专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

US20070124578A1 Using hierarchical identity based cryptography for authenticating outbound mail 有权
标题翻译：使用基于层次标识的加密技术来验证出站邮件
公开(公告)号：US20070124578A1
公开(公告)日：2007-05-31
申请号：US11291946
申请日：2005-11-30
申请人： Cem Paya , Josh Benaloh
发明人： Cem Paya , Josh Benaloh
IPC分类号： H04L9/00
CPC分类号： H04L63/06 , H04L9/3073 , H04L9/3247 , H04L9/3271 , H04L51/00 , H04L63/12
摘要： A hierarchical identity based cryptographic system (“HIBC”) is integrated with the domain name system (“DNS”). A private key is assigned to each of the top level domain name authorities responsible for assigning the top level domain names (e.g., net, .com, etc.). The private key is generated according to an HIBC system, wherein the corresponding public key is based on the identity of the particular domain authority. When user requests a domain name from one of the top level domain name authorities, the user is issued a private key that is generated by the top level domain authority using its private key and the identity of the user according to the particular HIBC system implemented. The user's corresponding public key can be derived from the identity of the user and the public key of the top level domain name authority. Similarly, when the user adds servers and accounts to the users domain, the user can generate private keys for the servers and accounts using the users private key according to the particular HIBC system. Later, emails originating from the users domain can be authenticated by recipients using the public key associated with the top level domain name authority.
摘要翻译：基于层次标识的加密系统（“HIBC”）与域名系统（“DNS”）集成。私钥分配给负责分配顶级域名（例如，net，.com等）的顶级域名权限。私钥根据HIBC系统生成，其中相应的公钥基于特定域权限的身份。当用户从顶级域名权限之一请求域名时，将使用其私有密钥和根据实施的特定HIBC系统的用户身份由顶级域机构生成的私钥。用户的相应公钥可以从用户的身份和顶级域名权限的公钥中导出。类似地，当用户将服务器和帐户添加到用户域时，用户可以使用根据特定HIBC系统的用户私钥为服务器和帐户生成私钥。之后，来自用户域的电子邮件可以由收件人使用与顶级域名权限关联的公钥进行身份验证。

2. 发明授权

US08090954B2 Prevention of unauthorized forwarding and authentication of signatures 有权
标题翻译：防止未经授权的转发和签名认证
公开(公告)号：US08090954B2
公开(公告)日：2012-01-03
申请号：US11687262
申请日：2007-03-16
申请人： Cem Paya , Josh Benaloh
发明人： Cem Paya , Josh Benaloh
IPC分类号： H04L9/32
CPC分类号： H04L9/3247 , H04L2209/56 , H04L2209/80
摘要： A forwarding signature comprises a modified digital signature, modified using a predetermined parameter between a sender and an intended recipient. An intended recipient of the forwarding signature can verify that the forwarding signature corresponds to the message, but, can neither derive the original digital signature nor generate a new forwarding signature for a different parameter. Generation and verification of the forwarding signature is accomplished with access to the public key of a public/private cryptographic key pair, the original signed message, and the predetermined parameter. Access to the private key is not needed.
摘要翻译：转发签名包括经修改的数字签名，使用发送者和预期接收方之间的预定参数进行修改。转发签名的预期接收者可以验证转发签名对应于该消息，但是既不能导出原始数字签名，也不会为不同参数生成新的转发签名。转发签名的生成和验证是通过访问公/密码密钥对，原始签名消息和预定参数的公钥来实现的。无需访问私钥。

3. 发明申请

US20080229111A1 PREVENTION OF UNAUTHORIZED FORWARDING AND AUTHENTICATION OF SIGNATURES 有权
标题翻译：预防未经授权的转发和签名认证
公开(公告)号：US20080229111A1
公开(公告)日：2008-09-18
申请号：US11687262
申请日：2007-03-16
申请人： Cem Paya , Josh Benaloh
发明人： Cem Paya , Josh Benaloh
IPC分类号： H04L9/00
CPC分类号： H04L9/3247 , H04L2209/56 , H04L2209/80
摘要： A forwarding signature comprises a modified digital signature, modified using a predetermined parameter between a sender and an intended recipient. An intended recipient of the forwarding signature can verify that the forwarding signature corresponds to the message, but, can neither derive the original digital signature nor generate a new forwarding signature for a different parameter. Generation and verification of the forwarding signature is accomplished with access to the public key of a public/private cryptographic key pair, the original signed message, and the predetermined parameter. Access to the private key is not needed.
摘要翻译：转发签名包括经修改的数字签名，使用发送者和预期接收方之间的预定参数进行修改。转发签名的预期接收者可以验证转发签名对应于该消息，但是既不能导出原始数字签名，也不会为不同参数生成新的转发签名。转发签名的生成和验证是通过访问公/密码密钥对，原始签名消息和预定参数的公钥来实现的。无需访问私钥。

4. 发明申请

US20120240050A1 INTERNET PRIVACY USER INTERFACE 审中-公开
标题翻译：互联网隐私用户界面
公开(公告)号：US20120240050A1
公开(公告)日：2012-09-20
申请号：US13450193
申请日：2012-04-18
申请人： Aaron Goldfeder , Cem Paya , Joseph J. Gallagher , Roberto A. Franco , Stephen J. Purpura , Darren Mitchell , Frank M. Schwieterman , Viresh Ramdatmisier
发明人： Aaron Goldfeder , Cem Paya , Joseph J. Gallagher , Roberto A. Franco , Stephen J. Purpura , Darren Mitchell , Frank M. Schwieterman , Viresh Ramdatmisier
IPC分类号： G06F3/048
CPC分类号： H04L67/02 , G06F21/6263 , H04L63/102
摘要： A method and system that provide an intuitive user interface and related components for making Internet users aware of Internet cookie-related privacy issues, and enabling users to control Internet privacy through automatic cookie handling. Default privacy settings for handling cookies are provided, and through the user interface, the privacy settings may be customized to a user's liking. Further, through the user interface, for each individual site that forms a page of content, the site's privacy policy may be reviewed and/or the privacy controlled by specifying how cookies from that site are to be handled. To make users aware, the user interface provides an active alert on a first instance of a retrieved web site's content that fails to include satisfactory privacy information, and thereafter, provides a distinctive passive alert to allow the user selective access to privacy information, per-site cookie handling and cookie handling settings.
摘要翻译：一种提供直观用户界面和相关组件的方法和系统，用于使互联网用户了解与互联网Cookie相关的隐私问题，并使用户能够通过自动Cookie处理来控制互联网隐私。提供用于处理Cookie的默认隐私设置，通过用户界面，可以根据用户的喜好自定义隐私设置。此外，通过用户界面，对于形成内容页面的每个单独站点，可以通过指定如何处理来自该站点的cookie来审查和/或隐私控制。为了使用户意识到，用户界面在检索到的网站的内容的第一实例上提供了活动警报，该内容未能包含满意的隐私信息，此后，提供了独特的被动警报以允许用户选择性地访问隐私信息，网站Cookie处理和Cookie处理设置。

5. 发明授权

US07454508B2 Consent mechanism for online entities 有权
标题翻译：在线实体同意机制
公开(公告)号：US07454508B2
公开(公告)日：2008-11-18
申请号：US10346885
申请日：2003-01-15
申请人： Ashvin J. Mathew , Puhazholi Vetrivel , Brian Jones , Danpo Zhang , Laurel S. Abbott , Cem Paya , Melissa Dunn
发明人： Ashvin J. Mathew , Puhazholi Vetrivel , Brian Jones , Danpo Zhang , Laurel S. Abbott , Cem Paya , Melissa Dunn
IPC分类号： G06F15/16
CPC分类号： H04L63/0227 , G06F17/30867 , G06F21/62 , G06F2221/2149 , H04L63/0263 , H04L63/102
摘要： A method, system, and computer-readable medium are provided for managing consent between online entities to perform tasks. The consent mechanism uses an asynchronous protocol for submitting consent requests, managing consent requests, and resolving consent requests. An application that requires consent to perform a task submits a request for consent to the consent mechanism. The resolving authority obtains pending request information from the consent mechanism and sends the consent mechanism request resolution information. The application obtains resolved request information from the consent mechanism. If the resolved request is approved, the consent mechanism allows the application to perform the task. If the resolved request is denied, the consent mechanism does not allow the application to perform the task.
摘要翻译：提供了一种方法，系统和计算机可读介质，用于管理在线实体之间的同意以执行任务。同意机制使用异步协议提交同意请求，管理同意请求和解决同意请求。需要同意执行任务的申请提交同意机制的请求。解决当局从同意机制获得待处理的请求信息，并发送同意机制请求解析信息。应用程序从同意机制获取解决的请求信息。如果已解决的请求被批准，则同意机制允许应用程序执行该任务。如果已解决的请求被拒绝，则同意机制不允许应用程序执行该任务。

6. 发明授权

US07614002B2 Method and system for protecting internet users' privacy by evaluating web site platform for privacy preferences policy 有权
标题翻译：通过评估网站平台进行隐私偏好策略来保护互联网用户的隐私的方法和系统
公开(公告)号：US07614002B2
公开(公告)日：2009-11-03
申请号：US11174259
申请日：2005-07-01
申请人： Aaron R. Goldfeder , Cem Paya , Frank M. Schwieterman , Darren Mitchell , Rajeev Dujari , Stephen J. Purpura
发明人： Aaron R. Goldfeder , Cem Paya , Frank M. Schwieterman , Darren Mitchell , Rajeev Dujari , Stephen J. Purpura
IPC分类号： G06F3/00 , G06F21/00 , H04L29/06
CPC分类号： G06F21/6245 , H04L63/102 , H04L67/02
摘要： A system and method that evaluates privacy policies from web sites to determine whether each site is permitted to perform operations (e.g., store, retrieve or delete) directed to cookies on a user's computer. Various properties of each cookie and the context in which it is being used are evaluated against a user's privacy preference settings to make the determination. An evaluation engine accomplishes the evaluation and determination via a number of criteria and considerations, including the cookie properties, its current context, the site, the zone that contains the site, and any P3P data (compact policy) provided with the site's response. The user privacy preferences are evaluated against these criteria to determine whether a requested cookie operation is allowed, denied or modified. A formalized distinction between first-party cookies versus third-party cookies may be used in the determination, along with whether the cookie is a persistent cookie or a session cookie.
摘要翻译：一种从网站评估隐私策略以确定每个站点是否被允许执行针对用户计算机上的cookie的操作（例如，存储，检索或删除）的系统和方法。根据用户的隐私偏好设置评估每个Cookie的各种属性及其使用的上下文以进行确定。评估引擎通过许多标准和注意事项完成评估和确定，包括Cookie属性，其当前上下文，站点，包含站点的区域以及站点响应提供的任何P3P数据（紧凑策略）。根据这些标准评估用户隐私偏好，以确定是否允许，拒绝或修改所请求的Cookie操作。第一方Cookie与第三方Cookie之间的正式区分可能会用于确定，以及Cookie是持久性Cookie还是会话cookie。

7. 发明申请

US20080115200A1 AUTHENTICATION ARCHITECTURE 有权
标题翻译：认证架构
公开(公告)号：US20080115200A1
公开(公告)日：2008-05-15
申请号：US12013616
申请日：2008-01-14
申请人： Lance Olson , Henrik Nielsen , Cem Paya
发明人： Lance Olson , Henrik Nielsen , Cem Paya
IPC分类号： H04L9/32 , G06F21/00
CPC分类号： H04L9/3271 , G06F21/31 , H04L63/08 , H04L63/205 , H04L2209/34
摘要： A system enabling an application desiring access to a resource addressable by a URI to produce a response to an authentication challenge to a request to access the URI without including code specific to an authentication system and/or method is provided. The system includes an authentication manager that can pass an authentication challenge to authentication modules and/or objects operable to produce a response to the authentication challenge. The system may also include a cache adapted to store one or more responses to the authentication challenge communicated from the authentication modules, with such cache also being employed to facilitate pre-authenticating test challenges and/or pseudo-challenges.
摘要翻译：提供了一种能够使得希望访问可由URI寻址的资源的应用程序的系统，以产生对访问URI的请求的认证挑战的响应，而不包括特定于认证系统和/或方法的代码。该系统包括认证管理器，其可以将认证挑战传递给可操作以产生对认证挑战的响应的认证模块和/或对象。该系统还可以包括适于存储针对从认证模块传送的认证挑战的一个或多个响应的缓存，还使用这种缓存来促进预验证测试挑战和/或伪挑战。

8. 发明授权

US07359976B2 Method and system for improved internet security via HTTP-only cookies 有权
标题翻译：方法和系统，通过仅HTTP Cookie改进互联网安全
公开(公告)号：US07359976B2
公开(公告)日：2008-04-15
申请号：US10303113
申请日：2002-11-23
申请人： David A. Ross , Cem Paya , Aaron Goldfeder
发明人： David A. Ross , Cem Paya , Aaron Goldfeder
IPC分类号： G06F15/16
CPC分类号： H04L63/1441 , G06F21/6263 , H04L67/02 , H04L69/329
摘要： A system and method that prevents certain cookies, as specified by an Internet server, from being accessed through client-side script, thereby mitigating the amount of damage that cross-site scripting attacks can accomplish. The server marks selected cookies with an attribute that flags such cookies as being protected, and a security mechanism in the client prevents protected cookies from being accessed via script. A protected (flagged) cookie can still be accessed by the server, (e.g., via HTTP), while non-flagged cookies can be accessed by the server or script. An API or similar layer implements the security mechanism that checks for the attribute, and fails requests for any cookies having that attribute set. The present invention can also be adapted to prevent a malicious script from overwriting existing HTTP-only cookies on a client machine.
摘要翻译：防止由Internet服务器指定的某些Cookie通过客户端脚本访问的系统和方法，从而减轻跨站点脚本攻击可以实现的损害量。服务器将所选的Cookie标记为将这样的Cookie标记为受保护的属性，客户端中的安全机制可防止通过脚本访问受保护的Cookie。服务器（例如，通过HTTP）仍然可以访问受保护（标记的）Cookie，而未标记的Cookie可以被服务器或脚本访问。 API或类似的层实现检查属性的安全机制，并且对具有该属性集的任何Cookie的请求失败。本发明还可以适用于防止恶意脚本覆盖客户端机器上现有的只有HTTP的cookie。

9. 发明授权

US08931084B1 Methods and systems for scripting defense 有权
标题翻译：防御脚本的方法和系统
公开(公告)号：US08931084B1
公开(公告)日：2015-01-06
申请号：US12558173
申请日：2009-09-11
申请人： Cem Paya , Johann Tomas Sigurdsson , Sumit Gwalani
发明人： Cem Paya , Johann Tomas Sigurdsson , Sumit Gwalani
IPC分类号： H04L29/06 , H04L29/08 , G06F21/12
CPC分类号： H04L67/02 , G06F21/121 , G06F21/51 , G06F21/6281 , G06F2221/2119 , H04L63/1466 , H04L67/34
摘要： Methods and systems for cross-site scripting (XSS) defense are described herein. An embodiment includes, embedding one or more tags in content at a server to identify executable and non-executable regions in the content and transmitting the content with the tags to a client based on a request from the client. Another embodiment includes receiving content embedded with one or more permission tags from a server, processing the content and the permission tags, and granting permission to a browser to execute executable content in the content based on the permission tags. A method embodiment also includes receiving content embedded with one or more verify tags from a server, performing an integrity check using the verify tags and granting permission to a browser to execute executable content in the content based on the integrity check.
摘要翻译：本文描述了跨站点脚本（XSS）防御的方法和系统。一个实施例包括：在服务器的内容中嵌入一个或多个标签以识别内容中的可执行和不可执行区域，并且基于客户端的请求将具有标签的内容传送给客户端。另一实施例包括从服务器接收嵌入有一个或多个权限标签的内容，处理内容和许可标签，以及授权浏览器基于许可标签在内容中执行可执行内容。方法实施例还包括从服务器接收嵌入有一个或多个验证标签的内容，使用验证标签执行完整性检查，并授予浏览器基于完整性检查在内容中执行可执行内容的许可。

10. 发明授权

US07788484B2 Using hierarchical identity based cryptography for authenticating outbound mail 有权
标题翻译：使用基于层次标识的加密技术来验证出站邮件
公开(公告)号：US07788484B2
公开(公告)日：2010-08-31
申请号：US11291946
申请日：2005-11-30
申请人： Cem Paya , Josh D. Benaloh
发明人： Cem Paya , Josh D. Benaloh
IPC分类号： H04L29/06
CPC分类号： H04L63/06 , H04L9/3073 , H04L9/3247 , H04L9/3271 , H04L51/00 , H04L63/12
摘要： A hierarchical identity based cryptographic system (“HIBC”) is integrated with the domain name system (“DNS”). A private key is assigned to each of the top level domain name authorities responsible for assigning the top level domain names (e.g., .net, .com, etc.). The private key is generated according to an HIBC system, wherein the corresponding public key is based on the identity of the particular domain authority. When user requests a domain name from one of the top level domain name authorities, the user is issued a private key that is generated by the top level domain authority using its private key and the identity of the user according to the particular HIBC system implemented. The user's corresponding public key can be derived from the identity of the user and the public key of the top level domain name authority. Similarly, when the user adds servers and accounts to the users domain, the user can generate private keys for the servers and accounts using the users private key according to the particular HIBC system. Later, emails originating from the users domain can be authenticated by recipients using the public key associated with the top level domain name authority.
摘要翻译：基于层次标识的加密系统（“HIBC”）与域名系统（“DNS”）集成。私有密钥分配给负责分配顶级域名（例如.net，.com等）的每个顶级域名权限。私钥根据HIBC系统生成，其中相应的公钥基于特定域权限的身份。当用户从顶级域名权限之一请求域名时，将使用其私有密钥和根据实施的特定HIBC系统的用户身份由顶级域机构生成的私钥。用户的相应公钥可以从用户的身份和顶级域名权限的公钥中导出。类似地，当用户将服务器和帐户添加到用户域时，用户可以使用根据特定HIBC系统的用户私钥为服务器和帐户生成私钥。之后，来自用户域的电子邮件可以由收件人使用与顶级域名权限关联的公钥进行身份验证。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式