专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

WO2005071877A1 SIGNATURE-EFFICIENT REAL TIME CREDENTIALS FOR OCSP AND DISTRIBUTED OCSP 审中-公开
标题翻译： OCSP和分布式OCSP的签名高效实时凭证
公开(公告)号：WO2005071877A1
公开(公告)日：2005-08-04
申请号：PCT/US2005/000721
申请日：2005-01-10
申请人： CORESTREET, LTD. , ENGBERG, David , LIBIN, Phil , MICALI, Silvio
发明人： ENGBERG, David , LIBIN, Phil , MICALI, Silvio
IPC分类号： H04L9/00
CPC分类号： H04L9/3268 , H04L9/3247 , H04L2209/56 , H04L2209/80
摘要： Providing information about digital certificate validity includes ascertaining digital certificate validity status for each of a plurality of digital certificates in a set of digital certificates, generating a plurality of artificially pre-computed messages about the validity status of at least a subset of the set of digital certificate of the plurality of digital certificates, where at least one of the messages indicates validity status of more than one digital certificate and digitally signing the artificially pre-computed messages to provide OCSP format responses that respond to OCSP queries about specific digital certificates in the set of digital certificates, where at least one digital signature is used in connection with an OCSP format response for more than one digital certificate. Generating and digitally signing may occur prior to any OCSP queries that are answered by any of the OCSP format responses. Ascertaining digital certificate validity status may include obtaining authenticated information about digital certificates.
摘要翻译：提供关于数字证书有效性的信息包括确定一组数字证书中的多个数字证书中的每一个的数字证书有效性状态，生成关于数字集合的至少一个子集的有效状态的多个人为预先计算的消息多个数字证书的证书，其中至少一个消息指示多于一个数字证书的有效性状态，并对人为预先计算的消息进行数字签名，以提供响应于关于集合中的特定数字证书的OCSP查询的OCSP格式响应数字证书，其中至少一个数字签名与多于一个数字证书的OCSP格式响应结合使用。生成和数字签名可能发生在任何OCSP格式响应应答的任何OCSP查询之前。确定数字证书的有效性状态可能包括获取关于数字证书的认证信息。

2. 发明申请

WO2005010685A2 CONTROLLING ACCESS TO AN AREA 审中-公开
标题翻译：控制区域的访问
公开(公告)号：WO2005010685A2
公开(公告)日：2005-02-03
申请号：PCT/US2004/022810
申请日：2004-07-16
申请人： CORESTREET, LTD. , LIBIN, Phil , MICALI, Silvio , ENGBERG, David
发明人： LIBIN, Phil , MICALI, Silvio , ENGBERG, David
IPC分类号： G06F
CPC分类号： G07C9/00103 , G07C9/00023
摘要： Controlling access includes providing a barrier to access that includes a controller that selectively allows access, at least one administration entity generating credentials/proofs, wherein no valid proofs are determinable given only the credentials and values for expired proofs, the controller receiving the credentials/proofs, the controller determining if access is presently authorized, and, if access is presently authorized, the controller allowing access. The credentials/proofs may be in one part or may be in separate parts. There may be a first administration entity that generates the credentials and other administration entities that generate proofs. The first administration entity may also generate proofs or the first administration entity may not generate proofs. The credentials may correspond to a digital certificate that includes a final value that is a result of applying a one way function to a first one of the proofs.
摘要翻译：控制访问包括提供访问障碍，其包括选择性地允许访问的控制器，至少一个生成凭证/证明的管理实体，其中没有有效证明是可被确定的，只给出期限证明的凭证和值，控制器接收证书/证明，控制器确定当前是否授权访问，并且如果当前授权访问，则控制器允许访问。凭证/证明可以在一个部分或可以在不同的部分。可能有一个第一个管理实体生成凭证和生成证明的其他管理实体。第一管理实体也可以生成证明，或者第一管理实体可能不生成证明。证书可以对应于数字证书，其包括作为将单向函数应用于第一个证明的结果的最终值。

3. 发明申请

WO2008156406A1 METHOD FOR EXTRACTION IN A PROCESS FOR PRODUCTION OF A DI, TRI OR POLYHYDRIC ALCOHOL 审中-公开
标题翻译：用于生产DI，TRI或POLYHYDRIC酒精的方法提取方法
公开(公告)号：WO2008156406A1
公开(公告)日：2008-12-24
申请号：PCT/SE2008/000350
申请日：2008-05-26
申请人： PERSTORP SPECIALTY CHEMICALS AB , PAJALIC, Oleg , ENGBERG, David , AXELSSON, Göran
发明人： PAJALIC, Oleg , ENGBERG, David , AXELSSON, Göran
IPC分类号： C07C29/86 , C07C31/22 , C07C31/24
CPC分类号： C07C29/86 , C07C31/245 , C07C31/22
摘要： Disclosed is a method for extraction in a process for production of a 2-alkyl-l,3-propanediol, 2,2-dialkyl- 1,3 -propanediol, 2-alkyl-2-hydroxyalkyl-l,3-propanediol or 2,2-dihydroxialkyl- -1,3-propanediol. Said method comprises the steps of (i) feeding a mother liquid, obtained in a process for synthesis of a said di, tri or polyhydric alcohol, at a controlled mass flow to a first extraction unit, (ii) extracting said mother liquid in said first extraction unit in at least one high boiling solvent effective in extracting organic by-products, (iii) obtaining a raffmate and an extract comprising said solvent and organic by-products, (iv) recycling said raffmate to said process, (v) feeding at a controlled mass flow obtained extract to a second extraction unit, (vi) extracting said extract in water, (vii) obtaining a water phase comprising said organic by-products and a solvent phase, and (viii) recycling said solvent phase.
摘要翻译：公开了一种制备2-烷基-1,3-丙二醇，2,2-二烷基-1,3-丙二醇，2-烷基-2-羟基烷基-1,3-丙二醇或2 ，2-二羟基烷基-1,3-丙二醇。所述方法包括以下步骤：（i）将以合成所述二，三或多元醇的方法获得的母液以受控的质量流送入第一提取单元，（ii）在所述第一提取单元中提取所述母液，在有效提取有机副产物的至少一种高沸点溶剂中的第一提取单元，（iii）获得含有所述溶剂和有机副产物的萃取物，（iv）将所述反应物再循环至所述方法，（v）（vi）在水中提取所述提取物，（vii）获得包含所述有机副产物和溶剂相的水相，和（viii）回收所述溶剂相。

4. 发明申请

WO2005010687A3 LOGGING ACCESS ATTEMPTS TO AN AREA 审中-公开
标题翻译：登录访问地区
公开(公告)号：WO2005010687A3
公开(公告)日：2007-07-12
申请号：PCT/US2004022812
申请日：2004-07-16
申请人： CORESTREET LTD , LIBIN PHIL , MICALI SILVIO , ENGBERG DAVID
发明人： LIBIN PHIL , MICALI SILVIO , ENGBERG DAVID
IPC分类号： G08B29/00 , G06F20060101 , G06F7/04 , G06F17/00 , G06K9/00 , G06K19/00 , G07C9/00 , H04K1/00 , H04L9/00 , H04L9/32
CPC分类号： G07C9/00103 , G07C9/00023
摘要： Logging events associated with accessing an area includes recording an event associated with accessing the area to provide an event recording and authenticating at least the event recording to provide an authenticated recording. Recording an event may include recording a time of the event. Recording an event may include recording a type of event. The event may be an attempt to access the area. Recording an event may include recording credentials/proofs used in connection with the attempt to access the area. Recording an event may include recording a result of the attempt. Recording an event may include recording the existence of data other than the credentials/proofs indicating that access should be denied. Recording an event may include recording additional data related to the area. Authenticating the recording may include digitally signing the recording. Authenticating at least the event recording may include authenticating the event recording and authenticating other event recordings to provide a single authenticated recording.
摘要翻译：与访问区域相关联的记录事件包括记录与访问该区域相关联的事件以提供事件记录和至少认证事件记录以提供经认证的记录。记录事件可能包括记录事件的时间。记录事件可能包括记录一种事件。该事件可能是访问该地区的尝试。记录事件可能包括与访问该区域的尝试相关联的记录凭证/证明。记录事件可能包括记录尝试的结果。记录事件可以包括记录除了表示应该拒绝访问的凭据/证明之外的数据的存在。记录事件可能包括记录与该区域相关的附加数据。记录录制可能包括对录音进行数字签名。至少验证事件记录可以包括认证事件记录和认证其他事件记录以提供单一的认证记录。

5. 发明申请

WO2005010686A2 DISSEMINATING ADDITIONAL DATA USED FOR CONTROLLING ACCESS 审中-公开
标题翻译：消除用于控制访问的附加数据
公开(公告)号：WO2005010686A2
公开(公告)日：2005-02-03
申请号：PCT/US2004/022811
申请日：2004-07-16
申请人： CORESTREET, LTD. , LIBIN, Phil , MICALI, Silvio , ENGBERG, David , SINELNIKOV, Alex
发明人： LIBIN, Phil , MICALI, Silvio , ENGBERG, David , SINELNIKOV, Alex
IPC分类号： G06F
CPC分类号： G07C9/00103 , G07C9/00023
摘要： Issuing and disseminating a data about a credential includes having an entity issue authenticated data indicating that the credential has been revoked, causing the authenticated data to be stored in a first card of a first user, utilizing the first card for transferring the authenticated data to a first door, having the first door store information about the authenticated data, and having the first door rely on information about the authenticated data to deny access to the credential. The authenticated data may be authenticated by a digital signature and the first door may verify the digital signature. The digital signature may be a public-key digital signature. The public key for the digital signature may be associated with the credential. The digital signature may be a private-key digital signature. The credential and the first card may both belong to the first user. The credential may be stored in a second card different from the first card, and the first door may rely on information about the authenticated data by retrieving such information from storage. The authenticated data may be first stored in at least one other card different from the first card and the authenticated data may be transferred from the at least one other card to the first card. The authenticated data may be transferred from the at least one' other card to the first card by first being transferred to at least one other door different from the first door.
摘要翻译：发布和传播关于凭证的数据包括：使实体发出指示证书已被撤销的认证数据，使认证数据存储在第一用户的第一卡中，利用第一卡将认证数据传送到第一门，具有关于认证数据的第一门店信息，并且使第一门依靠关于认证数据的信息来拒绝对证书的访问。认证数据可以通过数字签名认证，并且第一门可以验证数字签名。数字签名可以是公钥数字签名。数字签名的公钥可能与凭证相关联。数字签名可以是私钥数字签名。证书和第一张卡可能都属于第一个用户。证书可以存储在与第一卡不同的第二卡中，并且第一门可以通过从存储检索这些信息来依赖关于认证数据的信息。认证数据可以首先存储在与第一卡不同的至少一个其他卡中，并且认证数据可以从至少一个其他卡传送到第一卡。经认证的数据可以通过首先被传送到不同于第一门的至少一个其他门，从至少一个“另一个卡”传送到第一个卡。

6. 发明申请

WO2008105779A2 SECURE ID CHECKING 审中-公开
标题翻译：安全认证检查
公开(公告)号：WO2008105779A2
公开(公告)日：2008-09-04
申请号：PCT/US2007012074
申请日：2007-05-21
申请人： CORESTREET LTD , LIBIN PHIL , ENGBERG DAVID
发明人： LIBIN PHIL , ENGBERG DAVID
IPC分类号： H04L9/28 , H04L9/32
CPC分类号： H04L9/3234 , G06Q20/367 , G06Q20/3672 , G06Q20/3674 , G06Q20/382 , H04L9/0866 , H04L9/3226 , H04L2209/80 , H04W12/08
摘要： A cost-effective system that provides for the efficient protection of transmitted non-public attribute information may be used, for example, to control access to a secure area. Encryption of the attribute information may be performed using symmetric encryption techniques, such as XOR and/or stream cipher encryption. A centralized database that stores and transmits the encrypted attribute information may generate the encryption/decryption key based on selected information bytes, for example, as taken from a card inserted into a handheld device used at the secure area. The selected information to generate the encryption key stream may be varied on a periodic basis by the centralized database. Information as to which selected bytes are to be used for a particular access authorization request may be transmitted to the handheld unit or may be input through action of a user of the handheld unit, for example by entry of a PIN code.
摘要翻译：可以使用提供有效保护所传送的非公开属性信息的具有成本效益的系统，例如来控制对安全区域的访问。可以使用诸如XOR和/或流密码加密之类的对称加密技术来执行属性信息的加密。存储和发送加密的属性信息的集中式数据库可以基于所选择的信息字节生成加密/解密密钥，例如从插入到安全区域使用的手持设备的卡中取出。用于生成加密密钥流的所选择的信息可以由集中式数据库周期性地改变。用于特定访问授权请求的哪些选定字节的信息可以被发送到手持式单元，或者可以通过手持式单元的用户的动作来输入，例如通过输入PIN码。

7. 发明申请

WO2005067672A3 BATCH OCSP AND BATCH DISTRIBUTED OCSP 审中-公开
公开(公告)号：WO2005067672A3
公开(公告)日：2005-07-28
申请号：PCT/US2005/000660
申请日：2005-01-10
申请人： CORESTREET, LTD. , ENGBERG, David , LIBIN, Phil , MICALI, Silvio
发明人： ENGBERG, David , LIBIN, Phil , MICALI, Silvio
IPC分类号： H04L9/30 , H04L9/32
摘要： Providing information about digital certificate validity includes obtaining a plurality of signing key/verification key pairs, where each signing key provides a digital signature and a corresponding one of the verification keys verifies the digital signature and where digitally signing together a plurality of data elements using the signing keys is computationally more efficient than digitally signing each of the data elements individually, ascertaining digital certificate validity status for each certificate in a set of digital certificates, generating a plurality of artificially pre-computed messages about the validity status of at least a subset of the set of digital certificates, and digitally signing together the artificially pre-computed messages using signing keys from the pairs. Ascertaining digital certificate validity status may include obtaining authenticated information about digital certificates. The authenticated information about digital certificates may be generated by an entity that also revokes certificates. The authenticated information about digital certificates may be a CRL. The artificially pre-computed responses may be OCSP format responses.

8. 发明申请

WO2005052752A3 DISTRIBUTED DELEGATED PATH DISCOVERY AND VALIDATION 审中-公开
公开(公告)号：WO2005052752A3
公开(公告)日：2005-06-09
申请号：PCT/US2004/039126
申请日：2004-11-19
申请人： CORESTREET, LTD. , ENGBERG, David
发明人： ENGBERG, David
IPC分类号： H04L9/00 , G06F17/30
摘要： Providing path validation information for a system includes determining paths between a subset of certificate of the system and at least one trust root, storing each of the paths in a table prior to a request for path validation information, and fetching the validation information stored in the table in response to a request for path validation information. Providing path validation information may also include digitally signing the validation information. Providing path validation information may also include applying constraints to the validation information and only providing validation information that is consistent with the constraints. Determining paths may include constructing a directed graph of trusted roots and the subset of certificates and performing a depth-first acyclic search of the graph.

9. 发明申请

WO2005010688A2 CONTROLLING ACCESS USING ADDITIONAL DATA 审中-公开
标题翻译：使用附加数据控制访问
公开(公告)号：WO2005010688A2
公开(公告)日：2005-02-03
申请号：PCT/US2004/022813
申请日：2004-07-16
申请人： CORESTREET, LTD. , LIBIN, Phil , MICALI, Silvio , ENGBERG, David , SINELNIKOV, Alex
发明人： LIBIN, Phil , MICALI, Silvio , ENGBERG, David , SINELNIKOV, Alex
IPC分类号： G06F
CPC分类号： G07C9/00103 , G07C9/00023
摘要： Determining access includes determining if particular credentials/proofs indicate that access is allowed, determining if there is additional data associated with the credentials/proofs, wherein the additional data is separate from the credentials/proofs, and, if the particular credentials/proofs indicate that access is allowed and if there is additional data associated with the particular credentials/proofs, then deciding whether to deny access according to information provided by the additional data. The credentials/proofs may be in one part or in separate parts. There may be a first administration entity that generates the credentials and other administration entities that generate proofs. The first administration entity may also generate proofs or may not generate proofs. The credentials may correspond to a digital certificate that includes a final value that is a result of applying a one way function to a first one of the proofs.
摘要翻译：确定访问包括确定特定凭证/证明是否允许访问，确定是否存在与证书/证明相关联的附加数据，其中附加数据与凭证/证明分开，并且如果特定凭证/证明表明允许访问，并且如果存在与特定凭证/证明相关联的附加数据，则根据附加数据提供的信息来决定是否拒绝访问。凭证/证明可以在一个部分或分开的部分。可能有一个第一个管理实体生成凭证和生成证明的其他管理实体。第一个管理实体也可以生成证据，或者不会生成证明。证书可以对应于数字证书，其包括作为将单向函数应用于第一个证明的结果的最终值。

10. 发明申请

WO2007002196A3 PREVENTING IDENTITY THEFT 审中-公开
标题翻译：预防身份盗用
公开(公告)号：WO2007002196A3
公开(公告)日：2007-11-22
申请号：PCT/US2006024143
申请日：2006-06-20
申请人： CORESTREET LTD , LIBIN PHIL , ENGBERG DAVID
发明人： LIBIN PHIL , ENGBERG DAVID
IPC分类号： G06Q99/00 , G06Q20/00 , H04K1/00 , H04L9/00
CPC分类号： G06Q20/40 , G06F21/34 , G06F21/35 , G06Q20/24 , G06Q20/341 , G06Q20/346 , G06Q20/367 , G06Q20/4014 , G07C9/00126 , G07F7/1008 , G07F7/122
摘要： Determining whether to remotely authorize an action on behalf of a requester includes having the requester provide a privacy token, remotely obtaining data from the privacy token, and authorizing the action if the data from the privacy token verifies that the requester is authorized to take the action. The action may include issuing a credit card for the requester. The privacy token may be a smart card. The data may be digitally signed. Determining whether to remotely authorize an action on behalf of a requester may also include authorizing the action if the requester had previously indicated a desire not to require presentation of the privacy token. The action may be authorized only if the data from the privacy token verifies the identity of the requester.
摘要翻译：确定是否代表请求者远程授权动作包括让请求者提供隐私令牌，从隐私令牌远程获取数据，并且如果来自隐私令牌的数据验证请求者被授权采取动作，则授权该动作。该行为可能包括为请求者发放信用卡。隐私令牌可以是智能卡。数据可能是数字签名的。确定是否代表请求者远程授权动作还可以包括如果请求者之前已经表示希望不要求呈现隐私令牌，则授权该动作。只有在来自隐私令牌的数据验证了请求者的身份时，该动作才可以被授权。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式