公开(公告)号：US20210133067A1

公开(公告)日：2021-05-06

申请号：US17088079

申请日：2020-11-03

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Cristian Radu ,  Mehdi Collinge ,  Omar Laazimani

IPC: G06F11/30 ,  H04L9/32 ,  G06F9/54 ,  G06F9/50

Abstract: A method is described of monitoring a service performed at a computing node. The computing node is one of a plurality of computing nodes in a distributed computing system. Each computing node is adapted to perform at least one service for clients. A monitoring process is adapted to monitor a service process performing the process. In the method, the monitoring process monitors the service process on performance of the service. The monitoring service then provides monitoring information to a monitoring process for another service process. A suitable computing node for performing the service is described, as is a coordinated monitoring service for supporting multiple monitoring services.

公开(公告)号：US20230370451A1

公开(公告)日：2023-11-16

申请号：US17584671

申请日：2020-06-30

Applicant: Mastercard International Incorporated

Inventor： Mehdi Collinge ,  Omar Laazimani

IPC: H04L9/40

CPC classification number: H04L63/0876 ,  H04L63/12 ,  H04L2463/081

Abstract: A method of maintaining a secure relationship between a client device and a server is described. The client device receives a first challenge from the server and determines and provides a first response to the first challenge. A cookie is established associated with the secure relationship. This cookie is shared between the client and the server. To establish the secure relationship in a later interaction, the client provides the cookie to the server. The server then provides both the first challenge and a second challenge, to which the client determines a first response and a second response. The client then provides a composite response from which the first response and the second response are derivable by the server, allowing the server to be assured that the secure relationship exists. Each challenge uses a challenge function adapted to provide a fingerprint of the client device. Methods at both client and server, and suitably configured client and server, are also described.

公开(公告)号：US20230164122A1

公开(公告)日：2023-05-25

申请号：US17802515

申请日：2021-02-17

Applicant: Mastercard International Incorporated

Inventor： Mehdi Collinge ,  Omar Laazimani ,  Alan Johnson

IPC: H04L9/40 ,  H04L9/08

CPC classification number: H04L63/0428 ,  H04L9/0819

Abstract: Communication of information relating to an event is described, where the information is contained in a data field. Methods of communicating and obtaining the information are described, together with suitable apparatus for performing these methods. One or more elements of information relating to the event are obtained and used to determine a cryptographic record of the event. A first set of places in the data field are filled by a combination of some or all of each of the elements together with time information associated with the event. The cryptographic record is used to fill a second set of places in the data record. On reception of a message including the data field, the data field can be resolved into the first set of places and the second set of places. The time information associated with the event can then be determined and used to establish the whole or partial elements of information that were combined with the time information to fill the first set of places. Whole elements of information are then established from any partial elements. When these elements are all established, they can be used to calculate cryptographic record data which can be matched against the cryptographic record from the second set of places in the data field to determine that the elements of information are correct.

公开(公告)号：US20230327863A1

公开(公告)日：2023-10-12

申请号：US18042961

申请日：2021-07-22

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Mehdi Collinge ,  Alan Johnson ,  Omar Laazimani

IPC: H04L9/08 ,  H04L9/14 ,  H04L9/06 ,  H04L9/32

CPC classification number: H04L9/0861 ,  H04L9/14 ,  H04L9/0618 ,  H04L9/3242

Abstract: A method of providing a secure service at a computing node is described. The secure service is for a requesting party external to the computing node. The following steps take place at the computing node. A service request is received from the requesting party. This service request comprises a request to generate a credential. The credential is then generated, and service-related information is obtained. The credential and the service-related information are encrypted using an encryption process to form an encrypted message part. A service-identifying clear message part is also created, and a message is sent comprising the clear message part and the encrypted message part to the requesting party. Methods of using such a message to validate the credential, and of using such a message to confirm the integrity of service-related information held in the message, are also described, as is computing apparatus adapted to carry out one or more of these methods.

公开(公告)号：US20220329409A1

公开(公告)日：2022-10-13

申请号：US17616533

申请日：2020-04-22

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Mehdi Collinge ,  Omar Laazimani ,  Cristian Radu

IPC: H04L9/08 ,  H04L9/32

Abstract: A method is described of managing service events in a distributed computing system. The distributed computing system comprises a plurality of computing nodes able to perform a service using a service process. The method takes place at one of the computing nodes. A service event is received or created. This service event is identified by a combination of a node identifier, a time element, and a local counter value. The local counter value represents a number of service events performed by a service process for a user since a last reset. The identified service event is then stored in a service process database according to node identifier and local counter values. The service process database is used to manage service events in the distributed system. Service events are removed from the service process database when no longer valid using the time element

公开(公告)号：US20250007713A1

公开(公告)日：2025-01-02

申请号：US18761652

申请日：2024-07-02

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Cristian Radu ,  Mehdi Collinge ,  Omar Laazimani

IPC: H04L9/32 ,  G06F9/50 ,  G06F9/54 ,  G06F11/30 ,  H04L9/40

Abstract: A method is described of monitoring a service performed at a computing node. The computing node is one of a plurality of computing nodes in a distributed computing system. Each computing node is adapted to perform at least one service for clients. A monitoring process is adapted to monitor a service process performing the process. In the method, the monitoring process monitors the service process on performance of the service. The monitoring service then provides monitoring information to a monitoring process for another service process. A suitable computing node for performing the service is described, as is a coordinated monitoring service for supporting multiple monitoring services.

公开(公告)号：US12052361B2

公开(公告)日：2024-07-30

申请号：US17088079

申请日：2020-11-03

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Cristian Radu ,  Mehdi Collinge ,  Omar Laazimani

IPC: H04L29/06 ,  G06F9/50 ,  G06F9/54 ,  G06F11/30 ,  H04L9/32 ,  H04L9/40

CPC classification number: H04L9/32 ,  G06F9/5072 ,  G06F9/546 ,  G06F11/3006 ,  H04L9/3242 ,  H04L63/12

Abstract: A method is described of monitoring a service performed at a computing node. The computing node is one of a plurality of computing nodes in a distributed computing system. Each computing node is adapted to perform at least one service for clients. A monitoring process is adapted to monitor a service process performing the process. In the method, the monitoring process monitors the service process on performance of the service. The monitoring service then provides monitoring information to a monitoring process for another service process. A suitable computing node for performing the service is described, as is a coordinated monitoring service for supporting multiple monitoring services.

公开(公告)号：US11997190B2

公开(公告)日：2024-05-28

申请号：US17616303

申请日：2020-04-22

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Mehdi Collinge ,  Omar Laazimani

IPC: H04L9/08 ,  H04L9/32 ,  H04L9/40

CPC classification number: H04L9/0819 ,  H04L9/085 ,  H04L9/0858 ,  H04L9/0861 ,  H04L9/32 ,  H04L63/06

Abstract: A computing node in a distributed information security system, wherein the computing node is adapted to communicate with a subset of clients of the distributed information security system, wherein the computing node provides at least one cryptographic service for the clients of the subset, wherein the computing node is provisioned with a plurality of keys for use by said at least one cryptographic service, wherein the computing node is adapted to associate a key from the plurality of keys to a service request for a client according to a deterministic process based on one or more data associated with the client. A distributed information security system comprising a plurality of such nodes is also described, together with a method of providing a cryptographic service at such a computing node.

公开(公告)号：US12273342B2

公开(公告)日：2025-04-08

申请号：US17584671

申请日：2020-06-30

Applicant: Mastercard International Incorporated

Inventor： Mehdi Collinge ,  Omar Laazimani

IPC: H04L9/00 ,  H04L9/40

Abstract: A method of maintaining a secure relationship between a client device and a server is described. The client device receives a first challenge from the server and determines and provides a first response to the first challenge. A cookie is established associated with the secure relationship. This cookie is shared between the client and the server. To establish the secure relationship in a later interaction, the client provides the cookie to the server. The server then provides both the first challenge and a second challenge, to which the client determines a first response and a second response. The client then provides a composite response from which the first response and the second response are derivable by the server, allowing the server to be assured that the secure relationship exists. Each challenge uses a challenge function adapted to provide a fingerprint of the client device. Methods at both client and server, and suitably configured client and server, are also described.

公开(公告)号：US12155753B2

公开(公告)日：2024-11-26

申请号：US17616533

申请日：2020-04-22

Applicant: MASTERCARD INTERNATIONAL INCORPORATED

Inventor： Mehdi Collinge ,  Omar Laazimani ,  Cristian Radu

IPC: H04L9/08 ,  H04L9/32

Abstract: A method is described of managing service events in a distributed computing system. The distributed computing system comprises a plurality of computing nodes able to perform a service using a service process. The method takes place at one of the computing nodes. A service event is received or created. This service event is identified by a combination of a node identifier, a time element, and a local counter value. The local counter value represents a number of service events performed by a service process for a user since a last reset. The identified service event is then stored in a service process database according to node identifier and local counter values. The service process database is used to manage service events in the distributed system. Service events are removed from the service process database when no longer valid using the time element.