Patent application number | Description | Published |
20080235511 | DEVICE AUTHENTICATION AND SECURE CHANNEL MANAGEMENT FOR PEER-TO-PEER INITIATED COMMUNICATIONS - A method and system for providing secure access to a device initiating communications using a peer-to-peer signaling protocol, such as a SIP or H.323. In a device registration phase, the device contacts a secure access server, and authenticates to the secure access server by providing an identification, such as its factory ID. The secure access server then issues a device ID and private key to the authenticated device. A client can then initiate a further communication session and be authenticated by the secure access server. The secure access server returns the device identification and the device's public key to the client. The client and device can then perform a symmetrical key exchange for their current communication session, and can communicate with appropriate encryption. The device's private key can be set to expire after one or more uses. | 09-25-2008 |
20090024853 | METHOD, SYSTEM AND APPARATUS FOR ACCESSING A RESOURCE BASED ON DATA SUPPLIED BY A LOCAL USER - A method, comprising: acquiring candidate data in association with a request for accessing a resource, said candidate data comprising first data and second data; processing said first data with a first key in an attempt to effect decryption of said first data, thereby to obtain first processed data; processing the second data with a second key in an attempt to effect decryption of said second data, thereby to obtain second processed data; and granting said request if a pre-determined portion of said first processed data is derivable from said second processed data. The method may further comprise extracting from said first processed data a group identifier and said pre-determined portion of said first processed data, and effecting a comparison of said group identifier to a reference group identifier in order to conclude whether said first data has been successfully decrypted based on an outcome of said comparison. | 01-22-2009 |
20090159666 | Contact-less tag with signature, and applications thereof - A method, comprising: obtaining a signature from a contactlessly readable tag; decrypting the signature with a key to obtain (i) a candidate identifier and (ii) a scrambling code associated with the signature; and validating the candidate identifier based on at least one of the scrambling code and the signature. Also, a system, comprising: at least one tag reader configured to receive a plurality of signatures released by a respective plurality of tags, including a particular signature released by a particular one of the tags, and to cause decryption of the particular signature with a key to obtain (i) a candidate identifier, and (ii) a scrambling code associated with the signature; and a processing entity configured to effect validation of the candidate identifier based on at least one of the scrambling code and the signature. | 06-25-2009 |
20090160615 | Contact-less tag with signature, and applications thereof - A method which comprises generating a first signature by encoding an identifier with a first additional data set at a first time instant; responding to a first read request from a tag reader by releasing the first signature; generating a second signature by encoding the identifier with a second additional data set at a second time instant, the second additional data set being different from the first additional data set; and responding to a second read request by releasing the second signature. Also, a method which comprises obtaining a signature from a contactlessly readable tag; decrypting the signature with a key to obtain a candidate identifier and a scrambling code associated with the signature; and validating the candidate identifier based on at least one of the scrambling code and the signature. | 06-25-2009 |
20090160649 | Contact-less tag with signature, and applications thereof - An arrangement of goods, comprising: a plurality of units of an article, the units equipped with respective contactlessly readable tags; each of said tags comprising a respective memory configured to store a respective signature; the signatures stored in the memories of said tags appearing scrambled relative to one another when read by a reader. Also, a method, comprising: contactlessly reading a first signature from a first tag affixed to a first unit of an article; contactlessly reading a second signature from a second tag affixed to a second unit of the same article, the second signature appearing scrambled relative to the first signature; decrypting the first signature with a key to reveal (I) an identifier associated with the article and (II) a first scrambling code; and decrypting the second signature with the same key to reveal the same identifier and a second scrambling code different from the first scrambling code. | 06-25-2009 |
20090161872 | Contact-less tag with signature, and applications thereof - A method, comprising: receiving an encrypted signature from a tag associated with an item; determining a dynamic parameter; obtaining a key based at least in part on the dynamic parameter; decrypting the signature with the key to obtain an identifier; and performing an action related to identification of the item, based on the identifier. Also, a system, comprising: a tag reader configured to receive an encrypted signature from a tag associated with an item; and a processing entity configured to (i) determine a dynamic parameter; (ii) obtain a key based at least in part on the dynamic parameter; (iii) decrypt the signature with the key to obtain an identifier; and (iv) perform an action related to identification of the item, based on the identifier. | 06-25-2009 |
20090198997 | System and method for secure electronic communication services - A system, method and software module for secure electronic communication services, wherein a public key ( | 08-06-2009 |
20090216679 | METHOD AND SYSTEM FOR VALIDATING A DEVICE THAT USES A DYNAMIC IDENTIFIER - A method that comprises obtaining a currently received signature from a device; obtaining a candidate identifier associated with the device; consulting a database to obtain a set of previously received signatures associated with the candidate identifier; and validating the currently received signature based on a comparison of the currently received signature to the set of previously received signatures associated with the candidate identifier. Also, a method that comprises obtaining a currently received signature from a device; decrypting the currently received signature to obtain a candidate identifier; and a candidate scrambling code; consulting a database to obtain a set of previously received scrambling codes associated with the candidate identifier; and validating the currently received signature based on a comparison of the candidate scrambling code to the set of previously received scrambling codes associated with the candidate identifier. | 08-27-2009 |
20090240946 | DYNAMIC IDENTIFIER FOR USE IN IDENTIFICATION OF A DEVICE - A method for execution by a device, which comprises: generating a first signature by encrypting an identifier of the device together with first additional data; generating a second signature by encrypting the identifier of the device together with second additional data that is different from the first additional data; releasing the first signature to identify the device on a first occasion; and releasing the second signature to identify the device on a second occasion. Also, a device, which comprises: a memory storing an identifier of the device; a processing entity configured to generate a plurality of different signatures encoding the identifier and to store the signatures in the memory; and a transmit/receive entity configured to identify the device on respective occasions by releasing individual ones of the signatures. | 09-24-2009 |
20100076693 | METHOD TO EXTRACT TARGET SIGNALS OF A KNOWN TYPE FROM RAW DATA CONTAINING AN UNKNOWN NUMBER OF TARGET SIGNALS, INTEREFERENCE, AND NOISE - A signal analysis method extracts transient target signals of known type from a raw data source signal that contains an unknown number of target signals. The method can enhance the analysis of data obtained from in-line oil-debris sensors. The method comprises steps of: defining signatures of the known target signal, and of at least one of the intrinsic noise and interfering signals; performing a mathematical transform that decomposes the raw data into distinct data sets; using the signal signatures to identify and nullify the data sets containing noise and interfering signal signatures; using the target signal signatures to identify the data sets containing target signal components, or may further use a thresholding rule to remove intrinsic noise from said data sets, and finally applying the inverse transform to the processed data sets in order to reconstruct an enhanced output signal. | 03-25-2010 |
20100185865 | GENERATION OF COMMUNICATION DEVICE SIGNATURES FOR USE IN SECURING NOMADIC ELECTRONIC TRANSACTIONS - A method for execution in a communication device, which comprises accessing an identifier stored in a memory; receiving a first data set and a second data set over a first communication path; generating a first signature from the identifier and the first data set; generating a second signature from the identifier and the second data set; responding to a first request by releasing a first response including the first signature over a local communication path different from the first communication path; and responding to a subsequent request by releasing a second response including the second signature over the local communication path. | 07-22-2010 |
20100320269 | CONTACT-LESS TAG WITH SIGNATURE, AND APPLICATIONS THEREOF - A method, comprising: obtaining a signature from a contactlessly readable tag; decrypting the signature with a key to obtain (i) a candidate identifier and (ii) a scrambling code associated with the signature; and validating the candidate identifier based on at least one of the scrambling code and the signature. Also, a system, comprising: at least one tag reader configured to receive a plurality of signatures released by a respective plurality of tags, including a particular signature released by a particular one of the tags, and to cause decryption of the particular signature with a key to obtain (i) a candidate identifier, and (ii) a scrambling code associated with the signature; and a processing entity configured to effect validation of the candidate identifier based on at least one of the scrambling code and the signature. | 12-23-2010 |
20110038483 | SYSTEMS AND METHODS FOR SECURE MANAGEMENT OF PRESENCE INFORMATION FOR COMMUNICATION SERVICES - Systems and methods are provided for managing user information comprising presence information, wherein authentication of requesting parties is based on public-private key pair encryption and key Domain Name Service (kDNS) infrastructure. Thus, a response to a request for presence information may be dependent on the authentication status of the requesting party. Presence information stored on a presence server or other network element may be stored or updated upon receiving a request from a user which includes the requestors identify, and is signed with the private key of the requestor. After authentication of a user having a registered unique identifier and an associated public key, presence information may be stored or updated, in either encrypted or unencrypted form. Presence information is preferably stored with user specified policy information for managing access to the presence information by other users, e.g. what information may be shared with anonymous or unauthenticated other users, or with other specific authorized users, or authorized user groups. Advantageously, all communications between communication parties and network elements of the system are encrypted. A scalable and distributed system and method is provided for managing exchange of dynamic information, such as presence information, between users of communications and network services, with improved reliability, security, and personalization. Systems and methods are particularly applicable for securely managing exchange of presence information and other information for multiparty communications service and for peer-to-peer network services. | 02-17-2011 |
20110170581 | DISTRIBUTED DIGITAL SUBSCRIBER LINE ACCESS MULTIPLEXER - A distributed DSLAM, which comprises a head end subsystem located within a switching facility and a remote subsystem located outside of the switching facility. The head end subsystem is operative for routing streams of data from a data network to the remote subsystem over a communication link, while the remote subsystem is operative for transmitting over a set of local loops analog signals comprising digitally modulated versions of the data. Separating the routing and modem functionality between inside and outside plant facilities reduces heat dissipation in the outside plant, leading to increased reliability. Flow control can be performed in the upstream and downstream directions by transmitting portions of individual packets and withholding other portions of individual packets. This is done instead of withholding the transmission of entire packets. As a result, the perceived impact on video quality, for example, is lessened. | 07-14-2011 |
20110170696 | SYSTEM AND METHOD FOR SECURE ACCESS - The present invention provides a method and system for secure access to computer equipment. An embodiment includes a secure access controller connected to a link between a transceiver (such as a modem) and the computer equipment. Public and private keys are used by the secure access controller and a remote user. The keys are provided to the secure access controller by an authentication server. Once the transceiver establishes a communication link with the user, the access controller uses these keys to authenticate packets issued by the user to the computer equipment. If the packet is authenticated, the access controller passes the packet to the computer equipment. Otherwise, the packet is discarded. | 07-14-2011 |
20110231276 | METHODS FOR ACCESSING PAYABLE CONTENT USING SOCIAL NETWORKS - A social network server executes instructions to implement a method that comprises: establishing a connection to a payable content management server that stores a set of preview items corresponding to payable content items and a location element for each payable content item; rendering the preview items accessible to a computing appliance connected to the social network server; receiving an indication that a particular one of the preview items has been selected using the computing appliance; and forwarding to the computing appliance the location element for the payable content item corresponding to the selected preview item. The location element for the payable content item corresponding to the selected preview item comprises an address of (or a domain name routable to) a designated network entity operated by an organization with which an operator of the payable content management server or the payable content item server has an inter-organizational billing arrangement. | 09-22-2011 |
20110246780 | VALIDATION METHOD AND SYSTEM FOR USE IN SECURING NOMADIC ELECTRONIC TRANSACTIONS - A method involving a communication device, which comprises sending a request to a communication device; receiving a response from the communication device over a local communication path; deriving a received data set from said response; determining at least one data set that had been previously transmitted to the communication device over a wireless portion of a second communication path different from the local communication path; and validating the response based on the received data set and the at least one previously transmitted data set. | 10-06-2011 |
20120093505 | METHOD AND SYSTEM FOR SERVICE-BASED REGULATION OF TRAFFIC FLOW TO CUSTOMER PREMISES DEVICES - A method of regulating traffic flow to customer premises devices (CPDs) reachable via outside plant units (OPUs). The method comprises receiving first packets in a first traffic category via a first interface, the first packets being destined for respective CPDs; receiving second packets in a second traffic category via a second interface, the second packets being destined for respective CPDs; determining a destination OPU for each of the first and second packets. For each particular OPU that is the destination OPU for one or more packets, the packets are buffered and transmitted via an OPU interface for the particular OPU. The destination OPU for a particular packet is determined by identifying the OPU via which the CPD for which the particular packet is destined is reachable. Packet flow via the OPU interface is regulated by prioritizing transmission of first packets over transmission of second packets. | 04-19-2012 |
20120102322 | PROCESSING OF COMMUNICATION DEVICE SIGNATURES FOR USE IN SECURING NOMADIC ELECTRONIC TRANSACTIONS - A method for execution in a communication device, which comprises receiving a first data set and a second data set over a first communication path; receiving a series of requests over local communication path different from the first communication path; responding to a first one of the requests by releasing a first response including the first data set over the local communication path; and responding to a second one of the requests by releasing a second response including the second data set over the second communication path. | 04-26-2012 |
20120131611 | METHOD ANS SYSTEM FOR CONTROLLING MEDIA CONVEYANCE BY A DEVICE TO A USER BASED ON CURRENT LOCATION OF THE DEVICE - A method for execution by a customer premises receiver, comprising: receiving a signal that carries an original media stream; determining a location of the receiver; obtaining an identifier of an authorized region for the receiver; determining whether said location is contained within said authorized region; if said location is determined to be contained within said authorized region, outputting the original media stream for conveyance to a user; if said location is determined to not be contained within said authorized region, outputting a second media stream that is sufficiently corrupted relative to the original media stream as to degrade the user's viewing experience while being demonstrative of non-malfunctioning of the receiver. Also, a method, comprising a service provider releasing towards a plurality of customer premises receivers information regarding a respective geographic region within which each receiver is authorized to operate, wherein different geographic regions define coverage areas of different sizes. | 05-24-2012 |
20130212398 | METHOD AND SYSTEM FOR VALIDATING A DEVICE THAT USES A DYNAMIC IDENTIFIER - A method that comprises obtaining a currently received signature from a device; obtaining a candidate identifier associated with the device; consulting a database to obtain a set of previously received signatures associated with the candidate identifier; and validating the currently received signature based on a comparison of the currently received signature to the set of previously received signatures associated with the candidate identifier. Also, a method that comprises obtaining a currently received signature from a device; decrypting the currently received signature to obtain a candidate identifier; and a candidate scrambling code; consulting a database to obtain a set of previously received scrambling codes associated with the candidate identifier; and validating the currently received signature based on a comparison of the candidate scrambling code to the set of previously received scrambling codes associated with the candidate identifier. | 08-15-2013 |
20130318349 | PROCESSING OF COMMUNICATION DEVICE SIGNATURES FOR USE IN SECURING NOMADIC ELECTRONIC TRANSACTIONS - A method for execution in a communication device, which comprises receiving a first data set and a second data set over a first communication path; receiving a series of requests over local communication path different from the first communication path; responding to a first one of the requests by releasing a first response including the first data set over the local communication path; and responding to a second one of the requests by releasing a second response including the second data set over the second communication path. | 11-28-2013 |
20150069137 | CONTACT-LESS TAG WITH SIGNATURE, AND APPLICATIONS THEREOF - A method which comprises generating a first signature by encoding an identifier with a first additional data set at a first time instant; responding to a first read request from a tag reader by releasing the first signature; generating a second signature by encoding the identifier with a second additional data set at a second time instant, the second additional data set being different from the first additional data set; and responding to a second read request by releasing the second signature. Also, a method which comprises obtaining a signature from a contactlessly readable tag; decrypting the signature with a key to obtain a candidate identifier and a scrambling code associated with the signature; and validating the candidate identifier based on at least one of the scrambling code and the signature. | 03-12-2015 |