1
Todd D Graham, Jonathan C Hudson: Dynamic file access control and management. RSA Security, BainwoodHuang, February 9, 2010: US07660902 (284 worldwide citation)

A dynamic file access control and management system and method in accordance with the present invention may be a proxy file management system that includes one or more file system proxy servers that provide selective access and usage management to files available from one or more file systems or sou ...


2
John G Brainard, Burton S Kaliski Jr, Ronald L Rivest: Method and apparatus for performing enhanced time-based authentication. RSA Security, BainwoodHuang, April 22, 2008: US07363494 (225 worldwide citation)

A time-based method for generating an authentication code associated with an entity uses an authentication code generated from a secret, a dynamic, time-varying variable, and the number of previous authentication code generations within the particular time interval. Other information such as a perso ...


3
James W O Toole Jr: Methods and apparatus for selecting a server to process a request. Cisco Technology, BainwoodHuang, January 15, 2008: US07320131 (208 worldwide citation)

The invention is directed to techniques for selecting a resource from several resources to process a request from a client. A client sends the request to a data communications device (e.g., network device or switch), which measures usage information from usage meters associated with each resource (e ...


4
Markus Jakobsson, Ari Juels, Burton S Kaliski Jr: Identity authentication system and method. RSA Security, BainwoodHuang, March 10, 2009: US07502933 (199 worldwide citation)

A method and system for generating an authentication code that depends at least in part on a dynamic value that changes over time, an event state associated with the occurrence of an event, and a secret associated with an authentication device. By generating the authentication code responsive to an ...


5
Anthony J Monteiro: Methods and apparatus for providing domain name service based on a client identifier. Cisco Technology, BainwoodHuang, June 5, 2007: US07228359 (179 worldwide citation)

A content distribution system has a DNS server which is configured to provide DNS responses in response to DNS requests, and a device which interconnects between a client and the DNS server. The device includes an interface which communicates with the client, and a controller coupled to the interfac ...


6
Burton S Kaliski: Server-assisted regeneration of a strong secret from a weak secret. RSA Security, BainwoodHuang, April 15, 2008: US07359507 (177 worldwide citation)

Methods for regenerating a strong secret for a user, based on input of a weak secret, such as a password, are assisted by communications exchanges with a set of independent servers. Each server holds a distinct secret value (i.e., server secret data). The strong secret is a function of the user's we ...


7
William M Duane, Peter Röstin: System and method for certificate exchange. RSA Security, BainwoodHuang, December 2, 2008: US07461250 (171 worldwide citation)

In an embodiment of a system and method according to the present invention, a chain of one or more certificates certifying a principal's public key is exchanged for a single substitute certificate. The substitute certificate is used as a replacement for the certificate chain. The substitute certific ...


8
Ari Juels, Madhu Sudan: Order invariant fuzzy commitment system. RSA Security, BainwoodHuang, October 13, 2009: US07602904 (171 worldwide citation)

A system provides an order-invariant fuzzy commitment scheme. In an exemplary embodiment, the scheme includes receiving a first set of elements and selecting a polynomial for encoding an item under the first set of elements to generate an order-invariant fuzzy commitment of the item. The system util ...


9
John G Brainard, Burton S Kaliski Jr, Magnus Nyström, Ronald L Rivest: System and method for authentication seed distribution. RSA Security, BainwoodHuang, March 10, 2009: US07502467 (170 worldwide citation)

In one embodiment of a user authentication system and method according to the invention, a device shares a secret, referred to as a master seed, with a server. The device and the server both derive one or more secrets, referred to as verifier seeds, from the master seed, using a key derivation funct ...


10
Ari Juels: Targeted delivery of informational content with privacy protection. RSA Security, BainwoodHuang, December 30, 2008: US07472093 (159 worldwide citation)

A system and method for enabling use of detailed consumer profiles for the purposes of targeted information delivery while protecting these profiles from disclosure to information providers or hostile third parties are disclosed herein. Rather than gathering data about a consumer in order to decide ...