Securing temporal digital communications via authentication and validation for wireless user and access devices with securitized containers

US 10,650,139 B2
Filed: 12/17/2018
Issued: 05/12/2020
Est. Priority Date: 06/12/2017
Status: Active Grant

First Claim

Patent Images

1. A system for using one or more securitized software container management devices, comprising:

one or more securitized software container management devices further comprising at least one computer processing unit (CPU) with computational capabilities that is connected to and controls a computer memory via an address bus and a data bus where said address bus accesses a designated range of computer memories and range of memory bits and said data bus provides a flow of transmission(s) into and out of said CPU and computer memory,at least one control plane, at least one trust plane, and at least one software container, wherein controller logic that exists within said control plane transfers signals along a single path to said trust plane or to said software container, or both said trust plane and said software container, and wherein said signals continue traveling through said control plane to said trust plane or said software container, or both said trust plane and said software container, and wherein said signals are securitized or encrypted, or both securitized and encrypted either before, or as, said signals are entering said at least one software container;

wherein said system for using said one or more securitized software container management devices is combined with one or more access devices or one or more user devices, or both one or more access devices and one or more user devices further comprising;

at least one computer processing unit (CPU) with computational capabilities that is connected to and controls a computer memory via an address bus and a data bus where said address bus accesses a designated range of computer memories and range of memory bits and said data bus provides a flow of transmission(s) into and out of said CPU and computer memory;

one or more real or one or more virtual master distributed auto-synchronous array (DASA) databases or both one or more real and one or more virtual master distributed auto-synchronous array (DASA) databases located within or external to said access devices and said user devices, where said master (DASA) databases at least store and retrieve data and also include at least two or more partial distributed auto-synchronous array (DASA) databases, wherein said partial DASA databases function in either an independent manner, a collaborative manner or both an independent manner and a collaborative manner, and wherein said master and said partial DASA databases for configure bi-directional transmission of data to and from multiple partial user devices, to and from multiple partial access devices or to and from both multiple partial user and multiple partial access devices, wherein said user devices and said access devices are computing devices, wherein one or more partial user and one or more partial access devices store and provide at least partial copies of portions of said master DASA databases, and wherein said master DASA databases, said partial DASA databases or both said partial DASA databases and said master DASA databases are linked and communicate with each other as well as inclusion of one or more logging and monitoring databases that provide statistical and numerical calculations utilizing data, wherein said one or more access devices authenticate using a first set of computing operations, and validate using a second set of computing operations, and wherein a third set of computing operations controls access for a specified set of users, wherein said computing operations define rules utilized to provide logic with regard to communications between said master and said partial DASA databases and said partial user and said partial access devices.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An access control system that protects signals between one or more secure databases for various user devices to ensure proper entrance or access into secure locations by approved personnel only that utilize one or more securitized container devices. These container devices may be software containers and either real or virtual devices. Specific methods and devices for securing (primarily digital and normally two-way) communications using applications that combine securing communications for wireless/cellular phones with personnel access card readers for entry into secure locations are also described. These combined communication and access devices require using specific encryption techniques impossible to corrupt and essential to denying fraudulent or otherwise unauthorized personnel the ability to enter or access security protected devices or locations. These securitized container devices utilize both a control and trust plane for ensuring that communication signals transmitted from and data residing within these containers are not corruptible.

43 Citations

20 Claims

1. A system for using one or more securitized software container management devices, comprising:
- one or more securitized software container management devices further comprising at least one computer processing unit (CPU) with computational capabilities that is connected to and controls a computer memory via an address bus and a data bus where said address bus accesses a designated range of computer memories and range of memory bits and said data bus provides a flow of transmission(s) into and out of said CPU and computer memory,at least one control plane, at least one trust plane, and at least one software container, wherein controller logic that exists within said control plane transfers signals along a single path to said trust plane or to said software container, or both said trust plane and said software container, and wherein said signals continue traveling through said control plane to said trust plane or said software container, or both said trust plane and said software container, and wherein said signals are securitized or encrypted, or both securitized and encrypted either before, or as, said signals are entering said at least one software container;
  
  wherein said system for using said one or more securitized software container management devices is combined with one or more access devices or one or more user devices, or both one or more access devices and one or more user devices further comprising;
  
  at least one computer processing unit (CPU) with computational capabilities that is connected to and controls a computer memory via an address bus and a data bus where said address bus accesses a designated range of computer memories and range of memory bits and said data bus provides a flow of transmission(s) into and out of said CPU and computer memory;
  
  one or more real or one or more virtual master distributed auto-synchronous array (DASA) databases or both one or more real and one or more virtual master distributed auto-synchronous array (DASA) databases located within or external to said access devices and said user devices, where said master (DASA) databases at least store and retrieve data and also include at least two or more partial distributed auto-synchronous array (DASA) databases, wherein said partial DASA databases function in either an independent manner, a collaborative manner or both an independent manner and a collaborative manner, and wherein said master and said partial DASA databases for configure bi-directional transmission of data to and from multiple partial user devices, to and from multiple partial access devices or to and from both multiple partial user and multiple partial access devices, wherein said user devices and said access devices are computing devices, wherein one or more partial user and one or more partial access devices store and provide at least partial copies of portions of said master DASA databases, and wherein said master DASA databases, said partial DASA databases or both said partial DASA databases and said master DASA databases are linked and communicate with each other as well as inclusion of one or more logging and monitoring databases that provide statistical and numerical calculations utilizing data, wherein said one or more access devices authenticate using a first set of computing operations, and validate using a second set of computing operations, and wherein a third set of computing operations controls access for a specified set of users, wherein said computing operations define rules utilized to provide logic with regard to communications between said master and said partial DASA databases and said partial user and said partial access devices.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18)
- - 2. The system of claim 1, wherein use of a software container occurs after securitization and encryption is complete in which a software container'"'"'s function in developing a software application is completed in a secure manner.
  - 3. The system of claim 2, wherein as said securitized software container management devices are created and subsequently discarded, and wherein statistics involving all securitization and encryption data at rest and data in transit is monitored, thereby leading to full comprehension regarding notification when a securitized software container management device and system is used.
  - 4. The system of claim 1, wherein access control devices of said system further operate by transmission of a credential identifier to an access control server when said access control devices are determined to be operating, a local authentication processor configured to authenticate said credential identifier against entries of one or more keys existing within tables when an access control system is determined to be operating and a input/output processor configured to send a signal to a secured area when said credential identifier has been successfully authenticated;
    - wherein a communication transceiver includes an interface to serve second data that can be displayed to both an user external to said access control devices and displayed on said access control devices themselves.
  - 5. The system of claim 4, wherein data is transmitted to a secured area such that said data is transmitted and received by a cellular phone.
  - 6. The system of claim 4, wherein if access is allowed, a user'"'"'s device provides use of oral, visual, or text data on a display, as a message that indicates a match so that an user is allowed access.
  - 7. The system of claim 6, wherein if access is denied, said user'"'"'s device provides use of an oral, visual, or text data on a display as a message of denial of said match indicating that said user is denied access.
  - 8. The system of claim 7, wherein denial of said match causes an encryption application on said user'"'"'s device to be removed and wherein to ensure that master keys in a user table are secured, a new master key in said user table is generated either via a signal from said user'"'"'s device to one or more secured encryption databases or via a signal from a key management system to said one or more secured encryption databases.
  - 9. The system of claim 1, wherein a key management system is a system that provides one or more keys for encryption or decryption or both encryption and decryption as required by said securitized software container management devices.
  - 10. The system of claim 1, wherein said securitized software container management devices control access to an enclosed area from a group consisting of a building, a room within a building, a cabinet, a parking lot, a fenced-in region, and an elevator.
  - 11. The system of claim 1, further comprising a signal converter coupled to a communications processor that receives and transmits data as signals, wherein said communications processor is agnostic to a communication protocol of an access control server that is also a portion of said securitized software container management devices.
  - 12. The system of claim 11, wherein said signal converter is agnostic to a communication protocol of a local authentication processor.
  - 13. The system of claim 12, wherein said signal converter interfaces with a plurality of access controllers.
  - 14. The system of claim 13, wherein a communication transceiver is provided for said partial user device or said partial access device or both and includes at least one of the group consisting of;
    - a serial interface, a TCP/IP interface, an IEEE 802.11 interface, an IEEE 802.15.4 interface, and a secure HTTP interface.
  - 15. The system of claim 14, wherein said communication transceiver is configured to transmit a credential identifier to access a control server via a wireless communication link.
  - 16. The system of claim 15, wherein said communication transceiver receives said credential identifier from a radio-frequency identification (RFID) transponder included in an access control card.
  - 17. The system of claim 1, wherein operational modes of said securitized software container management devices include at least one of a synchronous mode and an asynchronous mode.
  - 18. The system of claim 1, wherein data transmitted to an access control server is encrypted and wherein a credential identifier is transmitted to an access control server via a wireless communication link.

19. A system for providing one or more securitized software container management devices, comprisingone or more securitized software container management devices further comprising at least one computer processing unit (CPU) with computational capabilities that is connected to and controls a computer memory via an address bus and a data bus where said address bus accesses a designated range of computer memories and range of memory bits and said data bus provides a flow of transmission(s) into and out of said CPU and computer memory;
- initializing a software container image that is validated and downloaded onto or into at least one software container, wherein a validated program is loaded onto said software container that requires reserve computer resources including one or more input/output interface(s), a memory, and network capabilities where encryption of container-related data at rest or container-related data in transit is implemented by utilizing dynamically changing keys created for each input/output tunnel and/or for each software container utilizing said input/output tunnel that are providing transmissions path(s) for loading software containers with software applications protected by said encryption;
  
  wherein said securitized software container management devices are combined with one or more access devices or one or more user devices, or both one or more access devices and one or more user devices further comprising;
  
  at least one computer processing unit (CPU) with computational capabilities that is connected to and controls a computer memory via an address bus and a data bus where said address bus accesses a designated range of computer memories and range of memory bits and said data bus provides a flow of transmission(s) into and out of said CPU and computer memory;
  
  one or more real or one or more virtual master distributed auto-synchronous array (DASA) databases or both one or more real and one or more virtual master distributed auto-synchronous array (DASA) databases located within or external to said access devices and said user devices, where said master (DASA) databases at least store and retrieve data and also include at least two or more partial distributed auto-synchronous array (DASA) databases, wherein said partial DASA databases function in either an independent manner, a collaborative manner or both an independent manner and a collaborative manner, and wherein said master and said partial DASA databases configure bi-directional transmission of data to and from multiple partial user devices, to and from multiple partial access devices or to and from both multiple partial user and multiple partial access devices, wherein said user devices and said access devices are computing devices, wherein one or more partial user and one or more partial access devices store and provide at least partial copies of portions of said master DASA databases, and wherein said master DASA databases, said partial DASA databases or both said partial DASA databases and said master DASA databases are linked and communicate with each other as well as inclusion of one or more logging and monitoring databases that provide statistical and numerical calculations utilizing data, wherein said one or more access devices authenticate using a first set of computing operations, and validate using a second set of computing operations, and wherein a third set of computing operations controls access for a specified set of users, wherein said computing operations define rules utilized to provide logic with regard to communications between said master and said partial DASA databases and said partial user and said partial access devices.
- View Dependent Claims (20)
- - 20. The system of claim 19, wherein said keys are loaded into or onto software container security portions of said software containers thereby leading to establishment of initial communications tunnels and allowing for validation that security has been implemented.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ironclad Encryption Corp.
Original Assignee
Daniel Maurice Lerner
Inventors
Lerner, Daniel Maurice
Primary Examiner(s)
Holder, Bradley W

Application Number

US16/222,421
Publication Number

US 20190258782A1
Time in Patent Office

512 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/121   Restricting unauthorised ex...

G06F 21/14   against software analysis o...

G06F 21/53   by executing in a restricte...

G06F 21/6218   to a system of files or obj...

G07C 9/00174   Electronically operated loc...

G07C 9/257   electronically G07C9/26 tak...

G07C 9/27   with central registration

H04L 2209/80   Wireless network architectu...

H04L 63/0272   Virtual private networks

H04L 63/0428   wherein the data content is...

H04L 63/0853   using an additional device,...

H04L 63/101   Access control lists [ACL]

H04L 9/0891   Revocation or update of sec...

H04L 9/3231   Biological data, e.g. finge...

H04W 12/0433   Key management protocols

H04W 12/30   Security of mobile devices;...

H04W 12/47   using near field communicat...

H04W 12/63   Location-dependent; Proximi...

Securing temporal digital communications via authentication and validation for wireless user and access devices with securitized containers

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

43 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Securing temporal digital communications via authentication and validation for wireless user and access devices with securitized containers

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

43 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links