Class / Patent application number | Description | Number of patent applications / Date published |
713163000 | Multicast | 22 |
20080320303 | VPN PROCESSING VIA SERVICE INSERTION ARCHITECTURE - In one embodiment, a method can include: (i) sending a request to join a group to a service broker; (ii) receiving from the service broker a list of key servers servicing the group; and (iii) sending registration information to a selected one of the key servers in the list. | 12-25-2008 |
20090144544 | CABLE NETWORK SYSTEM AND METHOD FOR CONTROLLING SECURITY IN CABLE NETWORK ENCRYPTED DYNAMIC MULTICAST SESSION - A security control method in a cable network dynamic multicast session, and more particularly, a method of controlling forward secrecy and backward secrecy in a Data Over Cable Service Interface Specifications (DOCSIS) 3.0 network dynamic multicast session is provided. A security control method in a cable network dynamic multicast session, includes: maintaining a multicast group that is allocated with a first Downstream Service Identifier (DSID) and a first Security Association Identifier (SAID) and that is joined by a first cable modem and a second cable modem; receiving a LeaveMulticastSession message from the second cable modem; exchanging, corresponding to the LeaveMulticastSession message, a Dynamic Bonding Change (DBC) message for changing a multicast parameter with the second cable modem; and updating a first Traffic Encryption Key (TEK) corresponding to the first DSID with a second TEK. | 06-04-2009 |
20090150668 | SYSTEM AND METHOD FOR IMPLEMENTING SECURITY OF MULTI-PARTY-COMMUNICATION - A system and method for implementing security of multi-party communication is disclosed in the disclosure. The system mainly includes a group key management unit and a record protocol unit. The method mainly includes when the system runs in the centralized group key management mode, the Group Controller and Key Server (GCKS) establishes and stores a Group Security Association, the GCKS negotiates with the group members to establish an Initiation Security Association, under the protection of the Initiation Security Association, the group members obtain the Group Security Association from GCKS. When the system runs in the distributed group key management mode, a Group Security Association is established by all the group members together at the beginning of the group communication. The system runs in the application process space and can provide an application program (or application protocol) with the function of the group key management and data security of the multi-party communication in the form of the standard Application Programming Interface (API). | 06-11-2009 |
20090265548 | REVOCATION OF CRYPTOGRAPHIC DIGITAL CERTIFICATES - Different targets (c | 10-22-2009 |
20100017600 | SECURE NEIGHBOR CACHE PRELOAD - The present invention relates to methods, apparatus, and systems for implementing a secure neighbor cache preload. The method includes initiating a data transfer request. The data transfer request is associated with a sequence of bytes. Further, receiving bytes associated with the data transfer request. Further, the method includes storing the bytes in the client system's personal cache, and processing the data transfer request through a filtering system. The filtering system is configured to determine whether the sequence of bytes is to be relayed to the plurality of clients. Then, based on the data transfer request passing through the filtering system, echoing the sequence of bytes to the plurality of client systems within the LAN using an Internet protocol (IP) broadcast operation, and storing within each of the plurality of client systems' public caches at least a portion of the relayed sequence of bytes associated with the data transfer request. | 01-21-2010 |
20100031033 | APPARATUS AND METHOD OF SHARING DRM AGENTS - An apparatus and method of sharing content is provided. An apparatus for sharing content according to an aspect of the invention includes a search module which extracts specific information from encrypted content, and requests a host apparatus for an execution code, and a client DRM agent module which is installed with the execution code received from the host apparatus according to the request and outputs the encrypted content using the execution code. | 02-04-2010 |
20100049973 | METHOD, APPARATUS, AND SYSTEM FOR SENDING AND RECEIVING SECURITY POLICY OF MULTICAST SESSIONS - A method, apparatus, and system for sending and receiving a security policy of multicast sessions are provided. The method for sending the security policy of multicast sessions includes: after a Datagram Transport Layer Security (DTLS) session is set up between a sender and a receiver, receiving a security policy request from the receiver, constructing a security policy response according to a security policy, multiplexing the security policy response and Secure Real-Time Transport Protocol (SRTP) multicast session data, and sending the multiplexed data to the receiver. | 02-25-2010 |
20100122084 | METHOD, APPARATUS AND SYSTEM FOR REGISTERING NEW MEMBER IN GROUP KEY MANAGEMENT - A method for registering a new member in group key management is disclosed. An agent is deployed on the local network that requires the automatic group key management service; the agent receives an original registration request message sent by a new member in the local network, encapsulates the original registration request message and an information indicating the new member into a first request message, and sends the first request message to a Group Controller Key Server (GCKS); and the agent receives a first response message returned by the GCKS, extracts the information indicating the new member and the original response message carrying the processing result of request from the first response message, and sends the original response message to the new member according to the information indicating the new member. Apparatuses and system for registering a new member in group key management are also disclosed. According to the present invention, a new member that joins a network can be registered automatically. | 05-13-2010 |
20100211775 | SYSTEM AND METHOD FOR ACCESS NETWORK MULTI-HOMING - A system and method for generating a set of IP addresses for access multi-homing in an Internet access network. A generating host obtains from the network a set of IPv6 subnet prefixes for a plurality of available Internet Service Providers, ISPs. The generating host generates a single IPv6 interface identifier from the subnet prefixes and cryptographically binds the subnet prefixes with the single IPv6 interface identifier. A remote peer verifies that all of the IP addresses belong together by independently generating the IPv6 interface identifier from the same set of subnet prefixes and comparing the result with the IPv6 interface identifier generated by the generating host. | 08-19-2010 |
20100228971 | METHODS FOR BROADCASTING AND RECEIVING A SCRAMBLED MULTIMEDIA PROGRAMME, NETWORK HEAD, TERMINAL, RECEIVER AND SECURITY PROCESSOR FOR THESE METHODS - A method of broadcasting a scrambled multimedia programme, by way of a broadband network, in which before transmitting a license key: —a network head carries out a step of authenticating a terminal, and—if the terminal has been successfully authenticated, the network head sends the terminal a license transmission message containing the license key or cryptogram of the license key, by way of a point-to-point link, and—if the terminal is not successfully authenticated, the network head acts (at | 09-09-2010 |
20100228972 | System and Method for Content Distribution with Broadcast Encryption - The claimed invention relates to system and method for providing encrypted content via a distribution network | 09-09-2010 |
20110202761 | Mobility Handling For Multicast Services - A method of handling mobility of a sender in a multicast packet sending scenario. The method comprises firstly establishing a multicast tree across a packet data network and transmitting multicast packets from the sender to a plurality of receivers via said multicast tree. Prior to a mobility event in respect of said sender, a suitable transfer anchor node is identified within said network, and the tree re-rooted to that transfer anchor node. Subsequently, multicast packets are transmitted from said sender to said transfer anchor node and injected into the multicast tree at said transfer anchor node. Following said mobility event, said sender continues to send multicast packets to said transfer anchor node for injection into the multicast tree. | 08-18-2011 |
20110307694 | Secure Registration of Group of Clients Using Single Registration Procedure - Automated secure registration techniques for communication devices are provided which address the problem of allowing multiple clients to gain access to one system, and thus provide a solution to the “reverse single sign-on” problem. For example, a method for registering a group of two or more communication devices in a communication network comprises the following steps. A group challenge message is sent from a network device to the group of two or more communication devices. The network device receives one or more response messages to the group challenge respectively from one or more of the group of two or more communication devices, wherein the response message from each of the responding communication devices in the group comprises a group credential corresponding to the group. | 12-15-2011 |
20110307695 | METHODS AND SYSTEMS FOR PROVIDING A SECURE ONLINE FEED IN A MULTI-TENANT DATABASE ENVIRONMENT - Embodiments of the present invention provide systems, apparatus, and methods for securing information shared between users of a database system. A message in a feed on a multi-tenant database can be securely shared when a user marks the message as private. Users of the database can selectively decide on which recipient and/or group of recipients have access rights to view the message. The messages are secured through cryptography, such as by a key shared between two or more users. The user can additionally have a private key that is used to decrypt the secure (e.g., encrypted) messages. This private key can be further protected by the user's password used to log into the database system. The secure message can appear in either encrypted form or be absent from the feed to which the secure message is posted. Secure messages can be transparently encrypted and decrypted by the system. In some embodiments, sharing rules can be pre-defined by the user to determine how messages are secured. Furthermore, the secured messages are stored in encrypted fomi on the multi-tenant database and only accessible by users with whom the messages are shared. | 12-15-2011 |
20120144191 | SECURE TRANSPORT OF MULTICAST TRAFFIC - A request to receive multicast data, associated with a multicast group, may be transmitted. The request may be transmitted via a tunnel. Group keys may be received in response to the request. The group keys may be based on the multicast group. An encapsulated packet may be received via another tunnel. The encapsulated packet may be processed, using the group keys, to obtain a multicast packet associated with the multicast data. The multicast packet may be forwarded to at least one multicast recipient. | 06-07-2012 |
20130054964 | METHODS AND APPARATUS FOR SOURCE AUTHENTICATION OF MESSAGES THAT ARE SECURED WITH A GROUP KEY - Methods, systems and apparatus are provided for source authentication. In accordance with the disclosed embodiments, a key-management server generates a key-delivery message that includes a key data transport payload secured with a group key, and a source authentication payload. Upon receiving the key-delivery message at a communication device, the communication device may verify whether the source authentication payload of the key-delivery message is valid. When the source authentication payload is determined to be valid, the communication device thereby authenticates that the key-delivery message was transmitted by the key-management server. | 02-28-2013 |
20130124859 | SYSTEM AND METHOD FOR DIGITAL RIGHTS MANAGEMENT WITH AUTHORIZED DEVICE GROUPS - Various embodiments of a system and method of digital rights management with authorized device groups are described. Various embodiments may include a system including a digital rights management (DRM) component configured to receive a private key of an authorized device group. In various embodiments, the receipt of the private key of the authorized device group may indicate the system is an authorized member of a group of devices permitted to access content items protected by a common public key associated with the authorized device group. In various embodiments the DRM component may be configured to, for each given content item of multiple content items that are encrypted with different content keys, decrypt an encrypted content key from the given content item with the private key of the authorized device group and decrypt content from the given content item with the decrypted content key. | 05-16-2013 |
20140173276 | Local Area Network - A method and system for distributed security for a plurality of devices in a communication network, each of the devices being responsible for generating, distributing and controlling its own keys for access to the communication network and using the keys to establish a trusted network, each device's membership to the communication network being checked periodically by other devices by using a challenge response protocol to establish which devices arc allowed access to the communication network and the trusted network. | 06-19-2014 |
20140365768 | Extending Data Over Cable Service Interface Specification (DOCSIS) Provisioning of Ethernet Passive Optical Network (EPON) (DPoE) to EPON over Coax (EPoC) Multicast Key Management - Disclosed herein are mechanisms to support the management of multicast keys for a multicast group comprising one or more optical line terminals (OLTs), one or more fiber to coax units (FCUs), and a plurality of coax network units (CNUs). The disclosed embodiments may support the management of multicast keys over optical and coaxial networks. In some embodiments, an FCU may facilitate communication of operations administration and maintenance (OAM) messages containing multicast keys from one or more OLTs to one or more CNUs (typically a plurality of CNUs). Some embodiments may employ one multicast key over both the optical network and coaxial network. Other embodiments may employ an optical domain multicast key over the optical network and an electrical domain multicast key over the coaxial network. Embodiments may comprise adding a first CNU to a multicast group as well as adding subsequent CNUs to the multicast group. | 12-11-2014 |
20150350167 | SYSTEMS AND METHODS FOR SECURE COMMUNICATION OVER A NETWORK USING A LINKING ADDRESS - Systems and methods for secure communication over a network using a linking address. Systems for secure communication may include a computer system in electronic communication over a network with a plurality of electronic devices, a database in electronic communication with the computer system, the database configured to electronically store at least a linking address and an associated payload of a data packet, an engine stored on and executed by the computer system, the engine electronically receiving a data packet over the network from a first electronic device, processing the data packet to identify a linking address and a payload, the linking address being at least 32 bit, storing the linking address and payload in the database, electronically receiving a query from a second electronic device, the second electronic device identifying the linking address, and electronically transmitting the data packet over the network to the second electronic device. | 12-03-2015 |
20160191508 | Methods and Systems for Block Sharding of Objects Stored in Distributed Storage System - The present disclosure provides systems and methods for sharding objects stored in a distributed storage system. In accordance with one embodiment disclosed herein, a block sharding technique is used. Block sharding is an advantageously efficient technique when dealing with random access objects, such as virtual disk drives or “volumes”. One embodiment disclosed herein provides a method of performing a delta edit of a named object stored in a distributed storage system in which a payload of the named object is stored in block shards defined by block-shard chunk references. The block shards store non-overlapping byte ranges of the payload of the named object. Another embodiment disclosed herein relates to a method of retrieving a portion of a named object stored in a distributed object storage system. Other embodiments, aspects and features are also disclosed. | 06-30-2016 |
20160191509 | Methods and Systems for Key Sharding of Objects Stored in Distributed Storage System - The present disclosure also provides systems and methods for sharding objects stored in a distributed storage system. In accordance with one embodiment disclosed herein, a key sharding technique is used. Key sharding is an advantageously efficient technique when dealing with an object containing a collection of key-value records. In accordance with an embodiment of the invention, referenced chunks identified by the key shards may each store a subset of the collection of the key-value records, and the key-value records in the subset have key hashes that have a range of matching bits in common. One embodiment disclosed herein provides a method of performing a delta edit of a named object stored in a distributed storage system in which a payload of the named object is stored in key shards. Other embodiments, aspects and features are also disclosed. | 06-30-2016 |