson, Talha Bin Tariq
  • Patent number: 9026806
    Abstract: A security device and a method provide a cryptographic key for a field device. The security device is connected to at least one tamper sensor which is associated with the field device and which, when a physical manipulation carried out on the field device is detected, a manipulation message is emitted. The cryptographic key is only provided to the field device by the security device if the security device does not receive a manipulation message from the tamper sensors associated with the field device.
    Type: Grant
    Filed: December 15, 2011
    Date of Patent: May 5, 2015
    Assignee: Siemens Aktiengesellschaft
    Inventors: Rainer Falk, Steffen Fries
  • Patent number: 9026798
    Abstract: Computer login may comprise any user-determined submission. A user may select among different devices for input, select the signal content, and as well select the types of signals used for a login signature. Account identification may be inferred by signature rather than explicitly stated. A plurality of discontiguous data blocks in a plurality of files may be employed for validation. The paths to data used in validation may be multifarious, regardless of the prospects for successful authorization.
    Type: Grant
    Filed: April 22, 2013
    Date of Patent: May 5, 2015
    Inventor: Gary Odom
  • Patent number: 9027084
    Abstract: The present invention provides methods and apparatuses that utilize a portable apparatus to securely operate a host electronic device. Typically, each portable apparatus includes a data storage unit which stores an operating system and other software. In one example, a portable apparatus can provide a virtual operating environment on top of a host's operating system for a host device. In another example, a portable apparatus containing its operating system can directly boot a host device with one or more hardware profiles. Furthermore, a device-dependent protection against software piracy, a user-dependent protection against sensitive data leaks, a controllable host operating environment to prevent unwanted information exposure, and a secure restoration procedure to prevent virus infection between the host device users may be incorporated. Moreover, an authorization signature may also be utilized to authorize a connected-state guest operation environment in the host device.
    Type: Grant
    Filed: July 10, 2012
    Date of Patent: May 5, 2015
    Inventor: Evan S. Huang
  • Patent number: 9027086
    Abstract: A method for connecting to a trust broker system is disclosed. The electronic device stores encrypted identifying information for a plurality of client systems authorized to interact with the server system, wherein the encrypted identifying information is changed per client system per session. The electronic device creates a plurality of virtual domains; each virtual domain representing a set of services and information distinct from the other virtual domains. The electronic device stores permissions associated with each respective client system in the plurality of client system. The electronic device receives a request from a first client system, including encrypted identifying information associated with the first client system, for information associated with a first virtual domain and then retrieves stored permissions of the first client system based on the encrypted identifying information.
    Type: Grant
    Filed: March 11, 2013
    Date of Patent: May 5, 2015
    Assignee: Vidder, Inc.
    Inventors: Junaid Islam, Brent Bilger, Ted Schroeder
  • Patent number: 9025769
    Abstract: A method for registering a Smartphone when accessing security authentication device and a method for access authentication of a registered Smartphone are provided. When a Smartphone based application searches for a device and attempts an access to the found device, the search and access for the device is limited according to a result of authentication using an activation code.
    Type: Grant
    Filed: August 3, 2011
    Date of Patent: May 5, 2015
    Assignee: Suprema Inc.
    Inventors: Yeon Gil Choi, Seong Jik Lee, Jae Won Lee
  • Patent number: 9021602
    Abstract: An apparatus and method for encoding and decoding additional information into a digital information in an integral manner. More particularly, the invention relates to a method and device for data protection.
    Type: Grant
    Filed: March 11, 2013
    Date of Patent: April 28, 2015
    Inventor: Scott A. Moskowitz
  • Patent number: 9021600
    Abstract: Disclosed herein is an improved (digital) supply chain (ISC) product. The disclosure covers a simple explanation of the improved supply chain as a service business model, a review of key digital cinema (D-Cinema) topics, a description of the Digital Cinema supply chain, and finally, a description of the improved supply chain product and process.
    Type: Grant
    Filed: January 6, 2014
    Date of Patent: April 28, 2015
    Assignee: Flix Innovations Ltd.
    Inventor: Kenneth Phelan
  • Patent number: 9015478
    Abstract: Preventing web crawler access includes receiving a request for a webpage that includes web content that is to be protected from a web crawler, encrypting the web content to be protected to generate encrypted content and responding to the request, including sending the encrypted content and a decryption instruction. The decryption instruction is configured to allow a web browser to decrypt the encrypted content.
    Type: Grant
    Filed: February 27, 2014
    Date of Patent: April 21, 2015
    Assignee: Alibaba Group Holding Limited
    Inventor: Ling He
  • Patent number: 9015491
    Abstract: A method and apparatus is provided for managing private data, such as a phone book, in a multifunction peripheral (MFP) used by multiple users. The method involves receiving user information and performing user authentication, and reading data stored in a user area allocated to the authenticated user in a storage unit divided into a number of user areas. Accordingly, when private data is managed in an MFP used by multiple users, by dividing a storage unit in which data is stored into a number of user areas, allocating the divided user areas to users, and allowing a user to access only a user area allocated to the user through an authentication process, the private data can be fully prevented from being accessed by other users, and it will be unlikely for a user to be confused because of other user data.
    Type: Grant
    Filed: July 27, 2006
    Date of Patent: April 21, 2015
    Assignee: Samsung Electronics Co., Ltd.
    Inventor: Eun-Young Jung