专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

31. 发明申请

US20090031131A1 Token-Based Management System for PKI Personalization Process 有权
标题翻译：基于令牌的PKI个性化流程管理系统
公开(公告)号：US20090031131A1
公开(公告)日：2009-01-29
申请号：US12175444
申请日：2008-07-17
申请人： Xin Qiu , Eric Sprunk , Liqiang Chen , Jason Pasion
发明人： Xin Qiu , Eric Sprunk , Liqiang Chen , Jason Pasion
IPC分类号： H04L9/00
CPC分类号： H04L9/006 , H04L9/3234 , H04L9/3263 , H04L63/0442 , H04L63/0823 , H04L63/0853 , H04L63/101 , H04L63/123 , H04L63/166 , H04L2209/56 , H04L2209/60 , H04L2209/80
摘要： A system for token-based management of a PKI personalization process includes a token request and management system (TRMS) configured to gather request information from a requestor; and a token personalization system (TPS) configured to personalize a hardware token such that usage of the hardware token is constrained by the request information. A method for token-based management of a PKI personalization process includes: requesting a hardware token; personalizing a hardware token such that the hardware token is confined to operation within limiting parameters; binding the hardware token to a workstation which is configured receive the hardware token and use credentials within the hardware token to request and download PKI data from a PKI server, the workstation being further configured to personalize an end user product by loading the PKI data into internal memory contained within the end user product; and monitoring usage of the hardware token and the PKI data.
摘要翻译：用于PKI个性化处理的基于令牌的管理的系统包括被配置为从请求者收集请求信息的令牌请求和管理系统（TRMS）; 以及被配置为个性化硬件令牌的令牌个性化系统（TPS），使得所述硬件令牌的使用被所述请求信息约束。用于PKI个性化处理的基于令牌的管理的方法包括：请求硬件令牌; 个性化硬件令牌，使得硬件令牌限制在限制参数内的操作; 将硬件令牌绑定到配置的接收硬件令牌并使用硬件令牌内的凭证的工作站，以从PKI服务器请求和下载PKI数据，该工作站进一步配置为通过将PKI数据加载到内部来个性化最终用户产品包含在最终用户产品中的内存; 并监视硬件令牌和PKI数据的使用情况。

32. 发明授权

US07450717B1 Self authentication ciphertext chaining 有权
标题翻译：自认证密文链接
公开(公告)号：US07450717B1
公开(公告)日：2008-11-11
申请号：US09588828
申请日：2000-06-07
申请人： Eric J. Sprunk , Xin Qiu
发明人： Eric J. Sprunk , Xin Qiu
IPC分类号： H04L9/34
CPC分类号： H04L9/3247 , H04L9/0618 , H04L2209/38
摘要： Existing key encryption approaches are extended by using overlapping portions of encrypted information. Another provision inserts one or more bits of data to ensure correct encryption/decryption. The inserted data can also be used for authentication.
摘要翻译：通过使用加密信息的重叠部分来扩展现有密钥加密方法。另一个规定插入一个或多个数据位以确保正确的加密/解密。插入的数据也可以用于认证。

33. 发明申请

US20080162928A1 Method and Apparatus for Distributing Root Certification 有权
标题翻译：分发根证书的方法和装置
公开(公告)号：US20080162928A1
公开(公告)日：2008-07-03
申请号：US11616348
申请日：2006-12-27
申请人： Xin Qiu , Petr Peterka , Eric J. Sprunk
发明人： Xin Qiu , Petr Peterka , Eric J. Sprunk
IPC分类号： H04L9/32
CPC分类号： H04L9/3268 , H04L2209/603
摘要： An apparatus and method for providing at least one root certificate are disclosed. Specifically, a plurality of root certificates is received and stored. Afterwards, a request is received from a first endpoint device for a desired root certificate, where the desired root certificate is used by the first endpoint device to verify an identity of a second endpoint device. Furthermore, the first endpoint device and the second endpoint device are associated with different certificate hierarchies. The desired root certificate is then sent to at least the first endpoint device.
摘要翻译：公开了一种用于提供至少一个根证书的设备和方法。具体地，接收并存储多个根证书。之后，从第一端点设备接收针对所需根证书的请求，其中期望的根证书由第一端点设备用于验证第二端点设备的身份。此外，第一端点设备和第二端点设备与不同的证书层级相关联。然后将期望的根证书发送到至少第一端点设备。

34. 发明授权

US09130916B2 Cross-domain identity management for a whitelist-based online secure device provisioning framework 有权
标题翻译：基于白名单的在线安全设备配置框架的跨域身份管理
公开(公告)号：US09130916B2
公开(公告)日：2015-09-08
申请号：US13087843
申请日：2011-04-15
申请人： Xin Qiu , Ting Yao
发明人： Xin Qiu , Ting Yao
IPC分类号： H04L29/06
CPC分类号： H04L63/08 , H04L63/10
摘要： A method for managing identifiers associated with network-enabled devices and used in an identity data system provisioning the network-enabled devices with identity data includes receiving a first set data that includes a previously assigned identifier for one or more of the network-enabled devices that are authorized to be provisioned with new identity data. If identity data is currently installed on the one or more network-enabled devices, each of the previously assigned identifiers in the first set of data is associated with a corresponding identifier linked to the identity data currently installed on the one or more network-enabled devices to establish a second set of data. New identity data is bound to each of the one or more network-enabled devices by assigning a new identifier linked with the new identity data to each of the one or more network-enabled devices to establish a whitelist. The whitelist specifies, for each of the one or more network-enabled devices, its previously assigned identifier, its corresponding identifier and its new identifier that is linked with the new identity data.
摘要翻译：一种用于管理与启用网络的设备相关联并在身份数据系统中配置具有身份数据的启用网络的设备的标识符的方法包括：接收第一组数据，该第一组数据包括先前分配的一个或多个网络使能设备的标识符，被授权提供新的身份数据。如果身份数据当前安装在一个或多个启用网络的设备上，则第一组数据中先前分配的标识符中的每一个都与与当前安装在一个或多个启用网络的设备上的身份数据链接的对应标识符相关联建立第二组数据。通过将与新的身份数据链接的新标识符分配给一个或多个启用网络的设备中的每一个来建立白名单，将新的身份数据绑定到一个或多个网络启用设备中的每一个。白名单为一个或多个网络启用设备中的每一个指定其先前分配的标识符，其对应的标识符及其与新的身份数据链接的新标识符。

35. 发明授权

US08387011B2 Method and apparatus for a dynamic and real-time configurable software architecture for manufacturing personalization 有权
标题翻译：用于制造个性化的动态和实时可配置软件架构的方法和装置
公开(公告)号：US08387011B2
公开(公告)日：2013-02-26
申请号：US11831347
申请日：2007-07-31
申请人： Xin Qiu , Liqiang Chen , Fan Wang
发明人： Xin Qiu , Liqiang Chen , Fan Wang
IPC分类号： G06F9/44 , G06F15/173
CPC分类号： H04L67/34 , H04L67/36
摘要： A process receives a personalization request to personalize a communication device. Further, the process provides the personalization request to a message controller that composes a message having personalization information with a message composer engine according to a set of rules and configures one or more communication parameters for the message with a message flow control engine according to the set of rules. The set of rules indicates a distributed environment set of files that the message composer engine and the message flow control engine utilize in a distributed environment, and a centralized environment set of files that the message composer engine and the message flow control engine utilize in a centralized environment.
摘要翻译：进程接收个性化请求以个性化通信设备。此外，该过程向消息控制器提供个性化请求，该消息控制器根据一组规则向消息组合器引擎组成具有个性化信息的消息，并且根据该集合向消息流控制引擎配置消息的一个或多个通信参数的规则。该组规则表示消息编剧引擎和消息流控制引擎在分布式环境中使用的分布式环境文件集，以及消息编剧引擎和消息流控制引擎在集中式中使用的集中式文件集环境。

36. 发明授权

US08374338B2 Transport packet decryption testing in a client device 有权
标题翻译：在客户端设备中传输数据包解密测试
公开(公告)号：US08374338B2
公开(公告)日：2013-02-12
申请号：US12708171
申请日：2010-02-18
申请人： Tat Keung Chan , Alexander Medvinsky , Stuart P. Moskovics , Jason A. Pasion , Xin Qiu
发明人： Tat Keung Chan , Alexander Medvinsky , Stuart P. Moskovics , Jason A. Pasion , Xin Qiu
IPC分类号： H04K1/00
CPC分类号： H04L9/088 , H04L2209/60
摘要： In a method for testing a transport packet decrypting module of a client device, a first decryption operation of the transport packet decrypting module is implemented on a test encrypted control word using a content decryption key ladder to derive a test control word, a second decryption operation of the transport packet decrypting module is implemented on one or more test transport packets using the test control word via a predetermined content decryption algorithm, the KIV is derived from the decrypted transport packets, and the derived KIV is compared with a value stored in the client device to verify whether the transport packet decrypting module of the client device is functioning properly.
摘要翻译：在一种用于测试客户端设备的传输分组解密模块的方法中，使用内容解密密钥梯形图在测试加密控制字上实现传输分组解密模块的第一解密操作，以导出测试控制字，第二解密操作的传输分组解密模块通过预定的内容解密算法使用测试控制字在一个或多个测试传输分组上实现，从解密的传输分组导出KIV，并将导出的KIV与存储在客户端中的值进行比较设备来验证客户端设备的传输分组解密模块是否正常工作。

37. 发明申请

US20120143766A1 Secure Large Volume Feature License Provisioning System 有权
标题翻译：安全大容量功能许可证配置系统
公开(公告)号：US20120143766A1
公开(公告)日：2012-06-07
申请号：US13238850
申请日：2011-09-21
申请人： Jinsong Zheng , Tat Keung Chan , Liqiang Chen , Greg N. Nakanishi , Jason A. Pasion , Xin Qiu , Ting Yao
发明人： Jinsong Zheng , Tat Keung Chan , Liqiang Chen , Greg N. Nakanishi , Jason A. Pasion , Xin Qiu , Ting Yao
IPC分类号： G06F21/22
CPC分类号： G06F21/105 , G06Q30/06 , G06Q2220/18
摘要： Disclosed is a manufacturing process and feature licensing system for provisioning personalized (device-unique) licenses to devices. The secure system uses a secure key wrapping mechanism to deliver the LSK to LPS. Another feature is that various network communication links are secured using standard security protocol. Application messages, license templates, licenses are digitally signed. The system is flexible, configured to allow multiple manufacturers and to allow various feature configurations via the use of License Template; scalable, as it is possible to use multiple LPS hosts to serve multiple programming stations; and available in that the delegation of license signing capability from CLS to LPS eliminates the dependency on unreliable Internet connections. Redundant LPS hosts provide high level of availability required for high volume license provisioning. The system is traceable: license and device association are replicated back to the CLS to provide full license request and generation traceability.
摘要翻译：公开了一种用于向设备提供个性化（设备唯一）许可证的制造过程和特征许可系统。安全系统使用安全的钥匙包装机构将LSK传送到LPS。另一个特征是使用标准安全协议来保护各种网络通信链路。应用程序消息，许可证模板，许可证都经过数字签名。该系统灵活，配置为允许多个制造商通过使用许可证模板来允许各种功能配置; 可扩展的，因为可以使用多个LPS主机来服务多个编程站; 并且可用于从CLS到LPS的许可证签名能力的授权消除了对不可靠的因特网连接的依赖。冗余LPS主机为高容量许可证配置提供了高水平的可用性。系统是可追溯的：许可证和设备关联被复制回CLS以提供完整的许可证请求和生成可追溯性。

38. 发明授权

US07708937B2 High-strength, high-toughness, weldable and deformable rare earth magnesium alloy 有权
标题翻译：高强度，高韧性，可焊接和可变形的稀土镁合金
公开(公告)号：US07708937B2
公开(公告)日：2010-05-04
申请号：US12105165
申请日：2008-04-17
申请人： Jian Meng , Daqing Fang , Deping Zhang , Dingxiang Tang , Huayi Lu , Lianshan Zhao , Wei Sun , Xin Qiu , Hongjie Zhang
发明人： Jian Meng , Daqing Fang , Deping Zhang , Dingxiang Tang , Huayi Lu , Lianshan Zhao , Wei Sun , Xin Qiu , Hongjie Zhang
IPC分类号： C22C23/06 , C22C23/00
CPC分类号： C22C23/04 , C22F1/06
摘要： A high-strength, high-toughness, weldable and deformable rare earth magnesium alloy comprised of 0.7˜1.7% of Ym, 5.5˜6.4% of Zn, 0.45˜0.8% of Zr, 0.02% or less of the total amount of impurity elements of Si, Fe, Cu and Ni, and the remainder of Mg, based on the total weight of the alloy. During smelting, Y, Ho, Er, Gd and Zr are added in a manner of Mg—Y-rich, Mg—Zr intermediate alloys into a magnesium melt; Zn is added in a manner of pure Zn, and at 690˜720° C., a round bar was cast by a semi-continuous casting or a water cooled mould, then an extrusion molding was performed at 380˜410° C. after cutting. Before the extrusion, the alloy is treated by the solid-solution treatment at 480˜510° C. for 2˜3 hours, however, the alloy can also be extrusion molded directly without the solid-solution treatment. After the extrusion molding, this alloy has a strength of 340 MPa or more and a percentage elongation of 14% or more at room temperature and is a high-strength, high-toughness, weldable and deformable rare earth magnesium alloy.
摘要翻译：一种高强度，高韧性，可焊接和可变形的稀土镁合金，其含有0.7〜1.7％的Ym，5.5〜6.4％的Zn，0.45〜0.8％的Zr，0.02％以下的杂质元素总量的Si，Fe，Cu和Ni，剩余的Mg基于合金的总重量。在熔炼过程中，以Mg-Y，Mg-Zr中间合金的方式将Y，Ho，Er，Gd和Zr加入到镁熔体中; 以纯Zn的方式添加Zn，在690〜720℃下，通过半连续铸造或水冷模具浇铸圆棒，然后在380〜410℃下进行挤出成型切割。在挤出前，合金在480〜510℃固溶处理2〜3小时，然而合金也可直接挤出成形而无需固溶处理。挤出成型后，该合金的室温下的强度为340MPa以上，伸长率为14％以上，为高强度，高韧性，可焊接且可变形的稀土类镁合金。

39. 发明申请

US20090006852A1 Method and Apparatus for Securing Unlock Password Generation and Distribution 有权
标题翻译：用于保护解密密码生成和分发的方法和装置
公开(公告)号：US20090006852A1
公开(公告)日：2009-01-01
申请号：US11768523
申请日：2007-06-26
申请人： Xin Qiu , Liqiang Chen , Stuart P. Moskovics , Kent D. Rager
发明人： Xin Qiu , Liqiang Chen , Stuart P. Moskovics , Kent D. Rager
IPC分类号： H04L9/32
CPC分类号： H04L9/3226 , H04L9/3247 , H04W12/04 , H04W12/08
摘要： A process may be utilized for securing unlock password generation and distribution. A first set of exclusive responsibilities, assigned to a trusted authority, includes random generation and encryption of an unlock password to compose a randomly generated encrypted unlock password. Further, a second set of exclusive responsibilities, assigned to a security agent, includes sending information associated with the unlock password and a digital signature of information associated with the unlock password to a communication device configured for a network in order to mate the unlock password to the communication device, and sending the randomly generated and encrypted unlock password along with mating data to a password processing center. In addition, a third set of exclusive responsibilities, assigned to a password processing center, includes decrypting the randomly generated and encrypted unlock password.
摘要翻译：可以利用一个过程来确保密码生成和分发。分配给受信任的机构的第一套独家责任包括随机生成和加密解锁密码，以组成随机生成的加密解密密码。此外，分配给安全代理的第二组独占责任包括将与解锁密码相关联的信息和与解锁密码相关联的信息的数字签名发送到为网络配置的通信设备，以便将解锁密码与通信设备，并将随机生成和加密的解密密码以及匹配数据发送到密码处理中心。另外，分配给密码处理中心的第三组独占责任包括解密随机产生和加密的解锁密码。

40. 发明授权

US06804782B1 Countermeasure to power attack and timing attack on cryptographic operations 有权
标题翻译：电力攻击和加密操作定时攻击的对策
公开(公告)号：US06804782B1
公开(公告)日：2004-10-12
申请号：US09373866
申请日：1999-08-13
申请人： Xin Qiu , Eric J. Sprunk , Daniel Z. Simon , Lawrence Tang , Lawrence R. Cook
发明人： Xin Qiu , Eric J. Sprunk , Daniel Z. Simon , Lawrence Tang , Lawrence R. Cook
IPC分类号： G06F1130
CPC分类号： G06F9/3001 , G06F2207/7219 , H04L9/003 , H04L9/005 , H04L9/3013 , H04L9/302
摘要： A cryptography circuit provides secure processing of data by utilizing countermeasures that combat timing and power attacks. Superfluous operations such as multiplication operations, modular reductions by an integer, storage of data to memory are available for use by a processor to disguise the amount of power usage and the amount of time required to perform a cryptographic operation. A cryptographic key is available for use in order to trigger when these emulated operations occur. The occurrences of the emulated operations is controlled by the user to provide the preferred tradeoff between security and use of resources.
摘要翻译：加密电路通过利用对抗定时和电源攻击的对策来提供对数据的安全处理。多余的操作，例如乘法运算，整数模块化减少，数据存储到存储器可供处理器使用，以掩盖功率使用量和执行加密操作所需的时间。可以使用加密密钥来在这些仿真操作发生时触发。仿真操作的发生由用户控制，以提供资源的安全性和使用之间的首选权衡。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式