专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

51. 发明申请

US20090154708A1 SYMMETRIC KEY DISTRIBUTION FRAMEWORK FOR THE INTERNET 有权
标题翻译：互联网的对称密钥分配框架
公开(公告)号：US20090154708A1
公开(公告)日：2009-06-18
申请号：US11957184
申请日：2007-12-14
申请人： Divya Naidu Kolar Sunder , Prashant Dewan , Men Long
发明人： Divya Naidu Kolar Sunder , Prashant Dewan , Men Long
IPC分类号： H04L9/08
CPC分类号： H04L63/0435 , H04L9/083 , H04L63/0428 , H04L63/062 , H04L63/20
摘要： A method, device, and system are disclosed. In one embodiment the method includes receiving measured health information from a client on a key distribution server. Once the measured health information is received the server is capable of validating the measured health information to see if it is authentic. The server is also capable of sending a session key to the client when the measured health information is validated. When the client receives the session key, the client is capable of initiating an encrypted and authenticated connection with an application server in the domain using the session key.
摘要翻译：公开了一种方法，装置和系统。在一个实施例中，该方法包括从密钥分发服务器上的客户端接收测量的健康信息。一旦接收到测量的健康信息，服务器就能够验证测量的健康信息，看它是否可信。当测量的健康信息被验证时，服务器还能够向客户端发送会话密钥。当客户端接收会话密钥时，客户端能够使用会话密钥发起与域中的应用服务器的加密和认证连接。

52. 发明申请

US20090135827A1 SYNCHRONIZING SEQUENCE NUMBERS AMONG PEERS IN A NETWORK 有权
标题翻译：在网络中同步同步序列号
公开(公告)号：US20090135827A1
公开(公告)日：2009-05-28
申请号：US11946722
申请日：2007-11-28
申请人： Prashant Dewan , Men Long
发明人： Prashant Dewan , Men Long
IPC分类号： H04L12/28
CPC分类号： H04L47/10 , H04L47/283 , H04L47/32 , H04L63/06 , H04L63/08 , H04L63/0846 , H04L63/164
摘要： A method and system are disclosed. In one embodiment the method includes a first device sending a stream of packets in a sequence across a network to a second device. In the sequence of packets there are a number of data packets and one or more synchronization packets. The synchronization packets are interspersed throughout the data packets. The method also includes the second device being capable of dropping any of the received data packets in the sequence arriving more than a first delta of time threshold value after the arrival of the most recent synchronization packet.
摘要翻译：公开了一种方法和系统。在一个实施例中，该方法包括第一设备，以跨序列的方式将分组流发送到网络到第二设备。在分组的顺序中，存在多个数据分组和一个或多个同步分组。同步数据包散布在整个数据包中。该方法还包括第二设备能够在最近的同步分组到达之后，在到达多于时间阈值的第一增量的序列中丢弃任何接收到的数据分组。

53. 发明申请

US20090119510A1 END-TO-END NETWORK SECURITY WITH TRAFFIC VISIBILITY 审中-公开
标题翻译：具有交通可见性的端到端网络安全
公开(公告)号：US20090119510A1
公开(公告)日：2009-05-07
申请号：US11935783
申请日：2007-11-06
申请人： Men Long , Jesse Walker , David Durham , Marc Millier , Karanvir Grewal , Prashant Dewan , Uday Savagaonkar , Steven D. Williams
发明人： Men Long , Jesse Walker , David Durham , Marc Millier , Karanvir Grewal , Prashant Dewan , Uday Savagaonkar , Steven D. Williams
IPC分类号： H04L9/32
CPC分类号： H04L63/0428 , H04L9/0631 , H04L9/3242 , H04L63/08 , H04L63/1466 , H04L63/168 , H04L2209/12 , H04L2209/38
摘要： End-to-end security between clients and a server, and traffic visibility to intermediate network devices, achieved through combined mode, single pass encryption and authentication using two keys is disclosed. In various embodiments, a combined encryption-authentication unit includes a cipher unit and an authentication unit coupled in parallel to the cipher unit, and generates an authentication tag using an authentication key in parallel with the generation of the cipher text using an encryption key, where the authentication and encryption key have different key values. In various embodiments, the cipher unit operates in AES counter mode, and the authentication unit operates in parallel, in AES-GMAC mode Using a two key, single pass combined mode algorithm preserves network performance using a limited number of HW gates, while allowing an intermediate device access to the encryption key for deciphering the data, without providing that device the ability to compromise data integrity, which is preserved between the end to end devices.
摘要翻译：公开了客户机与服务器之间的端到端安全性，以及通过组合模式，单程加密和使用两个密钥的认证实现的对中间网络设备的流量可见性。在各种实施例中，组合加密认证单元包括与密码单元并行耦合的密码单元和认证单元，并且使用加密密钥与密文生成并行地使用认证密钥生成认证标签，其中认证和加密密钥具有不同的密钥值。在各种实施例中，密码单元以AES计数器模式运行，并且认证单元以AES-GMAC模式并行操作。使用双键单通组合模式算法使用有限数量的HW门保留网络性能，同时允许中间设备访问用于解密数据的加密密钥，而不提供该设备损害数据完整性的能力，这在端到端设备之间保留。

54. 发明申请

US20080114985A1 Method and apparatus for registering agents onto a virtual machine monitor 有权
标题翻译：将代理登记到虚拟机监视器上的方法和装置
公开(公告)号：US20080114985A1
公开(公告)日：2008-05-15
申请号：US11591258
申请日：2006-10-31
申请人： Uday Savagaonkar , Ravi Sahita , Prashant Dewan
发明人： Uday Savagaonkar , Ravi Sahita , Prashant Dewan
IPC分类号： H04L9/00
CPC分类号： G06F21/64 , G06F9/45558 , G06F21/57 , G06F2009/45587
摘要： A method for managing an agent includes verifying an integrity of the agent in response to a registration request. Memory protection is provided for the agent during integrity verification. An indication is generated when registration of the agent has been completed. According to one aspect of the present invention, providing memory protection includes having a virtual machine monitor limit access to the agent. Other embodiments are described and claimed.
摘要翻译：用于管理代理的方法包括响应于注册请求验证代理的完整性。在完整性验证期间为代理提供内存保护。当代理商的注册已经完成时生成指示。根据本发明的一个方面，提供存储器保护包括具有虚拟机监视器对代理的限制访问。描述和要求保护其他实施例。

55. 发明申请

US20080082517A1 Change assistant 审中-公开
标题翻译：变更助手
公开(公告)号：US20080082517A1
公开(公告)日：2008-04-03
申请号：US11512516
申请日：2006-08-29
申请人： Juergen Sattler , Joachim Gaffga , Robert Viehmann , Frank Markert , Robert Holmes , Prashant Dewan
发明人： Juergen Sattler , Joachim Gaffga , Robert Viehmann , Frank Markert , Robert Holmes , Prashant Dewan
IPC分类号： G06F17/30
CPC分类号： G06Q10/06 , G06F8/71 , G06Q10/10
摘要： The present subject mater relates to software application configuration and, more particularly, a change assistant for software application configuration. Some of the various embodiment described herein provide systems, methods, and software to identify a need for an application change and query a database of application change solution recommendations as a function of the identified need for the application change to identify one or more application change solution recommendations. Such embodiments further route the identified need for an application change and the one or more identified application change solution recommendation to a system administrator queue.
摘要翻译：本主题涉及软件应用程序配置，更具体地说涉及软件应用程序配置的变更助手。本文所述的各种实施例中的一些提供系统，方法和软件，以识别对应用改变的需求，并且根据所识别的应用改变的需要来查询应用改变解决方案建议的数据库，以识别一个或多个应用改变解决方案建议。这样的实施例进一步将所识别的对应用改变的需求和所述一个或多个识别的应用改变解决方案推荐路由到系统管理员队列。

56. 发明申请

US20190318097A1 Standardized Interface for Intellectual Property Blocks 审中-公开
公开(公告)号：US20190318097A1
公开(公告)日：2019-10-17
申请号：US16457184
申请日：2019-06-28
申请人： Aditya Katragada , Prashant Dewan , Karunakara Kotary , Vinupama Godavarthi , Kumar Dwarakanath , Alex Izbinsky , Purushottam Goel
发明人： Aditya Katragada , Prashant Dewan , Karunakara Kotary , Vinupama Godavarthi , Kumar Dwarakanath , Alex Izbinsky , Purushottam Goel
IPC分类号： G06F21/57 , G06F9/445 , G06F21/72
摘要： There is disclosed in one example, a system-on-a-chip (SoC), including: a processor core; a fabric; an intellectual property (IP) block communicatively coupled to the processor core via the fabric, the IP block having a microcontroller configured to provide a microcontroller architecture; a firmware load interface configured to provide a standardized hardware interface to the microcontroller architecture, wherein the standardized hardware interface provides an architecture-agnostic mechanism to securely load a firmware to the intellectual property block; and logic to provide a loader to load a firmware to the IP block via the firmware load interface.

57. 发明申请

US20180189472A1 VERIFYING WET INK SIGNATURES VIA DIGITAL PEN TECHNOLOGY 审中-公开
公开(公告)号：US20180189472A1
公开(公告)日：2018-07-05
申请号：US15395671
申请日：2016-12-30
申请人： Prashant Dewan , Uttam K. Sengupta , Ray Kacelenga
发明人： Prashant Dewan , Uttam K. Sengupta , Ray Kacelenga
IPC分类号： G06F21/36 , G06F21/32 , G06F21/60 , G06K9/00
CPC分类号： G06K9/00892 , G06F3/03545 , G06F3/038 , G06F21/32 , G06F21/602 , G06F21/606 , G06F21/64 , G06K9/00087 , G06K9/00154 , G06K9/00422 , G06K9/222 , G06Q50/18
摘要： Systems, apparatuses and methods may provide for technology that includes a writing implement with an ink subsystem to print a message, a sensor subsystem to digitize the message and an authorization subsystem coupled to the sensor subsystem, wherein the authorization subsystem generates a notification of whether the digitized message is authentic. In one example, a remote server obtains the digitized message originating from a writing implement, wherein the digitized message includes an image of a handwritten signature and additional sensor information. In such a case, the server may conduct an authentication of the additional sensor information with respect to known sensor information associated with an authenticated user and send an authentication response to the writing implement based on the authentication.

58. 发明申请

US20170176524A1 SECURE REMOTE DEBUGGING OF SoCs 有权
公开(公告)号：US20170176524A1
公开(公告)日：2017-06-22
申请号：US14977998
申请日：2015-12-22
申请人： Prashant Dewan , Siddhartha Chhabra
发明人： Prashant Dewan , Siddhartha Chhabra
IPC分类号： G01R31/3177 , G01R31/317
CPC分类号： G01R31/3177 , G01R31/31705 , G01R31/3172 , G01R31/318544 , G06F11/3656 , G06F11/3664
摘要： Techniques for secure remote debugging of SoCs are described. The SoC includes an intellectual property (IP) block, a microcontroller, and a fabric coupled to the IP block and the microcontroller. The IP block transmits, via the fabric, information regarding events within the IP block to the microcontroller. The microcontroller executes firmware including a network stack and a remote debugger program. Using the firmware, the microcontroller provides the event information to a device external to the SoC.

59. 发明申请

US20160182238A1 PARTITIONING ACCESS TO SYSTEM RESOURCES 有权
标题翻译：分区访问系统资源
公开(公告)号：US20160182238A1
公开(公告)日：2016-06-23
申请号：US14574969
申请日：2014-12-18
申请人： Prashant Dewan , Kapil Sood , Kumar N. Dwarakanath , Ioannis T. Schoinas , William A. Stevens, JR. , Ned M. Smith
发明人： Prashant Dewan , Kapil Sood , Kumar N. Dwarakanath , Ioannis T. Schoinas , William A. Stevens, JR. , Ned M. Smith
IPC分类号： H04L9/32 , G06F12/14
CPC分类号： H04L9/3263 , G06F21/572 , G06F21/74 , G09C1/00 , H04L9/321 , H04L9/3234 , H04L9/3242 , H04L2209/12 , H04L2209/68
摘要： In one embodiment, a processor has at least one core to execute instructions, a security engine coupled to the at least one core, a first storage to store a first immutable key associated with a vendor of the processor, and a second storage to store a second immutable key associated with an original equipment manufacturer (OEM) of the system. A first portion of firmware is to be verified based at least in part on the first immutable key and a second portion of firmware is to be verified based at least in part on the second immutable key, the first portion of firmware associated with the vendor and the second portion of firmware associated with the OEM. Other embodiments are described and claimed.
摘要翻译：在一个实施例中，处理器具有执行指令的至少一个核心，耦合到所述至少一个核心的安全引擎，用于存储与所述处理器的供应商相关联的第一不可变密钥的第一存储器，以及存储与系统的原始设备制造商（OEM）相关联的第二个不可变键。至少部分地基于第一不可变密钥验证固件的第一部分，并且至少部分地基于第二不可变密钥，与供应商相关联的固件的第一部分和与OEM相关联的固件的第二部分。描述和要求保护其他实施例。

60. 发明授权

US09319220B2 Method and apparatus for secure network enclaves 有权
标题翻译：安全网络飞地的方法和装置
公开(公告)号：US09319220B2
公开(公告)日：2016-04-19
申请号：US12032618
申请日：2008-02-15
申请人： Karanvir Grewal , Men Long , Prashant Dewan
发明人： Karanvir Grewal , Men Long , Prashant Dewan
IPC分类号： H04L29/06 , H04L9/08 , H04L9/32
CPC分类号： H04L63/061 , H04L9/083 , H04L9/321 , H04L9/3247
摘要： Methods and apparatus are disclosed to provide for security within a network enclave. In one embodiment authentication logic initiates authentication with a central network authority. Packet processing logic receives a key and an identifier from the central network authority. Security protocol logic then establishes a client-server security association through a communication that includes a client identifier and an encrypted portion and/or an authorization signature, wherein a client authorization key allocated by the central network authority can be reproduced by a server, other than said central network authority, from the client identifier and a derivation key provided to the server by the central network authority to decrypt the encrypted portion and/or to validate the communication using the authorization signature. The server may also provide the client with new session keys and/or new client session identifiers using server-generated derivation keys if desired, protecting these with the client authorization key.
摘要翻译：公开了提供网络飞地内的安全性的方法和装置。在一个实施例中，认证逻辑启动与中央网络授权机构的认证。分组处理逻辑从中央网络机构接收密钥和标识符。然后，安全协议逻辑通过包括客户端标识符和加密部分和/或授权签名的通信来建立客户机 - 服务器安全关联，其中由中央网络机构分配的客户机授权密钥可以由服务器再现，除了所述中央网络机构根据客户端标识符和由中央网络机构提供给服务器的导出密钥来解密加密部分和/或使用授权签名验证通信。如果需要，服务器还可以使用服务器生成的导出密钥向客户端提供新的会话密钥和/或新的客户端会话标识符，并用客户端授权密钥来保护它们。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式