| Patent application number | Description | Published |
|---|
| 20080229110 | FAST AUTHENTICATION OVER SLOW CHANNELS - A method of providing secure communications over a network includes receiving, at a receiving computer, a public key of a sending computer, and a hash of a sending random number over a first communication channel, transmitting, from the receiving computer, a public key of the receiving computer and a receiving random number provided by the receiving computer over the first communication channel, and receiving, at the receiving computer, the sending random number provided by the sending computer over the first communication channel. | 09-18-2008 |
| 20080229402 | WORMHOLE DEVICES FOR USABLE SECURE ACCESS TO REMOTE RESOURCE - A token has a memory, an interface allow connection to a host, and a processor. The processor, in response to user input for configuring a remote access connection, executes a first set of processing instructions to establish a trusted connection with the server host, exchanges credentials over the trusted connection to establish a secure connection with the server host over an untrusted connection, and defines configuration information for accessing user selected data or services. The processor, in response to user input received in a legacy environment, executes a second set of processing instructions that includes establishing, over an untrusted connection, a secure connection with the server host using the security credentials, configuring the secure connection for access to the data or services, making the data or services available in the legacy environment, and defends against attempted access to data or services available at the token other than the data or services made available in the legacy environment. | 09-18-2008 |
| 20080288453 | Method and system for metadata-driven document management and access control - A system is provided to facilitate tag-based organization of documents. During operation, the system receives an original user query. The system extends the query to include documents with an IN-tag and exclude documents with an OUT-tag. The system then performs a search based on the extended query to indicate a collection of documents which satisfy the extended query. The system further allows a user to add a document to the collection of documents or remove a document from the collection of documents. Next, the system modifies a tagging property of the document. | 11-20-2008 |
| 20080288862 | Method and system for in-document markup in support of information sharing - A system is provided to facilitate content dissemination. During operation, the system allows a user to add a tag to a first document, wherein the tag indicates an operation to be performed on a portion of the document. The system then processes the tag and performs the operation on the document portion based on the tag. | 11-20-2008 |
| 20090285209 | VOICE OVER CONTENT CENTRIC NETWORKS - A system for facilitating voice calls over a content centric network (CCN) receives from a CCN user an expressed interest in receiving voice calls directed to the CCN user, wherein information in the CCN can be addressed, located, and disseminated by its content identifier and wherein data packets in the CCN are self-authenticating. Next, the system receives from a second network a packet for a voice call directed to the CCN user. The system then forwards to the CCN user the packet received from the second network with a CCN identifier corresponding to the interest expressed by the CCN user and forwards a packet from the CCN user for the voice call to the second network. | 11-19-2009 |
| 20090288163 | CONTROLLING THE SPREAD OF INTERESTS AND CONTENT IN A CONTENT CENTRIC NETWORK - One embodiment of the present invention provides a system for controlling the spread of interests and content in a content centric network (CCN). During operation, the system maintains a routing policy for content data. The system also receives a packet associated with a piece of content or an interest for the content. Next, the system determines that the structured name included in the packet is within the namespace specified in the routing policy. The system further determines that the packet satisfies the condition in the routing policy. Subsequently, the system routes the packet based on in part the action corresponding to the condition as specified in the routing policy. | 11-19-2009 |
| 20100309503 | METHOD AND SYSTEM FOR PRINTING DOCUMENTS FROM A PORTABLE DEVICE - One embodiment provides a system for printing a document from a portable device. During operation, the system obtains the document to be printed. Next, the system obtains a document optical code that identifies the document. Subsequently, the system displays the document optical code on the portable device in such a way that the document optical code can be scanned and recognized by a scanner associated with the printer. Next, the system allows the printer to retrieve and print the document based at least on the document optical code. | 12-09-2010 |
| 20100309504 | METHOD AND SYSTEM FOR PRINTING DOCUMENTS FROM A PORTABLE DEVICE - One embodiment provides a system for facilitating document printing from a portable device. During operation, the system receives a document at a server. Next, the system generates a document optical code corresponding to the document. Subsequently, the system communicates the document optical code to the portable device, thereby allowing the portable device to display the document optical code to a scanning mechanism associated with a printer, Next, the system receives a request, indicating the optical code, from the printer. Subsequently, the system retrieves the document in response to the request, and sends the document to the printer. | 12-09-2010 |
| 20100309505 | METHOD AND SYSTEM FOR PRINTING DOCUMENTS FROM A PORTABLE DEVICE - One embodiment provides a system for facilitating document printing from a portable device. During operation, the system receives at an email server an email which includes an attached document. Next, the system generates at the email server a document optical code associated with the document, wherein the document optical code can be scanned and recognized by a scanning mechanism associated with a printer. Subsequently, the system attaches the optical code as an additional attachment to the email, thereby allowing a portable device to print the attached document by displaying the optical code to the scanning mechanism associated with the printer. | 12-09-2010 |
| 20100332977 | METHOD AND APPARATUS FOR FACILITATING DIRECTED READING OF DOCUMENT PORTIONS BASED ON INFORMATION-SHARING RELEVANCE - One embodiment provides a system to facilitate directed reading of a selected portion of an original document by a recipient. During operation, the system creates a transfer document based at least on the original document and the selected portion. The transfer document, when viewed by the recipient, enables the following operations: opening the transfer document to the selected portion without requiring manual navigation to the selected portion, highlighting the selected portion, obscuring a context surrounding the selected portion based at least on a distance metric from the selected portion, and directly navigating from one highlighted portion to another highlighted portion in the transfer document without requiring manual navigation within obscured contexts. After the system creates the transfer document, it sends the transfer document to the recipient. | 12-30-2010 |
| 20110087882 | APPARATUS AND METHODS FOR PROTECTING NETWORK RESOURCES - Apparatus and methods are provided for protecting network resources, particularly in association with automatic provisioning of new client devices. A global PKI (Public Key Infrastructure) scheme is rooted at a globally available server. Roots of PKIs for individual organizations also reside at this server or another globally available resource. To enable access to an organization's network, one or more authenticators are deployed, which may be co-located with access points or other network components. After a client device enabler (CDE) and an authenticator perform mutual authentication with certificates issued within the global PKI, the CDE is used to provision a new client device for the organization. After the client is provisioned, it and an authenticator use certificates issued within the per-organization PKI to allow the client access to the network. | 04-14-2011 |
| 20110134847 | METHOD, APPARATUS, AND PROGRAM PRODUCT FOR PROVISIONING SECURE WIRELESS SENSORS - We present technology that allows layman computer users to simply create, provision, and maintain secured infrastructure—an instant PKI. This technology can be used in a wide variety of applications including wired and wireless networks, secure sensor networks (such as medical networks), emergency alert networks, as well as simply and automatically provisioning network devices whether secure or not. | 06-09-2011 |
