专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

21. 发明申请

US20080263117A1 INITIAL SEED MANAGEMENT FOR PSEUDORANDOM NUMBER GENERATOR 审中-公开
标题翻译： PSEUDORANDOM NUMBER GENERATOR的初步种子管理
公开(公告)号：US20080263117A1
公开(公告)日：2008-10-23
申请号：US11738972
申请日：2007-04-23
申请人： Gregory Gordon Rose , Alexander Gantman , Lu Xiao , David Figueroa
发明人： Gregory Gordon Rose , Alexander Gantman , Lu Xiao , David Figueroa
IPC分类号： G06F7/58 , G06F15/177
CPC分类号： G06F7/582 , G06F7/588 , H04L9/0869
摘要： A secure seeding and reseeding scheme is provided for pseudorandom number generators by using a pre-stored initialization seed. This scheme initializes a pseudorandom number generator into an unknown state even when entropy collection is unavailable. A primary seed file and a shadow seed file are maintained with initialization seed information in a secure file system. If the primary seed file is corrupted, the pseudorandom number generator is seeded with the content of the shadow seed file. Additionally, a trusted timer or clock may be mixed with the pre-stored initialization seed to add entropy even when the pre-stored seed information has been compromised.
摘要翻译：通过使用预先存储的初始化种子为伪随机数发生器提供安全的种子和再种植方案。即使熵收集不可用，该方案将伪随机数发生器初始化为未知状态。在安全文件系统中，使用初始化种子信息维护主种子文件和影子种子文件。如果主种子文件被破坏，则伪随机数生成器被种子与影子种子文件的内容。此外，即使预先存储的种子信息已被破坏，可信任的定时器或时钟可以与预先存储的初始化种子混合以添加熵。

22. 发明授权

US09015487B2 Apparatus and method for virtual pairing using an existing wireless connection key 有权
标题翻译：使用现有无线连接密钥进行虚拟配对的装置和方法
公开(公告)号：US09015487B2
公开(公告)日：2015-04-21
申请号：US12415911
申请日：2009-03-31
申请人： Lu Xiao , Gregory Gordon Rose , David Jonathan Julian
发明人： Lu Xiao , Gregory Gordon Rose , David Jonathan Julian
IPC分类号： H04L29/06 , H04W12/04 , H04L9/08
CPC分类号： H04L63/061 , H04L9/0827 , H04L9/0841 , H04L9/0861 , H04L63/162 , H04L2209/80 , H04L2463/061 , H04W12/04
摘要： Disclosed is a method for virtual pairing of a first peer device with a second peer device. In the method, a nonce is generated at the first peer device for use in virtually pairing the first and second peer devices to establish a first-type wireless connection. The nonce is forwarded from the first peer device to the second peer device over an already established second-type wireless connection between the first and second peer devices. At least one new key is generated from the nonce and a shared key for the already established second-type wireless connection. The first peer device is virtually paired with the second peer device using the at least one new key to establish the first-type wireless connection between the first and second peer devices.
摘要翻译：公开了一种用于将第一对等设备与第二对等设备进行虚拟配对的方法。在该方法中，在第一对等设备处生成随机数，用于虚拟地配对第一和第二对等设备以建立第一类型的无线连接。通过已经建立的第一和第二对等设备之间的第二类无线连接，该随机数从第一对等设备转发到第二对等设备。至少一个新密钥是从该随机数生成的，另一个是已经建立的第二类无线连接的共享密钥。第一对等设备使用至少一个新密钥与第二对等设备实际配对，以在第一和第二对等设备之间建立第一类型的无线连接。

23. 发明授权

US08837724B2 Synchronization test for device authentication 有权
标题翻译：设备认证同步测试
公开(公告)号：US08837724B2
公开(公告)日：2014-09-16
申请号：US11844855
申请日：2007-08-24
申请人： Gregory Gordon Rose , Lu Xiao , David Jonathan Julian
发明人： Gregory Gordon Rose , Lu Xiao , David Jonathan Julian
IPC分类号： H04K1/00 , H04L29/06 , G06F21/00 , G06F1/04 , G06F1/00 , G06F7/04 , H04W12/06 , H04W88/02
CPC分类号： H04L63/08 , G06F21/35 , G06F21/40 , H04W12/04 , H04W12/06 , H04W88/02
摘要： Device authentication is based on the ability of a human to synchronize the movements of his or her fingers. A pairing procedure for two wireless devices may thus involve a synchronization test that is based on the relative timing of actuations of input devices on each of the wireless devices. In some aspects a synchronization test involves determining whether actuations of user input devices on two different wireless devices occurred within a defined time interval. In some aspects a synchronization test involves comparing time intervals defined by multiple actuations of user input devices on two wireless devices.
摘要翻译：设备认证是基于人类同步他或她的手指的动作的能力。因此，用于两个无线设备的配对过程可能涉及基于每个无线设备上的输入设备的启动的相对定时的同步测试。在一些方面，同步测试涉及确定是否在限定的时间间隔内发生两个不同无线设备上的用户输入设备的启动。在一些方面，同步测试涉及比较由两个无线设备上的用户输入设备的多次致动所限定的时间间隔。

24. 发明申请

US20100100933A1 APPARATUS AND METHOD FOR TRANSITIONING ACCESS RIGHTS FOR ROLE-BASED ACCESS CONTROL COMPATIBILIITY 有权
标题翻译：用于基于角色访问控制兼容性的用于过渡访问权限的装置和方法
公开(公告)号：US20100100933A1
公开(公告)日：2010-04-22
申请号：US12253754
申请日：2008-10-17
申请人： Gregory Gordon Rose , Alexander Gantman , Lu Xiao
发明人： Gregory Gordon Rose , Alexander Gantman , Lu Xiao
IPC分类号： G06F21/00
CPC分类号： H04L63/102 , G06F21/6218
摘要： Disclosed is a method for transitioning access rights, in a remote station with role-based access control, for an unknown role having access rights defined by a central access control management module. In the method, a role capability table is maintained in the remote station specifying centrally-defined access rights of roles that are interpretable in the remote station. An access request associated with an unknown role that is not interpretable in the remote station is received. The access request includes a role transition list that relates the unknown role to other centrally-defined roles. At least one of the other centrally-defined roles is interpretable in the remote station. A role is selected, from the role transition list, that is interpretable in the remote station for interpreting the unknown role of the access request. Access is granted based on the access request associated with the unknown role using the access rights of the interpretable role selected from the role transition table.
摘要翻译：公开了一种用于在具有基于角色的访问控制的远程站中转换访问权限的方法，用于具有由中央访问控制管理模块定义的访问权限的未知角色。在该方法中，在远程站中维护角色能力表，指定在远程站中可解释的角色的集中定义的访问权限。接收到与远程站中不可解释的未知角色相关联的访问请求。访问请求包括将未知角色与其他中心定义角色相关联的角色转换列表。其他中心定义角色中的至少一个可在远程站中解释。从角色转换列表中选择一个角色，该角色可在远程站中解释，用于解释访问请求的未知角色。基于与角色转换表中选择的可解释角色的访问权限，基于与未知角色关联的访问请求授予访问权限。

25. 发明申请

US20090307766A1 METHOD AND APPARATUS FOR VERIFYING DATA PACKET INTEGRITY IN A STREAMING DATA CHANNEL 有权
标题翻译：用于在流数据通道中验证数据分组完整性的方法和装置
公开(公告)号：US20090307766A1
公开(公告)日：2009-12-10
申请号：US12135976
申请日：2008-06-09
申请人： Gregory Gordon Rose , David Jonathan Julian , Lu Xiao
发明人： Gregory Gordon Rose , David Jonathan Julian , Lu Xiao
IPC分类号： G06F21/00 , G06F15/16
CPC分类号： H04L63/123 , H04L1/02 , H04L1/20
摘要： Disclosed is a method for verifying data packet integrity in a streaming-data channel. In the method, data packets are received from the streaming-data channel. Each data packet includes a data payload and a corresponding message integrity code. The received data packets are processed in a first processing mode, wherein the received data packets are forwarded to an application module before checking the integrity of the data packets using the respective message integrity codes. An integrity-check-failure measurement is generated for monitoring an integrity-check-failure rate in the first processing mode. If the integrity-check-failure measurement exceeds an integrity-check threshold, then the method transitions to a second processing mode. A received data packet is forwarded to the application module in the second processing mode only after passing the integrity check.
摘要翻译：公开了一种用于验证流数据信道中的数据分组完整性的方法。在该方法中，从流数据信道接收数据分组。每个数据分组包括数据有效载荷和对应的消息完整性代码。接收到的数据分组以第一处理模式进行处理，其中在使用各自的消息完整性代码检查数据分组的完整性之前，所接收的数据分组被转发到应用模块。产生完整性检查失败测量，用于在第一处理模式中监视完整性检查失败率。如果完整性检查失败测量超过完整性检查阈值，则该方法转换到第二处理模式。只有在通过完整性检查之后，接收的数据包将以第二处理模式转发到应用模块。

26. 发明授权

US08407760B2 Apparatus and method for transitioning access rights for role-based access control compatibility 有权
标题翻译：用于转换基于角色的访问控制兼容性的访问权限的设备和方法
公开(公告)号：US08407760B2
公开(公告)日：2013-03-26
申请号：US12253754
申请日：2008-10-17
申请人： Gregory Gordon Rose , Alexander Gantman , Lu Xiao
发明人： Gregory Gordon Rose , Alexander Gantman , Lu Xiao
IPC分类号： G06F17/00 , G06F7/04 , G06F9/00 , G06F21/00
CPC分类号： H04L63/102 , G06F21/6218
摘要： Disclosed is a method for transitioning access rights, in a remote station with role-based access control, for an unknown role having access rights defined by a central access control management module. In the method, a role capability table is maintained in the remote station specifying centrally-defined access rights of roles that are interpretable in the remote station. An access request associated with an unknown role that is not interpretable in the remote station is received. The access request includes a role transition list that relates the unknown role to other centrally-defined roles. At least one of the other centrally-defined roles is interpretable in the remote station. A role is selected, from the role transition list, that is interpretable in the remote station for interpreting the unknown role of the access request. Access is granted based on the access request associated with the unknown role using the access rights of the interpretable role selected from the role transition table.
摘要翻译：公开了一种用于在具有基于角色的访问控制的远程站中转换访问权限的方法，用于具有由中央访问控制管理模块定义的访问权限的未知角色。在该方法中，在远程站中维护角色能力表，指定在远程站中可解释的角色的集中定义的访问权限。接收到与远程站中不可解释的未知角色相关联的访问请求。访问请求包括将未知角色与其他中心定义角色相关联的角色转换列表。其他中心定义角色中的至少一个可在远程站中解释。从角色转换列表中选择一个角色，该角色可在远程站中解释，用于解释访问请求的未知角色。基于与角色转换表中选择的可解释角色的访问权限，基于与未知角色关联的访问请求授予访问权限。

27. 发明授权

US08019802B2 Cryptographically secure pseudo-random number generator 有权
标题翻译：密码安全的伪随机数发生器
公开(公告)号：US08019802B2
公开(公告)日：2011-09-13
申请号：US11509215
申请日：2006-08-23
申请人： Gregory Gordon Rose , Alexander Gantman , Lu Xiao
发明人： Gregory Gordon Rose , Alexander Gantman , Lu Xiao
IPC分类号： G06F7/58
CPC分类号： G06F7/588 , G06F7/58 , H04L9/0662 , H04L2209/043 , H04L2209/24
摘要： A cryptographically secure pseudo-random number generator is configured to obtain one or more unpredictable sources of entropy that provide a seed. A current internal state of the number generator is modified as a function of the current internal state and the seed to accumulate entropy. The modified internal state may be obtained by using non-linear feedback shift register operations on the internal state and the seed. A pseudo-random number is then generated based on the modified internal state of the number generator. The one or more unpredictable sources of entropy may be combined into the seed. The internal state of the number generator may be continually modified with additional seeds obtained from the one or more unpredictable sources and the current internal state. Additionally, the internal state of the number generator may be modified on demand with a new seed received from a calling application.
摘要翻译：密码安全的伪随机数发生器被配置为获得提供种子的一个或多个不可预知的熵源。数字发生器的当前内部状态被修改为当前内部状态和种子以累积熵的函数。可以通过对内部状态和种子使用非线性反馈移位寄存器操作来获得修改的内部状态。然后基于数字发生器的修改的内部状态生成伪随机数。一个或多个不可预测的熵源可以组合到种子中。可以使用从一个或多个不可预测的源获得的附加种子和当前的内部状态来连续修改号码发生器的内部状态。此外，可以根据需要修改号码发生器的内部状态，并从呼叫应用程序接收到新的种子。

28. 发明申请

US20100246824A1 APPARATUS AND METHOD FOR VIRTUAL PAIRING USING AN EXISTING WIRELESS CONNECTION KEY 有权
标题翻译：使用现有无线连接钥匙进行虚拟配对的装置和方法
公开(公告)号：US20100246824A1
公开(公告)日：2010-09-30
申请号：US12415911
申请日：2009-03-31
申请人： Lu Xiao , Gregory Gordon Rose , David Jonathan Julian
发明人： Lu Xiao , Gregory Gordon Rose , David Jonathan Julian
IPC分类号： H04L9/00 , H04B7/00 , H04L9/06
CPC分类号： H04L63/061 , H04L9/0827 , H04L9/0841 , H04L9/0861 , H04L63/162 , H04L2209/80 , H04L2463/061 , H04W12/04
摘要： Disclosed is a method for virtual pairing of a first peer device with a second peer device. In the method, a nonce is generated at the first peer device for use in virtually pairing the first and second peer devices to establish a first-type wireless connection. The nonce is forwarded from the first peer device to the second peer device over an already established second-type wireless connection between the first and second peer devices. At least one new key is generated from the nonce and a shared key for the already established second-type wireless connection. The first peer device is virtually paired with the second peer device using the at least one new key to establish the first-type wireless connection between the first and second peer devices.
摘要翻译：公开了一种用于将第一对等设备与第二对等设备进行虚拟配对的方法。在该方法中，在第一对等设备处生成随机数，用于虚拟地配对第一和第二对等设备以建立第一类型的无线连接。通过已经建立的第一和第二对等设备之间的第二类无线连接，该随机数从第一对等设备转发到第二对等设备。至少一个新密钥是从该随机数生成的，另一个是已经建立的第二类无线连接的共享密钥。第一对等设备使用至少一个新密钥与第二对等设备实际配对，以在第一和第二对等设备之间建立第一类型的无线连接。

29. 发明申请

US20080037785A1 Constrained Cryptographic Keys 有权
标题翻译：约束加密密钥
公开(公告)号：US20080037785A1
公开(公告)日：2008-02-14
申请号：US11535937
申请日：2006-09-27
申请人： Alexander Gantman , Tolga Yalcinkaya , Gregory Gordon Rose , Lu Xiao
发明人： Alexander Gantman , Tolga Yalcinkaya , Gregory Gordon Rose , Lu Xiao
IPC分类号： H04L9/06 , H04L9/08 , H04L9/28
CPC分类号： H04L9/0872 , H04L9/088 , H04L9/321 , H04L63/083 , H04L2209/76
摘要： A constrained proxy key is used to secure communications between two devices via an intermediary device. A first proxy key is generated at a host device (key generator device) based on a shared secret key, one or more constraints on the first proxy key, and a key derivation function. At least the shared secret key and key derivation function are known to the host device an a client device (authentication device). The first proxy key is sent to a proxy device to use in authenticating communications with the client device. An authenticated message is generated by the proxy device using the first proxy key and sent to the client device. The client device locally generates a second proxy key using the key derivation function, one or more constraints, and the shared secret key for authenticating the proxy device. The proxy device is authenticated if the client device successfully accesses the authenticated message from the proxy device using the second proxy key.
摘要翻译：受限代理密钥用于通过中间设备来保护两个设备之间的通信。基于共享秘密密钥，第一代理密钥上的一个或多个约束和密钥导出功能，在主机设备（密钥发生器设备）处生成第一代理密钥。至少共享秘密密钥和密钥导出功能对于主机设备是已知的客户端设备（认证设备）。第一代理密钥被发送到代理设备以用于认证与客户端设备的通信。认证消息由代理设备使用第一代理密钥生成并发送到客户端设备。客户端设备使用密钥导出功能，一个或多个约束和用于认证代理设备的共享秘密密钥本地生成第二代理密钥。如果客户端设备使用第二代理密钥从代理设备成功访问认证消息，则代理设备被认证。

30. 发明授权

US09215581B2 Distance-based presence management 有权
标题翻译：基于距离的在线管理
公开(公告)号：US09215581B2
公开(公告)日：2015-12-15
申请号：US11692097
申请日：2007-03-27
申请人： David Jonathan Julian , Chong U. Lee , Kamran Moallemi , Avneesh Agrawal , Manuel E. Jaime , Robert Keith Douglas , Lu Xiao , Gregory Gordon Rose
发明人： David Jonathan Julian , Chong U. Lee , Kamran Moallemi , Avneesh Agrawal , Manuel E. Jaime , Robert Keith Douglas , Lu Xiao , Gregory Gordon Rose
IPC分类号： H04B7/00 , H04W8/02 , H04L29/08 , H04W8/22 , H04W64/00 , G01S11/06 , G01S13/08
CPC分类号： H04W8/02 , G01S11/06 , G01S13/08 , H04L67/24 , H04W8/22 , H04W64/006
摘要： Various operations may be performed based on a distance-related function associated with two or more devices. For example, an association procedure for two or more devices may be based on one or more determined distances. Similarly, presence management may be based on one or more determined distances. A distance-related function may take various form including, for example, a distance between devices, two or more distances between devices, a rate of change in a relative distance between devices, relative acceleration between devices, or some combination of two or more of the these distance-related functions.
摘要翻译：可以基于与两个或更多个设备相关联的距离相关功能来执行各种操作。例如，两个或多个设备的关联过程可以基于一个或多个确定的距离。类似地，存在管理可以基于一个或多个确定的距离。距离相关功能可以采取各种形式，包括例如设备之间的距离，设备之间的两个或更多个距离，设备之间的相对距离的变化率，设备之间的相对加速度，或两个或更多个这些距离相关的功能。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式