Patent Grant
7995758
The present application is related to U.S. patent application Ser. No. 10/699,124, filed Oct. 31, 2003, and entitled “OFFLINE ACCESS IN A DOCUMENT CONTROL SYSTEM”.
The present application describes systems and techniques relating to cryptographic keys, for example, encryption keys used for offline access in a document control system.
Document control systems provide persistent control over access to documents. At a basic level, these systems work by encrypting each document with a cryptographic key and storing the cryptographic key on a server. When a user wishes to access a document, they first authenticate against a server. The server determines if the user has permission to access the specified document and, if so, returns the key needed to open the document. Otherwise, the document remains encrypted and inaccessible.
However, because users are not always online, document control systems typically also provide the option of enabling documents to be accessed when offline. Offline access is accomplished by caching keys on a client machine that can unlock documents that the user is permitted to access. In some systems, a separate key is cached on the client for each document. In other systems, the keys cached on the client may correspond to policies (e.g., company confidential) that grant access to the user or to groups of which the user is a member. The principle behind this approach is that the number of policies or groups in the system is much smaller than the number of documents and, therefore, many fewer keys need to be downloaded from the server and cached on the client, thus offering added scalability. Examples of such systems include those provided by Liquid Machines and Sealed Media.
In addition, many systems also provide re-keying functionality, in which the keys used by the system can be changed in order the limit potential damage in the event that keys are compromised (e.g., a client machine may be infected by a virus that makes the cached keys accessible or a laptop with cached keys may be stolen). Moreover, in various communications systems, such as satellite television systems, virtual private network (VPN) systems and Internet-based Secure Sockets Layer (SSL), encryption keys are periodically re-keyed to limit the value of a compromised key. In such systems, once a key is changed, the old key becomes obsolete.
In general, in one aspect, the invention features a software product that causes one or more data processing apparatus to perform operations including generating a first symmetric encryption key useable to encrypt and decrypt information; and generating from the first symmetric encryption key a family of symmetric encryption keys useable to encrypt and decrypt information, the symmetric encryption keys of the family having a relationship such that a descendent key of the family is derivable from each key that is an ancestor of the descendent key in the family. Generating the family of symmetric encryption keys can involve cryptographically hashing, in sequence, the first symmetric encryption key and resulting hashed encryption keys to produce the family. Additionally, the operations can further include providing the family of symmetric encryption keys along with an indication of a reverse order of the family such that the keys of the family are useable in the reverse order opposite that of key production. Generating the first symmetric encryption key can involve employing a randomized source to produce a 256 bit binary encryption key useable to decrypt binary data that has been encrypted with the 256 bit binary encryption key. Cryptographically hashing the first symmetric encryption key can involve employing a standardized secure hash function.
In another aspect, the invention features a software product that causes one or more data processing apparatus to perform operations including rolling over a symmetric encryption key useable to encrypt and decrypt information, where the rolling over involves providing a new symmetric encryption key from which an old symmetric encryption key is derivable. The old symmetric encryption key can be derivable from the new symmetric encryption key by cryptographically hashing the new symmetric encryption key. The new and old symmetric encryption keys can be part of a first family of encryption keys of size N, and the rolling over can further involve providing an encryption key from a second family of encryption keys once keys from the first family have been used.
The operations can further include receiving input specifying the size N; and receiving input specifying when to perform said rolling over. The first and second families of encryption keys can be used in a document control system to secure documents, and the operations can further include synchronizing offline access information with a client, the offline access information including a key from each of the first family and the second family.
In another aspect, the invention features a software product that causes one or more data processing apparatus to perform operations including cryptographically hashing a first symmetric encryption key one or more times to produce a second symmetric encryption key; and decrypting information associated with an electronic document with the second symmetric encryption key. The information associated with the document can be included within the document or cached separate from the document. Decrypting the information can involve decrypting information in the electronic document with the first symmetric encryption key in addition to the second symmetric encryption key, decrypting another key useable to decrypt the electronic document, or both.
The first symmetric encryption key can be associated with a group of users of a document control system, and decrypting the information can involve decrypting an encrypt dictionary in the electronic document with the second symmetric encryption key. The first symmetric encryption key can be associated with a policy of a document control system, and decrypting the information can involve decrypting the electronic document.
In another aspect, the invention features a system including a document control server that synchronizes offline access information with clients, including sending an encryption key obtained in reverse order from a family of encryption keys generated by cryptographically hashing a first key of the family multiple times to form a total of N keys in the family of encryption keys; and a client that receives the offline access information from the document control server and allows access to an electronic document, when offline, using the encryption key, including cryptographically hashing the encryption key as needed to access historical documents. The document control server can generate the family of encryption keys or receive the family of encryption keys from an encryption key server. The document control server can provide persistent control over access to documents and can include a user interface to receive input specifying the total N and input specifying when to roll over an encryption key.
The invention can be implemented to realize one or more of the following advantages. In a document control system implementation, the offline keys used in the system (encryption keys cached on a client to provide offline access to documents) can be periodically re-keyed (or rolled over) in an efficient and scalable way. Offline keys can be rolled over frequently without also causing an explosion in the number of old offline keys that need to be cached on a client in order to support offline access to historical documents. This can have particular advantages for per-policy and per-group encryption keys.
Per-policy or per-group keys, which are used for offline access, can be periodically changed, thereby limiting the number of future documents that would be compromised if a key is compromised. The frequency with which the keys are changed (or re-keyed) can be configurable. For example, the keys may be changed every week, in which case if a key were compromised, documents secured a week or more later would not be accessible by an attacker that had the compromised key. To enable frequent re-keying in a scalable way, the key rollover is done such that previous keys can be derived from the new key. For example, if a client has the March key for a particular group, the client can easily derive the February and January keys from the March key; these keys all belong to a common family of keys with a one-way computational relationship between them. Therefore, the client does not need to keep all historical keys, and the server does not need to send all historical keys to the client, just the most recent one, from which older keys from the corresponding key family can be derived.
Occasionally, such as every one hundred re-keys, an entirely new key and corresponding key family can be created. A client can then be provided with one key from the new key family and one key from the old key family to continue having access to all historical documents. Re-keying can be performed more often, but the number of key families generated, and thus the number of keys cached for offline access, can be much smaller. For example, if each key family provides one hundred re-keys, and the system re-keys an encryption key each month, the system can run for eight years and four months before an entirely new key need be created for the re-keying process. Because the scheme is more scalable, re-keying can happen more frequently, thereby limiting the time window in which a compromised key can be used by an attacker to open new documents that the attacker is not authorized to open.
The details of one or more embodiments of the invention are set forth in the accompanying drawings and the description below. Other features and advantages of the invention will become apparent from the description, the drawings, and the claims.
Like reference symbols in the various drawings indicate like elements.
The systems and techniques described in this specification can be used in a document control system, such as may be used by an enterprise in connection with document management. The document control system can operate as a stand-alone system or as a component of another system. The document control system can provide persistent document security by controlling who can view documents and what can be done with them, regardless of where the document resides. In this specification, the terms “document” and “electronic document” mean a set of electronic data, including both electronic data stored in a file and electronic data received over a network. An electronic document does not necessarily correspond to a file. A document may be stored in a portion of a file that holds other documents, in a single file dedicated to the document in question, or in a set of coordinated files. Additionally, in this specification, the term “periodically” means recurring from time to time, and does not require regular intervals.
The original key is cryptographically hashed along with resulting hashed keys, in sequence, to produce a family of symmetric encryption keys (120) that are separately useable to encrypt and decrypt information. This family can include the original key and can have a size N selected as desired for the planned use. For example, in the offline document access model described below, if the key is intended to be rolled over one hundred times before a new key family is to be used, the key is hashed at least one hundred times. The following notation is used below to refer to the keys of a family: KX=H(X, K0), which denotes that key number X (KX) of the family is generated by taking the first key (K0) and applying a hash function (H) X times.
An encryption key of the generated family, which is used in securing information, can be rolled over (130) when needed. The keys in the family can be used in an order opposite that of their generation (e.g., the last key can be used first and the first key last), and rolling over a key can involve moving back up through the keys of the family to the next key closer to the first key generated. For example, K100 can be distributed as an initial key used in securing documents, and when a new key is needed, K99 can be distributed as the next key used in securing documents (note that “securing documents” includes indirect means of securing documents, such as by encrypting a document key with K99, as described further below). Older documents secured with K100 can still be accessed with K99 by hashing K99 once to obtain K100. The next key rollover is then to K98, and so on.
K(X+1) can always be derived from KX, but KX cannot in practice be derived from K(X+1) due to the one-way nature of the hash function. After one hundred key rollovers, current clients in a document control system need only have K0 cached locally to be given offline access to the historical documents secured using keys K100 through K1. Thus, key rollover can be performed more often using this invention while at the same time reducing the number of keys that need to be cached on a client for offline access in a document control system.
In general, a client can use one or more keys from a hashed key family to decrypt information. One symmetric encryption key of the family can be cryptographically hashed (140), at a client, one or more times to produce another symmetric encryption key of the family. Information in an electronic document can be decrypted (150) at the client with the produced symmetric encryption key, and also potentially with the one key and any intermediate keys there between. For example, different parts of a document can be encrypted with different keys from the family. Thus, the extent of access to information at the client can be governed, at least in part, by which key in the family of keys is provided to the client.
The enterprise system(s) (230) can be a storage system, an authentication system, a communication system, a document management system, or combinations of these. The server(s) (220) can be designed to tightly integrate with existing enterprise system(s) (230) and leverage existing enterprise infrastructure. For example, the server(s) (220) can provide rich support for user and group information in enterprises, where such information may come from multiple sources. The server(s) (220) can provide document security while being minimally obtrusive, making the system easier to use and thus easier to deploy effectively. For example, the server(s) (220) can implement a document control system that provides a sophisticated offline-access mechanism that allows users to view documents while offline, even if they have not previously viewed the document while online. Thus, the document control system can maintain a low-profile during normal operation, making the presence of document security less visible, and thus more usable.
Additional details regarding example document control system(s) and server(s) can be found in U.S. patent application Ser. No. 10/699,124, filed Oct. 31, 2003, and entitled “OFFLINE ACCESS IN A DOCUMENT CONTROL SYSTEM”, which is hereby incorporated by reference.
The document control server (320) uses encryption keys (e.g., 256 bit keys) to secure documents. These keys can be generated by the document control server (320) or by a separate key server (330). In either case, a key generator with a randomized source (332) and a hash function (334) can be used to generated a family of encryption keys (360). Random number generation can be used to create starting keys (e.g., the Secure Random number generator provided with the .Net framework for a .Net implementation and the java.SecureRandom class for generating random numbers in a Java implementation), and a standardized secure hash function for which it is computationally infeasible to find two messages that hash to the same value (e.g., SHA1) can be used to create the hashed keys of the family. The family of symmetric encryption keys (360) thus produced can be provided along with an indication of a reverse order of the family such that the keys of the family are useable in the reverse order opposite that of key production. For example, the key server (330) can send the family of symmetric encryption keys (360) to the document control server (320) in a group (where the indication of reverse order can be built into the data structure or protocol used to send the group), or the keys (360) can be sent serially (where the indication of reverse order can be the order in which the keys are sent in the series, i.e., the keys are sent individually in an order opposite that of key generation).
The keys of the family (360) can be associated with a policy (370) of the document control system or with a group of users (380) of the document control system. In this specification, a “group of users” included potentially a group of one, i.e., per-user keys. These keys can be used to secure electronic documents, either directly by encrypting the document with the family key, or indirectly by encrypting the document with a document key and encrypting the document key with the family key.
The client (310) and the document control server (320) can periodically synchronize to update any changes to offline access information retained at the client (310), where this offline access information can effectively pre-authorize the client to allow actions with respect to secured documents that have yet to be accessed while the client (310) is connected to the network (300) (e.g., a secured document received via email at the client but not yet opened). The offline access information (340) sent to the client (310) includes at least one current key (345) from the family (360). The offline access information (340) can also include other keys, such as keys from other key families, at least one set of document-permissions information associated with multiple documents, a document revocation list, or combinations of these.
The current key (345) can be used to access a secured electronic document (350) while offline by decrypting a second key (355) in the electronic document (350). The electronic document (350) can include content encrypted with the second key (355), and the electronic document (350) can include the second key (355) encrypted with the current key (345) or a previous key from the family (360). Alternatively, there can be one or more levels of indirection in this key encryption relationship. For example, the current key (345) can be used to decrypt the key (355), which can be used to decrypt another key that is then used to decrypt the content of the document (350). Regardless of the number of levels of indirection and the number of keys employed, the current key (345) can be used to access the secured electronic document (350) while offline by decrypting a second key (355) in the electronic document (350).
If the document (350) is an old document that was secured before one or more key rollovers, the current key (345) can be hashed one or more times to produce an older key that can then be used to decrypt the second key (355). Information about which keys have been used to encrypt keys in the document (350) can be included in the document (350). For example, the document (350) can have a document key (a key specific to that document) encrypted with a principle key (a key specific to a user of the system) that has associated major and minor version information. A major version number can indicate the key family, and a minor version number can indicated the generation within the key family, to which the principal key belongs. Such major and minor version information can be included in the document (350), and a client can readily check whether the document is accessible by comparing this information with the principal keys available, i.e., a check of whether the major version of an available key equals the major version of a key used to encrypt the document key and whether the minor version of the available key is less than or equal to the minor version of the key used to encrypt the document key.
The document control server (320) can be used to control how many encryption keys are included in the family (360). Once the keys of the family (360) have been used, and a new family is generated, the synchronization between the document control server (320) and the client (310) can involve sending both a new key from the new family and the highest level key from the old family (i.e., the key from which all other previously used keys from the old family can be generated). The document control server (320) can include a user interface (390) to receive input specifying the total number of keys to generate for a family, and input specifying when to roll over an encryption key.
A first key family is generated (420). When it is time to perform a rollover (430), a check is made to determine whether keys from the current family have been used and a new family of keys is desired (460). Note that not all of the keys from the current family need to be used before a new family is created and used. If the current key family is still to be used, the next key of the current family is provided (490), in an order opposite that of key generation. If a new family of keys is desirable, the next key family is generated (470), and a key from this next key family is provided (480). This next key family then becomes the current key family.
When it is time to perform a synchronization (440), offline access information is synchronized (450) with a client. This synchronization can involve sending one or more K0 keys from previous used key families as well as a current KX key from the current key family. Thus, a client that has synchronized with the server can be easily given access to all historical documents in a document control system with only a few keys despite many prior key rollovers.
The invention and all of the functional operations described in this specification can be implemented in digital electronic circuitry, or in computer software, firmware, hardware, or in combinations of them, such as the structural means disclosed in this specification and structural equivalents thereof. Apparatus of the invention can be implemented as one or more computers located in one or more places. The invention can be implemented as one or more software products (e.g., a computer program product), i.e., one or more software programs tangibly embodied in a machine-readable medium (e.g., in a machine-readable storage device) for execution by, or to control the operation of, data processing apparatus, such as one or more programmable processors or computers. Processing operations of the invention can be performed by a programmable processor executing a program of instructions to perform functions of the invention by operating on input data and generating output.
The invention can be implemented advantageously in one or more software programs (also known as programs, computer programs, software, software applications, or code) written in any form of programming language, including compiled or interpreted languages, for a programmable system including at least one programmable processor coupled to receive data and instructions from, and to transmit data and instructions to, a data storage system, at least one input device, and at least one output device. A software program can be implemented in a high-level procedural or object-oriented programming language, or in assembly or machine language if desired. A software program can be deployed in any form, including as a stand-alone program or as a module, component, subroutine, or other unit suitable for use in a computing environment. A software program does not necessarily correspond to a file. A program can be stored in a portion of a file that holds other programs or data, in a single file dedicated to the program in question, or in multiple coordinated files (e.g., files that store one or more modules, sub-programs, or portions of code). A software program can be deployed to be executed on one computer or on multiple computers at one site or distributed across multiple sites and interconnected by a communication network.
The processes and logic flows described in this specification, including the method operations of the invention, can be performed by one or more programmable processors executing one or more computer programs to perform functions of the invention by operating on input data and generating output. The processes and logic flows can also be performed by, and apparatus of the invention can be implemented as, supplemented by, or incorporated in, special purpose logic circuitry, e.g., an FPGA (field programmable gate array) or an ASIC (application-specific integrated circuit).
Processors suitable for execution of a software program include, by way of example, both general and special purpose microprocessors, and any one or more processors of any kind of digital computer. Generally, a processor will receive instructions and data from a read-only memory, a random access memory, a machine-readable signal (e.g., a digital signal received through a network connection), or a combination of these. Generally, a computer will also include, or be operatively coupled to receive data from or transfer data to, or both, one or more mass storage devices for storing data, e.g., magnetic, magneto-optical disks, or optical disks. However, a computer need not have such devices. Moreover, a computer can be included in a consumer electronic device, e.g., a mobile telephone, a personal digital assistant (PDA), a digital camera, a mobile audio player, a Global Positioning System (GPS) receiver, to name just a few. Media suitable for tangibly embodying software program instructions and data include all forms of non-volatile memory, including by way of example semiconductor memory devices, such as EPROM (electrically programmable read-only memory), EEPROM (electrically erasable programmable read-only memory), and flash memory devices; magnetic disks such as internal hard disks and removable disks; magneto-optical disks; and optical disks, such as CD-ROM disks. Any of the foregoing can be supplemented by, or incorporated in, special purpose logic circuitry.
To provide for interaction with a user, the invention can be implemented on a computer system having a display device, such as a CRT (cathode ray tube) or LCD (liquid crystal display) monitor, for displaying information to the user and a keyboard and a pointing device, such as a mouse or a trackball, by which the user can provide input to the computer system. Other kinds of devices can be used to provide for interaction with a user as well; for example, feedback provided to the user can be any form of sensory feedback, e.g., visual feedback, auditory feedback, or tactile feedback; and input from the user can be received in any form, including acoustic, speech, or tactile input. Moreover, the computer system can be programmed to provide a graphical user interface through which software programs interact with users.
The invention has been described in terms of particular embodiments. Other embodiments are within the scope of the following claims. For example, the operations of the invention can be performed in a different order and still achieve desirable results. The invention can be used in a centralized or decentralized document control system. Moreover, the invention can be implemented in many other types of systems. A document access system can be implemented in which the different keys in the family correspond to different current levels of access, such as where having key K5 can correspond to having a first level of access clearance and having key K4 can correspond to having a second, higher level of access clearance, which encompasses that provided by K5. A subscription system can be implemented in which a key corresponds to a subscription to some digital content (movies, songs, etc), and the key can then change monthly to discourage piracy, but the new key can still be used to unlock old content.
| Number | Name | Date | Kind |
|---|---|---|---|
| 5521980 | Brands | May 1996 | A |
| 5586260 | Hu | Dec 1996 | A |
| 5613089 | Hornbuckle | Mar 1997 | A |
| 5757907 | Cooper et al. | May 1998 | A |
| 5835601 | Shimbo et al. | Nov 1998 | A |
| 5864837 | Maimone | Jan 1999 | A |
| 6006034 | Heath et al. | Dec 1999 | A |
| 6009543 | Shavit | Dec 1999 | A |
| 6038322 | Harkins | Mar 2000 | A |
| 6047126 | Imai | Apr 2000 | A |
| 6052469 | Johnson et al. | Apr 2000 | A |
| 6088694 | Burns et al. | Jul 2000 | A |
| 6240414 | Beizer et al. | May 2001 | B1 |
| 6289450 | Pensak et al. | Sep 2001 | B1 |
| 6321242 | Fogg et al. | Nov 2001 | B1 |
| 6327584 | Xian et al. | Dec 2001 | B1 |
| 6339825 | Pensak et al. | Jan 2002 | B2 |
| 6363149 | Candelore | Mar 2002 | B1 |
| 6381602 | Shoroff et al. | Apr 2002 | B1 |
| 6385639 | Togawa | May 2002 | B1 |
| 6418214 | Smythe et al. | Jul 2002 | B1 |
| 6449721 | Pensak et al. | Sep 2002 | B1 |
| 6487301 | Zhao | Nov 2002 | B1 |
| 6553490 | Kottapurath et al. | Apr 2003 | B1 |
| 6564215 | Hsiao et al. | May 2003 | B1 |
| 6615336 | Chen et al. | Sep 2003 | B1 |
| 6623529 | Lakritz | Sep 2003 | B1 |
| 6694434 | McGee et al. | Feb 2004 | B1 |
| 6751336 | Zhao | Jun 2004 | B2 |
| 6832221 | Takahashi | Dec 2004 | B2 |
| 6856976 | Bible et al. | Feb 2005 | B2 |
| 6873976 | Bible et al. | Mar 2005 | B2 |
| 6889210 | Vainstein | May 2005 | B1 |
| 6889233 | Lin et al. | May 2005 | B2 |
| 6895289 | Shimizu et al. | May 2005 | B2 |
| 6912591 | Lash | Jun 2005 | B2 |
| 6950935 | Allavarpu et al. | Sep 2005 | B1 |
| 6963971 | Bush et al. | Nov 2005 | B1 |
| 6968396 | Schillings et al. | Nov 2005 | B1 |
| 6978376 | Giroux et al. | Dec 2005 | B2 |
| 6986039 | Leah et al. | Jan 2006 | B1 |
| 7058605 | Gupta | Jun 2006 | B2 |
| 7058663 | Johnston et al. | Jun 2006 | B2 |
| 7062765 | Pitzel et al. | Jun 2006 | B1 |
| 7140012 | Pugh et al. | Nov 2006 | B2 |
| 7143419 | Fischer et al. | Nov 2006 | B2 |
| 7178033 | Garcia | Feb 2007 | B1 |
| 7181016 | Cross et al. | Feb 2007 | B2 |
| 7197638 | Grawrock et al. | Mar 2007 | B1 |
| 7209559 | Rodriguez et al. | Apr 2007 | B2 |
| 7233981 | Tenereilo et al. | Jun 2007 | B2 |
| 7237189 | Altenhofen et al. | Jun 2007 | B2 |
| 7254235 | Boudreault et al. | Aug 2007 | B2 |
| 7260555 | Rossman et al. | Aug 2007 | B2 |
| 7346908 | Evans et al. | Mar 2008 | B2 |
| 7353397 | Herbach | Apr 2008 | B1 |
| 7367060 | Someshwar | Apr 2008 | B2 |
| 7370344 | Boozer et al. | May 2008 | B2 |
| 7380120 | Garcia | May 2008 | B1 |
| 7430541 | Seo et al. | Sep 2008 | B2 |
| 7434048 | Shapiro et al. | Oct 2008 | B1 |
| 7437614 | Haswell et al. | Oct 2008 | B2 |
| 7515717 | Doyle et al. | Apr 2009 | B2 |
| 7676674 | Bush et al. | Mar 2010 | B2 |
| 20010044901 | Grawrock | Nov 2001 | A1 |
| 20010056541 | Matsuzaki et al. | Dec 2001 | A1 |
| 20020019936 | Hitz et al. | Feb 2002 | A1 |
| 20020019943 | Cho et al. | Feb 2002 | A1 |
| 20020046176 | Seo et al. | Apr 2002 | A1 |
| 20020073080 | Lipkin | Jun 2002 | A1 |
| 20020077985 | Kobata et al. | Jun 2002 | A1 |
| 20020077986 | Kobata et al. | Jun 2002 | A1 |
| 20020078081 | Bierbrauer et al. | Jun 2002 | A1 |
| 20020082997 | Kobata et al. | Jun 2002 | A1 |
| 20020083183 | Pujare et al. | Jun 2002 | A1 |
| 20020087876 | Larose | Jul 2002 | A1 |
| 20020091640 | Gupta | Jul 2002 | A1 |
| 20020095407 | Itakura et al. | Jul 2002 | A1 |
| 20020108050 | Raley et al. | Aug 2002 | A1 |
| 20020112171 | Ginter et al. | Aug 2002 | A1 |
| 20020120791 | Somalwar et al. | Aug 2002 | A1 |
| 20020124109 | Brown | Sep 2002 | A1 |
| 20020138617 | Christfort et al. | Sep 2002 | A1 |
| 20020141593 | Kurn et al. | Oct 2002 | A1 |
| 20020144257 | Matsushima | Oct 2002 | A1 |
| 20020162104 | Raike et al. | Oct 2002 | A1 |
| 20020197528 | Zunke | Dec 2002 | A1 |
| 20030023657 | Fischer et al. | Jan 2003 | A1 |
| 20030028899 | MacInnis | Feb 2003 | A1 |
| 20030055927 | Fischer et al. | Mar 2003 | A1 |
| 20030056179 | Mori | Mar 2003 | A1 |
| 20030061165 | Okamoto et al. | Mar 2003 | A1 |
| 20030065739 | Shnier | Apr 2003 | A1 |
| 20030065936 | Wray | Apr 2003 | A1 |
| 20030105740 | Shimizu et al. | Jun 2003 | A1 |
| 20030109943 | Shimizu et al. | Jun 2003 | A1 |
| 20030110131 | Alain et al. | Jun 2003 | A1 |
| 20030117434 | Hugh | Jun 2003 | A1 |
| 20030120601 | Ouye et al. | Jun 2003 | A1 |
| 20030133805 | Stoker | Jul 2003 | A1 |
| 20030135650 | Kano et al. | Jul 2003 | A1 |
| 20030152235 | Cohen et al. | Aug 2003 | A1 |
| 20030154071 | Shreve | Aug 2003 | A1 |
| 20030187929 | Pugh et al. | Oct 2003 | A1 |
| 20030191917 | McBrearty et al. | Oct 2003 | A1 |
| 20030196120 | Raley et al. | Oct 2003 | A1 |
| 20030196121 | Raley et al. | Oct 2003 | A1 |
| 20030202661 | Rodriguez et al. | Oct 2003 | A1 |
| 20030208686 | Thummalapally et al. | Nov 2003 | A1 |
| 20030217264 | Martin et al. | Nov 2003 | A1 |
| 20030232318 | Altenhofen et al. | Dec 2003 | A1 |
| 20040030702 | Houston et al. | Feb 2004 | A1 |
| 20040049519 | Itakura et al. | Mar 2004 | A1 |
| 20040049571 | Johnson et al. | Mar 2004 | A1 |
| 20040059590 | Mercredi et al. | Mar 2004 | A1 |
| 20040093323 | Bluhm et al. | May 2004 | A1 |
| 20040103202 | Hildebrand et al. | May 2004 | A1 |
| 20040117655 | Someshwar | Jun 2004 | A1 |
| 20040117664 | Colvin | Jun 2004 | A1 |
| 20040146015 | Cross et al. | Jul 2004 | A1 |
| 20040162782 | Bible et al. | Aug 2004 | A1 |
| 20040177276 | MacKinnon et al. | Sep 2004 | A1 |
| 20040249765 | Leon | Dec 2004 | A1 |
| 20040255048 | Lev Ran et al. | Dec 2004 | A1 |
| 20050044378 | Beard et al. | Feb 2005 | A1 |
| 20050071658 | Nath et al. | Mar 2005 | A1 |
| 20050091487 | Cross et al. | Apr 2005 | A1 |
| 20050097061 | Shapiro et al. | May 2005 | A1 |
| 20050097441 | Herbach et al. | May 2005 | A1 |
| 20050132083 | Raciborski et al. | Jun 2005 | A1 |
| 20050144463 | Rossebo et al. | Jun 2005 | A1 |
| 20050157880 | Kurn et al. | Jul 2005 | A1 |
| 20050223414 | Kenrich et al. | Oct 2005 | A1 |
| 20060002564 | Aihara et al. | Jan 2006 | A1 |
| 20060010324 | Appenzeller et al. | Jan 2006 | A1 |
| 20060036548 | Roever et al. | Feb 2006 | A1 |
| 20060090065 | Bush et al. | Apr 2006 | A1 |
| 20070078900 | Donahue | Apr 2007 | A1 |
| 20070127719 | Selander et al. | Jun 2007 | A1 |
| 20080097998 | Herbach | Apr 2008 | A1 |
| Number | Date | Country |
|---|---|---|
| 1 307 000 | May 2003 | EP |
| 1 326 157 | Jul 2003 | EP |
| 1 528 455 | May 2005 | EP |
| 1 680 727 | Jul 2006 | EP |
| 2000227870 | Aug 2000 | JP |
| 2002080447 | Mar 2002 | JP |
| 2003218851 | Jul 2003 | JP |
| 2003228519 | Aug 2003 | JP |
| 2003228520 | Aug 2003 | JP |
| 2006160301 | Jun 2006 | JP |
| 2007-511821 | May 2007 | JP |
| 2007295801 | Nov 2007 | JP |
| WO 2005045709 | May 2005 | WO |
