Patent application number | Description | Published |
20090327713 | SYSTEM AND METHOD FOR ESTABLISHING BEARER-INDEPENDENT AND SECURE CONNECTIONS - A system and method for efficiently enabling local security connectivity between electronic devices over multiple bearers. Electronic devices are configured to advertise, over each bearer, their respective configuration parameters for each bearer. After a connection has been established between the electronic devices over a first bearer, the two electronic devices use the first bearer to establish connections over the other bearers using the configuration parameters contained in the advertisements and advertised over the first bearer. Shared keys are established for the other bearers either using keys derived from the first shared key or by using the first secure connection as an out-of-band channel. The present invention also provides for the creation of an ad hoc WLAN connection once a Bluetooth connection has been established. | 12-31-2009 |
20100005294 | Security in Wireless Environments Using Out-Of-Band Channel Communication - A methodology of using an (preferably uni-directional) out-of-band channel for secure information transmission between two devices capable for LPRF communication is provided. Information, which is intended for secure transmission from one of the devices to the other device, is encoded into a time dependent visual sequence. The visual sequence may comprise one or more visual signals, in particular lighted-up and dark states. The visual sequence is emitted in a time-dependent visual signal by a light emitter of the one device and the emitted signal is detected by a light sensor of the other device on the basis of the detected signal. The time-dependent signal especially timely varies in the light intensity. The light sensor generates a (time-dependent) sequence of detection signals. These detection signals are decoded to reconstruct the information intended for secure transmission. The out-of-band channel transmission of the information being separate from the LPRF communication enables to transmit a shared secret. The shared secret is required for secure authentication of the devices during initialization of the LPRF communication. | 01-07-2010 |
20100325427 | METHOD AND APPARATUS FOR AUTHENTICATING A MOBILE DEVICE - An approach is provided for authenticating a mobile device. A mobile device initiates transmission of a request to an authentication platform for generating a public-key certificate to access a service from the mobile device. The mobile device receives an identity challenge and responds by initiating transmission of a tag specific to the mobile device to the authentication platform. The authentication platform uses the tag to generate a public-key certificate. | 12-23-2010 |
20120311315 | Method and Apparatus to Reset Platform Configuration Register in Mobile Trusted Module - In accordance with the exemplary embodiments of the invention there is at least a method, apparatus, and executable program of computer instructions to perform the operations of establishing and initializing a set of platform configuration registers, where a first subset of platform configuration registers is defined as being non-resettable, and a second subset of platform configuration registers is defined as being resettable, storing initial boot-up system state information in one or more non-resettable platform configuration registers, dynamically resetting ( | 12-06-2012 |
20130340064 | Mechanisms for Certificate Revocation Status Verification on Constrained Devices - A process is provided for communication security certificate revocation status verification by using the client device as a proxy in online status verification protocol. The process utilizes a nonce of an authentication protocol request message (nonce_A) to derive the nonce for the revocation status protocol request (nonce_S) to reduce the number of message exchanges needed between the client and the verifier devices, and a mechanism to send the nonce (nonce_S) prior to actual authentication protocol execution to ease the connectivity requirement of client device from on-demand connectivity to periodic connectivity. Similar functionality is achieved using a random seed established between the verifier and client. The verifier picks a seed for random number generation and sends that seed to the client. The client derives the nonce_S from the seed before status protocol execution, and the verifier derives the nonce_S from the seed before proxied status response verification. | 12-19-2013 |
Patent application number | Description | Published |
20080320308 | Method for remote message attestation in a communication system - The invention relates to a method for remote attestation. In the method is created a first asymmetric key pair in a trusted platform module in an electronic device. A first public key and software platform state information are certified with an attestation identity key associated with the trusted platform module to produce a first certificate. A second asymmetric key pair is produced in an application within the electronic device. The second public key is certified with said first secret key to produce a second certificate. A message is signed with the second secret key to provide a message signature in the first electronic device. The message and the message signature, software platform state information, the first certificate and the second certificate are sent to a second electronic device. | 12-25-2008 |
20090164783 | METHODS, APPARATUSES, AND COMPUTER PROGRAM PRODUCTS FOR AUTHENTICATION OF FRAGMENTS USING HASH TREES - An apparatus for authentication of fragments using hash trees may include a processor. The processor may be configured to provide one or more data fragments and a hash tree representing the one or more fragments, send at least one first fragment accompanied by any nodes of the hash tree necessary to authenticate the one or more first sent fragments, and send one or more subsequent fragments accompanied by only some, but not all, of the nodes of the hash tree necessary to authenticate the one or more subsequent fragments with the other nodes that are not sent but are necessary for authentication having been previously sent in conjunction with a prior fragment. | 06-25-2009 |
20120239936 | CREDENTIAL TRANSFER - Methods and apparatus, including computer program products, are provided for credential transfer. In one aspect there is provided a method. The method may include receiving, at a first device, an authorization token; determining, at the first device, a delegation token, one or more credentials, and metadata; and providing, by the first device to a second device, the delegation token, the one or more credentials, and the metadata. Related apparatus, systems, methods, and articles are also described. | 09-20-2012 |
20120324214 | Method and Apparatus to Provide Attestation with PCR Reuse and Existing Infrastructure - The exemplary embodiments or the invention provide at least a method, apparatus, and program of computer instructions to perform operations including receiving a challenge from a prover device, reading and saving an old value of a selected platform configuration register, obtaining at least one measurement or property and forming a new platform configuration register value, where the forming includes calculating a cryptographic hash over the old value of the platform configuration register and the obtained at least one measurement or property, triggering, with the trusted software, an attestation by sending a challenge to a trusted platform module/mobile platform module, and sending by the prover device a device certificate, attestation, at least one measurement or property, and old platform configuration register value to the verifier. Further, the exemplary embodiments or the invention teach sending a challenge to a trusted software of a prover device, and receiving by the verifier device a device certificate, attestation, at least one measurement or property, and an old platform configuration register value from the prover device, checking by the verifier device that extending the old platform configuration register value with the at least one measurement or property results in a new platform configuration register value that has been attested, and using the new platform configuration register value in attestation of the prover device. | 12-20-2012 |
Patent application number | Description | Published |
20120235905 | POINTING METHOD, A DEVICE AND SYSTEM FOR THE SAME - The invention shows a method to control a pointing device with an angular, rate sensor, that comprises generating an ensemble of orthogonal unit vector associated signals by at least one angular rate sensor to represent angular rates in a dimensional space for each mutually orthogonal unit vector direction of said dimensional space, amplifying the at least one of said signal non-linearly for determination of cursor on a screen for (x,y) coordinates of the screen, applying a decision criterion to determine the state of the pointing device as based on said unit vector associated signals. The invention also shows a pointer utilising the method and a system comprising such a pointer. | 09-20-2012 |
20140288443 | MONITORING SYSTEM - A device, system and method for monitoring blood pressure information of a user. A device is configured with first and second pressure sensors, a fastening element, and a processing component. In the method the first pressure sensor is detachably attached to a first position and the second pressure sensor to a second position on the outer surface of a skin of the user. The pressure sensor generate signals that vary according to deformations of the skin in response to an arterial pressure wave expanding or contracting a blood vessel underlying the skin. The first signal and the second signal are used to compute at least one output value that represents a detected characteristic of the progressing arterial pressure wave of the user. | 09-25-2014 |
20140288445 | BLOOD PRESSURE MONITORING METHOD - A device, system and method for monitoring blood pressure information of a user. A device is configured with at least one pressure sensor, a fastening element, and a processing component. In the method the pressure sensor is detachably attached to a position on the outer surface of a tissue of the user. The pressure sensor generates signal that vary according to deformations of the tissue in response to an arterial pressure wave expanding or contracting a blood vessel underlying the tissue. The signal is used to compute pulse wave parameters representing detected characteristics of the progressing arterial pressure wave of the user and blood pressure value of the user. | 09-25-2014 |
Patent application number | Description | Published |
20090108193 | Method And Apparatus For Mass Spectrometric Analysis - A method and an apparatus for examining a sample by means of mass spectrometry. According to the method, the solution comprising the sample to be examined is vaporised in a vaporiser, the vaporised sample solution is sprayed, using a gas flow, into a corona discharge zone, where the examined sample is ionised according to the APCI method, using a corona discharge, to generate gas phase ions, and the ions are separated and directed to a detector. According to the present invention, a vaporiser is used, which is fabricated as a micromechanical structure which comprises the flow channels for the solution and for the carrier gas possibly used for feeding the solution, as well as the heater of the vaporiser, and which are all included in a monolithic structure. The solution is especially suitable for cases in which a very sensitive analysing technique is needed, or in which the available sample quantity is very small (less than 1 μL). | 04-30-2009 |
20090114814 | MICROPILLAR ARRAY ELECTROSPRAY CHIP - The invention relates to an electrospray ionization (ESI) device for forming a stream of ionized sample molecules. The device comprises a sample introduction zone for receiving a liquid-form sample, a tip for spraying the sample into aerosol or gaseous form, and a flow channel connecting the sample introduction zone and the tip. According to the invention, the flow channel comprises an array of transversely oriented microstructures adapted to passively transport the liquid-form sample introduced to the sample introduction zone to the tip by means of capillary forces. The invention concerns also a manufacturing method and applications of the ESI device, in particular mass spectrometry. The device can be used without external pumping of sample liquid. | 05-07-2009 |
20090159790 | METHOD AND SYSTEM FOR DESORBING AND IONIZING CHEMICAL COMPOUNDS FROM SURFACES - The invention relates to a method and system for ionizing analyte-containing sample lying on a surface of a substrate. The method comprises directing to the sample a heated flow of desorption gas in order to desorb analyte from the surface, and simultaneously directing to the sample light capable of ionizing the desorbed analyte in the presence of the desorption gas. The invention provides a method and system suitable for efficiently producing ions of neutral and nonpolar molecules on surfaces, for example for mass spectrometric purposes. | 06-25-2009 |
20100044228 | Multi-Dimensional Analysis - A device and a method for multidimensional separation and analysis of molecules is disclosed. The device comprises a chamber for subjecting a first substance to a first analysis step and a space for receiving a second substance. The device is configured to apply pressure to the second substance to move the second substance towards a product of the first analysis step for providing a sample for a second analysis step. | 02-25-2010 |