William P. Bialick - Clarksville MD, US Russell D. Housley - Herndon VA, US Charles R. J. Moore - Brisbane, AU Duane J. Linsenbardt - San Jose CA, US
Assignee:
Spyrus, Inc. - San Jose CA
International Classification:
H04L009/00
US Classification:
713156, 705 59
Abstract:
A licensing attribute certificate enables a trusted computing base to enforce access to a computing resource by a computer application. The licensing attribute certificate can contain enforcement data which limits the use of the computing resource. The licensing attribute certificate can also contain information allowing for the tracking of licensing data about the use of the computing resource. The use of a licensing attribute certificate to enforce access to a computing resource can allow products to be fielded which have their capability limited to a specific subset of functions. The enforcement data, the licensing data, and the data limiting the application to a specific subset of functions are cryptographically bound to the computing resource using a licensing attribute certificate according to the invention. Prior to allowing access to the computing resource by the computer application, a trusted computing base strongly authenticates that usage via the licensing attribute certificate.
Secure, Easy And/Or Irreversible Customization Of Cryptographic Device
Russell D. Housley - Herndon VA, US Gregory W. Piper - San Jose CA, US Randy V. Sabett - Washington DC, US
Assignee:
Spyrus, Inc. - San Jose CA
International Classification:
G06F012/14 H04L009/00
US Classification:
713189, 713166, 713172
Abstract:
The invention enables a cryptographic device to be easily, securely and/or irreversibly customized to provide specified cryptographic functionality. For example, the invention can enable easy and secure modification (expansion, reduction or changing) of application code (which interacts with code stored on a cryptographic device) via the exposure of, for example, the mathematical primitive operations available on the cryptographic device. In particular, the invention can enable modification of available cryptographic operations at a relatively high level of programming abstraction, thus enabling such modification to be accomplished relatively easily. Further, the invention can enable the modification to be accomplished in a manner that does not necessitate or allow access by the application developer to other operations of the cryptographic device, thus providing security for the proprietary code and/or cryptographic keys of other persons or entities that may be present on the cryptographic device. The invention can also enable specification of permissible cryptographic characteristics of a cryptographic device from a set of available cryptographic characteristics of the cryptographic device. In particular, such specification can be done (at device fulfillment, for example) in a manner that is irreversible, thus enabling the cryptographic device to satisfy export regulations for cryptographic devices and/or to meet customer requirements for device security.
Method And System For Enforcing Access To A Computing Resource Using A Licensing Attribute Certificate
William P. Bialick - Clarksville MD, US Russell D. Housley - Herndon VA, US Charles R. J. Moore - Brisbane, AU Duane J. Linsenbardt - San Jose CA, US
Assignee:
Spyrus, Inc. - San Jose CA
International Classification:
H04L 9/00
US Classification:
713156, 705 59
Abstract:
A licensing attribute certificate enables a trusted computing base to enforce access to a computing resource by a computer application. The licensing attribute certificate can contain enforcement data which limits the use of the computing resource. The licensing attribute certificate can also contain information allowing for the tracking of licensing data about the use of the computing resource. The use of a licensing attribute certificate to enforce access to a computing resource can allow products to be fielded which have their capability limited to a specific subset of functions. The enforcement data, the licensing data, and the data limiting the application to a specific subset of functions are cryptographically bound to the computing resource using a licensing attribute certificate according to the invention. Prior to allowing access to the computing resource by the computer application, a trusted computing base strongly authenticates that usage via the licensing attribute certificate.
William P. Bialick - Clarksville MD Mark J. Sutherland - Milpitas CA Thomas K. Rowland - Los Gatos CA Kirk W. Skeba - Fremont CA Russell D. Housley - Herndon VA
Assignee:
Spyrus, Inc. - Santa Clara CA
International Classification:
G06F 1214
US Classification:
713201
Abstract:
The invention enables a modular, typically portable, device to communicate with a host computing device to enable one or more security operations to be performed by the modular device on data stored within the host computing device, data provided from the host computing device to the modular device (which can then be, for example, stored in the modular device or transmitted to yet another device), or data retrieved by the host computing device from the modular device (e. g. , data that has been stored in the modular device, transmitted to the modular device from another device or input to the modular device by a person). In particular, the modular device can include a security module that is adapted to enable performance of one or more security operations on data, and a target module that is adapted to enable a defined interaction with a host computing device. The target module can be embodied by any of a variety of modules having different types of functionality (e. g. , data storage, data communication, data input and output, user identification).
Peripheral Device With Integrated Security Functionality
William P. Bialick - Clarksville MD Mark J. Sutherland - Milpitas CA Thomas K. Rowland - Los Gatos CA Kirk W. Skeba - Fremont CA Russell D. Housley - Herndon VA
Assignee:
Spyrus, Inc. - Santa Clara CA
International Classification:
G06K 1467
US Classification:
713200
Abstract:
The invention enables a peripheral device to communicate with a host computing device to enable one or more security operations to be performed by the peripheral device on data stored within the host computing device, data provided from the host computing device to the peripheral device (which can then be, for example, stored in the peripheral device or transmitted to yet another device), or data retrieved by the host computing device from the peripheral device (e. g. , data that has been stored in the peripheral device, transmitted to the peripheral device from another device or input to the peripheral device by a person). In particular, the peripheral device can be adapted to enable, in a single integral peripheral device, performance of one or more security operations on data, and a defined interaction with a host computing device that has not previously been integrated with security operations in a single integral device. The defined interactions can provide a variety of types of functionality (e. g. , data storage, data communication, data input and output, user identification).
System And Methods For Transit Path Security Assured Network Slices
- Sterling VA, US Carlos Solari - Sterling VA, US Matthew Silveira - Placerville CA, US Russell Housley - Herndon VA, US William C. Epstein - Salt Lake City UT, US Timothy Ray Newman - Edgewater MD, US Charles Clancy - McLean VA, US Sean Turner - Washington DC, US
International Classification:
H04W 12/069 H04L 9/40 H04L 45/00 H04L 49/20
Abstract:
Systems and methods of configuring, managing and ensuring security compliance of Virtual Network Slices that transit through physical networks, virtual networks (SDN), cloud networks, radio access networks, service provider networks, and enterprise networks are identified. The methods include user side security validation methods while attempting to use a network slice for a specific service, and security validation of physical or virtual networks and the associated transit network elements. The methods disclose enriching the Security Certificates with policy parameters and the associated procedures that transit elements are required to assure for security compliance. Additionally, methods for incorporating a mobile native security platform in Wireless Mobile Network (4G/5G) that supports generating X.509 Certificates enhanced with policy requirements, validating allowed/disallowed list of transit network vendor devices, virtual network appliances are identified.
System And Methods For Transit Path Security Assured Network Slices
- Sterling VA, US Carlos Solari - Sterling VA, US Matthew Silveira - Placerville CA, US Russell Housley - Herndon VA, US William C. Epstein - Salt Lake City UT, US Timothy Ray Newman - Edgewater MD, US Charles Clancy - McLean VA, US Sean Turner - Washington DC, US
International Classification:
H04W 12/069 H04L 12/931 H04L 12/721 H04L 29/06
Abstract:
Systems and methods of configuring, managing and ensuring security compliance of Virtual Network Slices that transit through physical networks, virtual networks (SDN), cloud networks, radio access networks, service provider networks, and enterprise networks are identified. The methods include user side security validation methods while attempting to use a network slice for a specific service, and security validation of physical or virtual networks and the associated transit network elements. The methods disclose enriching the Security Certificates with policy parameters and the associated procedures that transit elements are required to assure for security compliance. Additionally, methods for incorporating a mobile native security platform in Wireless Mobile Network (4G/5G) that supports generating X.509 Certificates enhanced with policy requirements, validating allowed/disallowed list of transit network vendor devices, virtual network appliances are identified.
Youtube
ISOC INET 2012: Russell Housley on global mar...
Russell Housley, Chair of IETF, says global markets will drive the ado...
Duration:
1m 34s
russ.avi
Russell Housley competing in the David Lyle Master Chefs competition i...
Duration:
5m 13s
Tamera Mowry wants to know how much her husba...
Okay i just got home and i want to see how much my family missed me ho...
Duration:
51s
Phil Housley Career Highlights
Check out some of the most memorable moments in the Hall of Fame caree...
Duration:
2m 24s
Tamera Mowry & Adam Housley Give News Of A WO...
Tamera Darvette Mowry-Housley is an American actress, television perso...
Duration:
2m 10s
Congrats! Tamera Mowry Housley Expecting Thei...
subscribe to my channel Congrats! Tamera Mowry Housley Expecting Their...