2581 results about "Secure transmission" patented technology

A system and method that enables a given sending user to specify a set of delivery policies and have them used for the electronic delivery of a given message, the message potentially having several heterogeneous parts (e.g., text and pictures) each of which is handled differently, and delivered to multiple heterogeneous devices (e.g., PCs, Smartphones, fax machines), and possibly to several distinct recipients. The factors with which a sender can qualify their delivery policies include: time/date, transmission cost; whether the transmission can be forwarded; receiving device capability; and network reliability, speed, and security transmission. Methods are also provided enabling a sender to specify that particular transmissions be redirected or copied, e.g., "send fax copy to my broker and my accountant." In one embodiment, the delivery policies may be specified using PICS.

Methods and systems for secure transmission of information are provided. In accordance with a method of the present invention, a client sends to a server, a request, at least one unique identifier and an encryption key. The server generates a reply to the request and identifies a mobile device (based on the at least one unique identifier) to which to send the reply. The server also encrypts the reply, using the encryption key, to thereby produce an encrypted reply. The encrypted reply is then sent from the server to the mobile device (e.g., a mobile phone). Once received by the mobile device, the encrypted reply is available for transfer (automatically or manually) from the mobile device to the client. Once provided to the client, the client can decrypt the encrypted reply using the encryption key. The decrypted reply is then available for use at (e.g., by) the client.

Extensible resource messaging in a communication network is provided through creation of a flexible, extensible, and secure messaging environment. A client-server architecture may be implemented in which user applications employ messaging clients to send resource requests for network information, allocation and other operations and receive resource responses, and in which network elements, through resource agents, may use messaging servers to accept resource requests and return resource responses. Resource agents in different network domains may interact through the messaging environment and work together to fulfill resource requests. An XML-based messaging mechanism may be built with a defined message format that can provide flexible message contexts. Network resource semantics may be specified using XML schemas so that network resources are expressed as resource-specific XML elements and network updates can be implemented by updating the XML resource schemas. Secure enhancements may be realized by secure transport, message verification and other means.

A network file access appliance operates as a secure portal for network file access operations between client computer systems and network storage resources. The file access appliance terminates network file access transactions, identified by packet information including client system, mount point, and file request identifiers, between client systems and mount points supported by the access controller. A policy parser determines, based on the packet information, to selectively initiate network file access transactions between the access controller and network storage resources to enable completion of selected network file access transactions directed from the clients to the network file access appliance. The network file access transactions directed to the network storage resources are modified counterparts of policy selected client network file access transactions modified to reference mapped network storage resource mount points and support the secure transfer and storage of network file data.

A method is disclosed for amortizing the authentication overhead of data transmissions. The method comprises establishing a first secure transmission of data between a transmitter and a receiver by transmitting at least one token to the receiver during the first secure transmission. There may be any number of senders and receivers, and any receivers may be a sender and vice versa. The method also comprises establishing at least one additional transmission of data between the sender and the receiver and transmitting the data and at least one token during the at least one additional transmission. In addition, the method compares the at least one token transmitted during the at least one additional transmission to the token transmitted during the first secure transmission to guarantee the authenticity of that at least one additional transmission. The method may also include transmitting a preselected number of tokens during the first secure transmission. The number of additional transmissions may or may not correspond to the preselected number of tokens. The at least one additional transmission may be conducted over an unsecure connection using open communication. The first secure transmission may be protected or encrypted.

Secure inter-node communication is disclosed. The hardware of the first node sends a key, identification of the first node, and identification of a second node to hardware of the second node. The hardware of the second node receives the key and the identifications. The hardware of the second node verifies the identifications of the first and the second nodes, and stores the key. The key stored in the hardware of the first and the second nodes allows for a secure transmission channel from the software of the first node to software of the second node.

A system for the secure transfer of data and data management on the Internet has a data encryption and transfer module operable in a user computing system, a data management module operable in a server computing system, the transfer of data between the user and server computing systems being effected on the user computing system through use of the data encryption and transfer module, by moving the data to or from a first desktop window, associated with the user computing system, from or to a second desktop window, associated with the server computing system, each window being associated with a password, such that the step of moving the data from one window to the other causes the data to be encrypted/re-encrypted from one associated password to the other. The system also includes a password management module operable in the user computing system for managing the passwords, which are required to be used by a user of the system. The system uses symmetric key encryption coupled with file transfer protocol (FTP) data transfer and allows for the secure transfer of large data files of 100 megabytes or more.

An e-mail system is disclosed that overcomes many deficiencies of, but is backward compatible with, existing e-mail systems. Embodiments of the system may include various features, including but not limited to: (1) secure transfer of e-mail messages, without the need for users to replace existing e-mail clients or to change e-mail addresses; (2) tracking of all actions performed in connection with an e-mail transmission; (3) the ability for a recipient to view information about an e-mail message, optionally including information about how other addressees have responded to it, before deciding whether to retrieve the e-mail message; (4) the aggregation of entire e-mail conversations into a single threaded view; (5) the ability to include both private and public messages in a single e-mail communication; (6) sender control over downstream actions performed in connection with an e-mail message; (7) flexible control over cryptographic methods used to encrypt emails messages for storage.

An e-mail system is disclosed that overcomes many deficiencies of, but is backward compatible with, existing e-mail systems. Embodiments of the system may include various features, including but not limited to: (1) secure transfer of e-mail messages, without the need for users to replace existing e-mail clients or to change e-mail addresses; (2) tracking of all actions performed in connection with an e-mail transmission; (3) the ability for a recipient to view information about an e-mail message, optionally including information about how other addressees have responded to it, before deciding whether to retrieve the e-mail message; (4) the aggregation of entire e-mail conversations into a single threaded view; (5) the ability to include both private and public messages in a single e-mail communication; (6) sender control over downstream actions performed in connection with an e-mail message; (7) flexible control over cryptographic methods used to encrypt emails messages for storage.

A method for securely transmitting data involves generating keys depending on previous keys and additional information, such as a password, in order to create a pseudo one-time pad. The data is encrypted using the pseudo one-time pad prior to transmission. Only the initial key and minimal additional data are transferred between the sender and receiver in order to synchronize the keys.

In accordance with the principles of the present invention, a system is provided for capturing a customer deposit at their place of business, converting the Magnetic Ink Character Recognition (MICR) data encoded documents into an image with an associated data file, and electronically transmit the data to a financial institution. The system allows the customer to scan each MICR encoded check that is to deposited with their financial institution, which captures financial institution routing information and customer account information. The associated image the physical check can be franked denoting the check has been electronically processed to avoid further processing. The resulting image and account data can then be processed by the financial institution. There are three options for encoding the amount: 1) the customer enters each amount after scanning the item prior to sending to the financial institution; 2) the financial institution enters the amount of each item after receiving the file from the customer; and 3) the amount field(s) are scanned and the amount is automatically entered. The system allows for both 1) online (Internet) capture of the MICR data and the associated image or 2) offline capture and the subsequent importing of the image and MICR data for transmission to the financial institution via the Internet. The financial institution can review the items captured online, and repair any item that is incorrect. The financial institution can use the system to print substitute checks that confirm to ANSI X9.90 for processing or deliver an electronic file in ANSI X9.37 format to any check processing system. The system includes secure transport over Internet connections for file transfer and dual control security to reduce fraudulent transactions from being initiated by the customer.

A method for data transmission between a sensor module for measuring and storing data and a mobile device wherein the sensor module and the mobile device have identified each other and, wherein the sensor module comprises a first secure element capable of storing a first security key and the mobile device comprises a second secure element capable of storing a second security key characterized in that the method comprises the steps of an authentication step for carrying out a security process between the sensor module and the mobile device in order to authenticate the sensor module with the mobile device by means of comparing first and second security keys; a pairing step for establishing a communication between the sensor module and the mobile device in order to enable communication therebetween; a transmission step for establishing a secure transmission of data from the sensor module to the mobile device when comparison of the first and second security keys has resulted in authentication.

A method for secure transmission of data, like e-mail and other secure documents, over a computer network includes the use of biometrics to verify that the sender of the data is confirmed as an individual authorized for secure access transmission of data over the network and by verifying that the recipient of the data is also an individual authorized to receive data by secure access transmission over the network. The methodology comprises creating a database containing the biometric templates of all individuals authorized for secure access transmission of data over the network and connecting the database to a data processor. The transmission of counterfeit messages is prevented by confirming the identity of the sender as an individual authorized for secure access transmission over the network by scanning a predetermined biometric of the sender, and comparing the biometric of the sender with the predetermined biometric of all individuals who are authorized for secure access transmission over the network. The recipient of a secure access message is not permitted to access the message until recipient's identity has been similarly confirmed as an individual authorized to receive messages secure access transmitted over the network. Once the recipient's identity is confirmed the message may be opened. The sender will receive confirmation by return electronic mail that the message has been opened by the authorized recipient.

An e-mail system is disclosed that overcomes many deficiencies of, but is backward compatible with, existing e-mail systems. Embodiments of the system may include various features, including but not limited to: (1) secure transfer of e-mail messages, without the need for users to replace existing e-mail clients or to change e-mail addresses; (2) tracking of all actions performed in connection with an e-mail transmission; (3) the ability for a recipient to view information about an e-mail message, optionally including information about how other addressees have responded to it, before deciding whether to retrieve the e-mail message; (4) the aggregation of entire e-mail conversations into a single threaded view; (5) the ability to include both private and public messages in a single e-mail communication; (6) sender control over downstream actions performed in connection with an e-mail message; (7) flexible control over cryptographic methods used to encrypt emails messages for storage.

The present invention concerns application of digital rights management to industrial automation devices including programmable logic controllers (PLCs), I/O devices, and communication adapters. Digital rights management involves a set of technologies for controlling and managing access to device objects and/or programs such as ladder logic programs. Access to automation device objects and/or programs can be managed by downloading rules of use that define user privileges with respect to automation devices and utilizing digital certificates, among other things, to verify the identity of a user desiring to interact with device programs, for example. Furthermore, the present invention provides for secure transmission of messages to and amongst automation devices utilizing public key cryptography associated with digital certificates.

Techniques for enhancing the security of a communication device when conducting a transaction using the communication device may include using a limited-use key (LUK) to generate a transaction cryptogram, and transmitting a token instead of a real account identifier and the transaction cryptogram to an access device to conduct the transaction. The token and the transaction cryptogram can be transmitted to a magnetic stripe reader by generating an emulated magnetic signal. The LUK may be associated with a set of one or more limited-use thresholds that limits usage of the LUK, and the transaction can be authorized based on at least whether usage of the LUK has exceeded the set of one or more limited-use thresholds.

An interface for a private IP network interfaces flows of packets between gateway controllers and external media gateways. It has a network address translator and an IPsec device for maintaining secure paths to the external devices. A path identifier records which of the packet flows corresponds to which path. It is incorporated in the packet header, and means that the same interface can be used to couple many different external gateways, and interface them with many of the gateway controllers. Widespread deployment of such interfaces in anonymisers to achieve hiding of device addresses and network topology, as well as the reduction in use of expensive registered addresses is facilitated. By sending the path identifier in the packet, the IPsec device and the address translator can be loosely coupled devices, so standard readily available devices can be used.

A process for distributing digital still images according to a nominal format, where each image is broken into blocks and macroblocks that depend upon each other by correlation coefficients including analyzing contents of the still images to generate two parts: a) a primary contents in nominal format corresponding to the image as modified by substitution of certain correlation coefficients with coefficients that are of the same type, but which are random, and b) additional digital nature of any format, which includes substituted correlation coefficients and digital data that are likely to allow reconstruction of the modified image; transmitting separately the modified primary contents in real or deferred time and additional digital information in real time at a moment of viewing from a server towards recipient equipment; and calculating a synthesis of contents of the recipient equipment that is in nominal format as a function of the modified primary contents and the additional data.

A local content server system (LCS) for creating a secure environment for digital content is disclosed, which system comprises: a communications port in communication for connecting the LCS via a network to at least one Secure Electronic Content Distributor (SECD), which SECD is capable of storing a plurality of data sets, is capable of receiving a request to transfer at least one content data set, and is capable of transmitting the at least one content data set in a secured transmission; a rewritable storage medium whereby content received from outside the LCS may be stored and retrieved; a domain processor that imposes rules and procedures for content being transferred between the LCS and devices outside the LCS, and a programmable address module which can be programmed with an identification code uniquely associated with the LCS. The LCS is provided with rules and procedures for accepting and transmitting content data. Optionally, the system may further comprise: an interface to permit the LCS to communicate with one or more Satellite Units (SU) which may be connected.