会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 2. 发明公开
    • SYSTEM AND METHOD FOR SECURE ELECTRONIC COMMUNICATION SERVICES
    • VERFAHRENFÜRSICHERE ELEKTRONISCHE KOMMUNIKATIONSDIENSTE系统
    • EP2092685A1
    • 2009-08-26
    • EP07845531.8
    • 2007-11-20
    • Yeap, Tet HinGoeller, Thomas Anton
    • Yeap, Tet HinGoeller, Thomas Anton
    • H04L9/30H04L12/58H04L9/32
    • H04L9/007H04L9/0836H04L9/3073H04L9/3263H04L29/12066H04L51/00H04L51/38H04L61/1511H04L63/062H04L63/0861
    • A system, method and software module for secure electronic communication services, wherein a public key (25) of private-public-key pair (30,25) is associated with an email address (24), internet name or other registered unique identifier; the registered user of the unique identifier holds the private-key (30) securely, and the respective public-key (25) is made accessible on a key server (6) for look-up and retrieval by other users, for encryption of communications to be sent to the holder of the private- key, and optionally for message confidentiality, message integrity and authentication of sender and recipient, without requiring certificates. A distributed and scalable system is provided by a server network (600; 401, 501) for registration, key distribution and management preferably using a kDNS server hierarchy (601,602,603) and associated protocols so that public-keys of recipients can be searched and retrieved over the internet based on the recipients email address or other unique identifier, thus facilitating secure communication between users in different network domains and organizations.
    • 一种用于安全电子通信服务的系统,方法和软件模块,其中私钥公钥(30,25)的公钥(25)与电子邮件地址(24),互联网名称或其它注册的唯一标识符相关联; 唯一标识符的注册用户可以安全地保存私钥(30),并且可以在密钥服务器(6)上访问相应的公开密钥(25),以供其他用户查询和检索,用于加密通信 被发送到私钥的持有者,并且可选地用于消息的保密性,消息的完整性和发送者和接收者的认证,而不需要证书。 分布式和可扩展的系统由服务器网络(600; 401,501)提供,用于优选地使用kDNS服务器层级(601,602,603)和相关联的协议进行注册,密钥分发和管理,使得可以搜索和检索接收者的公钥 基于收件人电子邮件地址或其他唯一标识符的因特网,从而促进不同网络域和组织中的用户之间的安全通信。
    • 7. 发明申请
    • SYSTEMS AND METHODS FOR SECURE MANAGEMENT OF PRESENCE INFORMATION FOR COMMUNICATIONS SERVICES
    • 用于安全管理通信服务存在信息的系统和方法
    • WO2009132446A1
    • 2009-11-05
    • PCT/CA2009/000572
    • 2009-04-30
    • TOPOSIS CORPORATIONGOELLER, Thomas, AntonYEAP, Tet Hin
    • GOELLER, Thomas, AntonYEAP, Tet Hin
    • H04L9/32H04L12/24H04L9/30
    • H04L41/5064H04L63/0807
    • Systems and methods are provided for managing user information comprising presence information, wherein authentication of requesting parties is based on public-private key pair encryption and key Domain Name Service (kDNS) infrastructure. Thus, a response to a request for presence information may be dependent on the authentication status of the requesting party. Presence information stored on a presence server or other network element may be stored or updated upon receiving a request from a user which includes the requestors identify, and is signed with the private key of the requestor. After authentication of a user having a registered unique identifier and an associated public key, presence information may be stored or updated, in either encrypted or unencrypted form. Presence information is preferably stored with user specified policy information for managing access to the presence information by other users, e.g. what information may be shared with anonymous or unauthenticated other users, or with other specific authorized users, or authorized user groups. Advantageously, all communications between communication parties and network elements of the system are encrypted. A scalable and distributed system and method is provided for managing exchange of dynamic information, such as presence information, between users of communications and network services, with improved reliability, security, and personalization. Systems and methods are particularly applicable for securely managing exchange of presence information and other information for multiparty communications service and for peer-to-peer network services.
    • 提供了用于管理包括存在信息的用户信息的系统和方法,其中请求方的认证基于公共 - 私人密钥对加密和关键域名服务(kDNS)基础设施。 因此,对存在信息的请求的响应可以取决于请求方的认证状态。 存储在存在服务器或其他网络元件上的存在信息可以在接收到来自包括请求者标识的用户的请求时被存储或更新,并且用请求者的私钥进行签名。 在具有注册的唯一标识符和相关联的公钥的用户的认证之后,可以以加密或未加密的形式存储或更新存在信息。 存在信息优选地存储有用户指定的策略信息,用于管理其他用户访问存在信息,例如, 匿名或未经身份验证的其他用户或其他特定授权用户或授权用户组可以共享哪些信息。 有利地,系统的通信方和网络元件之间的所有通信都被加密。 提供了一种可扩展和分布式的系统和方法,用于管理通信和网络服务的用户之间的动态信息(例如存在信息)的交换,具有改进的可靠性,安全性和个性化。 系统和方法特别适用于安全地管理存在信息和用于多方通信服务和对等网络服务的其他信息的交换。
    • 8. 发明申请
    • SYSTEM AND METHOD FOR ACCESS CONTROL
    • 用于访问控制的系统和方法
    • WO2006039771A1
    • 2006-04-20
    • PCT/CA2004/001821
    • 2004-10-12
    • BCE INC.YEAP, Tet, HinO'BRIEN, William, J.LOU, Dafu
    • YEAP, Tet, HinO'BRIEN, William, J.LOU, Dafu
    • H04L9/32
    • H04L63/0823G06F21/33H04W12/06H04W12/08
    • A system and method for access control is provided. In one embodiment, a system includes a computing device connected to an access server that controls the ability of the computing device to access to a computing resource, such as the Internet. The access server connects to an activation server via a network. The activation server is operable to receive a request for to generate a certificate for the computing device from the activation server. The activation server is operable to generate the certificate and embed a unique identifier of the computing device and/or the access server and/or the like inside the certificate. Once generated, the certificate is installed in the computing device. When the computing device initiates a request to access the computing resource, the computing device initially sends the certificate to the access server. If the certificate received by the access server does not include the expected unique identifier(s), then access to the computing resource is prevented and/or restricted. If the key received by the access server includes the expected unique identifier(s), then access to the computing resource is permitted.
    • 提供了一种用于访问控制的系统和方法。 在一个实施例中,系统包括连接到访问服务器的计算设备,其控制计算设备访问诸如因特网之类的计算资源的能力。 访问服务器通过网络连接到激活服务器。 激活服务器可操作以从激活服务器接收用于为计算设备生成证书的请求。 激活服务器可操作以生成证书并且在证书内嵌入计算设备和/或访问服务器等的唯一标识符。 一旦生成,证书就安装在计算设备中。 当计算设备发起访问计算资源的请求时,计算设备最初将该证书发送到接入服务器。 如果由接入服务器接收到的证书不包括预期的唯一标识符,则防止和/或限制对计算资源的访问。 如果由接入服务器接收到的密钥包括预期的唯一标识符,则允许访问计算资源。