1
Tatu Ylonen, Tero Kivinen: Method and arrangement for secure tunneling of data between virtual routers. SSH Communications Security, Ronald Craig Fish, Ronald Craig Fish A Law Corporation, August 20, 2002: US06438612 (278 worldwide citation)

Data packets are communicated between a transmitting virtual router in a transmitting computer device and a receiving virtual router in a receiving computer device. A security association is established for the secure transmission of data packets between the transmitting computer device and the rece ...


2
Pekka Nikander, Tatu Ylonen: Method and arrangement for implementing IPSEC policy management using filter code. SSH Communications Security, Ronald C Fish, Falk & Fish, June 26, 2001: US06253321 (151 worldwide citation)

A data processing system implements a security protocol based on processing data in packets. The data processing system comprises processing packets for storing filter code and processing data packets according to stored filter code, and a policy managing function for generating filter code and comm ...


3

4
Niko Haatainen, Tero Kivinen, Jussi Kukkonen, Tatu Ylönen: Method for intercepting network packets in a computing device. SSH Communications Security, Ronald Craig Fish, Ronald Craig Fish A Law Corporation, January 13, 2004: US06678734 (100 worldwide citation)

A method is provided for intercepting network packets in a computer system, where a number of functions are used to communicate network packets between a network adapter and a protocols entity. A first network adapter and a first protocols entity installed in the computer system are identified. A se ...


5
Tero Kivinen, Tatu Ylonen: Method and arrangement for providing security through network address translations using tunneling and compensations. SSH Communications Security, Ronald Craig Fish A Law, October 18, 2005: US06957346 (60 worldwide citation)

This invention provides a method for providing network security services, such as those provided by the IPSEC protocol, through network address translation (NAT). The method is based on determining the transformations that occur on a packet and compensating for the transformations. Because only TCP ...


6
Tero Kivinen, Tomi Kause: Method for producing certificate revocation lists. SSH Communications Security Corporation, Ronald Craig Fish A Law Corporation, April 8, 2008: US07356693 (6 worldwide citation)

The practical benefit of the inventive idea results from an assumption that typically, the operational subCAs will not get compromised. Assuming this, a a batch of revocation lists manifesting no revocations can be generated and signed. These pregenerated CRLs (root CRLs) can then be stored outside ...


7
YLÖNEN Tatu J: [fr] GESTION DACCÈS AUTOMATISÉ, DE CLÉ, DE CERTIFICAT ET DE JUSTIFICATIF DIDENTITÉ, [en] AUTOMATED ACCESS, KEY, CERTIFICATE, AND CREDENTIAL MANAGEMENT. SSH COMMUNICATIONS SECURITY OYJ, PAPULA OY, June 27, 2013: WO/2013/093209 (3 worldwide citation)

[en] Certain embodiments provide means for managing automated access to computers, e.g., using SSH user keys and other kinds of trust relationships. Certain embodiments also provide for managing certificates, Kerberos credentials, and cryptographic keys. Certain embodiments provide for remediating l ...


8
Tatu J Ylonen: Automated access, key, certificate, and credential management. SSH Communications Security OYJ, Banner & Witcoff, December 6, 2016: US09515999 (2 worldwide citation)

Certain embodiments provide means for managing automated access to computers, e.g., using SSH user keys and other kinds of trust relationships. Certain embodiments also provide for managing certificates, Kerberos credentials, and cryptographic keys. Certain embodiments provide for remediating legacy ...


9
Haatainen Niko, Kivinen Tero, Kukkonen Jussi, Ylonen Tatu: Methode dintercepion de paquets de reseau dans un dispositif informatique, A method for intercepting network packets in a computing device. Ssh Communications Security, Safenet, Mccarthy Tetrault, August 17, 2010: CA2325652 (2 worldwide citation)

A method is provided for intercepting network packets in a computer system, wherea number of functions are used to communicate network packets between a networkadapter and a protocols entity. A first network adapter and a first protocols entity installed in the computer system are identified. A set ...


10
Tatu Ylönen: Access relationships in a computer system. SSH COMMUNICATIONS SECURITY OYJ, Robert P Michal Esq, Carter DeLuca Farrell & Schmidt, August 1, 2017: US09722987 (1 worldwide citation)

Various mechanisms can be used for authorizing access between entities in a computing environment. Configuring such access may involve configuration data stored on one or more of the computing devices or stored externally to the computing devices. Various aspect are disclosed herein for collecting, ...