DOCSLIB.ORG

(12) United States Patent (10) Patent No.: US 9,369.469 B2 Gregg Et Al

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
(12) United States Patent (10) Patent No.: US 9,369.469 B2 Gregg Et Al USOO9369469B2 (12) United States Patent (10) Patent No.: US 9,369.469 B2 Gregg et al. (45) Date of Patent: *Jun. 14, 2016 (54) METHOD FORMANAGING ACCESS TO USPC .............................................................. 726/4 PROTECTED COMPUTER RESOURCES See application file for complete search history. (71) Applicant: PRISM TECHNOLOGIES LLC, (56) References Cited Omaha, NE (US) (72) Inventors: Richard L. Gregg, Elkhorn, NE (US); U.S. PATENT DOCUMENTS Sandeep Giri, San Francisco, CA (US); 4,446,519 A 5/1984 Thomas Timothy C. Goeke, Elkhorn, NE (US) 4,471,163 A 9, 1984 Donald et al. (73) Assignee: PRISM TECHNOLOGIES, L.L.C., (Continued) Omaha, NE (US) FOREIGN PATENT DOCUMENTS (*) Notice: Subject to any disclaimer, the term of this patent is extended or adjusted under 35 EP O 268 141 A2 5, 1988 U.S.C. 154(b) by 0 days. EP O 456920 A2 4f1990 This patent is Subject to a terminal dis (Continued) claimer. OTHER PUBLICATIONS (21) Appl. No.: 14/549,943 Defendants' Joint Invalidity Contentions and Joint Supplemental (22) Filed: Nov. 21, 2014 Answer and Objections to Plaintiffs Interrogatory No. 4; Prism (65) Prior Publication Data Technologies LLC v. Verisign, Inc., et al.: Civil Action No. 05-214 US 2015/OO82392 A1 Mar. 19, 2015 JJF; Sep. 5, 2006; 118 pages. Related U.S. Application Data (Continued) (63) Continuation of application No. 13/752,036, filed on Primary Examiner — Kambiz Zand Jan. 28, 2013, now Pat. No. 8,898,746, which is a Assistant Examiner — Aubrey Wyszynski continuation of application No. 12/944,473, filed on Nov. 11, 2010, now Pat. No. 8,387,155, which is a (74) Attorney, Agent, or Firm — Martin & Ferraro, LLP (57) ABSTRACT (Continued) A system for securing and tracking usage of transaction Ser (51) Int. C. vices or computer resources by a client computer from a first H04L 29/06 (2006.01) server computer, which includes clearinghouse means for G06F2L/44 (2013.01) storing identity data of the first server computer and the client G06F 2/33 (2013.01) computer(s); server software means and client Software (52) U.S. C. means adapted to forward its identity data and identity data of CPC .............. H04L 63/10 (2013.01); G06F 2 1/335 the client computer(s) to the clearinghouse means at the (2013.01); G06F 2 1/44 (2013.01); H04L 63/08 beginning of an operating session; and a hardware key con (2013.01); nected to the client computer, the key being adapted to gen (Continued) erate a digital identification as part of the identity data; wherein the hardware key is implemented using a hardware (58) Field of Classification Search token access system, a magnetic card access system, a Smart CPC .......... G06F 21/335; G06F 2221/2101; G06F card access system, a biometric identification access system 222 1/2129; G06F 2221/2135; G06F or a central processing unit with a unique embedded digital 222 1/2141; G06F 222 1/2149; G06F 21/44; identification. H04L 63/08; H04L 63/0823; H04L 63/0853; H04L 63/10; HO4L 2463/102 55 Claims, 27 Drawing Sheets SArf CSN E8 ACCCU ALESE ER webserver objectSER BROWSER OG-NCAA SSSIONMANAGER US 9,369.469 B2 Page 2 Related U.S. Application Data 5,237,614 8, 1993 Weiss 5,239,583 8, 1993 Parrillo continuation of application No. 1 1/978,919, filed on 5,241,606 8, 1993 Horie Oct. 30, 2007, now Pat. No. 8,127,345, which is a 5,247,575 9, 1993 Sprague et al. 5,249,230 9, 1993 Mihm continuation of application No. 10/230,638, filed on 5,251,259 10, 1993 Mosley Aug. 29, 2002, now Pat. No. 7,290,288, which is a 5,260,999 11, 1993 Wyman continuation-in-part of application No. 08/872,710, 5,265,162 11, 1993 Bush et al. filed on Jun. 11, 1997, now Pat. No. 6,516,416. 5,276,314 1, 1994 Martino et al. 5,291,598 3, 1994 Grundy (52) U.S. C. 5,315,657 5, 1994 Abadi et al. CPC ........ H04L 63/0823 (2013.01); H04L 63/0853 5,321,242 6, 1994 Heath, Jr. 5,325,442 6, 1994 Knapp (2013.01); G06F 222 1/2101 (2013.01); G06F 5,329,573 T/1994 Chang 222 1/2129 (2013.01); G06F222 1/2135 5,337,357 8, 1994 Chou et al. (2013.01); G06F 222 1/2141 (2013.01); G06F 5,343,529 8, 1994 Goldfine et al. 222 1/2149 (2013.01); H04L 2463/102 5,347,580 9, 1994 Molva et al. (2013.01) 5,349,642 9, 1994 Kingdon 5,349,643 9, 1994 Cox et al. References Cited 5,351,303 9, 1994 Willmore (56) 5,357,573 10, 1994 Walters 5,371,794 12, 1994 Diffie et al. U.S. PATENT DOCUMENTS 5,373,561 12, 1994 Haber et al. 5,375,240 12, 1994 Grundy 4,652,990 A 3, 1987 Paillen et al. 5,379,343 1/1995 Grube et al. 4,658,093 A 4, 1987 Hellman 5,412,654 5, 1995 Perkins 4,685,055 A 8, 1987 Thomas 5,414,844 5, 1995 Wang 4,691.355 A 9, 1987 WirStrom et al. 5,416,842 5, 1995 Aziz 4,694,492 A 9, 1987 WirStrom et al. 5,428,745 6, 1995 De Bruijn et al. 4,723,284 A 2f1988 Munck et al. 5,442,708 8, 1995 Adams, Jr. et al. 4,748,561 A 5, 1988 Brown 5,444,782 8, 1995 Adams, Jr. et al. 4,796,220 A 1, 1989 Wolfe 5,455,953 10, 1995 Russell 4,821,118 A 4, 1989 Lafreniere 5,481,611 1, 1996 Owens et al. 4,837,422 A 6, 1989 Dethloff et al. 5483,596 1, 1996 Rosenow et al. 4,864,494. A 9, 1989 Kobus, Jr. 5,485.409 1, 1996 Gupta et al. 4,866,769 A 9/1989 Karp 5.490,216 2, 1996 Richardson, III 4.885,789 A 12/1989 Burger et al. 5,491,804 2, 1996 Heath et al. 4,907,268 A 3, 1990 Bosen et al. 5,497,421 3, 1996 Kaufman et al. 4,916,691 A 4, 1990 Goodman et al. 5.499.297 3, 1996 Boebert 4,916,738 A 4, 1990 Chandra et al. 5,502,766 3, 1996 Boebert et al. 4,932,054 A 6, 1990 Chou et al. 5,502,831 3, 1996 Grube et al. 4,935,962 A 6, 1990 Austin 5,509,070 4, 1996 Schull 4,962,449 A 10/1990 Schlesinger 5,511,122 4, 1996 Atkinson 4,977,594 A 12, 1990 Shear 5,513,261 4, 1996 Maher 4,993,068 A 2f1991 Piosenka et al. 5,534,855 T/1996 Shockley et al. 4,995,086 A 2/1991 Lilley et al. 5,535,276 T/1996 Ganesan 4,998.279 A 3, 1991 Weiss 5,539,828 T/1996 Davis 4,999,806 A 3, 1991 Chernow et al. 5,542,046 T/1996 Carlson et al. 5,023,907 A 6, 1991 Johnson et al. 5,544,322 8, 1996 Cheng et al. 5,032.979 A 7, 1991 Hecht et al. 5,546.463 8, 1996 Caputo et al. 5,048,085 A 9, 1991 Abraham et al. 5,550,896 8, 1996 Chavez, Jr. 5,054,089 A 10, 1991 Uchida et al. 5,572,673 11, 1996 Shurts 5,060,263. A 10, 1991 Bosen et al. 5,577,209 11, 1996 Boyle et al. 5,081,676 A 1/1992 Chou et al. 5,586,260 12, 1996 Hu 5,091,942 A 2, 1992 Dent 5,588,059 12, 1996 Chandos et al. 5,095,194 A 3, 1992 Barbanell 5,590,133 12, 1996 Billstrom 5,103,476 A 4, 1992 Waite et al. 5,590, 197 12, 1996 Chen et al. 5,109,427 A 4/1992 Yang 5,590,199 12, 1996 Krajewski, Jr. et al. 5,109,428 A 4, 1992 Igaki et al. 5,592,553 1/1997 Guski et al. 5,113,499 A 5/1992 Ankney et al. 5,604.804 2, 1997 Micali 5,138,712 A 8, 1992 Corbin 5,606,615 2, 1997 Lapointe et al. 5,144,680 A 9/1992 Kobayashi et al. 5,613,012 3, 1997 Hoffman 5,146,102 A 9/1992 Higuchi et al. 5,615,277 3, 1997 Hoffman 5,146,499 A 9, 1992 Geffrotin 5,623,637 4, 1997 Jones et al. 5,153,919 A 10/1992 Reeds, III et al. 5,629,980 5, 1997 Stefik et al. 5,163,147 A 11, 1992 Orita 5,634,012 5, 1997 Stefik et al. 5,168,520 A 12, 1992 Weiss 5,649,099 7/1997 Theimer et al. 5, 180,901 A 1/1993 Hiramatsu 5,655.077 8, 1997 Jones et al. 5, 182,770 A 1/1993 Medveczky et al. 5,657,390 8, 1997 Elgamal et al. 5, 199,066 A 3/1993 Logan 8, 1997 Sudia 5,204,961 A 4, 1993 Barlow 5,659,616 5,210,588 A 5, 1993 Lee 5,666,411 9, 1997 McCarty 5,210,797 A 5, 1993 USui et al. 5,666,416 9, 1997 Micali 5,222, 133 A 6, 1993 Chou et al. 5,677,953 10, 1997 Dolphin 5,222,134 A 6, 1993 Waite et al. 5,677,955 10, 1997 Doggett et al. 5,222,152 A 6, 1993 Fishbine et al.
Load more

Recommended publications
  • (12) United States Patent (10) Patent No.: US 8,387,155 B2 Gregg Et Al
    US008.387155B2 (12) United States Patent (10) Patent No.: US 8,387,155 B2 Gregg et al. (45) Date of Patent: *Feb. 26, 2013 (54) SYSTEM FORMANAGING ACCESS TO (56) References Cited PROTECTED COMPUTER RESOURCES U.S. PATENT DOCUMENTS (75) Inventors: Richard L. Gregg, Elkhorn, NE (US); 4,446,519 A 5/1984 Thomas Sandeep Giri, Omaha, NE (US); (Continued) Timothy C. Goeke, Elkhorn, NE (US) FOREIGN PATENT DOCUMENTS EP O 636963 A2 2, 1995 (73) Assignee: Prism Technologies LLC, Omaha, NE EP 0 762261 A2 9, 1996 (US) (Continued) OTHER PUBLICATIONS (*) Notice: Subject to any disclaimer, the term of this In the Matter of Certain Authentication Systems, Including Software patent is extended or adjusted under 35 and Handheld Electronic Devices; Investigation No. 337-TA-697; U.S.C. 154(b) by 0 days. Verified Complaint Under Section 337 of the Tariff Act of 1930. As Amended; 26 pages; Exhibit 2, 11 pages; Exhibit 3.31 pages; Exhibit This patent is Subject to a terminal dis 4.31 pages; Exhibit 5, 1 page; Exhibit 6;4 pages; Exhibit 7.31 pages; claimer. Exhibit 8, 2 pages; Exhibit 9, 92 pages; Exhibit 10, 4 pages; Exhibit 11, 92 pages; Exhibit 12, 56 pages; Exhibit 13, 17 pages; Exhibit 26, (21) Appl. No.: 12/944,473 2 pages; Exhibit 29, 10 pages; Exhibit 30, 1 page; Exhibit 31, 1 page; Exhibit32, 4 pages; Exhibit 34, 19 pages; Exhibit 35.3 pages; Exhibit 36, 1 page; Exhibit 37; 169 pages; Letter Submiting Verified Com (22) Filed: Nov. 11, 2010 plaint to the International Trade Comission; 2 pages; Letter Request ing Confidential Treatment of Exhibits; 2 pages; Dec.
    [Show full text]
  • (12) United States Patent (10) Patent No.: US 8,127,345 B2 Gregg Et Al
    US008127345B2 (12) United States Patent (10) Patent No.: US 8,127,345 B2 Gregg et al. (45) Date of Patent: *Feb. 28, 2012 (54) METHOD AND SYSTEM FOR MANAGING (56) References Cited ACCESS TO PROTECTED COMPUTER RESOURCES PROVIDED VIA AN INTERNET U.S. PATENT DOCUMENTS PROTOCOL NETWORK 4,691.355 A 9, 1987 WirStrom et al. (Continued) (75) Inventors: Richard L. Gregg, Elkhorn, NE (US); Sandeep Giri, Omaha, NE (US); FOREIGN PATENT DOCUMENTS Timothy C. Goeke, Elkhorn, NE (US) EP 941 11581.8 2, 1995 (Continued) (73) Assignee: Prism Technologies LLC, Omaha, NE (US) OTHER PUBLICATIONS (*) Notice: Subject to any disclaimer, the term of this Prism Technologies LLC., v. Verisign, Inc., et al.: Civil Action No. patent is extended or adjusted under 35 05-214 JJF: Defendants' Second Supplemental Joint 35 U.S.C. S. 282 U.S.C. 154(b) by 585 days. Notice; Mar. 12, 2007; 7 pages; Exhibit A. pp. 1-80. This patent is Subject to a terminal dis (Continued) claimer. Primary Examiner — Kambiz Zand Appl. No.: 11/978,919 Assistant Examiner — Aubrey Wyszynski (21) (74) Attorney, Agent, or Firm — Martin & Ferraro, LLP Filed: Oct. 30, 2007 (22) (57) ABSTRACT (65) Prior Publication Data A method and system for controlling access, by an authenti US 2008/OO66168 A1 Mar. 13, 2008 cation server, to protected computer resources provided via an Internet Protocol network that includes storing (i) a digital Related U.S. Application Data identification associated with at least one client computer device, and (ii) data associated with the protected computer (63) Continuation of application No.
    [Show full text]
  • Public Key Infrastructure
    Ecole d’Ingénieurs de Genève laboratoire de transmission de données Public Key Infrastructure Etudiant : Denis Cotte Professeur : Mr Gérald Litzistorf Projet réalisé en collaboration avec e-Xpert solutions 04/12/2001 4, rue de la Prairie tél. 022 338 04 00 eig 1202 Genève fax 022 338 04 10 [email protected] Ecole d'ingénieurs - hes Genève Département des technologies Candidat . En collaboration avec . de l'information M. COTTE Denis e-Xpert Solutions SA Session d'automne 2001 Filière informatique Professeur : M. Gérald Litzistorf Diplôme en transmission de données Infrastructure à clé publique Description : Une infrastructure à clé publique (Public Key Infrastructure) crée un espace de confiance qui permet de gérer tous les aspects de sécurité : authentification des utilisateurs et des entités techniques, confidentialité, intégrité des données et non répudiation des transactions. Elle est constituée par des services de génération et de diffusion des certificats numériques (sorte de carte d'identité virtuelle) et des clés nécessaires au chiffrement et au déchiffrement. Ce travail se décompose selon les étapes décrites ci-dessous. Travail demandé au candidat : Le candidat commencera par étudier les différents protocoles, procédures et formats présents dans une infrastructure à clé publique pour délivrer un certificat, le publier, le bloquer et tester sa validité : · Public Key Cryptography Standard · Simple Certificate Enrolment Protocol · Certificate Management Protocol · Certificate Revocation List · Online Certificate Status Protocol La mise en œuvre sera basée sur l’autorité de certification Keon Certificate Authority 5.7 de RSA (compatible NT4 serveur) et divers composants du laboratoire : serveur SSL, modules IPSec (Checkpoint - Cisco) et cartes à puce.
    [Show full text]
  • Black Tulip Report of the Investigation Into the Diginotar Certificate Authority Breach
    Black Tulip Report of the investigation into the DigiNotar Certificate Authority breach Classification PUBLIC Customer Ministry of the Interior and Kingdom Relations Project no./Ref. no. PR-110202 Date 13 August 2012 Version 1.0 Team Hans Hoogstraaten (Team leader) Ronald Prins (CEO) Daniël Niggebrugge Danny Heppener Frank Groenewegen Janna Wettinck Kevin Strooy Pascal Arends Paul Pols Robbert Kouprie Steffen Moorrees Xander van Pelt Yun Zheng Hu Business Unit Cybercrime Pages 101 WARNING Misuse of this document or any of its information is prohibited and will be prosecuted to the maximum penalty possible. Fox-IT cannot be held responsible for any misconduct or malicious use of this document by a third party or damage caused by any information this document contains. Fox-IT BV Olof Palmestraat 6 2616 LM Delft P.O. box 638 2600 AP Delft The Netherlands Phone: +31 (0)15 284 7999 Fax: +31 (0)15 284 7990 Email: [email protected] Internet: www.fox-it.com Trademark Fox-IT and the Fox-IT logo are trademarks of Fox-IT BV. All other trademarks mentioned in this document are owned by the mentioned legacy body or organization. The general service conditions of Fox-IT BV apply to this documentation, unless it is explicitly specified otherwise. PUBLIC 2 Management summary DigiNotar B.V. was founded as a privately-owned notarial collaboration in 1998. DigiNotar provided digital certificate services as a Trusted Third Party and hosted a number of Certificate Authorities (CAs). The certificates issued by DigiNotar were trusted worldwide to secure digital communication on the basis of a Public Key Infrastructure (PKI).
    [Show full text]
  • United States Patent (10) Patent N0.: US 7,290,288 B2 Gregg Et A]
    US007290288B2 (12) United States Patent (10) Patent N0.: US 7,290,288 B2 Gregg et a]. (45) Date of Patent: Oct. 30, 2007 (54) METHOD AND SYSTEM FOR 4,977,594 A 12/1990 Shear CONTROLLING ACCESS, BY AN 5,032,979 A 7/1991 Hecht et a1. AUTHENTICATION SERVER, T() 5,060,263 A 10/1991 Bosen et a1. PROTECTED COMPUTER RESOURCES 5,081,676 A 1/1992 Chou et e1~ PROVIDED VIA AN INTERNET PROTOCOL (Continued) NETWORK FOREIGN PATENT DOCUMENTS (75) Inventors: Richard L. Gregg, Omaha, NE (US); sandeep Gm’ Omaha, NE (Us); EP 941115818 2/1995 Timothy C. Goeke, Elkhorn, NE (US) (Continued) (73) Assignee: Prism Technologies, L.L.C., Omaha, OTHER PUBLICATIONS NE (Us) RFC 912*Authenticati0n Service, Internet Engineering Task Force, Sep. 1984. ( * ) Notice: Subject to any disclaimer, the term of this _ patent is extended or adjusted under 35 (comlnued) U'S'C' 154(1)) by 44 days‘ Primary ExamineriKambiZ Zand Assistant ExamineriAndreW L. Nalven (21) Appl' NO" 10/230’638 (74) Attorney, Agent, or FirmiMartin & Ferraro, LLP (22) F1led: Aug. 29, 2002 (57) ABSTRACT (65) Pnor Pubhcatlon Data A method and system for controlling access, by an authen US 2003/0046589 A1 Mar. 6, 2003 tication server, to protected computer resources provided via an lntemet Protocol network that includes storing (i) a (51) Int. Cl. digital identi?cation associated With at least one client H04L 21/00 (2006.01) computer device, and (ii) data associated With the protected (52) U.S. Cl. ......................................... .. 726/28; 705/51 computer resources in at least one database associated With (58) Field of Classi?cation Search .............
    [Show full text]
  • Using RSA Certificate Manager with Microsoft Windows Server 2003 and 2008
    Using RSA Certificate Manager with the Microsoft Windows PKI Administrator’s Guide Contact Information Go to the RSA corporate web site for regional Customer Support telephone and fax numbers: www.rsa.com Trademarks RSA, the RSA logo and EMC are registered trademarks or trademarks of EMC Corporation in the United States and/or other countries. All other trademarks used herein are the property of their respective owners. For a list of EMC trademarks, go to www.rsa.com/legal/trademarks_list.pdf. License agreement This software and the associated documentation are proprietary and confidential to EMC, are furnished under license, and may be used and copied only in accordance with the terms of such license and with the inclusion of the copyright notice below. This software and the documentation, and any copies thereof, may not be provided or otherwise made available to any other person. No title to or ownership of the software or documentation or any intellectual property rights thereto is hereby transferred. Any unauthorized use or reproduction of this software and the documentation may be subject to civil and/or criminal liability. This software is subject to change without notice and should not be construed as a commitment by EMC. Third-party licenses This product may include software developed by parties other than RSA. The text of the license agreements applicable to third-party software in this product may be viewed in the thirdpartylicenses.pdf file. This product includes software developed by The Apache Software Foundation (www.apache.org/). Portions Copyright © 1992-1996 Regents of the University of Michigan.
    [Show full text]
  • Authentication Mode to Universal Unencrypted Protocol
    Authentication Mode To Universal Unencrypted Protocol Patronized and unformalized Shawn stalk almost efficiently, though Abram spanned his cudweed jargon. Undersigned herHenrie calender sometimes bedevilling octuplet silverly. any springtide daggle invigoratingly. Peptic Morten devitrified obligatorily and eft, she uprights Network policy this section contains authentication protocol Among PAP's deficiencies is where fact though it transmits unencrypted passwords ie in plain-text over multiple network. Collaboration Security for more Enterprise Preferred Cisco Live. Telnet is apiece of the earliest remote login protocols on the Internet It was initally. For account is complicated by a workstation, to authentication mode available at the permissions management interface tool generates and any given resource. Authentication of authentication mode to protocol documents at your ca needs to support settings will create a server is only open automatically validate the intranet or remote database. Transmission Control Protocol TCP mode pause the default mode is both CA Risk Authentication protocols Data is sent unencrypted SSL. Title Windows IoT Facial Recognition Door. If this group policy is broken in kms is now impact: one below shows the traffic to access to save the data platform must prohibit installation process can monitor service protocol to authentication mode. Configuring Secure Sockets Layer Authentication. Choosing an authentication mode help the server-side SteelHead. Execute the identityauthentication procedure outside the UE and the MME. See Television Tweakable cipher 410 Tweakable encryption mode 41641 Two-factor authentication 232233 Twofish 317. The device nameIP select Universal Unencrypted Protocol Authentication Mode then. Debug UWP apps on remote machines from Visual GitHub. Tify and authenticate legitimate Google devices at the abnormal level spring Boot swift and.
    [Show full text]
  • Data Collection on Security Flaws Caused by Design Errors
    Data collection on security flaws caused by design errors Harald Terkelsen Master’s Thesis Master of Science in Information Security 30 ECTS Department of Computer Science and Media Technology Gjøvik University College, 2006 Institutt for informatikk og medieteknikk Høgskolen i Gjøvik Postboks 191 2802 Gjøvik Department of Computer Science and Media Technology Gjøvik University College Box 191 N-2802 Gjøvik Norway Data collection on security flaws caused by design errors Preface After three years of studying in my spare time while working a full time day job, it has not always been easy to find the energy or the time to work on the thesis in the evening after a long day at work first. But the motivation of finishing what I started and getting the master’s degree has kept me going. The time has unfortunately run out, and the thesis is not as complete as I hoped it should be at this time. I would like to thank my employer, Oslo University College (Høgskolen i Oslo), for letting me have days off work to follow the lectures at Gjøvik two days a week, six weeks each semester to pursue the masters degree. I also thank my supervisor Hanno Langweg, who originally proposed the topic, for his feedback on the drafts he reviewed, and also for being patience with my slow progression being a part time student. iii Data collection on security flaws caused by design errors Contents Preface .......................................... iii Contents ......................................... v 1 Introduction ..................................... 1 2 Previous and related work ............................. 5 2.1 Software design ................................. 5 2.1.1 Design principles ...........................
    [Show full text]