专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

41. 发明申请

US20100306839A1 ENTITY BI-DIRECTIONAL IDENTIFICATOR METHOD AND SYSTEM BASED ON TRUSTABLE THIRD PARTY 有权
标题翻译：基于可信赖第三方的实体双向识别方法和系统
公开(公告)号：US20100306839A1
公开(公告)日：2010-12-02
申请号：US12739678
申请日：2008-10-23
申请人： Manxia Tie , Jun Cao , Xiaolong Lai , Liaojun Pang , Zhenhai Huang
发明人： Manxia Tie , Jun Cao , Xiaolong Lai , Liaojun Pang , Zhenhai Huang
IPC分类号： H04L9/32 , G06F21/00
CPC分类号： H04L63/0869 , H04L9/3213 , H04L9/3273 , H04L63/0823 , H04L63/126
摘要： An entity bi-directional identification method and system based on a trustable third party thereof are provided. The system comprises a first entity, which is for sending a first message to a second entity, sending a third message to a third entity after receiving a second message sent by the second entity, verifying the fourth message after receiving a fourth message sent by the third entity, sending a fifth message to the second entity after the verification is finished; the second entity, which is for receiving the first message sent by the first entity, sending the second message to the first entity, verifying the fifth message after receiving the fifth message sent by the first entity; the third entity, which is for receiving the third message sent by the first entity, checking if the first entity and the second entity are legal, implementing the pretreatment according to the checking result, sending the first entity the fourth message after the treatment is finished.
摘要翻译：提供了一种基于可信任第三方的实体双向识别方法和系统。该系统包括用于向第二实体发送第一消息的第一实体，在接收到由第二实体发送的第二消息之后向第三实体发送第三消息，在接收到由第二实体发送的第四消息之后验证第四消息第三实体，在验证完成之后向第二实体发送第五消息; 所述第二实体用于接收由所述第一实体发送的所述第一消息，向所述第一实体发送所述第二消息，在接收到由所述第一实体发送的所述第五消息之后验证所述第五消息; 用于接收第一实体发送的第三消息的第三实体，检查第一实体和第二实体是否合法，根据检查结果实现预处理，在处理完成之后发送第一实体第四消息。

42. 发明申请

US20100263023A1 TRUSTED NETWORK ACCESS CONTROLLING METHOD BASED ON TRI-ELEMENT PEER AUTHENTICATION 有权
标题翻译：基于三元认证的有效网络访问控制方法
公开(公告)号：US20100263023A1
公开(公告)日：2010-10-14
申请号：US12742618
申请日：2008-11-14
申请人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang
发明人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang
IPC分类号： H04L29/06 , H04L9/32 , H04W12/08
CPC分类号： H04L41/0893 , H04L63/0823 , H04L63/0876 , H04L63/102 , H04L63/20
摘要： A trusted network access controlling method based upon tri-element peer authentication comprises: Firstly initializing creditability collectors and a creditability verifier; then carrying out a tri-element peer authentication protocol among a network access requester, a network access controller and an authentication strategy server in a network access control layer to realize bi-directional user authentication between the access requester and the access controller; When authentication is successful or the locale strategy requires to carry out a when a platform creditability evaluation process, the TNC terminal, TNC server and evaluation strategy server in a trusted platform evaluation layer performing the tri-element peer authentication protocol to realize bi-directional platform creditability authentication between the access requester and the access controller; Finally the access requester and the access controller controlling ports according to the recommendation generated by the TNAC client terminal and the TNAC service terminal. The invention solves the technical problem about poor expandability in background, and further solves the problem about complex key negotiation and relatively low safety.
摘要翻译：基于三元素对等认证的可信网络访问控制方法包括：首先初始化信用收集者和信用验证者; 然后在网络访问控制层中的网络访问请求者，网络访问控制器和认证策略服务器之间执行三元素对等认证协议，以实现访问请求者和访问控制器之间的双向用户认证; 当认证成功或者区域设置策略需要在平台可信度评估过程中执行时，TNC终端，TNC服务器和评估策略服务器在可信平台评估层中执行三元素对等认证协议，实现双向平台访问请求者和访问控制器之间的可信度认证; 最后根据由TNAC客户终端和TNAC服务终端生成的建议，访问请求者和访问控制器控制端口。本发明解决了背景下可扩展性差的技术问题，进一步解决了复杂密钥协商和安全性相对较低的问题。

43. 发明申请

US20100251334A1 TRUSTED NETWORK ACCESS CONTROL SYSTEM BASED TERNARY EQUAL IDENTIFICATION 有权
标题翻译：基于等效网络认证的网络访问控制系统
公开(公告)号：US20100251334A1
公开(公告)日：2010-09-30
申请号：US12743170
申请日：2008-11-14
申请人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang
发明人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang
IPC分类号： H04L9/32 , H04L29/06 , H04L12/28
CPC分类号： H04L63/20 , H04L41/0893 , H04L63/0823 , H04L63/0876 , H04L63/102 , H04L63/126
摘要： A trusted network access control system based on ternary equal identification is provided. The system includes access requestor AR, access controller AC and policy manager PM as well as the protocol interface among them. The protocol interface between the AR and AC includes a trusted network transmission interface (IF-TNT) and IF-TNACCS interface between TNAC client and TNAC server. The protocol interface between the AC and PM includes an identification policy service interface IF-APS, evaluation policy service interface IF-EPS and a trust measurement interface IF-TM. The protocol interface between the AR and PM includes a trust measurement interface IF-TM.
摘要翻译：提供了基于三元等同识别的可信网络访问控制系统。该系统包括访问请求者AR，访问控制器AC和策略管理器PM以及它们之间的协议接口。 AR和AC之间的协议接口包括TNAC客户端和TNAC服务器之间的可信网络传输接口（IF-TNT）和IF-TNACCS接口。 AC和PM之间的协议接口包括识别策略服务接口IF-APS，评估策略服务接口IF-EPS和信任测量接口IF-TM。 AR和PM之间的协议接口包括信任测量接口IF-TM。

44. 发明授权

US08819778B2 Method and system for switching station in centralized WLAN when WPI is performed by access controller 有权
标题翻译： WPI由接入控制器执行时，集中式WLAN切换站的方法和系统
公开(公告)号：US08819778B2
公开(公告)日：2014-08-26
申请号：US13320469
申请日：2009-12-07
申请人： Zhiqiang Du , Jun Cao , Manxia Tie , Xiaolong Lai , Zhenhai Huang
发明人： Zhiqiang Du , Jun Cao , Manxia Tie , Xiaolong Lai , Zhenhai Huang
IPC分类号： H04L29/06 , H04W12/06
CPC分类号： H04W36/0038 , H04L41/0803 , H04L63/205 , H04W12/06 , H04W92/12
摘要： The embodiment of the present invention relates to a method and a system for switching station in centralized wireless local area network (WLAN) when the WLAN privacy infrastructure (WPI) is performed by an access controller (AC). The method includes: step 1: the station re-associates with the AC through the destination wireless terminal point (WTP); step 2: the AC informs the associated WTP to delete the station; step 3: the AC informs the destination WTP to join the station. The invention implements the operation of joining station and deleting station between the AC and the WTP based on the control and provisioning of wireless access points protocol (CAPWAP) control message during the process of switching station. Therefore, the invention can quickly and safely implement the station switching among the WTPs under the same AC.
摘要翻译：本发明的实施例涉及一种当WLAN隐私基础设施（WPI）由接入控制器（AC）执行时，在集中式无线局域网（WLAN）中切换台站的方法和系统。该方法包括：步骤1：站通过目的无线终端（WTP）与AC重新关联; 步骤2：AC通知相关的WTP删除站; 步骤3：AC通知目的地WTP加入车站。本发明基于在交换台处理过程中的无线接入点协议（CAPWAP）控制消息的控制和提供，实现了加入站和删除站之间的AC和WTP的操作。因此，本发明可以在同一AC下的WTP之间快速，安全地实现站切换。

45. 发明授权

US08631232B2 Wireless personal area network accessing method 有权
标题翻译：无线个域网访问方式
公开(公告)号：US08631232B2
公开(公告)日：2014-01-14
申请号：US12863272
申请日：2009-01-14
申请人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang , Bianling Zhang , Zhiqiang Qin , Qizhu Song
发明人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang , Bianling Zhang , Zhiqiang Qin , Qizhu Song
IPC分类号： H04L29/00
CPC分类号： H04W12/04 , H04L63/205 , H04W12/06
摘要： A wireless personal area network accessing method is provided, the method includes that: a coordinator broadcasts a beacon frame, the beacon frame includes the information about whether the coordinator sends an authentication requirement, the beacon frame also includes the authentication supported by the coordinator and key management package when a device receipts the authentication requirement, the device receives the beacon frame, the authentication between the coordinator and the device is made by using a authentication method corresponding to the authentication supported by the coordinator and key management package, when the device determines that the coordinator and the device is directly made according to the authentication result, or the association between the coordinator and the device is made after making session key negotiation.
摘要翻译：提供了无线个人区域网络访问方法，该方法包括：协调器广播信标帧，信标帧包括关于协调器是否发送认证要求的信息，信标帧还包括由协调器和密钥支持的认证管理包，当设备收到认证要求时，设备收到信标帧，协调器和设备之间的认证是通过使用与协调器和密钥管理包所支持的认证相对应的认证方法进行的，当设备确定协调器和设备根据认证结果直接进行，或者在进行会话密钥协商之后进行协调器与设备之间的关联。

46. 发明申请

US20130133030A1 PLATFORM AUTHENTICATION STRATEGY MANAGEMENT METHOD AND DEVICE FOR TRUSTED CONNECTION ARCHITECTURE 有权
标题翻译：平台认证策略管理方法和设备连接建筑
公开(公告)号：US20130133030A1
公开(公告)日：2013-05-23
申请号：US13813291
申请日：2011-05-26
申请人： Yonggang Xue , Runtian Kan , Yuelei Xiao , Jun Cao , Zhenhai Huang , Ke Wang , Guoqiang Zhang , Kelong Yuan , Lin Zhu , Xiaoyong Liu
发明人： Yonggang Xue , Runtian Kan , Yuelei Xiao , Jun Cao , Zhenhai Huang , Ke Wang , Guoqiang Zhang , Kelong Yuan , Lin Zhu , Xiaoyong Liu
IPC分类号： H04L29/06
CPC分类号： H04L63/20 , G06F21/57 , H04L63/0876 , H04L63/10 , H04L63/1433
摘要： Provided are a platform authentication strategy management method for trusted connection architecture (TCA), and the trusted network connection (TNC) client, TNC access point and evaluation strategy service provider for implementing the method in the TCA. In the embodiments of the present invention, the platform authentication strategy for the access requester can be configured in the TNC access point or the evaluation strategy service provider, and the platform authentication strategy for the access requester configured in the evaluation strategy service provider can be delivered to the TNC access point. Moreover, a component-type-level convergence platform evaluation strategy can be executed in the TNC access point or the evaluation strategy service provider, to ensure that the realization of the TCA platform authentication has good application extensibility.
摘要翻译：提供了一种用于可信连接架构（TCA）和可信网络连接（TNC）客户端，TNC接入点和评估策略服务提供商的平台认证策略管理方法，用于在TCA中实现该方法。在本发明的实施例中，可以在TNC接入点或评估策略服务提供者中配置用于接入请求者的平台认证策略，并且可以在评估策略服务提供商中配置的接入请求者的平台认证策略到TNC接入点。此外，TNC接入点或评估策略服务提供商可以执行组件级融合平台评估策略，确保TCA平台认证的实现具有良好的应用可扩展性。

47. 发明授权

US08417955B2 Entity bidirectional authentication method and system 有权
标题翻译：实体双向认证方式和系统
公开(公告)号：US08417955B2
公开(公告)日：2013-04-09
申请号：US12808049
申请日：2008-12-09
申请人： Manxia Tie , Jun Cao , Zhenhai Huang , Xiaolong Lai
发明人： Manxia Tie , Jun Cao , Zhenhai Huang , Xiaolong Lai
IPC分类号： H04L29/06
CPC分类号： H04L9/321 , H04L9/3247
摘要： An entity bidirectional authentication method and system, the method involves: the first entity sends the first message; the second entity sends the second message to the credible third party after receiving the said first message; the said credible third party returns the third message after receiving the second message; the said second entity sends the fourth message after receiving the third message and verifying it; the said first entity receives the said fourth message and verifies it, completes the authentication. Compared with the conventional authentication mechanism, the invention defines an on-line retrieval and authentication mechanism of a public key, realizes the centralized management for it, simplifies the operating condition of the protocol, and facilitates the application and implement.
摘要翻译：一种实体双向认证方法和系统，该方法涉及：第一实体发送第一消息; 第二实体在接收到所述第一消息之后将第二消息发送到可信第三方; 所述可信第三方在接收到第二消息后返回第三消息; 所述第二实体在接收到第三消息并验证之后发送第四消息; 所述第一实体接收所述第四消息并对其进行验证，从而完成认证。与常规认证机制相比，本发明定义了公钥的在线检索和认证机制，实现了集中管理，简化了协议的工作状态，便于应用和实现。

48. 发明授权

US08412943B2 Two-way access authentication method 有权
标题翻译：双向访问认证方式
公开(公告)号：US08412943B2
公开(公告)日：2013-04-02
申请号：US12741982
申请日：2008-11-07
申请人： Liaojun Pang , Jun Cao , Manxia Tie , Zhenhai Huang
发明人： Liaojun Pang , Jun Cao , Manxia Tie , Zhenhai Huang
IPC分类号： H04L29/00
CPC分类号： H04L9/3247 , G06F21/445 , G06Q20/3823 , G06Q20/388 , G06Q20/4097 , H04L9/0847 , H04L9/321 , H04L9/3271 , H04L63/0869 , H04L2209/80 , H04W12/06
摘要： A two-way access authentication method comprises: According to the system parameters pre-established by the third entity, the first entity sends the access authentication request packet to the second entity, then the second entity validates whether the signature of first entity is correct, and if yes, the share master key of second entity is calculated; the second entity generates the access authentication response packet and sends it to the first entity, then the first entity validates whether the signature of access authentication response packet and the message integrity check code are correct; if yes, the share master key of first entity is calculated; the first entity sends the access authentication acknowledge packet to the second entity, then the second entity validates the integrity of the access authentication acknowledge packet, if passing the validation, the share master key of first entity is consistent with that of the second entity, and the access authentication is achieved. For improving the security, after received the access authentication request packet sent by the first entity, the second entity may perform the identity validity validation and generates the access authentication response packet after passing the validation.
摘要翻译：双向接入认证方法包括：根据第三实体预先建立的系统参数，第一实体向第二实体发送接入认证请求报文，第二实体验证第一实体的签名是否正确，如果是，则计算第二实体的共享主密钥; 第二实体生成接入认证响应报文并将其发送给第一实体，则第一实体验证接入认证响应报文的签名和消息完整性检查码是否正确; 如果是，则计算第一实体的共享主密钥; 第一实体向第二实体发送接入认证确认分组，则第二实体验证接入认证确认分组的完整性，如果通过验证，则第一实体的共享主密钥与第二实体的共享主密钥一致，实现了访问认证。为了提高安全性，在接收到由第一实体发送的接入认证请求分组之后，第二实体可以在通过验证之后执行身份有效性验证并生成接入认证响应分组。

49. 发明授权

US08271780B2 Trusted network connect method for enhancing security 有权
标题翻译：可信网络连接方式，增强安全性
公开(公告)号：US08271780B2
公开(公告)日：2012-09-18
申请号：US12671575
申请日：2008-07-21
申请人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang
发明人： Yuelei Xiao , Jun Cao , Xiaolong Lai , Zhenhai Huang
IPC分类号： H04L9/00
CPC分类号： H04L63/0869 , H04L9/0844 , H04L9/3247 , H04L9/3263 , H04L41/0893 , H04L63/0876 , H04L63/105 , H04L63/20 , H04L2209/127
摘要： A trusted network connect method for enhancing security, it pre-prepares platform integrity information, sets an integrity verify demand. A network access requestor initiates an access request, a network access authority starts a process for bi-directional user authentication, begins to perform the triplex element peer authentication protocol with a user authentication service unit. After the success of the bi-directional user authentication, a TNC server and a TNC client perform bi-directional platform integrity evaluation. The network access requestor and the network access authority control ports according to their respective recommendations, implement the mutual access control of the access requestor and the access authority. The present invention solves the technical problems in the background technologies: the security is lower relatively, the access requestor may be unable to verify the validity of the AIK credential and the platform integrity evaluation is not parity. The present invention may simplify the management of the key and the mechanism of integrity verification, expand the application scope of the trusted network connect.
摘要翻译：一种可靠的网络连接方法，用于增强安全性，预先准备平台完整性信息，设置完整性验证需求。网络访问请求者发起访问请求，网络访问权限启动用于双向用户认证的过程，开始与用户认证服务单元一起执行三重元素对等认证协议。在双向用户认证成功之后，TNC服务器和TNC客户端执行双向平台完整性评估。网络访问请求者和网络访问权限控制端口根据各自的建议，实现访问请求者和访问权限的相互访问控制。本发明解决了后台技术中的技术问题：安全性相对较低，访问请求者可能无法验证AIK凭据的有效性，平台完整性评估不是奇偶校验。本发明可以简化密钥的管理和完整性验证的机制，扩大可信网络连接的应用范围。

50. 发明授权

US08225092B2 Access authentication method suitable for the wire-line and wireless network 有权
标题翻译：接入认证方式适用于有线和无线网络
公开(公告)号：US08225092B2
公开(公告)日：2012-07-17
申请号：US11816743
申请日：2006-02-21
申请人： Xiaolong Lal , Jun Cao , Hong Guo , Zhenhai Huang , Bianling Zhang
发明人： Xiaolong Lal , Jun Cao , Hong Guo , Zhenhai Huang , Bianling Zhang
IPC分类号： H04L29/06
CPC分类号： H04L63/0823 , H04L9/083 , H04L9/0891 , H04L9/3263 , H04L9/3273 , H04L2209/80
摘要： An access authentication method includes pre-establishing a security channel between the authentication server of the access point and the authentication server of the user terminal and performing the authentication process at user terminal and access point. The authentication process includes 1) the access point sending the authentication_activating message; 2) the user terminal sending the authentication server of user terminal request message; 3) the authentication server of the user terminal sending to the user terminal response message; and 4) completing the authentication.
摘要翻译：访问认证方法包括在接入点的认证服务器和用户终端的认证服务器之间预先建立安全信道，并在用户终端和接入点执行认证过程。认证过程包括：1）接入点发送认证激活消息; 2）用户终端发送用户终端请求消息的认证服务器; 3）用户终端的认证服务器发送给用户终端应答消息; 和4）完成认证。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式