专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

31. 发明申请

US20080133543A1 System and Method for Dynamic and On-Demand Data Transfer and Synchronization Between Isolated Networks 审中-公开
标题翻译：隔离网络之间动态和按需数据传输和同步的系统和方法
公开(公告)号：US20080133543A1
公开(公告)日：2008-06-05
申请号：US11947902
申请日：2007-11-30
申请人： Xiaozhou Fu , Zaw Naing L. Oo , Xin Qiu
发明人： Xiaozhou Fu , Zaw Naing L. Oo , Xin Qiu
IPC分类号： G06F17/30
CPC分类号： G06F16/27
摘要： A system, method and computer-readable medium of instructions for performing dynamic and on-demand data transfer between databases (116, 124) in public and secure networks (102, 104), and synchronization of those databases (116, 124), in a public key infrastructure (PKI) environment. The system, method and computer-readable medium of instructions operate to identify at least one record of information in the database (116) of the public network (102) to be updated in the database (124) of the private network (104), enter update information in at least one data transfer table (400, 600/602) based on the at least one record of information, and use the at least one data transfer table (400, 600/602) to update at least one record in the database (124) of the private network (104) in accordance with the update information without overwriting other information in the database (124).
摘要翻译：一种用于在公共和安全网络（102,104）中的数据库（116,124）之间进行动态和按需数据传输的指令的系统，方法和计算机可读介质，以及这些数据库（116,124）的同步，公共密钥基础设施（PKI）环境。指令的系统，方法和计算机可读介质操作以识别要在私有网络（104）的数据库（124）中更新的公共网络（102）的数据库（116）中的信息的至少一个记录，基于所述至少一个信息记录在至少一个数据传输表（400,600 / 602）中输入更新信息，并且使用所述至少一个数据传输表（400,600 / 602）来更新至少一个数据传输表所述专用网络（104）的数据库（124）根据所述更新信息而不覆盖所述数据库（124）中的其他信息。

32. 发明授权

US09246889B2 Layered protection and validation of identity data delivered online via multiple intermediate clients 有权
标题翻译：通过多个中间客户端在线发送的身份数据的分层保护和验证
公开(公告)号：US09246889B2
公开(公告)日：2016-01-26
申请号：US12854925
申请日：2010-08-12
申请人： Chia Ling Tsai , Alexander Medvinsky , Xin Qiu , Kyle W. Stewart , Fan Wang
发明人： Chia Ling Tsai , Alexander Medvinsky , Xin Qiu , Kyle W. Stewart , Fan Wang
IPC分类号： H04L29/06 , H04L9/00 , H04L9/08 , H04L9/32 , G06F21/62 , G06F21/64
CPC分类号： H04L63/045 , G06F21/6218 , G06F21/64 , H04L9/006 , H04L9/0825 , H04L9/3234 , H04L9/3265 , H04L63/062 , H04L63/0823 , H04L63/123 , H04L2463/062
摘要： A method is provided for securely delivering identity data units over a communications network to a client device. The method includes receiving a selection from a customer identifying a final zipped package to be unpacked. The final zipped package is unpacked to obtain a common package and a digital signature file signed by an entity generating identity data requested by the customer. The digital signature in the digital signature file is verified and the common package is unpacked to obtain a plurality of outer packages and an encrypted symmetric key. The symmetric key is decrypted with a private key associated with the customer and each of the outer packages is decrypted with the symmetric key to obtain a plurality of identity data units.
摘要翻译：提供了一种用于通过通信网络将身份数据单元安全地传送到客户端设备的方法。该方法包括从客户接收标识要解包的最终压缩包的选择。最后的压缩包解包以获得由生成客户请求的身份数据的实体签名的公用包和数字签名文件。验证数字签名文件中的数字签名，并解压缩公用包以获得多个外包和加密对称密钥。对称密钥用与客户相关联的私钥解密，并且每个外部包被对称密钥解密以获得多个身份数据单元。

33. 发明授权

US09043456B2 Identity data management system for high volume production of product-specific identity data 有权
标题翻译：身份数据管理系统，用于大批量生产特定于产品的身份数据
公开(公告)号：US09043456B2
公开(公告)日：2015-05-26
申请号：US13407081
申请日：2012-02-28
申请人： Annie C. Kuramoto , Xin Qiu , Ting Yao
发明人： Annie C. Kuramoto , Xin Qiu , Ting Yao
IPC分类号： G06F15/173 , G06F17/30 , H04L29/06
CPC分类号： G06F17/30595 , H04L63/0823
摘要： A method and apparatus is provided for maintaining inventory levels of identity data to be provisioned in electronic devices. The method includes monitoring over a communications network inventory levels of identity data records stored on a plurality of identity data personalization servers that each provision electronic devices with an identity data record. Additionally, if the inventory level on at least one of the identity data personalization servers falls below a minimum specified level, a refill request is sent to an identity data management authority requesting that additional identity data records be uploaded to the identity data personalization server.
摘要翻译：提供了一种用于维护在电子设备中提供的身份数据的库存水平的方法和装置。该方法包括监视存储在多个身份数据个性化服务器上的身份数据记录的通信网络库存水平，每个身份数据记录提供具有身份数据记录的电子设备。此外，如果至少一个身份数据个性化服务器上的库存级别低于最小指定级别，则向身份数据管理机构发送重新填充请求，请求将附加的身份数据记录上传到身份数据个性化服务器。

34. 发明授权

US08392702B2 Token-based management system for PKI personalization process 有权
标题翻译：基于令牌的PKI个性化管理系统
公开(公告)号：US08392702B2
公开(公告)日：2013-03-05
申请号：US12175444
申请日：2008-07-17
申请人： Xin Qiu , Eric Sprunk , Liqiang Chen , Jason Pasion
发明人： Xin Qiu , Eric Sprunk , Liqiang Chen , Jason Pasion
IPC分类号： H04L29/06
CPC分类号： H04L9/006 , H04L9/3234 , H04L9/3263 , H04L63/0442 , H04L63/0823 , H04L63/0853 , H04L63/101 , H04L63/123 , H04L63/166 , H04L2209/56 , H04L2209/60 , H04L2209/80
摘要： A system for token-based management of a PKI (public key infrastructure) personalization process includes a token request and management system (TRMS) configured to gather request information from a requestor; and a token personalization system (TPS) configured to personalize a hardware token such that usage of the hardware token is constrained by the request information. A method for token-based management of a PKI personalization process includes: requesting a hardware token; personalizing a hardware token such that the hardware token is confined to operation within limiting parameters; binding the hardware token to a workstation which is configured receive the hardware token and use credentials within the hardware token to request and download PKI data from a PKI server, the workstation being further configured to personalize an end user product by loading the PKI data into internal memory contained within the end user product; and monitoring usage of the hardware token and the PKI data.
摘要翻译：用于PKI（公共密钥基础设施）个性化过程的基于令牌的管理的系统包括被配置为从请求者收集请求信息的令牌请求和管理系统（TRMS）以及被配置为个性化硬件令牌的令牌个性化系统（TPS），使得所述硬件令牌的使用被所述请求信息约束。用于PKI个性化处理的基于令牌的管理的方法包括：请求硬件令牌; 个性化硬件令牌，使得硬件令牌限制在限制参数内的操作; 将硬件令牌绑定到配置的接收硬件令牌并使用硬件令牌内的凭证的工作站，以从PKI服务器请求和下载PKI数据，该工作站进一步配置为通过将PKI数据加载到内部来个性化最终用户产品包含在最终用户产品中的内存; 并监视硬件令牌和PKI数据的使用情况。

35. 发明授权

US08370626B2 Method and apparatus for a configurable online public key infrastructure (PKI) management system 有权
标题翻译：可配置在线公钥基础设施（PKI）管理系统的方法和装置
公开(公告)号：US08370626B2
公开(公告)日：2013-02-05
申请号：US12854922
申请日：2010-08-12
申请人： Jiajing Liu , Thomas J. Barbour , Liqiang Chen , Ying Chen , Wei Lin Chou , Christopher P. Gardner , Stuart P. Moskovics , Xin Qiu , Chia Ling Tsai , Ting Yao
发明人： Jiajing Liu , Thomas J. Barbour , Liqiang Chen , Ying Chen , Wei Lin Chou , Christopher P. Gardner , Stuart P. Moskovics , Xin Qiu , Chia Ling Tsai , Ting Yao
IPC分类号： H04L9/00
CPC分类号： H04L9/3265 , H04L9/007
摘要： A method and apparatus are provided for generating identity data to be provisioned in product devices that are a part of a project. The method includes establishing a template associated with each CA in a hierarchical chain of CAs having a root CA at a highest level in the chain and a signing CA at a lowest level in the chain. The template associated with the signing CA inherits mandatory attribute fields specified in the root CA and any intermediate CA in the hierarchical chain. The mandatory attribute fields are user-specifiable fields to be populated with PKI data. A configuration file is generated upon receipt of an order for digital certificates using PKI data provided by a user to populate the mandatory attribute fields of the template associated with the signing CA. The digital certificates requested in the order are generated using the PKI data in the configuration file.
摘要翻译：提供了一种用于生成作为项目的一部分的产品设备中提供的身份数据的方法和装置。该方法包括在具有链中最高级别的根CA的CA的分级链中建立与每个CA相关联的模板以及链中最低级的签名CA。与签名CA相关联的模板继承根CA中指定的强制属性字段和层级链中的任何中间CA。强制属性字段是要填充PKI数据的用户指定字段。使用由用户提供的PKI数据接收到数字证书的订单时，生成配置文件来填充与签名CA相关联的模板的强制属性字段。使用配置文件中的PKI数据生成订单中请求的数字证书。

36. 发明授权

US08171527B2 Method and apparatus for securing unlock password generation and distribution 有权
标题翻译：用于确保密码生成和分发的方法和装置
公开(公告)号：US08171527B2
公开(公告)日：2012-05-01
申请号：US11768523
申请日：2007-06-26
申请人： Xin Qiu , Liqiang Chen , Stuart P. Moskovics , Kent D. Rager
发明人： Xin Qiu , Liqiang Chen , Stuart P. Moskovics , Kent D. Rager
IPC分类号： H04L29/06
CPC分类号： H04L9/3226 , H04L9/3247 , H04W12/04 , H04W12/08
摘要： A process may be utilized for securing unlock password generation and distribution. A first set of exclusive responsibilities, assigned to a trusted authority, includes random generation and encryption of an unlock password to compose a randomly generated encrypted unlock password. Further, a second set of exclusive responsibilities, assigned to a security agent, includes sending information associated with the unlock password and a digital signature of information associated with the unlock password to a communication device configured for a network in order to mate the unlock password to the communication device, and sending the randomly generated and encrypted unlock password along with mating data to a password processing center. In addition, a third set of exclusive responsibilities, assigned to a password processing center, includes decrypting the randomly generated and encrypted unlock password.
摘要翻译：可以利用一个过程来确保密码生成和分发。分配给受信任的机构的第一套独家责任包括随机生成和加密解锁密码，以组成随机生成的加密解密密码。此外，分配给安全代理的第二组独占责任包括将与解锁密码相关联的信息和与解锁密码相关联的信息的数字签名发送到为网络配置的通信设备，以便将解锁密码与通信设备，并将随机生成和加密的解密密码以及匹配数据发送到密码处理中心。另外，分配给密码处理中心的第三组独占责任包括解密随机产生和加密的解锁密码。

37. 发明申请

US20110213957A1 LAYERED PROTECTION AND VALIDATION OF IDENTITY DATA DELIVERED ONLINE VIA MULTIPLE INTERMEDIATE CLIENTS 有权
标题翻译：通过多个中间客户在线提供的身份数据的分层保护和验证
公开(公告)号：US20110213957A1
公开(公告)日：2011-09-01
申请号：US12854925
申请日：2010-08-12
申请人： Chia Ling Tsai , Alexander Medvinsky , Xin Qiu , Kyle W. Stewart , Fan Wang
发明人： Chia Ling Tsai , Alexander Medvinsky , Xin Qiu , Kyle W. Stewart , Fan Wang
IPC分类号： H04L9/14
CPC分类号： H04L63/045 , G06F21/6218 , G06F21/64 , H04L9/006 , H04L9/0825 , H04L9/3234 , H04L9/3265 , H04L63/062 , H04L63/0823 , H04L63/123 , H04L2463/062
摘要： A method is provided for securely delivering identity data units over a communications network to a client device. The method includes receiving a selection from a customer identifying a final zipped package to be unpacked. The final zipped package is unpacked to obtain a common package and a digital signature file signed by an entity generating identity data requested by the customer. The digital signature in the digital signature file is verified and the common package is unpacked to obtain a plurality of outer packages and an encrypted symmetric key. The symmetric key is decrypted with a private key associated with the customer and each of the outer packages is decrypted with the symmetric key to obtain a plurality of identity data units.
摘要翻译：提供了一种用于通过通信网络将身份数据单元安全地传送到客户端设备的方法。该方法包括从客户接收标识要解包的最终压缩包的选择。最后的压缩包解包以获得由生成客户请求的身份数据的实体签名的公用包和数字签名文件。验证数字签名文件中的数字签名，并解压缩公用包以获得多个外包和加密对称密钥。对称密钥用与客户相关联的私钥解密，并且每个外部包被对称密钥解密以获得多个身份数据单元。

38. 发明申请

US20110197061A1 CONFIGURABLE ONLINE PUBLIC KEY INFRASTRUCTURE (PKI) MANAGEMENT FRAMEWORK 审中-公开
标题翻译：可配置在线公钥基础设施（PKI）管理框架
公开(公告)号：US20110197061A1
公开(公告)日：2011-08-11
申请号：US12854920
申请日：2010-08-12
申请人： Wei Lin Chou , Thomas J. Barbour , Liqiang Chen , Ying Chen , Christopher P. Gardner , Jiajing Liu , Oscar Jiang , Xin Qiu , Kyle W. Stewart , Chia Ling Tsai , Fan Wang , Ting Yao
发明人： Wei Lin Chou , Thomas J. Barbour , Liqiang Chen , Ying Chen , Christopher P. Gardner , Jiajing Liu , Oscar Jiang , Xin Qiu , Kyle W. Stewart , Chia Ling Tsai , Fan Wang , Ting Yao
IPC分类号： H04L29/06
CPC分类号： H04L9/006 , H04L9/3265
摘要： A method and apparatus is provided for establishing a process for provisioning a digital certificate service delivered by a PKI system. The method includes receiving a request for a digital certificate service and receiving data specifying a project that includes at least one product to be provisioned with a digital certificate. Data specifying an identification of an owner organization of the project and at least one participant organization participating in the project is also received. Attributes with which PKI data to be included in the digital certificates is to comply is received from the owner organization. Based on the received data and attributes, an account is established for each of the organizations associated with the project through which users associated with each of the organizations can respectively request digital certificates for the at least one product in accordance with the attributes received from the owner organization.
摘要翻译：提供了一种用于建立用于提供由PKI系统提供的数字证书服务的过程的方法和装置。该方法包括接收对数字证书服务的请求，并且接收指定项目的数据，所述项目包括至少一个要被提供数字证书的产品。还收到了指定项目所有者组织的标识和参与该项目的至少一个参与组织的数据。从所有者组织收到要包含在数字证书中的PKI数据符合的属性。根据接收到的数据和属性，为与项目相关联的每个组织建立一个帐户，通过该帐户，与每个组织相关联的用户可以根据从所有者接收的属性分别为至少一个产品请求数字证书组织。

39. 发明申请

US20090031131A1 Token-Based Management System for PKI Personalization Process 有权
标题翻译：基于令牌的PKI个性化流程管理系统
公开(公告)号：US20090031131A1
公开(公告)日：2009-01-29
申请号：US12175444
申请日：2008-07-17
申请人： Xin Qiu , Eric Sprunk , Liqiang Chen , Jason Pasion
发明人： Xin Qiu , Eric Sprunk , Liqiang Chen , Jason Pasion
IPC分类号： H04L9/00
CPC分类号： H04L9/006 , H04L9/3234 , H04L9/3263 , H04L63/0442 , H04L63/0823 , H04L63/0853 , H04L63/101 , H04L63/123 , H04L63/166 , H04L2209/56 , H04L2209/60 , H04L2209/80
摘要： A system for token-based management of a PKI personalization process includes a token request and management system (TRMS) configured to gather request information from a requestor; and a token personalization system (TPS) configured to personalize a hardware token such that usage of the hardware token is constrained by the request information. A method for token-based management of a PKI personalization process includes: requesting a hardware token; personalizing a hardware token such that the hardware token is confined to operation within limiting parameters; binding the hardware token to a workstation which is configured receive the hardware token and use credentials within the hardware token to request and download PKI data from a PKI server, the workstation being further configured to personalize an end user product by loading the PKI data into internal memory contained within the end user product; and monitoring usage of the hardware token and the PKI data.
摘要翻译：用于PKI个性化处理的基于令牌的管理的系统包括被配置为从请求者收集请求信息的令牌请求和管理系统（TRMS）; 以及被配置为个性化硬件令牌的令牌个性化系统（TPS），使得所述硬件令牌的使用被所述请求信息约束。用于PKI个性化处理的基于令牌的管理的方法包括：请求硬件令牌; 个性化硬件令牌，使得硬件令牌限制在限制参数内的操作; 将硬件令牌绑定到配置的接收硬件令牌并使用硬件令牌内的凭证的工作站，以从PKI服务器请求和下载PKI数据，该工作站进一步配置为通过将PKI数据加载到内部来个性化最终用户产品包含在最终用户产品中的内存; 并监视硬件令牌和PKI数据的使用情况。

40. 发明授权

US09130916B2 Cross-domain identity management for a whitelist-based online secure device provisioning framework 有权
标题翻译：基于白名单的在线安全设备配置框架的跨域身份管理
公开(公告)号：US09130916B2
公开(公告)日：2015-09-08
申请号：US13087843
申请日：2011-04-15
申请人： Xin Qiu , Ting Yao
发明人： Xin Qiu , Ting Yao
IPC分类号： H04L29/06
CPC分类号： H04L63/08 , H04L63/10
摘要： A method for managing identifiers associated with network-enabled devices and used in an identity data system provisioning the network-enabled devices with identity data includes receiving a first set data that includes a previously assigned identifier for one or more of the network-enabled devices that are authorized to be provisioned with new identity data. If identity data is currently installed on the one or more network-enabled devices, each of the previously assigned identifiers in the first set of data is associated with a corresponding identifier linked to the identity data currently installed on the one or more network-enabled devices to establish a second set of data. New identity data is bound to each of the one or more network-enabled devices by assigning a new identifier linked with the new identity data to each of the one or more network-enabled devices to establish a whitelist. The whitelist specifies, for each of the one or more network-enabled devices, its previously assigned identifier, its corresponding identifier and its new identifier that is linked with the new identity data.
摘要翻译：一种用于管理与启用网络的设备相关联并在身份数据系统中配置具有身份数据的启用网络的设备的标识符的方法包括：接收第一组数据，该第一组数据包括先前分配的一个或多个网络使能设备的标识符，被授权提供新的身份数据。如果身份数据当前安装在一个或多个启用网络的设备上，则第一组数据中先前分配的标识符中的每一个都与与当前安装在一个或多个启用网络的设备上的身份数据链接的对应标识符相关联建立第二组数据。通过将与新的身份数据链接的新标识符分配给一个或多个启用网络的设备中的每一个来建立白名单，将新的身份数据绑定到一个或多个网络启用设备中的每一个。白名单为一个或多个网络启用设备中的每一个指定其先前分配的标识符，其对应的标识符及其与新的身份数据链接的新标识符。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式