会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 52. 发明授权
    • System and method for secure font subset distribution
    • 用于安全字体子集分发的系统和方法
    • US6065008A
    • 2000-05-16
    • US942036
    • 1997-10-01
    • Daniel R. SimonJosh BenalohDonald D. ChinnGregory HitchcockDavid Meltzer
    • Daniel R. SimonJosh BenalohDonald D. ChinnGregory HitchcockDavid Meltzer
    • G06F1/00G06F17/21G06F21/00G06F17/30
    • G06F17/214G06F21/10Y10S707/99939
    • This invention concerns a system and method for securely distributing subsetted fonts from a distributor to a client. The system includes a signing module to construct an authentication tree having leaves formed of glyphs, one or more intermediate levels of nodes computed as one-way functions of the glyphs, and a root computed as a one-way function of the nodes. The signing module digitally signs the root of the authentication tree using a private signing key unique to the font creator or distributor. The system has a subsetting module to construct a font subset file that contains selected glyphs and other data to be included in a font subset. The font subset file also holds the digitally signed root of the font authentication tree and one or more authentication values of the authentication tree that represents non-selected glyphs and data of the font that are not contained in the font subset. The font subset file is distributed to requesting clients. An authentication module at the client authenticates the font subset file received from the distributor. The authentication module reconstructs the root of the authentication tree using the selected glyphs and data in the font subset and the authentication values that represent the non-selected glyphs and data not contained in the font subset. The authentication module also produces an unsigned version of the digitally signed root using a public key of the font creator to produce an unsigned root digest. The authentication module compares the unsigned root to the reconstructed root and if and only if they match, authenticates the font subset file as originating from the distributor (or font creator) and not being subsequently altered.
    • 本发明涉及一种用于将分发的字体从分发者安全分发到客户端的系统和方法。 该系统包括签名模块,用于构造具有由字形形成的叶子,作为字形的单向功能计算的一个或多个中间级节点的认证树,以及作为节点的单向功能计算的根。 签名模块使用字体创建者或分发者特有的私有签名密钥对认证树的根进行数字签名。 该系统具有一个子集模块,用于构建一个字体子集文件,其中包含所选字形和其他要包含在字体子集中的数据。 字体子集文件还保存字体认证树的数字签名的根,并且认证树的一个或多个认证值表示未包含在字体子集中的未选择的字形和字体的数据。 字体子集文件分发给请求的客户端。 客户端的认证模块认证从分发者接收的字体子集文件。 认证模块使用所选字形和字体子集中的数据以及表示未包含在字体子集中的未选择字形和数据的认证值来重建认证树的根。 认证模块还使用字体创建者的公共密钥生成无符号版本的数字签名根,以生成无符号根摘要。 认证模块将未经签名的根与重建的根进行比较,当且仅当它们匹配时才认证字体子集文件是源自分发者(或字体创建者),而不是随后被更改。
    • 53. 发明授权
    • System and method for self-identifying a portable information device to
a computing unit
    • 用于将便携式信息设备自动识别到计算单元的系统和方法
    • US5781723A
    • 1998-07-14
    • US657354
    • 1996-06-03
    • Bennet YeeJosh Benaloh
    • Bennet YeeJosh Benaloh
    • G06F1/00G06F9/445G06F21/00G07F7/10H04L9/32H04K1/00
    • G07F7/1008G06F21/34G06F9/4411G06Q20/341G06Q20/4097G07F7/1016H04L9/3247H04L9/3263G06F2211/008G06F2221/2107H04L2209/56H04L2209/80
    • A system includes a portable information device and a computing unit, and is architected to enable the portable information device to identify its type and properties to the computing unit. The portable information device has a processor and a memory. The memory stores a device class tag which is indicative of a type of the portable information device. When communication is established between the portable information device and the computing unit, the portable information device sends an initial message which includes a result of a mathematical operation involving the device class tag. The mathematical operation renders it computationally difficult or infeasible to deduce the device class tag from the result so that the device class tag is not exposed from the portable information device. The result might be a hash value of the device class tag which is derived using a hashing function, or data that has been signed using the device class tag as a private signing key. The computing unit uses the tag-related portion of the message to identify the type of the portable information device. The computing unit has access to a record which correlates the hash value or complementary device class public signing key (i.e., the complementary version of the device class tag when used as a private signing key) with the type of device, as well as with the device's security properties and operating attributes. The computing unit cross-references the hash value or device class public signing key to determine the device type. The computing unit can be a certifying authority which issues a certificate confirming the identity and type of portable information device. The certificate is stored on the portable information device and presented thereafter to all communicating agents to identify the device type and attributes for transactions.
    • 系统包括便携式信息设备和计算单元,并被构造为使得便携式信息设备能够将其类型和属性识别到计算单元。 便携式信息装置具有处理器和存储器。 存储器存储指示便携式信息设备的类型的设备类标签。 当在便携式信息设备和计算单元之间建立通信时,便携式信息设备发送包括涉及设备类标签的数学运算结果的初始消息。 数学运算使得计算上难以或不可能从结果中推导出设备类标签,从而使设备类标签不会从便携式信息设备暴露出来。 结果可能是使用散列函数导出的设备类标记的哈希值,或者使用设备类标签作为私有签名密钥签名的数据。 计算单元使用消息的标签相关部分来识别便携式信息设备的类型。 计算单元可以访问将哈希值或补充设备类公共签名密钥(即,当用作私有签名密钥时的设备类标签的互补版本)与设备类型相关联的记录,以及与 设备的安全属性和操作属性。 计算单元交叉引用哈希值或设备类公共签名密钥以确定设备类型。 计算单元可以是证明机构,其颁发确认便携式信息设备的身份和类型的证书。 证书存储在便携式信息设备上,并且随后呈现给所有通信代理以识别用于事务的设备类型和属性。