专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

41. 发明申请

US20100083349A1 METHOD FOR REALIZING TRUSTED NETWORK MANAGEMENT 有权
标题翻译：实现可信网络管理的方法
公开(公告)号：US20100083349A1
公开(公告)日：2010-04-01
申请号：US12631491
申请日：2009-12-04
申请人： YUELEI XIAO , Jun Cao , Xiaolong Lai , Zhenhai Huang
发明人： YUELEI XIAO , Jun Cao , Xiaolong Lai , Zhenhai Huang
IPC分类号： G06F21/00 , G06F17/30
CPC分类号： H04L63/20
摘要： A method for realizing trusted network management is provided. A trusted management agent resides on a managed host, and a trusted management system resides on a management host. The trusted management agent and the trusted management system are software modules, which are both based on a trusted computing platform and signed after being authenticated by a trusted third party of the trusted management agent and the trusted management system. Trusted platform modules of the managed host and the management host can perform integrity measurement, storage, and report for the trusted management agent and the trusted management system. Therefore, the managed host and the management host can ensure that the trusted management agent and the trusted management system are trustworthy. Then, the trusted management agent and the trusted management system execute a network management function, thus realizing the trusted network management. Therefore, the technical problem in the prior art that the network management security cannot be ensured due to the mutual attack between an agent, a host where the agent resides, and a manager system is solved, and trusted network management is realized.
摘要翻译：提供了一种实现可信网络管理的方法。可信管理代理驻留在受管主机上，可管理系统驻留在管理主机上。信任管理代理和信任管理系统是软件模块，它们都是基于可信计算平台，经信任管理代理和可信管理系统的信任第三方认证后进行签名。托管主机和管理主机的可信平台模块可以对可信管理代理和可信管理系统执行完整性测量，存储和报告。因此，托管主机和管理主机可以确保可信管理代理和可信管理系统是值得信赖的。然后，信任管理代理和信任管理系统执行网络管理功能，从而实现可信网络管理。因此，现有技术的技术问题是解决了代理，代理所在的主机与管理者系统之间的相互攻击而不能确保网络管理安全性，并实现了可信网络管理。

42. 发明申请

US20100077454A1 TRUSTED NETWORK CONNECT METHOD BASED ON TRI-ELEMENT PEER AUTHENTICATION 有权
标题翻译：基于三元认证的有效网络连接方法
公开(公告)号：US20100077454A1
公开(公告)日：2010-03-25
申请号：US12626546
申请日：2009-11-25
申请人： YUELEI XIAO , Jun Cao , Xiaolong Lai , Zhenhai Huang
发明人： YUELEI XIAO , Jun Cao , Xiaolong Lai , Zhenhai Huang
IPC分类号： H04L9/32
CPC分类号： H04L9/3247 , H04L9/3234 , H04L9/3263 , H04L41/0893 , H04L63/0869 , H04L63/0876 , H04L63/105 , H04L63/20
摘要： A trusted network connect (TNC) method based on tri-element peer authentication is provided, which includes the following steps. Platform integrity information is prepared in advance. An integrity verification requirement is predefined. A network access requestor initiates an access request to a network access controller. The network access controller starts a mutual user authentication process, and performs a tri-element peer authentication protocol with a user authentication serving unit. After the mutual user authentication is successful, a TNC client, a TNC server, and a platform evaluation serving unit implement platform integrity evaluation by using a tri-element peer authentication method. The network access requestor and the network access controller control ports according to recommendations received respectively, so as to implement mutual access control between the access requestor and the access controller. Thus, the technical problems in the prior art of poor extensibility, complex key agreement process, low security, and that platform integrity evaluation is not peer-to-peer are solved by the present invention. Through the method of the present invention, key management and integrity verification mechanisms of the TNC are simplified, and the range of applicability of the TNC is expanded.
摘要翻译：提供了基于三元对等认证的可信网络连接（TNC）方法，包括以下步骤。平台完整性信息是事先准备的。完整性验证要求是预先定义的。网络访问请求者发起对网络访问控制器的访问请求。网络访问控制器开始相互用户认证处理，并与用户认证服务单元执行三元对等认证协议。相互用户认证成功后，TNC客户端，TNC服务器和平台评估服务单元通过三元素对等体认证方式实现平台完整性评估。根据分别接收的建议，网络接入请求者和网络接入控制器控制端口，实现接入请求者和接入控制器之间的相互访问控制。因此，通过本发明解决了现有技术中的扩展性差，复杂密钥协商过程，低安全性和平台完整性评估不是点对点的技术问题。通过本发明的方法，简化了TNC的密钥管理和完整性验证机制，拓展了跨国公司的适用范围。

43. 发明授权

US09015331B2 Method for implementing a convergent wireless local area network (WLAN) authentication and privacy infrastructure (WAPI) network architecture in a local MAC mode 有权
标题翻译：在本地MAC模式下实现融合无线局域网（WLAN）认证和隐私基础设施（WAPI）网络架构的方法
公开(公告)号：US09015331B2
公开(公告)日：2015-04-21
申请号：US13203646
申请日：2009-12-14
申请人： Xiaolong Lai , Jun Cao , Zhiqiang Du , Manxia Tie , Li Ge , Zhenhai Huang
发明人： Xiaolong Lai , Jun Cao , Zhiqiang Du , Manxia Tie , Li Ge , Zhenhai Huang
IPC分类号： G06F15/16 , H04W12/06 , H04L29/06 , H04W84/12 , H04W12/04
CPC分类号： H04W12/06 , H04L63/062 , H04L63/065 , H04L63/08 , H04L63/10 , H04W12/04 , H04W84/12 , H04W88/08 , H04W88/12 , H04W92/12
摘要： A method for implementing a convergent Wireless Local Area Network (WLAN) Authentication and Privacy Infrastructure (WAPI) network architecture in a local Medium Access Control (MAC) mode is provided and includes the following steps: the MAC function and WAPI function of Access Point (AP) are divided between Wireless Terminal Point (WTP) and Access Controller (AC) to construct a local MAC mode; the convergence of WAPI protocol and the convergent WLAN network architecture is implemented in the local MAC mode; the process of association and connection between Station (STA), WTP and AC is performed; the process of notification of the beginning of the execution of the WLAN Authentication Infrastructure (WAI) protocol between AC and WTP is performed; the process of the execution of the WAI protocol between STA and AC is performed; the process of notification of the end of the execution of the WAI protocol between AC and WTP is performed; the process of encrypted communication between WTP and STA is performed by use of WPI.
摘要翻译：提供了一种在本地媒体访问控制（MAC）模式下实现融合无线局域网（WLAN）认证和隐私基础设施（WLAN）网络架构的方法，包括以下步骤：接入点的MAC功能和WAPI功能 AP）分为无线终端点（WTP）和接入控制器（AC）之间，构成本地MAC模式; WAPI协议和融合WLAN网络架构的融合在本地MAC模式下实现; 执行站（STA），WTP和AC之间的关联和连接的过程; 执行在AC和WTP之间通知WLAN认证基础设施（WAI）协议的开始的过程; 执行STA和AC之间的WAI协议的执行过程; 执行在AC和WTP之间通知WAI协议的执行结束的过程; WTP和STA之间的加密通信过程通过使用WPI进行。

44. 发明授权

US08966257B2 Method and system for secret communication between nodes 有权
标题翻译：节点之间的秘密通信的方法和系统
公开(公告)号：US08966257B2
公开(公告)日：2015-02-24
申请号：US13516967
申请日：2010-06-02
申请人： Manxia Tie , Jun Cao , Oin Li , Li Ge , Zhenhai Huang
发明人： Manxia Tie , Jun Cao , Oin Li , Li Ge , Zhenhai Huang
IPC分类号： H04L29/06 , H04L9/32 , H04L12/721
CPC分类号： H04L63/0464 , H04L9/0827 , H04L45/26 , H04L63/0435 , H04L63/0471 , H04L63/062 , H04L63/162
摘要： The present invention discloses a method and system for secret communication between nodes in a wired Local Area Network (LAN). The method of secret communication between nodes in the wired LAN includes the following steps: 1) a sharing key is established; 2) the route probe is exchanged; 3) the data communication is classified; 4) the secret communication is processed among the nodes. According to the different communication situations among the nodes, the method of secret communication between nodes provided in the present invention can process the classification and select an appropriate secret communication strategy; compared with per-hop encryption, the calculation load of the exchange equipment is reduced, and the transmission delay of data packets is shortened; compared with the method that inter-station keys are established in pairs of nodes in order to protect the communication secret, the key number is reduced, and the key management is simplified.
摘要翻译：本发明公开了一种用于有线局域网（LAN）中的节点之间的秘密通信的方法和系统。有线局域网节点之间的秘密通信方法包括以下步骤：1）建立共享密钥; 2）交换路由探测器; 3）数据通信分类; 4）节点之间处理秘密通信。根据节点之间不同的通信情况，本发明提供的节点之间的秘密通信方法可以处理分类并选择适当的秘密通信策略; 与每跳加密相比，交换设备的计算负载减少，数据包的传输延迟缩短; 与站间密钥建立成对节点的方法相比，为了保护通信秘密，密钥号码减少，密钥管理简化。

45. 发明授权

US08931049B2 Trusted network connection implementing method based on tri-element peer authentication 有权
标题翻译：基于三元素对等认证的可信网络连接实现方法
公开(公告)号：US08931049B2
公开(公告)日：2015-01-06
申请号：US13133333
申请日：2009-12-01
申请人： Yuelei Xiao , Jun Cao , Li Ge , Zhenhai Huang
发明人： Yuelei Xiao , Jun Cao , Li Ge , Zhenhai Huang
IPC分类号： G06F7/04 , H04L29/06 , G06F21/31 , G06F21/62
CPC分类号： H04L63/0869 , G06F21/31 , G06F21/6209 , G06F2221/2141 , H04L63/0876 , H04L63/10
摘要： A trusted network connection implementing method based on Tri-element Peer Authentication is provided in present invention, the method includes: step 1, configuring and initializing; step 2, requesting for network connection, wherein an access requester sends a network connection request to and access controller, and the access controller receives the network connection request; step 3, authenticating user ID; and step 4, authenticating a platform. The invention enhances the safety of the trusted network connection implementing method, widens the application range of the trusted network connection implementing method based on the Tri-element Peer Authentication, satisfies requirements of different network apparatuses and improves the efficiency of the trusted network connection implementing method based on the Tri-element Peer Authentication.
摘要翻译：本发明提供了一种基于三元素对等认证的可信网络连接实现方法，该方法包括：步骤1，配置和初始化; 步骤2，请求网络连接，其中访问请求者向网络连接请求发送和访问控制器，并且访问控制器接收网络连接请求; 步骤3，验证用户ID; 步骤4，验证平台。本发明增强了可信网络连接实现方法的安全性，拓宽了基于三元对等认证的可信网络连接实现方法的应用范围，满足不同网络设备的要求，提高了可信网络连接实现方法的效率基于三元素对等体认证。

46. 发明授权

US08763100B2 Entity authentication method with introduction of online third party 有权
标题翻译：实体认证方式，引入在线第三方
公开(公告)号：US08763100B2
公开(公告)日：2014-06-24
申请号：US13392915
申请日：2009-12-29
申请人： Manxia Tie , Jun Cao , Xiaolong Lai , Zhenhai Huang
发明人： Manxia Tie , Jun Cao , Xiaolong Lai , Zhenhai Huang
IPC分类号： G06F21/00
CPC分类号： H04L63/08 , H04L9/3213 , H04L9/3247 , H04L9/3263 , H04L9/3271 , H04L9/3297
摘要： An entity authentication method by introducing an online third party includes the following steps: 1) an entity B sends a message 1 to an entity A; 2) the entity A sends a message 2 to a trusted third party TP after receiving the message 1; 3) the trusted third party TP checks the validity of the entity A after receiving the message 2; 4) the trusted third party TP returns a message 3 to the entity A after checking the validity of the entity A; 5) the entity A sends a message 4 to the entity B after receiving the message 3; 6) and the entity B performs validation after receiving the message 4. The online retrieval and authentication mechanism of the public key simplifies the operating condition of a protocol, and realizes validity identification of the network for the user through the authentication of the entity B to the entity A.
摘要翻译：通过引入在线第三方的实体认证方法包括以下步骤：1）实体B向实体A发送消息1; 2）实体A在接收到消息1之后向可信第三方TP发送消息2; 3）受信任的第三方TP在接收到消息2后检查实体A的有效性; 4）可信第三方TP在检查实体A的有效性之后向实体A返回消息3; 5）实体A在接收到消息3之后向实体B发送消息4; 6），实体B在接收到消息4后进行验证。公钥的在线检索和认证机制简化了协议的工作状态，通过对实体B认证实现了用户对网络的有效性识别实体A.

47. 发明授权

US08756654B2 Trusted network management method of trusted network connections based on tri-element peer authentication 有权
标题翻译：基于三元对等认证的可信网络连接的可信网络管理方法
公开(公告)号：US08756654B2
公开(公告)日：2014-06-17
申请号：US13059798
申请日：2009-08-20
申请人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang
发明人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang
IPC分类号： G06F17/00 , G06F7/04 , G06F17/30 , G06F15/16 , H04L29/06
CPC分类号： H04L41/28 , H04L9/3234 , H04L9/3263 , H04L63/0823 , H04L63/0876 , H04L63/105 , H04L63/20 , H04L2209/127 , H04L2209/76
摘要： A trusted network management method of trusted network connections based on tri-element peer authentication. A trusted management proxy and a trusted management system are respectively installed and configured on a host to be managed and a management host, and are verified as local trusted. When the host to be managed and the management host are not connected to the trusted network, they use the trusted network connection method based on the tri-element peer authentication to connect to the trusted network respectively, and subsequently perform the authentications and the cipher key negotiations of the trusted management proxy and the trusted management system; when the host to be managed and the management host have not completed the user authentication and the cipher key negotiation process, they use the tri-element peer authentication protocol to complete the user authentication and the cipher key negotiation process, then use the tri-element peer authentication protocol to implement the remote trust of the trusted management proxy and the trusted management system, and finally perform network management. The present invention can actively defend attacks, reinforce the safety of the trusted network management architecture, and realize the trusted network management of distributed control and centralized management.
摘要翻译：基于三元对等认证的可信网络连接的可信网络管理方法。分别在要管理的主机和管理主机上安装和配置可信管理代理和可信管理系统，并将其验证为本地可信。当要管理的主机和管理主机没有连接到可信网络时，他们使用基于三元对等认证的可信网络连接方法分别连接到可信网络，然后执行认证和密码密钥可信管理代理和可信管理系统的协商; 当要管理的主机和管理主机尚未完成用户认证和密钥协商过程时，他们使用三元素对等体认证协议完成用户认证和密钥协商过程，然后使用三元素对等体认证协议，实现可信管理代理和可信管理系统的远程信任，最终执行网络管理。本发明可以积极防御攻击，加强可信网管理架构的安全性，实现分布式控制和集中管理的可信网络管理。

48. 发明授权

US08751792B2 Method and system for entity public key acquiring, certificate validation and authentication by introducing an online credible third party 有权
标题翻译：通过引入在线可信的第三方，实体公钥获取，证书验证和认证的方法和系统
公开(公告)号：US08751792B2
公开(公告)日：2014-06-10
申请号：US13499126
申请日：2009-12-14
申请人： Manxia Tie , Jun Cao , Zhenhai Huang , Xiaolong Lai
发明人： Manxia Tie , Jun Cao , Zhenhai Huang , Xiaolong Lai
IPC分类号： H04L29/06
CPC分类号： H04L9/3213 , H04L9/3268 , H04L63/0823
摘要： A method and system for entity public key acquiring, certificate validation and authentication by introducing an online credible third party is disclosed. The method includes the following steps: 1) an entity B transmits a message 1 to an entity A; 2) the entity A transmits a message 2 to a credible third party TP after receiving the message 1; 3) the credible third party TP determines the response RepTA after receiving the message 2; 4) the credible third party TP returns a message 3 to the entity A; 5) the entity A returns a message 4 to the entity B after receiving the message 3; 6) the entity B receives the message 4; 7) the entity B transmits a message 5 to the entity A; 8) the entity A receives the message 5. The present invention can achieve public key acquisition, certificate validation and authentication of the entity by integrating them in one protocol, thereby facilitate the execution efficiency and the effect of the protocol and facilitate the combination with various public key acquisition and public key certificate state enquiry protocols. The present invention suits with a “user-access point-server” access network structure to meet the authentication requirement of the access network.
摘要翻译：公开了通过引入在线可信第三方实体公钥获取，证书验证和认证的方法和系统。该方法包括以下步骤：1）实体B向实体A发送消息1; 2）实体A在接收到消息1之后向可信第三方TP发送消息2; 3）可靠的第三方TP确定收到消息后的回复RepTA 2; 4）可信第三方TP向实体A返回消息3; 5）实体A在接收到消息3之后向实体B返回消息4; 6）实体B接收消息4; 7）实体B向实体A发送消息5; 8）实体A接收消息5.本发明可以通过在一个协议中集成实现公钥获取，证书验证和认证，从而促进协议的执行效率和效果，并促进与各种协议的组合公开密钥获取和公钥证书状态查询协议。本发明适用于“用户接入点 - 服务器”接入网络结构，以满足接入网络的认证要求。

49. 发明授权

US08689283B2 Security access control method and system for wired local area network 有权
标题翻译：有线局域网的安全访问控制方法和系统
公开(公告)号：US08689283B2
公开(公告)日：2014-04-01
申请号：US13391051
申请日：2009-12-23
申请人： Manxia Tie , Jun Cao , Li Ge , Xiaolong Lai , Zhenhai Huang , Qin Li , Zhiqiang Du
发明人： Manxia Tie , Jun Cao , Li Ge , Xiaolong Lai , Zhenhai Huang , Qin Li , Zhiqiang Du
IPC分类号： H04L29/06
CPC分类号： H04L63/20 , H04L63/061 , H04L63/0823 , H04L63/205
摘要： The present invention relates to a security access control method and system for wired local area network, the method includes the following steps: 1) a requester (REQ) negotiates the security policy with an authentication access controller (AAC); 2) the requester (REQ) and the authentication access controller (AAC) authenticate the identity; 3) the requester (REQ) negotiates the key with the authentication access controller (AAC). The direct identity authentication between the user and the network access control device is realized by the present invention; the negotiation and the dynamic update of the session key for the link layer data protection are realized; a variety of network architectures such as the enterprise network, the telecommunication network are supported; the scalability is good, the multiple authentication methods are supported; the authentication protocols with different security levels are supported, the requirements of the various subscribers are satisfied; the sub-modules of the protocol are independent, flexible, and easy to be accepted or rejected.
摘要翻译：本发明涉及有线局域网的安全访问控制方法和系统，该方法包括以下步骤：1）请求者（REQ）与认证接入控制器（AAC）协商安全策略; 2）请求者（REQ）和认证访问控制器（AAC）认证身份; 3）请求者（REQ）与认证接入控制器（AAC）协商密钥。用户和网络访问控制设备之间的直接身份认证是通过本发明实现的; 实现了链路层数据保护的会话密钥的协商和动态更新; 支持企业网络，电信网络等各种网络架构; 可扩展性好，支持多种认证方式; 支持不同安全级别的认证协议，满足各种用户的要求; 协议的子模块是独立的，灵活的，易于被接受或拒绝。

50. 发明授权

US08656153B2 Authentication access method and authentication access system for wireless multi-hop network 有权
标题翻译：无线多跳网络的认证接入方式和认证接入系统
公开(公告)号：US08656153B2
公开(公告)日：2014-02-18
申请号：US12810374
申请日：2008-12-26
申请人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang
发明人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang
IPC分类号： H04L29/06
CPC分类号： H04W12/06 , H04L9/0844 , H04L9/3226 , H04L9/3263 , H04L63/061 , H04L63/0807 , H04L2209/80 , H04W12/04 , H04W88/02
摘要： Authentication access method and authentication access system for wireless multi-hop network. Terminal equipment and coordinator have the capability of port control, the coordinator broadcasts a beacon frame, and the terminal equipment selects an authentication and key management suite and transmits a connecting request command to the coordinator. The coordinator performs authentication with the terminal equipment according to the authentication and key management suite which is selected by the terminal equipment, after authenticated, transmits a connecting response command to the terminal equipment. The terminal equipment and the coordinator control the port according to the authentication result, therefore the authenticated access for the wireless multi-hop network is realized. The invention solves the security problem of the wireless multi-hop network authentication method.
摘要翻译：无线多跳网络的认证接入方式和认证接入系统。终端设备和协调器具有端口控制能力，协调器广播信标帧，终端设备选择认证和密钥管理套件，并向协调器发送连接请求命令。协调器根据由终端设备选择的认证和密钥管理套件与终端设备进行认证，经过认证，向终端设备发送连接响应命令。终端设备和协调器根据认证结果对端口进行控制，实现了无线多跳网络的认证接入。本发明解决了无线多跳网络认证方法的安全问题。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式