Intellect-Partners

Category: Others

Categories
Computer Science Electronics Others

Revitalization Partners Sues Google and YouTube for Patent Infringement

Arriving at an essential achievement in its four-year venture as the court-appointed receiver for pioneering digital information and advertising organization AudienceScience Inc., Seattle-based Revitalization Partners has recorded suit against Google LLC and YouTube LLC for infringing on three of the licenses held by the receivership and the previous organization’s estate.

Revitalization Partners, for AudienceScience, claims that both Google and YouTube infringe upon the innovations of AudienceScience by choosing and assigning which advertising messages are incorporated when a client requests a web page. The intellectual property litigation is trusted to be the first-ever that a state receiver-initiated. Revitalization Partners at first found the patents after AudienceScience stopped everyday organization operations in 2017.

AudienceScience invented and licensed a significant number of the fundamental advancements utilized across the digital advertising industry today. Among its developments: the industry’s first behavioral targeting product, empowering publishers all through the world to serve more significant advertising based on both user history and page context. This advancement started the empowerment of advertisers to purchase highly targeted digital media.

Revitalization Partners co-founder and principal Al Davis said his firm found approximately 32 AudienceScience patents in the wake of being delegated by the court to deal with the receivership cycle. Working with Pat Scanlon, head of RP’s advanced business practice, the firm started developing a methodology to adapt the worth of those proprietary techs to fulfill creditor obligations. The suit against Google and YouTube addresses the first of those legal actions.

Mr. Davis said, “As we did our due diligence, we quickly recognized how the patents were being infringed upon by two of the largest and most influential companies in the online world. Now that we’ve received the necessary approvals from the Washington State receivership court to pursue litigation, we are in a position to execute and potentially recover a significant amount of value for creditors using these and other patents.”

Revitalization Partners involved in Silicon Valley IP patent case lead counsel Robert Kramer of the Feinberg Day Kramer Alberti Lim Tonkovich and Belloli LLP firm to represent the firm in the case against Google and YouTube, alongside local counsel The Dacus Firm in Tyler, Texas.

Categories
Others

Announcement: We are now ISO 27001:2013 (ISO 27001)

Announcement: ISO 27001:2013 (ISO 27001)

We are delighted to share our latest security update to our phenomenal clients, outstanding partners, and extraordinary team at Intellect Partners: we’ve completed our ISO 27001:2013 certification for our information security management system and related practices following an extensive independent external audit.

Intellect Partners will undergo this audit annually and use it, along with other compliance system prerequisites, to drive continual improvement for our information security posture. This certification is significant to the company’s clients and partners as it decides the ability of the organization’s Information Security Management System (ISMS) to meet applicable statutory, administrative, and authoritative necessities

What is ISO/IEC 27001:2013 (ISO 27001)?

ISO/IEC 27001:2013 (ISO 27001) is a global standard that helps administrations manage the security of their information resources. It also provides a management framework for implementing an ISMS (information security management system) to ensure the integrity, confidentiality, and availability of all corporate information (such as financial information, intellectual property, employee details, or information managed by any third party). It applies a risk management system which means organizations have the ability to manage risk.

What does this mean for our clients?

We value the privacy and security of your information and have executed sophisticated security measures to protect it. We want our customers to depend on and fully trust our technology and services.

The ISO 27001 certificate is a proof that Intellect Partners has properly executed all security processes and organizational structures needed. Benefits of working with us include:

Risk management: An ISMS helps govern who inside an organization can access specific data, decreasing the risk that said data can be taken or compromised in any way.

Information security: An ISMS contains information management protocols specifying how specific data needs to be dealt with and transferred across.

Business continuity: A service provider’s ISMS must be continuously tested and improved upon to remain ISO 27001 compliant. This helps prevent data breaches that could affect your center’s business capacities drastically.

Improved processes: To have well-defined processes, quick turnaround times, and quick resolution of problematic areas. The ISO 27001 certification assists us with turning out to be more streamlined in this manner helping you.

Improving the security of important assets: We have generally prioritized the security of clients’ data. The certification guarantees we secure our clients’ data against potential cyber-attacks or frauds.

Advancing trust and transparency: In a world tormented by daily cybersecurity threats, we’ve always promoted transparency among our clients. The ISO 27001 guarantees we meet the highest security standards so that our clients can relax.

Improved strategies developed for data security: Leading up to our ISO 27001 certification, qualified data security experts have evaluated our security practices. As a follow-up, we supported our security processes with industry-based practices to effectively moderate any potential breach. This practice has helped us refine the documentation into plainly characterized safety measures circulated across the board.

Consistent risk observations: ISO-compliant ISMS Implementation helped reinforce stringent policies to protect data no matter where it is located. The implementation empowered us to develop action items to handle possible threats. We further plan to set up routine leadership checks on the working of the ISMS and make changes depending on the situation.

A milestone for us as well as for your information

The ISO 27001 certificate is the result of enormous efforts. We constantly challenge ourselves to improve our service and deliver significant levels of safety and information protection standards that address or surpass the issues and expectations for our clients.

By adhering to these worldwide standards, Intellect Partners vows to offer enhanced information security. Intellect Partners acquired this certification after a series of reviews and thorough checks and is committed to maintaining a steady and high-quality security framework. The ISO certification drives the organization to adopt a deliberate methodology in dealing with and securing sensitive information.

Categories
Computer Science Electronics Others

Using Wi-Fi Easy Connect for Setting Up Connected Products

Intro to Wi-Fi Easy Connect

Configuring a Wi-Fi network involves recalling the Wi-Fi credentials – “network name” (SSID) and “password” (PSK) – and entering this information on every new connected product that a user wants to add to their network. As already discussed, this is a process fraught with complexity and prone to many points of failure. Wi-Fi Easy Connect addresses this by allowing a mobile app authorized for the network to introduce a new product onto the network. Wi-Fi Easy Connect aims to do this in a secure way and without disclosing the specific encryption keys of the new product to the mobile app.

Key Components

There are two main roles in the protocol – the Configurator and the Enrollee. Both have been simplified to specifically illustrate the case of a mobile app working with a connected product.

Configurator

This is the mobile app that already has capabilities – and authorization – to provision products on to a network. It may also delegate this role to another device/app, which can then also act as a Configurator. A Configurator can be used to provision both Access Points (APs) and Clients.

Enrollee

The Enrollee is the new product that needs to be provisioned on to a network. It receives authorization from a Configurator to join the network. Both the AP and the client can be an Enrollee.

As an example, the mobile app can be used to set up a new network by configuring the SSID, etc on a new AP. The app can then be used to add a new product – such as a camera – to the network.

Either the Configurator or the Enrollee can initiate the Wi-Fi Easy Connect protocol. The device initiating a protocol is called the Initiator and the device responding is similarly called the Responder. But there are security implications for this as described below.

Overall Protocol Summary

There are four steps in the Wi-Fi Easy Connect – bootstrapping, authentication, provisioning and connectivity. Here is a brief note on each step.

Bootstrapping

Wi-Fi Easy Connect relies heavily on the public-private key pair mechanism. Specifically, the public keys are used for both identification and authentication of all devices. Bootstrapping is the process of setting up the trust – by setting up the public keys – between the mobile app and the product prior to performing the Wi-Fi Easy Connect protocol. This is an out-of-band mechanism that is not mandated by the Wi-Fi Easy Connect specification. Suggestions include QR codes, NFC and even BLE.

As an example, a user can scan a QR code containing the public key of a camera with their mobile app. The mobile app thus can initiate authentication with the camera using this public key and be certain that it is provisioning the correct camera.

Authentication

This step aims to authenticate the mobile app and the product  to each other and prove possession of the private counterparts to the respective public keys. The connected product  is always strongly authenticated because the mobile app is guaranteed to receive the product’s public key (e.g. via QR code). However, mutual authentication – providing the mobile app’s public key to the product – is optional.

Provisioning

This step is always initiated by the connected product and only takes place if authentication was successful. As part of this phase the mobile app provides a Connector to the connected product. This Connector is the credential information used by the connected product to establish connectivity. It is useful to note that the user’s AP can also be similarly provided a Connector by the mobile app when the user first sets up their AP (the mechanism is identical).

Connectivity

This is the final step during which the connected product can use the Connector information to prove to the user’s AP that it has been authorized to join the network. This is always initiated by the connected product. At the end of this step, both the AP and the connected product can successfully communicate with each other.

A Note on WPA3

WPA3 is the latest revision of the Wi-Fi Protected Access security protocol. Wi-Fi Easy Connect and WPA3 are intended to work in conjunction with each other to improve security and ease of use. Here are some important new features:

More secure public hotspots

Today, public hotspots typically do not use encryption and any Wi-Fi traffic over these networks is sent unprotected. Opportunistic Wireless Encryption (OWE) provides a mechanism to encrypt such traffic, improving Wi-Fi security at coffee shops, airports, etc.

More secure individual access

WPA2 uses a mechanism that generates the same encryption keys for all devices on the network. This allows any user on the network to sniff traffic for all devices. WPA3 encrypts traffic of each device with separate keys, preventing such snooping.

Some Security Considerations

While the Wi-Fi Easy Connect was designed to be secure, simply using Wi-Fi Easy Connect does not guarantee security. Here are some things to consider when using Wi-Fi Easy Connect:

Consider whether a public key can be trusted

Bootstrapping is the foundation on which all further authentication is based. So it is critical to have confidence that the public key from the transmitter is from the genuine transmitter. For example, a QR code (containing the public key) can be replaced by an overlaid sticker (with a different public key). BLE bootstrapping can also be similarly vulnerable.

Use mutual authentication where possible

With Wi-Fi Easy Connect, the connected product is always authenticated by the mobile app. But mutual authentication is optional and requires a mechanism to additionally convey the public key of the mobile app to the connected product. This additional step adds complexity but substantially improves security. Without this, the connected product can only weakly authenticate the mobile app.

Compatibility

In order to use Wi-Fi Easy Connect, both the mobile app and the connected product must support Wi-Fi Easy Connect. Products that support Wi-Fi Easy Connect are backwards-compatible with legacy devices (APs, clients). The mobile app is capable of passing legacy SSID and PSK information to the connected product – allowing it to join a legacy AP – as long as the mobile app has this information.

This raises some particularly tricky corner cases, and care must be taken not to leave the user stranded. ZipKey is compatible with both WPA3 and Easy Connect and provides an elegant way to cover the corner cases as well as a secure way to bootstrap Wi-Fi Easy Connect.