Robert A Jerdonek

US Patent:

7111789, Sep 26, 2006

Filed:

Aug 22, 2002

Appl. No.:

10/225935

Inventors:

Sanguthevar Rajasekaran - Los Altos CA, US
James Reno - Scotts Valley CA, US
Rammohan Varadarajan - Cupertino CA, US
Sanjay Vyas - Sunnyvale CA, US
Robert Jerdonek - Sunnyvale CA, US

Assignee:

Arcot Systems, Inc. - Sunnyvale CA

International Classification:

G06K 7/10

US Classification:

23547201, 23547202, 23547203

Abstract:

Techniques are disclosed to increase the efficiency of multi-party authentication communications protocols. One technique includes a four party authentication method utilizing a general authenticator to store and provide a credit card authentication password and other payment information to an issuing bank and/or other parties involved in the transaction. Other techniques include the use of skeleton messages to minimize the forwarding of information through a forwarding party, the elimination of redundant communications exchanges, the use of a merchant appliance hardware solution to minimize system integration difficulties, and/or the imposition of credit card constraints. The techniques may be used singly or in combination.

US Patent:

7181762, Feb 20, 2007

Filed:

Jun 28, 2001

Appl. No.:

09/896163

Inventors:

Robert A. Jerdonek - Sunnyvale CA, US

Assignee:

Arcot Systems, Inc. - Santa Clara CA

International Classification:

G06F 1/26

US Classification:

726 2

Abstract:

A computer program product for a client computing system including a processor includes code that directs the processor to request a challenge from a authentication server, code that directs the processor to receive the challenge from the authentication server via a first secure communications channel, the challenge comprising an identity code, code that directs the processor to receive user authentication data from a user, code that directs the processor to determine a private key and a digital certificate in response to the user authentication data, code that directs the processor to form a digital signature in response to the identity code and the private key, code that directs the processor to communicate the digital signature to the authentication server, code that directs the processor to communicate the digital certificate to the authentication server, the digital certificate comprising a public key in an encrypted form, and code that directs the processor to communicate network user authentication data and the identity code to the authentication server via a security server, wherein the authentication server activates the identity code when the digital signature is verified, and wherein the codes reside on a tangible media.

US Patent:

7418728, Aug 26, 2008

Filed:

Mar 17, 2004

Appl. No.:

10/803457

Inventors:

Robert Jerdonek - Sunnyvale CA, US

Assignee:

Arcot Systems, Inc. - Sunnyvale CA

International Classification:

G06F 7/04

US Classification:

726 5, 713168, 713171

Abstract:

In a cryptographic system, the unlocking of secret keys on a user system is audited and correlated with other events that typically occur after the secret key is used to perform a cryptographic operation. Audit evidence of secret key cryptographic operations is recorded for later review and/or analysis, for use as stored evidence of unauthorized activity and/or for use in refuting false claims of repudiation of authorized activity. Some systems might also provide users with user activity reports that can alert a user to suspicious or unauthorized activity using that user's access.

US Patent:

7711122, May 4, 2010

Filed:

Mar 8, 2002

Appl. No.:

10/093881

Inventors:

Robert Allen - Palo Alto CA, US
Robert A. Jerdonek - Sunnyvale CA, US
John Wang - Sunnyvale CA, US
Tom Wu - Mountain View CA, US

Assignee:

Arcot Systems, Inc. - Santa Clara CA

International Classification:

H04L 9/08
H04L 9/32

US Classification:

380286, 380277, 380278, 380282, 713171

Abstract:

A key management system includes secured data stored on a first system secured by a control key stored securely on a key server. The secured data is secured against attacks such as unauthorized use, modification or access, where authorization to access the secured data is determined by knowledge of an access private key of an access key pair. When an authorized user is to access the secured data, the first system generates a request to the key server, signed with the access private key, wherein the request is for a decryption control key and the request includes a one-time public key of a key pair generated by the first system for the request. The first system can decrypt the decryption control key from the response, using a one-time private key. The first system can then decrypt the secured data with the decryption control key remaining secured in transport.

US Patent:

8290165, Oct 16, 2012

Filed:

Mar 12, 2010

Appl. No.:

12/723480

Inventors:

Robert Allen - Palo Alto CA, US
Robert A. Jerdonek - Sunnyvale CA, US
John Wang - Sunnyvale CA, US
Tom Wu - Mountain View CA, US

Assignee:

CA, Inc. - Islandia NY

International Classification:

H04L 9/00

US Classification:

380278, 380277, 380279, 726 2, 726 3, 726 4, 726 5

Abstract:

A key management system includes secured data stored on a first system secured by a control key stored securely on a key server. The secured data is secured against attacks such as unauthorized use, modification or access, where authorization to access the secured data is determined by knowledge of an access private key of an access key pair. When an authorized user is to access the secured data, the first system generates a request to the key server, signed with the access private key, wherein the request is for a decryption control key and the request includes a one-time public key of a key pair generated by the first system for the request. The first system can decrypt the decryption control key from the response, using a one-time private key. The first system can then decrypt the secured data with the decryption control key remaining secured in transport.

US Patent:

20020095507, Jul 18, 2002

Filed:

Jun 28, 2001

Appl. No.:

09/896560

Inventors:

Robert Jerdonek - Sunnyvale CA, US

International Classification:

G06F015/16
H04L009/00

US Classification:

709/229000, 713/168000, 713/201000

Abstract:

A method for communicating passwords includes receiving at a server a challenge from a authentication server via a first secure communications channel, the challenge comprising a random password that is inactive, communicating the challenge from the server to a client computer via a second secure communications channel, receiving at the server a challenge response from the client computer via the second secure communications channel, the challenge response comprising a digital certificate and a digital signature, the digital certificate including a public key in an encrypted form, the digital signature being determined in response to the random password and the private key, and communicating the challenge response from the server to the authentication server via the first secure communications channel, wherein the random password is activated when the authentication server verifies the challenge response.

US Patent:

20050228999, Oct 13, 2005

Filed:

Mar 24, 2005

Appl. No.:

11/090329

Inventors:

Robert Jerdonek - Sunnyvale CA, US
Thomas Wu - Mountain View CA, US

Assignee:

Arcot Systems, Inc. - Santa Clara CA

International Classification:

H04L009/00

US Classification:

713176000

Abstract:

A computer-readable medium having stored thereon computer-executable instructions for implementing a method of verifying a digitally-signed document includes stored instruction for verifying a digital signature related to the document, stored instruction for validating at least one certificate associated with the signature, and stored instruction for storing audit information into a data structure movable as a unit. The audit information relates to verifying the digital signature and validating the at least one certificate, thereby retaining evidence that the document was verified. The instructions further include stored instruction for thereafter displaying the audit information.

US Patent:

20090034735, Feb 5, 2009

Filed:

Aug 25, 2008

Appl. No.:

12/197353

Inventors:

Robert Jerdonek - Sunnyvale CA, US

Assignee:

Arcot Systems, Inc. - Sunnyvale CA

International Classification:

H04L 9/06

US Classification:

380277

Abstract:

In a cryptographic system, the unlocking of secret keys on a user system is audited and correlated with other events that typically occur after the secret key is used to perform a cryptographic operation. Audit evidence of secret key cryptographic operations is recorded for later review and/or analysis, for use as stored evidence of unauthorized activity and/or for use in refuting false claims of repudiation of authorized activity. Some systems might also provide users with user activity reports that can alert a user to suspicious or unauthorized activity using that user's access.