| SurIDx, Inc. Patent applications |
| Patent application number | Title | Published |
|---|
| 20110291798 | Wireless Encrypted Control of Physical Access Systems - Physical access systems and methods securely grant physical access to restricted areas in high-volume applications. An electronic device, such as a smartphone, stores a digitally signed physical access rights file. An individual uses this rights file to gain access to a restricted area only after self-authenticating to the device. A physical access control system receives the rights file, validates it, and determines whether to permit passage through a physical barrier. The determination may be made by a physical barrier system, or by a remote access control headend. An access control gateway, which may be an access control headend, may either unlock the physical barrier system when the electronic device is near the physical barrier, or it may transmit an authorization code to the electronic device and the physical barrier system, whereby passage is only permitted if the barrier system subsequently receives the authorization code from the electronic device using near field communications. | 12-01-2011 |
| 20110246765 | Efficient, Secure, Cloud-Based Identity Services - An Identity Ecosystem Cloud (IEC) provides global, scalable, cloud-based, cryptographic identity services as an identity assurance mechanism for other services, such as data storage, web services, and electronic commerce engines. The IEC complements these other services by providing enhanced identity protection and authentication. An IEC performs identity services using surrogate digital certificates having encryption keys that are never exposed to the public. An individual requesting other services must meet an identity challenge before access to these other services is granted. Service requests to the IEC, and responses from the IEC, are securely encrypted. An IEC integrates smoothly into existing services by layering on top of, or being used in conjunction with, existing security measures. Identity transactions may be logged in a manner that complies with strict medical and financial privacy laws. | 10-06-2011 |
| 20110167258 | Efficient Secure Cloud-Based Processing of Certificate Status Information - A cloud-based system having a secure database of certificate information and associated methods are provided. The system and methods may be used to supplement or replace traditional OCSP processing systems. Responses to OCSP requests are digitally signed and cached in a cloud database server remote from the requester. Other servers in the cloud may access the cached OCSP responses from the database server, rather than the originating certificate authority. Thus, the work traditionally done by the certificate authority is moved to the cloud, which eliminates a single point of failure and improves the resources available to perform transactional processing. | 07-07-2011 |
| 20110022835 | Secure Communication Using Asymmetric Cryptography and Light-Weight Certificates - Encrypted communications between servers and client devices over an unsecured channel, such as the Internet, without using a public key infrastructure are disclosed. Messages to a client device are encrypted using an encryption key of an authorized individual, regardless of the identity of the user of the client device. Encryption is performed by a system that does not expose encryption keys to the client device or the server, thereby preventing man-in-the-middle attacks against the encryption key. Secure communications are combined with a two-factor protocol for authenticating the identity of an individual. An individual authenticates by generating a cipher using a light-weight certificate that has a shared secret but no other information identifying the individual. Separately, a server generates the same cipher using the shared secret, thereby authenticating the individual's identity to a relying party. | 01-27-2011 |
| 20090132813 | Apparatus and Methods for Providing Scalable, Dynamic, Individualized Credential Services Using Mobile Telephones - Apparatus and methods perform transactions in a secure environment between an individual and another party, such as a merchant, in various embodiments. The individual possesses a mobile electronic device, such as a smartphone, that can encrypt data according to a public key infrastructure. The individual authenticates the individual's identity to the device, thereby unlocking credentials that may be used in a secure transaction. The individual causes the device to communicate the credentials, in a secure fashion, to an electronic system of a relying party, in order to obtain the relying party's authorization to enter the transaction. The relying party system determines whether to grant the authorization, and communicates the grant and the outcome of the transaction to the device using encryption according to the public key infrastructure. | 05-21-2009 |
